For VendorsBlog
Login
Compare: Network Admission Control (NAC)
Characteristics
Ease of Implementation
Requires network pre-requisites
Requires network pre-requisites
Complex, requires advanced integrations and deployment skills
Deployment driven, modular software, intuitive, flexible
Software-Based
Virtual or hardware appliance
Virtual or hardware appliance
Virtual or hardware appliance
Software-only
Heterogeneous Network
Can integrate with some infrastructure
Works best with Cisco environment
Integrates with all network infrastructure
Integrates with all network infrastructure
Centrally Managed
Recommends appliances for deployment in all locations
Recommends appliances for remote locations
Recommends appliances for remote locations
Deployed from one location, no need for remote appliances
VLAN Segmentation
Available only with 802.1X
Available only with 802.1X
Limited support for VLAN
Native implementation of VLAN segmentation
Standardized API
Inbound and outbound APIs
Offers scalable context
Integrates with other services
Shares context both inbound and outbound
Role-Based Policies
More effective with 802.1X
More effective with 802.1X
Define policies based on organizational roles
Define policies based on organizational roles
Agentless
Optimal with agent
Requires an agent for posture assessment
Requires a dissolvable agent for full functionality
Support for over 25 different authentication methods that do not require an agent
Full Non-802.1X Deployment
Optional 802.1X authentication
Requires 802.1X to authenticate devices
Does not require 802.1X to authenticate devices
Does not require 802.1X to authenticate devices
No Requirement for Topology Changes
Network firmware upgrades, complex configuration, RADIUS
Network firmware upgrades, complex configuration, RADIUS
Many features rely on the configuration/set up of port mirror/span port
No requirements for mirror or span ports
Scalable Deployments
802.1X limits scalability of deployments
802.1X limits scalability of deployments
Requires additional appliances and upgrades
Lightweight infrastructure enables easily scalable deployments across geolocations
Remote Branch Deployments
Requires on site configuration and challenges branch availability
Requires on site configuration and challenges branch availability
Recommends on-site appliances for full feature set, limitations for sizing
Seamless coverage of remote branches
Wireless Support
Wireless via 802.1X
Wireless via 802.1X
Partial integration with on-premise wireless controllers
Optional 802.1X wireless
Device Visibility
Visibility enhanced with 802.1X compatible devices
Visibility enhanced with 802.1X compatible devices
Visibility into all network devices only with port mirroring enabled
100% streamlined device visibility (NAS and device view)
Application Visibility
Requires agent
Requires agent
Enhanced visibility into business level applications
Seamless application data collection
IOT Device Visibility & Control
Discovery and control capabilities
Basic profiling of IoT devices
Discovery and control capabilities
Two-fold device detection and analysis
Network View
No capability for full network view
No capability for full network view
Limited capability for full network infrastructure view
Simple to operate, understand issues and see them immediately
Incident Response
Lack of context, requires manual intervention
Lack of context, requires manual intervention
Built-in integration with various security vendors
Open-platform, native API integration, intuitive data flows
Guest Access
Full capabilities for guest access
Full capabilities for guest access
Full capabilities for guest access
Limited native capabilities
BYOD
BYOD control and visibility with captive portal
BYOD control and visibility with captive portal
BYOD control and visibility with captive portal
Limited native capabilities for BYOD control