1. Info-Tech Research Group1 Vendor Landscape: Network Access Control NAC is back, tell a friend. Info-Tech's products and services combine actionable insight and relevant advice with ready-to-use tools and templates that cover the full spectrum of IT concerns.© 1997 - 2014 Info-Tech Research Group

2. Info-Tech Research Group2 The scope of NAC is evolving. Evaluate the vendors that are keeping up with a rapidly changing technology. Introduction Enterprises seeking to select a NAC solution. Those with a NAC use case that may include: Managing guest access to the corporate network. Policy creation and enforcement based on user attributes, identity, role, endpoint compliance, or other. Monitoring and containment of threats to the network. Adopting BYOD friendly policies to enable user/private device integration. This Research Is Designed For:This Research Will Help You: Understand what’s new in the NAC market. Evaluate NAC vendors and products for your enterprise needs. Determine which products are most appropriate for particular use cases and scenarios.

3. Info-Tech Research Group3 Executive summary Info-Tech evaluated six competitors in the NAC market, including the following notable performers: Champions Cisco, with a strong NAC feature offering, Cisco is a top level wired and wireless infrastructure vendor with many benefits. Extreme, with the recent acquisition of Enterasys, Extreme is developing on Enterasys’ already strong feature offering, and expanding its own wired and wireless infrastructure. Value Award: Aruba, a newer player in the NAC market, Aruba is making growth on its strong offering while maintaining a low price point. Trend Setter Award: Juniper, an established networking vendor that champions open standards extending to its NAC product. 1.Visibility is as important as access NAC value is becoming more about who and what is connecting, rather than confirming a secure connection. User credential compromise or manipulation is inevitable. NAC products should not only control access, but provide visibility to detect suspicious activity when legitimate access is being maliciously used. 2.Embedded functionality NAC usage will grow over time, but some of the functionality that is enabled by NAC (e.g. access policy control) will become embedded within wired and wireless infrastructure access methods, eliminating some need for deployment of agents. 3.Pure play or big guy Want to avoid vendor lock-in? Consider a pure-play NAC vendor. However, be cognizant of strategic vendor opportunities with the large wired and wireless infrastructure vendors and your needs. Info-Tech Insight

4. Info-Tech Research Group4 Book a free guided implementation today! Info-Tech is just a phone call away and can assist you with your project. Our expert Analysts can guide you to successful project completion. For most members, this service is available at no additional cost.* Here’s how it works: 1. Enroll in a Guided Implementation for your project Send an email to GuidedImplementations@InfoTech.comGuidedImplementations@InfoTech.com Or call 1-888-670-8889 and ask for the Guided Implementation Coordinator. 2. Book your analyst meetings Once you are enrolled in a Guided Implementation, our analysts will reach out to book a series of milestone-related telephone meetings with you and your team. 3. Get advice from a subject matter expert At each Guided Implementation point, our Consulting Analyst will review your completed deliverables with you, answer any of your questions, and work with you to plan out your next phase. This symbol signifies when you’ve reached a Guided Implementation point in your project. * Guided Implementations are included in most advisory membership seats

5. Info-Tech Research Group5 Book a Guided Implementation Today: Info-Tech is just a phone call away and can assist you with your evaluation. Our expert Analysts can guide you to successful technology selection. Here are the suggested Guided Implementation points for the NAC Vendor Landscape: Guided Implementation points in the NAC Vendor Landscape Section 1: Shortlist Assistance and Requirements Get off to a productive start: discuss the market space and how vendors are evaluated. Decide on which deployment option suits you best and narrow down the options based on customized requirements. Section 2: RFP and Budget Review Interpreting and acting on RFP results: review each vendor’s RFP responses and ensure the solution is meeting your needs. Discuss average pricing of solutions and what can fit into your budget. Section 3: Negotiation and Contract Review Purchase Optimization: review contracts and discuss best practices in negotiation tactics to get the best price for your solution. This symbol signifies when you’ve reached a Guided Implementation point in your project. To enroll, send an email to GuidedImplementations@InfoTech.com or call 1-888-670-8889 and ask for the Guided Implementation Coordinator.GuidedImplementations@InfoTech.com

6. Info-Tech Research Group6 Market overview Network access control (NAC) was created by Cisco as a concept in 2003, and as an actual capability in 2004. It has always been a tool to perform a pre-connect assessment of devices before allowing them access to the network and precious internal resources. Over the years, NAC has come to include more capabilities, such as continuous vulnerability assessment and intrusion prevention. The use of NAC settled down as the value of pre- connect assessment became muted for most, given the complexity of the required architecture and its impact on performance. The proliferation of personal devices created a renewed value for access control. Employers needed a way for personal devices not to be “guests” while also centrally enforcing policies around access: NAC was back. NAC and MDM vendors began integrating their products to add peripheral security capabilities. An MDM presents the NAC solution with much greater visibility and information to define and edit access policies. The integration of peripheral security solutions is accelerating as the potential value realized from a connected security system becomes known. Several vendors provide bidirectional integrations so that NAC solutions can share data and create automated or controlled responses from these systems. The continued disruption in enterprise data centers due to accelerated movement to virtualized or cloud based platforms will change the scope of what a NAC solution must control. Data virtualization enables data pools to be dynamically delivered to applications, allowing for data movement across devices and the network. NAC solutions will adapt through increased user and role access being based on a multitude of inputs. NAC usage is expected to grow within the near future. In the long term, some NAC functions will become embedded within wired and wireless access methods and infrastructure, which will provide downward pressure on pricing. How it got here Where it’s going As the market evolves, capabilities that were once cutting edge become default and new functionality becomes differentiating. Endpoint baselining and profiling have become Table Stakes capabilities and should no longer be used to differentiate solutions. Instead, focus on threat reduction across heterogeneous environments and infrastructure requirements to get the best fit for your requirements.

7. Info-Tech Research Group7 Criteria Weighting NAC criteria & weighting factors Vendor is committed to the space and has a future product and portfolio roadmap. Strategy Vendor offers global coverage and is able to sell and provide post-sales support. Reach Vendor is profitable, knowledgeable, and will be around for the long term. Viability Vendor channel strategy is appropriate and the channels themselves are strong. Channel Implementing and operating the solution is affordable given the technology. Affordability Multiple deployment options and extensive integration capabilities are available. Architecture The end-user and administrative interfaces are intuitive and offer streamlined workflow. Usability The solution provides basic and advanced feature/functionality. Features Usability Architecture Affordability Product Vendor ViabilityStrategy Channel Reach Product Evaluation Criteria Vendor Evaluation Criteria

8. Info-Tech Research Group8 Table Stakes represent the minimum standard; without these, a product doesn’t even get reviewed If Table Stakes are all you need from your NAC solution, the only true differentiator for the organization is price. Otherwise, dig deeper to find the best price to value for your needs. The products assessed in this Vendor Landscape TM meet, at the very least, the requirements outlined as Table Stakes. Many of the vendors go above and beyond the outlined Table Stakes, some even do so in multiple categories. This section aims to highlight the products’ capabilities in excess of the criteria listed here. The Table StakesWhat does this mean? Access control and isolation of guests connecting to the network. Guest Provisioning Configuration and management of access policies. Policy Configuration Integration with LDAP and Active Directory. Directory Integration Authentication and access control for specific devices. Device Based Authentication What it is: Feature

9. Info-Tech Research Group9 Advanced Features are the capabilities that allow for granular market differentiation Info-Tech scored each vendor’s features offering as a summation of its individual scores across the listed advanced features. Vendors were given one point for each feature the product inherently provided. Some categories were scored on a more granular scale with vendors receiving half points. Help desk load reduction through end-user self- support and automatic remediation. Help Desk & Self-Service Remediation Mobile-specific features, such as native agents, self-service apps, and mobile interfaces. Mobile Centric Controls Determining status of a large variety of endpoint devices. Advanced Endpoint Baselining Identifying devices beyond desktop computers. Advanced Endpoint Profiling Advanced reporting engine, audit trailing, and data export. Advanced Reporting What we looked for: Feature Advanced FeaturesScoring Methodology For an explanation of how Advanced Features are determined, see Information Presentation – Feature Ranks (Stoplights) in the Appendix.Information Presentation – Feature Ranks (Stoplights)

10. Info-Tech Research Group10 Advanced Features are the capabilities that allow for granular market differentiation Info-Tech scored each vendor’s features offering as a summation of its individual scores across the listed advanced features. Vendors were given one point for each feature the product inherently provided. Some categories were scored on a more granular scale with vendors receiving half points. Post admission rechecking of approved device’s health status and continued rule compliance. Post Admission Rechecking Location based restrictions in conjunction with user based authentication. Location Based Restrictions Advanced authentication through identity, roles, and user attributes. User Authentication Threat monitoring, containment, and remediation, extending beyond rogue device detection and authentication. Advanced Threat Reduction What we looked for: Feature Advanced Features ContinuedScoring Methodology For an explanation of how Advanced Features are determined, see Information Presentation – Feature Ranks (Stoplights) in the Appendix.Information Presentation – Feature Ranks (Stoplights)

11. Info-Tech Research Group11 Info-Tech Research Group Helps IT Professionals To: Sign up for free trial membership to get practical solutions for your IT challenges www.infotech.com Quickly get up to speed with new technologies Make the right technology purchasing decisions – fast Deliver critical IT projects, on time and within budget Manage business expectations Justify IT spending and prove the value of IT Train IT staff and effectively manage an IT department “Info-Tech helps me to be proactive instead of reactive – a cardinal rule in a stable and leading edge IT environment. - ARCS Commercial Mortgage Co., LP Toll Free: 1-888-670-8889