Portnox White Paper

Cloud-Native Network Access Control


The Shortcomings of Legacy NAC

Network Access Control (NAC) sits within the larger field of cybersecurity, and more specifically network security.

It is a technology that enables organizations to enact its own unique policy for how and when endpoints (desktops, laptops, smartphones, etc.) can connect to their corporate networks. NAC solutions are typically designed to allow IT security teams to gain visibility of each device trying to access its network, and specifically the type of device and access layer being used (i.e. wifi, wired ports, or VPN).

Today, NAC provides a number of powerful features on top of what it was originally designed for years ago. These include security posture assessments for endpoints, which pinpoints any associated endpoint risks, allowing network security administrators to control network access based on their organization’s risk tolerance threshold.

With the rise of cloud computing, remote workforces, bring-your-own-device (BYOD) policies, and the internet of things (IoT), network access control has become a much more critical part of the larger cybersecurity technology stack at most companies. The technology itself has also evolved quite drastically in response to these emerging trends and their impact on networking and ensuring network security. The use cases for NAC today are constantly expanding.

The problem, however, is that traditional legacy on-premises NAC products have evolved into massive, monolithic systems that are very heavy to deploy and often require extensive professional services agreements to get off the ground. What’s more is that because these traditional NAC systems are on-premises or merely cloud-managed, they require on-going upgrades, patches and on-site appliances across each site. This can be backbreaking work,that many lean IT teams simply are not equipped to manage on a regular basis. It would come as no surprise that many organizations that choose to deploy these feature-rich, yet difficult to manage solutions experience vendor lock-in. This can persist for years.


Today’s Top Network Security Challenge

Increase in Network Complexity
Today, corporate networks are expanding and evolving in true Darwinistic fashion thanks to architectural advancements, new networking protocol standards, device proliferation, hybrid work policies…you could write a dissertation on this topic alone. The point is: the corporate network now extends to wherever authorized devices can connect to gain access to company resources. All of this proprietary, confidential or merely sensitive data being accessed across these parts of the network is no longer safe behind your castle walls. The physical headquarters still exists, but it’s basically just a “fat” branch like any other satellite office or employee working from home.

Increase in Devices
The proliferation of devices requesting access to the network, driven largely by the adoption of BYOD policies and utilization of IoT devices, has forced network security teams to be more diligent about setting and enforcing effective access control policies. Despite best efforts, attempts to address this evolving problem are akin to putting a finger in the dike - rogue devices inevitably slip through the cracks, leaving corporate networks vulnerable to ransomware and countless other cyber threats.

Increase in Cyberattacks
Cyber threats have become alarmingly prevalent, with malware increasing 358% overall and ransomware increasing 435% in 2021 compared with 2019. All threats, from phishing to attacks on Internet of Things (IoT) devices and supply-chains, have grown exponentially. Attacks on IoT devices tripled in the first half of 2019 and supply chain attacks were up 78%. Costs have escalated in tandem. The average ransomware payment rose 33% in 2020 over 2019, to $111,605. The total cost of cybercrime for each company increased 12% from $11.7 million in 2017 to $13.0 million in 2018. Data breaches cost enterprises an average of $3.92 million annually.


Get Your Exclusive Copy Now!