Cyxtera Blog: Appgate

Written by Paul Campaniello on December 15, 2017

How to Overcome Network Access Control Limitations

Enterprise technology has changed. Work habits have changed. And the network perimeter has dissolved.


Network security must change to keep up with enterprise technology and work habits. This is causing a fundamental shift in network security. The difference is:    

Network Access Control (NAC) Trusts Users Inherently

This trust model is designed to work inside the perimeter, yet Forrester says it is broken for four reasons:  

  • It's impossible to identify trusted interfaces
  • The mantra "trust but verify" is inadequate
  • Malicious insiders are often in positions of trust
  • Trust doesn't apply to packets 

Software-Defined Perimeter (SDP) Trusts No One

Abolishing the idea of a trusted network inside (or outside) the corporate perimeter.  

NAC was designed to work inside the perimeter – Build a perimeter around the internal network, verify who users say they are, and once in the door users gain full access to the network or at least a large portion of the network. But in this changing world, NAC falls short for seven reasons.  

In our eBook, How to Overcome NAC Limitations: Why a Software-Defined Perimeter delivers better network security for today’s enterprises, we discuss the reasons NAC solutions fail to protect your network and why a Software-Defined Perimeter overcomes these limitations.  

This eBook is for security, network, IT architect, operations, infrastructure and GRC professionals who want to protect access to physical, virtual and cloud-based IT systems.

How to Overcome NAC Limitations