Gartner’s 2010 Magic Quadrant for network access control (NAC) is remarkably crowded for a market that reportedly generated just $200 million in annual revenue in 2009. Gartner has included 18 vendors in this year’s quadrant. For many of these companies, NAC revenue is a drop in the bucket. For others, NAC revenue is everything (Bradford Networks, ForeScout, Avenda Systems, InfoExpress, Impulse Point, Nevis Networks). How the heck are they all making enough money to stay in the NAC business?
Gartner says that NAC gets a bad wrap because it’s not generating a ton of revenue and many vendors have disappeared. The most recent exit was ConSentry Networks, which mysteriously still has a live website even though it went out of business in August 2009. But enterprises are using NAC. Guest access is a hugely popular use case, and Gartner believes the “consumerization” of IT will only drive up NAC adoption. With end users bringing personal devices into work, enterprises will need to provide secure access to them.
Gartner is actually projecting a flat market for NAC in 2010, with no revenue growth. Total adoption of NAC is increasing but the revenue is flat because many vendors are offering NAC as part of a larger product or service. As we first pointed out while covering the first NAC Magic Quadrant a year ago, There are the infrastructure vendors like Cisco, Juniper, Enterasys, HP and Avaya, who embed NAC in their switching or security products. There are endpoint security and network security vendors like McAfee, Sophos, Symantec, Check Point Software, who bundle NAC in their products. The indie vendors have to compete against all these guys, many of whom might throw in NAC for free just to close a deal on some switches or some malware protection software. (Does anyone remember how popular Netscape Navigator was before Microsoft decided to bundle Internet Explorer with Windows for free?)
So what does this crowded quadrant look like?
Cisco and Juniper stand alone here. These are the companies who have both excellent technological vision and the ability to deliver on that vision to their customers. Symantec, a leader last year, was bumped into the challenger quadrant because its guess access capabilities are weak. Gartner kept Cisco in the leaders’ spot even though it says Cisco’s NAC solution is too complex and expensive. Gartner noted many Cisco customers have turned to NAC competitors recently. However, Gartner gave Cisco points for its roadmap, noting that the company will release a new line of NAC appliances later this year that consolidates many of the functions that were spread out over too many products. Gartner complimented Juniper for its early embrace of the Trusted Computing Group‘s protocols for NAC interoperability and its IF-MAP specification.
These are the companies that have the ability to close deals but whose technological vision needs a little refinement. As mentioned above, Symantec got bumped from into here for a poor approach to guest networking, which many industry observers see as a major use case for NAC. The only other vendor here is Sophos lost points because its NAC Advanced product, the high end choice of its two NAC products, requires agent software separate from its endpoint protection agent. Its counterparts (McAfee and Symantec) have integrated their NAC products into their overall endpoint protection agents.
These are the companies who are leading the market in terms of what they are doing with their technology but don’t have the robust sales, marketing and support capabilities required for closing deals against bigger companies. Here we find McAfee, the other major endpoint protection vendor in the space, along with NAC specialists ForeScout, Bradford Networks and Avenda Systems. Avenda is new to the MQ, it’s just four years old. Gartner gave it high marks for its embrace of interoperability and its focus on guest access. Bradford scores high in these areas, too. ForeScout is known for being easy to use and having an out-of-band approach that allows companies to move from one use case to another easily.
The Niche Players
These are the companies that don’t stand out for either their technological vision or their ability to execute. There are ten vendors in this category, some with big names (HP and Avaya) and some with small names (Nevis Networks, Trustwave). Gartner says all these companies are valid options for NAC, many of them targeting their products to serve specific vertical industries.
OK, so all 18 vendors are valid NAC options for someone. But there are EIGHTEEN of them. That’s a lot of NAC. This has been the case since the very beginning. NAC vendors have come and gone, and yet the market stays crowded. Even the Great Recession failed to thin the herd by very much.