Product Guides- Windows 7 beta shows off task bar, UI goodies
- How the yellow first-down line actually works
- Outlook '09
- Microsoft research projects to improve our lives
- Ballmer sets loose Windows 7 public beta
Senior Editor Tim Greene clarifies issues surrounding the evolving NAC security architecture.
Perhaps the human learning curve is slowing down adoption of NAC, according to a college IT engineer.
The college uses NAC to check whether student-owned computers meet configuration standards at the beginning of the school year. It only does the check once, hoping that after that critical patches and antivirus updates (Compare antivirus products) will be installed in a timely manner. It’s not the tightest enforcement, but it’s better than what they had before - nothing.
The first year it used NAC, so many student machines were out of compliance and so many students couldn’t follow the directions to bring them into compliance that the help desk was swamped for a week.
Actually that’s a classic mistake in implementing NAC. Turn it on in monitoring mode first to see how many computers are out of compliance and then work to bring as many as possible into compliance before turning NAC on in enforcement mode. Otherwise untold numbers of users will be locked out.
In this case it turned into an inconvenience for the student body, but that kind of disruption among the workforce in a business could have devastating financial impact. It might also get someone fired.
The second year the school used NAC about three quarters of the students were returning, so they knew the drill about getting the machines into compliance. A much higher percentage of sophomores, juniors and seniors managed to follow the directions for remediating their software.
As the school and the student body become more comfortable with NAC and its requirements, the IT staff is considering checking out each endpoint not only at the beginning of the school year, but after each significant school break, when laptops are more prone to picking up viruses.
Getting students to comply with NAC requirements is a bit like herding cats, so getting to where the school wants to be in using the technology is becoming a years-long process. That’s unacceptable in a business setting, but it is instructive. In any NAC deployment plan for user education and a grace period for bringing machines into compliance. (Compare NAC products)
Tim Greene is senior editor at Network World.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2009 Network World, Inc. All rights reserved. |
Comments (3)
If you're reading NETWORKWORLD you should know what NAC stands fBy Anonymous on September 8, 2008, 8:28 amIf you're reading NETWORKWORLD you should know what NAC stands for!
Reply | Read entire comment
The never-ending challenge for a trade publication/siteBy Adam Gaffin on September 4, 2008, 10:02 amAt what point does an acronym become so accepted that we no longer have to define it, and start annoying regular readers who want us to just get on with it and make...
Reply | Read entire comment
NAC? NAck!By NacNacNac on September 4, 2008, 1:50 pmWould it kill you to define an acronym before you use it 24 times?
Reply | Read entire comment
View all comments