Its funny I was talking about buying single vendor solutions this morning and security problems then this pops up: http://www.cisco.com/en/US/products/products_security_advisory09186a00807b6621.shtml
A vulnerability in NAC is kind of like buying a bulletproof vest that’s not bullet proof. NAC is suppose to help stop security events and here it seems network admins have to spend time fixing the fix for security problems. It seems like a python feeding on itself...
This is the reason vendors should be pushed to have their products certified by a third party. Not the “we ran a vuln scanner and found nothing” kinda cert, I mean something that takes a disassembler and maybe a screwdriver. Of course no vendor really wants anyone looking that close at anything they do.
"Trust us....its safe" is what they want you to believe. Would you jump from a plane with a parachute packed by someone else you don't know...neither would I.