nacapi.com

What It Is

NACAPI is a cloud-based, AI-driven Network Access Control (NAC) solution that is still in the pre-release stage. Its core concept is “Nano Segmentation.” The product applies fine-grained access control directly at the network port where a device connects, using device-level ACLs to restrict both north-south and east-west traffic. It is mainly aimed at non-traditional devices that are difficult to install agents on, such as IoT, OT, medical devices, PLCs, and SCADA systems.

Core Capabilities

In terms of protection model, NACAPI is not traditional endpoint security. Instead, it focuses on device identification, classification, and communication restrictions at the access point. The material emphasizes that AI can improve the accuracy and speed of device identification, and automatically apply purpose-appropriate policies to different devices—for example, allowing a camera to access only the NVR, a medical pump to access only the nurse management station, or a PLC to connect only to designated control servers. For deployment, it claims integration with existing network equipment without requiring additional hardware or security gateways, and mentions ecosystems such as Cisco, Cisco Meraki, Juniper/Mist, Aruba, and Extreme Networks.

Pricing and Service Status

Official commercial pricing has not been disclosed. The main available information is the Beta program: it favors Meraki cloud customers, and participants can receive 1 year free, future discounts, early access, and dedicated support. This indicates that the product’s maturity, stability, and enterprise-grade operational experience still need to be validated.

Pros and Cons

The strengths are its clear positioning and suitability for reducing lateral movement risks among IoT, OT, and medical devices. Port-level ACLs are more granular than simple VLAN isolation, and reusing existing network equipment can reduce hardware investment. The drawbacks are that the material does not provide details on compliance certifications, management console capabilities, alerting methods, audit reports, API or SIEM integrations. It also lacks customer references and production-environment metrics. The effectiveness of AI-based identification, false-positive handling, and policy rollback mechanisms are still not publicly explained.

Who It’s For and Access from China

NACAPI is better suited to organizations with large numbers of high-risk connected devices, such as healthcare, manufacturing, energy, water treatment, and critical infrastructure sectors—especially teams already using Meraki or equipment from the listed network vendors. Access from China, payment methods, and local support have not been disclosed, so they should be considered unknown. If you need a domestic alternative or a more mature solution, compare it with Cisco ISE, Aruba ClearPass, Forescout, FortiNAC, and local NAC/admission control products.