When I discussed this openly with Waters in Muddy Waters comments they kindly replied that “customers are loath to be a reference client for a vendor,”  like this fact somehow justifies having 600 people, most who have never actually used the software in practice, vote on how great it is.  

Follow the Yellow Brick Road.

Or, as Mark Adler pointed out in his well written blog post The First Annual Fluffies for CEP , a secretive “panel of renowned judge” is going to tell us, via Jolt, who has the better solution?  Holy Cow Batman!   Let me buy a nice layout in your magazine  or web site,  please, so “my software company” will be on the short list for the “the awards”.  

Follow the Yellow Brick Road.

All this smoke-and-mirrors. share-the-love, marketing reminds me of The Matrix a bit, where the world as we observe it, is a complete artificial construction, where most people in the Matrix believe they are “real” because they do not know that they really just a computer generated program designed to keep humans happy as they sleep in some cold goop with electrodes stuck up their you-know-what, really just bio-batteries insuring the light bill is paid.

Follow the Yellow Brick Road.

Or better yet, these fluffies are similar to most of the Webinars we see where there are questions from “the audience” but we know that most of these questions did not come from the “audience” - yet we all seem to continue ”the  audience” myth just like Santa Claus and the Easter Bunny! 

Follow the Yellow Brick Road.

The Easter Bunny, Santa Claus, the Tooth Fairy and the Fluffy Awards are real, if you want them to be real.  Just close your eyes and click your heels three times….

Follow the Yellow Brick Road. Follow the Yellow Brick Road.
Follow, follow, follow, follow,
Follow the Yellow Brick Road.
Follow the Yellow Brick, Follow the Yellow Brick,
Follow the Yellow Brick Road.

We’re off to see the Wizard, The Wonderful Wizard of Oz.
You’ll find he is a whiz of a Wiz! If ever a Wiz! there was.
If ever oh ever a Wiz! there was The Wizard of Oz is one because,
Because, because, because, because, because.
Because of the wonderful things he does.
We’re off to see the Wizard. The Wonderful Wizard of Oz

Good article by Neil Roiter from Information Security Magazine on NAC moving ahead as the hype subsides. For a change from other articles we have read recently, Neil gives a true to life, no holds barred assessment of where NAC is in the market.  I think some of the comments from Lawrence Orans over at Gartner are right on.  However, one he misses is in talking about the Cisco-Microsoft NAC partnership. I think the TCG-Microsoft partnership has replaced that one and Cisco is going to join that party through the NEA. 

For me though the quote of the article was this one by Brendan O'Connell, Cisco's product line manager for NAC, "NAC is an Easter egg hunt. Policy lives in a lot of different places .."  So does that make Cisco the NAC Easter Bunny? Seriously, policy does live in a lot of different places.  I think eventually the answer lies in marrying network based admission control policies with endpoint based configuration policies.  This is an area that is ripe for interaction and integration.  I also think that Symantec talking about customers want a NAC solution, but not another console or another agent was a bit ironic.  Just because you lump your agents together doesn't mean you have not added yet more overhead to the equation.  Anyone who has used Symantecs new Endpoint Security with all of the mods turned on can talk to you about overhead and resource use. Whether the agent is separate or not, it is what the overhead is that counts.

In any event, though Neil did not mention StillSecure (tsk, tsk) I thought this article was right on, that despite the naysayers and the inflated hype, NAC is being adopted in the market. It is maturing and most of all it is providing value to customers.

Good article by Neil Roiter from Information Security Magazine on NAC moving ahead as the hype subsides. For a change from other articles we have read recently, Neil gives a true to life, no holds barred assessment of where NAC is in the market.  I think some of the comments from Lawrence Orans over at Gartner are right on.  However, one he misses is in talking about the Cisco-Microsoft NAC partnership. I think the TCG-Microsoft partnership has replaced that one and Cisco is going to join that party through the NEA. 

For me though the quote of the article was this one by Brendan O'Connell, Cisco's product line manager for NAC, "NAC is an Easter egg hunt. Policy lives in a lot of different places .."  So does that make Cisco the NAC Easter Bunny? Seriously, policy does live in a lot of different places.  I think eventually the answer lies in marrying network based admission control policies with endpoint based configuration policies.  This is an area that is ripe for interaction and integration.  I also think that Symantec talking about customers want a NAC solution, but not another console or another agent was a bit ironic.  Just because you lump your agents together doesn't mean you have not added yet more overhead to the equation.  Anyone who has used Symantecs new Endpoint Security with all of the mods turned on can talk to you about overhead and resource use. Whether the agent is separate or not, it is what the overhead is that counts.

In any event, though Neil did not mention StillSecure (tsk, tsk) I thought this article was right on, that despite the naysayers and the inflated hype, NAC is being adopted in the market. It is maturing and most of all it is providing value to customers.