Ciscos NAC Leads Network Security Space

Microsoft, Cisco and the Trusted Computing Group each have big plans for their competing client integrity architectures, but Cisco already is moving ahead with its second wave of products while the others finalize their technologies.

Microsoft Corp., Cisco Systems Inc. and the Trusted Computing Group have big plans for their competing client integrity architectures, but while the TCG and Microsoft are still finalizing their technologies, Cisco already is moving ahead with its second wave of products.

Since launching its NAC (Network Admission Control) effort in June, Cisco has been steadily expanding the program. In February, Cisco added ATD (Active Threat Defense) features to NAC for traffic inspection and application security.

/zimages/4/28571.gifClick here to read more about Ciscos network security push.

Last month, the company released a NAC appliance called Cisco Clean Access Out-of-Band that integrates with Ciscos switching infrastructure and can detect, isolate and clean infected or vulnerable devices that attempt to access a NAC-protected network.

This summer, Cisco will release software updates for its switching gear to support NAC policy compliance within LANs and WANs, said Russell Rice of Ciscos security technology group, in San Jose, Calif.

Meanwhile, Microsofts NAP (Network Access Protection) architecture is complete, but the technology is still being tested and wont see the light of day until Microsoft releases the "Longhorn" operating system in 2007, according to Steve Anderson, director of product marketing of the Windows Server Group. But Microsoft is hedging its bets, saying that it will integrate Longhorn with both NAC and the TCGs TNC (Trusted Network Connect) platforms.

Microsoft, of Redmond, Wash., is also working "relentlessly" with Cisco on an architecture that brings together NAC and NAP, and it hopes to announce a plan that brings the two schemes together and gives customers a choice of where to do policy enforcement "far ahead of when Longhorn ships," Anderson said.

At the Interop show this week, TCG will release its first specifications for building client and server plug-ins that can handle TNC integrity information. The group is moving ahead with more specs, scheduled for next quarter, including APIs that work across any network transport layer and strong authentication of TNC data using TCGs Trusted Platform Module chip.

/zimages/4/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.