Most of the NAC players changed their approach and marketing so that "Admission Control" morphed to "Access Control. The classic NAC was a concept invented by a 'Networking Giant' in 2003 to counter a problem caused by RPC Decom based worms such as MSBlaster. Even organizations with great firewalls and desktop security were getting damaged by infected laptops brought into work.

The concept was simple: have the network inspect those laptops to see if they were properly configured with software updates and virus signature updates before letting them on the network.

The basic model of remediation ordinary NAC is actually dead since it’s not realistically achievable in a working homogeny production environment! It’s extremely complicated consequently costly, partial consequently damaging to operational efficiency, not product agnostic and seeking to resolve a problem which is somehow forgotten.

If to achieve remediation you need to replace your networking equipment, deploy software agents, tie down to one vendor's eco-system and integrate NAC supported anti-virus just to make sure antivirus is updated,  you’d be better off replacing the antivirus solution in use.

Network Admission Control violates first and only rule of network security "Thou shall not trust an end point to report its own state" Can I determine network security by it’s associates or members? Can I trust network security to it’s Members? Users? Visitors?

Six years ago antivirus software solutions weren’t inspecting IP traffic at all and were able to fetch virus updates from single local resources. Antivirus vendors didn’t stay behind; they filled the gap rather quickly.

Six years ago no one realized what is 'patch management'. Today, any Win32 based systems constantly auto updates and each network manager host some sort of patch management mechanism, patching is common IT practice.

The Naked Port is the ‘Achilles’ Heel’ of the failed NAC theory. When your network is portnox’ed, all access to your ports is monitored, reported, regulated, supervised and most importantly - controlled.