Earlier this month I urged readers to attend a live chat about NAC between Joel Snyder and Richard Steinnon because these two experts have strong, divergent and well-informed opinions.

The actual event lived up to its potential. Here’s one exchange:

Richard_Stiennon: OK, look at it this way. We are in an era of greater and greater threats. We have Chinese hackers in our networks, insiders stealing IDs and credit cards, bots and DDoS threats. And for some reason during all of this violent change vendors such as Cisco, Microsoft, etc. want us to stop everything and implement their particular brand of binding between machines and networks. NAC is not a security solution at all.

Joel_Snyder: Are you making a zero-sum game argument here? That if we spend time on NAC, then we're not spending time on Chinese hackers? Because I don't think that the statement that NAC is not security is really defensible, honestly.

Richard_Stiennon: You bet. Most of the CIOs I know, not only have no extra budget this year but are being asked to reduce their spend.

Joel_Snyder: Access Control is one of the fundamental things we do for security.

Richard_Stiennon: We better get into our definitions; I have NO PROBLEM with user access control. I have LOTS of problems with end point access control.

Joel_Snyder: You're implying that NAC is a net cost. I believe that it can be a net savings.

Richard_Stiennon: I believe NAC is a net cost *and* something that reduces value of the network to the enterprise.

In addition to sparring, they also fielded practical questions from businesses considering NAC and offered useful suggestions. (Compare NAC products)

The entire transcript is available online. The debate was lively and informative and well worth reading.

Tim Greene is senior editor at Network World.