Provisioning has been the hottest selling identity product as of late. The reason is simple: compliance with legislation and regulation drives the use of provisioning (and de-provisioning) systems. But coming out of the recent Catalyst show, I'm ready to make a bold prediction: Network Access Control (NAC) is the "new" provisioning.
NAC is not necessarily a new thing, but recent developments in the marketplace and in the Trusted Computing Group have made "identity-based" NAC the up-and-coming topic among hip IT professionals. The reason, again, is simple: while traditional identity management abstracted the function from the application layer, modern business process drivers (like remote access and mobile workforces) are forcing the management of identity out to the edges of the entire network. Put simply: identity is moving out from the application layer to the network layer. As a result, a spate of hot new companies are arising to address the problem.
While at Catalyst, I spoke with or about companies like Apere, Trusted Network Technologies, Identity Engines, Applied Identity, Forescout, ConSentry, and Juniper Networks. You'll notice that only Juniper (along with their main competitor, Cisco) is on the "big company" side. Add to that list companies like AEP networks, Caymas, and Vernier - and you can begin to see that this area of "identity-based" NAC is exploding, and with good reason. One vendor even told me that one of their competitors was bolting on the term "identity-based" to their non-identity based products because it was the only way they could even be considered in deals and RFPs.
My concern with all of these companies is a bit more pedestrian, as I've personally adopted NAC as an obsession as we're structuring the content schedule for Digital ID World. That process of building content is driven by the conversations that Phil and I have with the marketplace (ie, customers) -- and their accompanying needs. And those needs, accordingly, drive the main themes for the year. Those themes have now clearly surfaced: compliance, authentication, roles, and NAC. And all of those themes speak to the larger movement of identity from an application layer abstraction to a cross-cutting IT concern.
As I dig down further into the NAC world, I'll relay back some more findings and distinctions, but in the meantime *this* is clear: Network Access Control is now front and center as the hot topic in the world of digital identity. Why? Because the customers (enterprises) told us so.