The primary need for Mobile NAC is easy to understand. LAN-based NAC isn't designed to address mobile devices as they are mobile, so something else needs to perform that functionality. That something else is Mobile NAC.
There's an interesting true story from something that literally happened to me last week. Often, I get asked to speak at various security events. Some of these events are big, with hundreds of people attending the presentation, and sometimes these events are quite small. Last week, I was asked to speak at a chapter of a security organization. There were about 30 people present. This was the kind of event where security people from different companies get together once a month, share ideas, listen to people present, and pick up credits for their Certified Information System Security Professional (CISSP). I looked forward to the event, because this smaller group can lead to some great interaction.
The focus of my presentation was around the threats to mobility from an ethical hacking perspective. In the presentation, I talked about how mobile devices are more prone to attack, and more vulnerable than stagnant desktop systems (as I'll also discuss in detail in this chapter). I then followed up by stating the various technologies that can be used to help address these threats.
In particular, I used specific examples of how companies can misunderstand the security functionality of products and how this misunderstanding can lead to gaps ...