How Cisco’s infighting put customers last and almost killed the NAC Market
Image of Joel Snyder
Now that I am fairly removed from the NAC market, I can look at things with a bit of perspective. For years and years I would rant on about how Cisco was the worst/best thing that ever happened to NAC. I used to say they had a schizophrenic NAC strategy. Many thought I was just being a vendor protecting my company’s ass-ets.
That is why I am particularly glad to see Joel Snyder lay the big stick on Cisco in his article in ComputerWorld (might have been InfoWorld first). Joel is never one to mince words and he doesn’t in this instance either. He makes no bones talking about Cisco’s dual NAC strategy and how it resulted in at the very least mixed messages. Joel talks about how the Perfigo/Clean Access/ NAC appliance team at Cisco was at loggerheads with the original Cisco NAC framework team. How they refused to join in the industry wide NAC standards movement until finally acceding to the IETF standard, which for all intents and purposes was the same as the Trusted Computing Group. How the Cisco NAC framework was not really ever that different from the TCG’s to begin with. But heaven forbid Cisco would tell their customers that. Instead they were kept in the dark and fed sales manure like mushrooms.
But let me go one step further. As I said Cisco in some ways was the best thing that ever happened to NAC. They beat the NAC drum so loud back in 2005 and 2006 that they created a frenzy around it. It resulted in a NAC gold rush, which again at least partially thanks to Cisco never happened. But who were the biggest losers in Cisco’s internal NAC fights? Their own NAC customers were the biggest losers. Other losers included anyone looking for a NAC solution over the last 5 years. Another category of losers was the NAC start ups who burned through their VCs cash, while Cisco froze the market and delivered a sub-par product.
Lets look at each of these losers:
1. Cisco customers – How many Cisco network customers were fed the NAC is in the network message. How many bought it hook, line and sinker? They upgraded their networks to the latest versions, installed ACS, went through step 1-10 and then were told to go back to go and don’t collect 200 dollars because now they needed Clean Access. Once they installed Clean Access it didn’t work as advertised and the supposed “Cisco only” integration wasn’t there either. Many of these customers wasted lots of money and eventually chose another NAC solution anyway.
2. Customers looking for NAC but waiting on Cisco – How many potential NAC customers sat on their hands waiting for the standards to clear up, for Cisco to speak with one voice and deliver a NAC product that worked. When you control 75% of the network market you can do things like that. Of course with another administration in place, some may use the “M” word to describe it. But for too many potential NAC engagements Cisco froze them out of making a decision. Cisco NAC was too expensive, too hard, did not work the way they needed it too. They held up having a standard in place. As a result the window of opportunity for these organizations passed. They may eventually implement NAC anyway, but Cisco put them on ice, intentionally or not.
3. NAC start up companies and the VCs who invested in them. ConSentry Networks, Nevis Networks, Lockdown Networks, Mirage Networks, etc, etc. How many companies burned through how many millions of dollars on NAC. Cisco has to bear at least partial responsibility. By using their dominant market condition and not caring about what was best for their customers, they froze these companies out of the market.
Joel is right on. Once they had done their best to kill off the NAC market and the start ups in it, they “turned down” the NAC marketing. If I were a customer sitting on tens of thousands of dollars of NAC equipment right now, I don’t think I would be too happy with my local Cisco rep.
But let that be a lesson. When dealing with companies like this, the customer may not always come first.