The Converging Network: Cisco oneNAC: Is there any upside left for customers?

September 05, 2007

Cisco oneNAC: Is there any upside left for customers?

Cisco's oneNAC announcement (see here, here and here) brings bad news to customers; buy Cisco NAC appliances now, while you perform expensive network infrastructure upgrades, for a Cisco NAC framework that no longer delivers the multi-vendor solutions it once promised.

Is Cisco announcing oneNAC to save face for the beleaguered and largely undelivered C-NAC Framework? I think so, as C-NAC has lost much of its luster. Customers discovered C-NAC really entails huge network upgrade costs, a NAC solution not ready for primetime, and a framework that doesn't bring solutions from the cadre of industry partners Cisco promised. Partners who joined the C-NAC program ended up competing against Cisco rather than delivering joint solutions to customers, essentially making C-NAC an all Cisco solution, other than support for some anti-virus products.

Split_personality Frankly, there only looks to be two significant benefits to customers in the oneNAC announcement from my perspective; reduce two Cisco agents (Clean Access agent and Cisco Trust Agent) down to one (tbd), and reduce two policy managers (Cisco ACS and Clean Access Manager) down to one (tbd). One other possibility could be making a Cisco NAC solution more scalable than the current NAC Appliances but its unclear yet as to whether this would be addressed.

The benefit to Cisco of course is they no longer speak two conflicting NAC messages, one about the C-NAC Framework, and a second for the NAC Appliance/Clean Access/Perfigo solution, resolving a long standing inconsistency since Cisco acquired Perfigo as their short term alternative to the C-NAC Framework.

What oneNAC won't likely solve are the broken relationships Cisco has left with other NAC solution providers who participated in the C-NAC Framework program, paid money to have their products certified, and then found themselves competing against Cisco's NAC Appliance/Clean Access products. Those experiences pretty much leave the promise of a Cisco NAC partner ecosystem as unlikely of an event as a George Bush comeback.

Net-net: The benefits here are largely for Cisco to try to save face and clean up their NAC split personality. The benefits C-NAC once promised will most likely remain unfulfilled.

Posted in Security/NAC/Identity Theft | Permalink

Technorati Tags: Cisco, NAC, network access control, network admission control, oneNAC

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83451e54d69e200e5502e98d38834

Listed below are links to weblogs that reference Cisco oneNAC: Is there any upside left for customers?:

Comments

Verify your Comment

Previewing your Comment

Posted by: |

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:

Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Post a comment

What I Do

create and grow businesses
    social media and blogger
    product creator and developer
    business development
convergence
    software and networking,
    microsoft, mobility,
    collaboration, cloud services,
    virtualization, security,
    open source
music
    guitarist, performer, writer
video
    production, editing
Contact me about the consulting services offered by Converging Network LLC.
Learn more about social media and how its leveling the playing field in business and thought leadership.