A recent edition to the Security Bloggers Network (over 50,000 combined subscribers strong now!) is Grant Hartline, CTO of Mirage Networks, Mirage blog. Mirage is a competitor of StillSecure in the NAC marketplace, sometimes (actually we don't run into them very often) but I was happy to see them join the SBN. I have certainly taken shots at them in the past and am glad they are using the blogging medium to put their own point of view out there. Networks like the SBN are strongest when multiple and different points of view are represented. Anyway, Grant has been blogging up a bit over there with some good stuff, especially about post-connect, NAP, Interop and Joel Snyder. Grant's most recent article is called MSSP and NAC - True Love.

For the most part I agree with Grant that NAC is a natural for the managed services space. However, I think for the MSSP (managed security services provider) market specifically it may be beyond their current offering levels. Most MSSP offerings today are focused at the perimeter. They have grown from managed firewall to managed IDS/IPS, managed anti-spam and managed content filtering. Now managed UTM is all the rage. However, all of these technologies are perimeter based. If I am not mistaken Mirage's early experience offering a managed service was with AT&T offering it as a behavior based type of intrusion prevention and worm detection. I think moving into the internal network with a more traditional NAC offering might beyond the current scope of most pure MSSPs. However, managed service providers who are already providing desktop management and full network management like an EDS, IBM or HP are indeed natural candidates to provide a managed NAC service. I think we will be seeing much more of managed NAC from these type of providers in the future, but it will be a while until the pureplay MSSPs have managed NAC.