Is self-remediation the answer in NAC?
I was reading a press release by a UTM vendor today, whose latest box now also claims to perform network access control by combining layer 2 switching with UTM functionality. Interesting to see yet another player jump on the NAC bandwagon, though the details of what they do were kind of vague. Anyway, the thing that caught my eye about it was they made such a big deal out of their ability to provide self-remediation. They claimed that it was key to cutting down on help desk calls and thereby reduce operating costs. Sounds logical doesn't it? Wrong!
This is a common misconception in the NAC market. Frankly, it shows that the marketing and product management team have not yet spoken to a lot of real life customers about the issue. Hey, we had the same notion here at StillSecure and still of course do offer self-remediation. However, experience has shown us a couple of things. One is that outside of the IT department, very few employees in the enterprise are capable of actually self-remediating their computer. Even something as simple as updating their anti-virus dat file is a daunting task to the folks over in the HR or finance departments. Another thing is having one page that contains all of the various places one goes to update (one site for AV, another for windows, another for applications) can be confusing to users. The bottom line is that self-remediation often leads to increased help desk calls and so higher operating costs. Not to mention that many enterprises already have patch management solutions deployed and unmanaged users should not drain your help desk resources.
The bottom line is that self-remediation is not the slam dunk that some johnny-come-lately to the NAC market would have you believe. Your NAC solution should also offer you the ability to have automated remediation including integration with your existing patch management product.
Comments