Security products that perform health checks on desktop and laptop computers will be in abundance at this weeks RSA Conference. But industry leaders Cisco Systems and Microsoft remain mum about a long-promised integration of their dominant network access control architectures, leaving IT managers wondering whether to go with one of the solutions that is already available or wait for an integrated offering that may never come.
Security industry mainstays and startups alike will unveil new NAC products and show off updates at the RSA Conference in San Jose, Calif. The show could serve as a launching point for rapid adoption of endpoint security products by enterprises in the coming year, experts say.
Sonnenschein Nath & Rosenthal, a Chicago-based law firm, is one of those companies, according to Adam Hansen, the firms security manager.
Sonnenschein plans to deploy Ciscos Network Admission Control technology to help secure the firms network against attacks from mobile laptops connected to the firms network by visitors, according to Hansen.
The firm uses both Cisco and Microsoft products, but Hansen said that pressure from partners at the firm meant he couldnt wait for Microsoft to release Vista, which is slated to include NAP (Network Access Protection) technology, and that Cisco, of San Jose, Calif., has a more comprehensive endpoint security solution than other stand-alone vendors. “I hated picking one camp or the other, but you gotta go with what you know. … NAC is real,” he said.
Executives at Cisco and Microsoft still have little to say about how their endpoint security architectures will work together, almost 14 months after they pledged to cooperate.
“Everybodys heads are down, and were working on collaboration,” said Mike Schutz, group product manager in Microsofts Security and Access Product Management group in Redmond, Wash. “Both companies feel like were on track, but theres nothing new to report.”
In an interview with eWEEK, Jayshree Ullal, Ciscos senior vice president of Data Center, Switching, Security Technology and Application Networking Services, said the company had done internal testing of NAC technology with Microsoft and agreed to use a single client and the 802.11x protocol for policy enforcement. Beyond that, Cisco will wait until Vista ships to announce more plans, he said.
In the meantime, a slew of companies have jumped into the void created by Cisco and Microsoft and plan to use the stage at RSA to highlight their wares.
Most notably, the Trusted Computing Group plans to demonstrate new capabilities for its standards-based NAC architecture, called TNC (Trusted Network Connect), at RSA, said Brian Berger, marketing chairman of TCG, in Portland, Ore.
TCG will demonstrate machines using its secure chip, the TPM (Trusted Platform Module) connecting to the TNC architecture, according to Berger.
“This is [TCGs] secret sauce,” said Steve Hanna, a distinguished engineer at Juniper Networks and a TCG executive, in Sunnyvale, Calif. “We have the ability to integrate with trusted hardware on the client and detect and foil rootkits.”
McAfee plans to announce its Policy Enforcer 1.0, an NAC solution that uses the companys existing desktop security agent and ePolicy Orchestrator network policy management platform and Foundstone vulnerability scanning technology, said Chris Kenworthy, senior vice president at McAfee, in Santa Clara, Calif.
Enforcer uses a new managed agent that is integrated with McAfees existing desktop agent and a sensor that works with DHCP (Dynamic Host Configuration Protocol) servers to permit or deny network access based on the outcome of client health checks by Policy Enforcer, company officials said.
Policy Enforcer leverages McAfees installed base of 40 million managed corporate desktops and offers an alternative to Ciscos NAC, which requires companies to rely entirely on recent vintage networking equipment from that company, McAfee executives said.
Continental Airlines, which has McAfee VirusScan 8.01 deployed on corporate desktops, plans to use Policy Enforcer, said Andre Gold, director of information security at Continental, based in Houston.
Continental is a heavy user of Ciscos networking gear but uses products from other vendors, too, which makes using Ciscos NAC impossible, Gold said.
ConSentry Networks is another NAC player banking on the need for cross-platform solutions. The company plans to unveil a new version of its LANShield product that uses Check Point Software Technologies Integrity Clientless Security technology to integrate endpoint security agents for Ciscos NAC, Microsofts NAP and TCGs TNC specification.
Security companies are responding to strong demand from enterprise customers for technology that can help them comply with new federal and state regulations and to counter the threat posed by mobile and remote workers, said John Oltsik of Enterprise Strategy Group, in Milford, Mass.
“IT administrators want to know what users are doing—what device is coming onto the network and where its coming from,” Oltsik said.
Senior Editor Paula Musich contributed to this story.