This Frost & Sullivan report analyzes the global market for network access control (NAC). The “traditional” focus of NAC has been authentication, authorization, and accounting. At its core, NAC is all about enabling mobility and dynamic security. However, the enterprise network no longer sits within four secure walls: it extends to wherever employees and data travel. Mobility, digitization, and the Internet of Things (IoT) are changing the way we live and work. The result is that networks are expanding and resulting in increasing complexity of managing resources and disparate security solutions. NAC is evolving to have improved visibility and monitoring of network devices, more security features, orchestration with other security products such as next-generation firewalls, security information and event management, and web content filters. Today’s NAC security solutions must deliver profiling, policy enforcement, guest access, bring-your-own-device (BYOD) onboarding, and more to offer IT offload, enhanced threat protection, and an improved user experience.
Growth is driven by growth of the IoT, BYOD, increasing mobility, and organizations migrating workloads to the cloud. There is exponential growth in the number and diversity of endpoint devices and diverse operating systems. The increasing level of malware and cyberattacks is also driving NAC investments. Network visibility is critical: every device on a network is a potential attack or reconnaissance point that must be discovered and secured. A major trend is the convergence of information and operational technology (IT/OT), wherein NAC is helping to break down silos. Zero Trust Architecture is a security model that is gaining attention, NAC is a foundational technology providing visibility and control, segmentation, orchestration, and integration with other security technologies. NAC is evolving from a physical appliance deployed on premises. Virtual appliances, software deployment, and NAC as software as a service are growing. NAC must have visibility across the enterprise: campus, data center, private cloud, public cloud, and OT networks. In addition to the IEEE 802.1X standard, most NAC vendors are supporting other protocols, such as Simple Network Management Protocol (SNMP). Several mergers and acquisitions and spinouts have occurred in the last couple of years. Companies have been consolidating and realigning product lines in order to leverage their intellectual property and expertise across a broad range of security solutions. A concept that is gaining momentum is Zero Trust Network (ZTN). Based on the basic principle of “never trust, always verify,” ZTN is a general approach for leveraging various security technologies to enable perimeter enforcement and strict access controls. NAC is a foundational technology for ZTN. NAC orchestrates and integrates a variety of network and security infrastructure to achieve a ZTN.