Many people have written over the last months the significant problems that virtualization poses for NAC. While there has been a bit of the sky is falling over this, the fact is that today virtual environments are being seen more in server and data centers than on desktops and endpoints. However, make no mistake about it, virtualization is coming to a desktop near you! How is your NAC going to handle this? Tim Greene's column today is on exactly that topic.

Tim rightfully points out that virtualization for inline NAC vendors poses a significant hurdle. I would take it even one step further. NAC on virtualized endpoints on any NAC appliance is a problem. Tim has it right when he says:

"Routing traffic from a virtual machine, out of the physical server, through the NAC appliance then back into the physical server to another virtual host is inefficient. Efficiency is something virtualization is supposed to improve, not make worse."

The answer of course lies in software. If your NAC solution can be done in software you have a much better chance of tackling this problem. Other ways to handle it are to work with the virtual machine vendors, ala VMsafe. I think there is an even better way to do it that we are working on at StillSecure. Here is the bad part though. I can't tell you more about it just yet. Stay tuned for more details, but there is a solution to make this work.