Agentless and Agent Options

The best approach for policy assessment and enforcement for NAC solutions depends on the network as well as the requirements for the application. Ensuring implementation is compatible with your infrastructure will go a long ways towards ensuring a smooth and successful deployment.

Agent or Agentless?

Agentless NAC is the easiest to deploy, but offers less control and fewer inspection capabilities. Agent-based NAC can perform deep inspection and remediation at the expense of additional software on the endpoint. Deploying software to large numbers of mobile devices or computers is a significant expense, so the agent must provide ample benefits to warrant its installation. With mobile devices, the agent-based approach can provide a lightweight MDM solution if full MDM capabilities aren't needed. Agents on mobile devices can detect jailbroken or rooted devices and installed applications. With desktop and laptop systems, the agent provides additional capabilities, such as comprehensive device information, automated remediation and transparent device auditing. If desktop and laptop auditing and remediation aren't needed in depth, or if the primary platform addressed by the NAC solution is a mobile device with an existing NAC solution, the agentless approach offers simpler configuration and deployment. CGX lets you start with whichever approach suits your needs. You can add agents or agentless policy assessment at any time, or even mix the two. The same policy manager and policies can manage both approaches to suit your company's customized needs.