10/15/2007 -- Cisco Systems Inc. didn't invent network access control (NAC), but -- thanks largely to its early and vigorous technology leadership -- it certainly helped take NAC mainstream. As a result, its competitors have had to scramble to catch up. Take archrival Juniper Networks, which earlier this month updated its own NAC-like offering, Juniper Unified Access Control (UAC).

Juniper says UAC version 2.1 boasts a bevy of enhancements, including integration with its intrusion detection and prevention products (IDP), a new OEM relationship with patch management specialist Shavlik Technologies, expanded platform support and improved role-based application access control.

Industry watchers like where Juniper is taking its signature NAC entry.

"[N]etwork access control presents [a] significant growth opportunity to the company and UAC could quickly evolve into its flagship security offering," said Adrian Braunberg, an analyst with consultancy Current Analysis. "This release helps Juniper remain competitive in a crowded market and better leverage its broader security portfolio."

On the other hand, Braunberg conceded, the UAC 2.1 enhancements touted by Juniper are likely to become standard features as competing NAC solutions catch up.

"[T]hese kinds of enhancements are going to be increasingly common," he said, adding that "[t]he market is full of vendors that do particular pieces of NAC very well. The goal for the leading vendors now is to create comprehensive NAC solutions, a task that is often most quickly accomplished through better integration with threat protection and remediation products."

For example, Braunberg said, Juniper should extend UAC to support IDP technologies other than its own.

"One of the chief benefits of NAC products is that they enable customers to better leverage existing security investments. This should be as true for IDP investments as it is for anti-malware investments," he said. "Another, minor concern is the fact that UAC does not yet support Microsoft's native Vista NAP agent. To work with Vista machines, UAC needs to deploy the UAC agent. Deepening interoperability between UAC and NAP should be a major goal of the next release of UAC."

The upshot, according to Braunberg, is that Juniper and other NAC challengers will work to round out their network access control stacks by means of internal development, partnership and acquisition. In this respect, he said, speed to market is crucial; it's for this reason that Juniper tapped Shavlik's proven patch management technology. Speed to market was also an important driver in Cisco's recent decision to OEM Great Bay Software's endpoint discovery and analysis product, Braunberg pointed out. --Stephen Swoyer