Network Admission Control (NAC) | ||||
Ease of Implementation | Requires network pre-requisites | Requires network pre-requisites | Complex, requires advanced integrations and deployment skills | Deployment driven, modular software, intuitive, flexible |
Software-Based | Virtual or hardware appliance | Virtual or hardware appliance | Virtual or hardware appliance | Software-only |
Heterogeneous Network | Can integrate with some infrastructure | Works best with Cisco environment | Integrates with all network infrastructure | Integrates with all network infrastructure |
Centrally Managed | Recommends appliances for deployment in all locations | Recommends appliances for remote locations | Recommends appliances for remote locations | Deployed from one location, no need for remote appliances |
VLAN Segmentation | Available only with 802.1X | Available only with 802.1X | Limited support for VLAN | Native implementation of VLAN segmentation |
Standardized API | Inbound and outbound APIs | Offers scalable context | Integrates with other services | Shares context both inbound and outbound |
Role-Based Policies | More effective with 802.1X | More effective with 802.1X | Define policies based on organizational roles | Define policies based on organizational roles |
Agentless | Optimal with agent | Requires an agent for posture assessment | Requires a dissolvable agent for full functionality | Support for over 25 different authentication methods that do not require an agent |
Full Non-802.1X Deployment | Optional 802.1X authentication | Requires 802.1X to authenticate devices | Does not require 802.1X to authenticate devices | Does not require 802.1X to authenticate devices |
No Requirement for Topology Changes | Network firmware upgrades, complex configuration, RADIUS | Network firmware upgrades, complex configuration, RADIUS | Many features rely on the configuration/set up of port mirror/span port | No requirements for mirror or span ports |
Scalable Deployments | 802.1X limits scalability of deployments | 802.1X limits scalability of deployments | Requires additional appliances and upgrades | Lightweight infrastructure enables easily scalable deployments across geolocations |
Remote Branch Deployments | Requires on site configuration and challenges branch availability | Requires on site configuration and challenges branch availability | Recommends on-site appliances for full feature set, limitations for sizing | Seamless coverage of remote branches |
Wireless Support | Wireless via 802.1X | Wireless via 802.1X | Partial integration with on-premise wireless controllers | Optional 802.1X wireless |
Device Visibility | Visibility enhanced with 802.1X compatible devices | Visibility enhanced with 802.1X compatible devices | Visibility into all network devices only with port mirroring enabled | 100% streamlined device visibility (NAS and device view) |
Application Visibility | Requires agent | Requires agent | Enhanced visibility into business level applications | Seamless application data collection |
IOT Device Visibility & Control | Discovery and control capabilities | Basic profiling of IoT devices | Discovery and control capabilities | Two-fold device detection and analysis |
Network View | No capability for full network view | No capability for full network view | Limited capability for full network infrastructure view | Simple to operate, understand issues and see them immediately |
Incident Response | Lack of context, requires manual intervention | Lack of context, requires manual intervention | Built-in integration with various security vendors | Open-platform, native API integration, intuitive data flows |
Guest Access | Full capabilities for guest access | Full capabilities for guest access | Full capabilities for guest access | Limited native capabilities |
BYOD | BYOD control and visibility with captive portal | BYOD control and visibility with captive portal | BYOD control and visibility with captive portal | Limited native capabilities for BYOD control |
Network Admission Control (NAC) |
Ease of Implementation |
Software-Based |
Heterogeneous Network |
Centrally Managed |
VLAN Segmentation |
Standardized API |
Role-Based Policies |
Agentless |
Full Non-802.1X Deployment |
No Requirement for Topology Changes |
Scalable Deployments |
Remote Branch Deployments |
Wireless Support |
Device Visibility |
Application Visibility |
IOT Device Visibility & Control |
Network View |
Incident Response |
Guest Access |
BYOD |