So the security blogging world welcomes a new contributor in Chris B over at Napera Networks. The Napera blog joined the security bloggers network a short time ago and with the public unveiling of the company. Chris's first article is called NAC is dead, long live NAC. Evidently Chris was at one time working over at Lockdown Networks and brings his own unique views on what went wrong at Lockdown.

Chris makes some good points about the Lockdown shutdown. One in particular that I think we should all realize is that Lockdown's failure is not a failure of NAC technology, but rather a failure of Lockdown's execution. NAC still solves problems that customers have. Done right, NAC is valuable and will find its place in the security world. Over the past few days there have been more people people jumping on the "NAC sucks" bandwagon than their were vendors coming out with NAC solutions just a few short years ago. I read with disbelief Eric Ogrens piece in ComputerWorld the other day about him never being a believer in NAC. I don't remember him saying that when we were briefing him a few years ago. But maybe he was getting paid to cover NAC than, I don't know. But it is certainly fashionable to throw dirt on NAC now and there are plenty of people only too happy to do so. Frankly, part of me wants to say sure go ahead, throw dirt. It will be that much sweeter to show the naysayers wrong. Actually selling the solution we see the real market for NAC and remain jazzed. For us it is about executing

What I fear is that we are throwing out babies with the bath water here with all of the NAC bashing. Yes there are companies in this space that frankly don't have the technology or the team to make it. Lockdown is a perfect example. But there are others who have actually built a better mousetrap and the market (the ultimate decision maker) is rewarding them. But if the media and analysts just keep bashing NAC it becomes almost a self-fulfilling prophesy. No matter how good the technology or the team it is like spitting into the wind. I saw this happen with the dot com bubble first hand. Many companies that were doing great things were killed off in the great extinction of the dot coms. It took years for the market to come back. In the case of NAC not only would the better NAC companies and technologies be the ones to suffer, but the networks they can protect would suffer. NAC is attractive because it solves a real problem that people have and in spite of what Paul Roberts at 451 or Amrit says, there are not existing tools that solve that problem for them well.

My only issue with Chris is he confuses the problem that Lockdown was solving with the way they were solving it. Yes using the network including switches is a great way to control access. However Lockdowns technology to test these devices was circumspect. But more than that SNMP is never going to scale for NAC. It is not secure and more importantly you just can't wire and script every model and version of switch out there. Inherently Lockdown had the wrong solution to the right problem, on top of some of the other focus issues that Chris talks about.

All in all though, Lockdown's failure should stop being used as a blunt instrument by the naysayers to bludgeon the NAC vendors who are executing and solving customers problems!