The purpose of Mobile NAC is to protect mobile devices as they are mobile. In doing so, Mobile NAC indirectly helps protect the corporate LAN. If mobile devices aren't allowed to get into a noncompliant state while mobile, or if they are restricted when noncompliant to where they can't get themselves into more trouble, then they'll be in good shape when they finally do try to come back to the LAN.
Why do enterprises care so much about protecting their corporate LAN? That's where the data is, and that's where people work. Systems need to remain up and running, data needs to be secure, and systems and people need to be productive. If these elements became jeopardized, it could affect the bottom line and the business would suffer.
LAN-based NAC is designed to protect the corporate LAN so that everything can remain secure and productive. In fact, LAN-based NAC is only one technology that is designed to do so. As mentioned, firewalls and intrusion-detection equipment are also in place. It is not uncommon for millions of dollars to be spent protecting the corporate LAN for all of the aforementioned reasons.
Here's an interesting fact: 60 percent of all corporate data assets reside unprotected on PCs (according to Search Security Newsletter). Also, workers are now routinely working from many different places outside the four walls of the physical corporate office space. It is imperative that these workers' devices be operational, or the bottom line and the business could ...