Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Cisco and Microsoft team up on NAC


Cisco and Microsoft plan to integrate their network access control architectures in a move designed to improve enterprise security policy enforcement and health assessment, both companies announced this week.

The interoperability of the Network Admission Control (NAC) and Network Access Protection (NAP) platforms will allow customers to deploy a combination of components. Cisco offers the NAC platform, while Microsoft provides the NAP platform, which is being developed for the upcoming Vista operating system and "Longhorn" Windows server releases.

The announcement, made Wednesday at The Security Standard conference in Boston, is a sign that the emerging network access market is thriving, which may encourage more enterprises to deploy NAC, said Rod Murchison, vice president of marketing at NAC provider Vernier Networks and a member of the Trusted Computing Group.

"Microsoft and Cisco are committed to work together to help our customers achieve the necessary balance between securing their IT infrastructure while enabling access to critical network resources," Bob Muglia, senior vice president of the Server and Tools Business at Microsoft, said in a news release issued Wednesday.

Cisco's NAC framework focuses on the network to provide enforcement, whereas Microsoft's NAP approach is concerned with endpoints and servers. Both were developed several years ago, but Microsoft has since embraced the need to concentrate more on the network, experts said.

"What we're finding is that with the horsepower and capability of networking devices, we can get there and do things you simply can't see at the endpoint," Murchison said. "Microsoft sees the two (Microsoft and Cisco) have to work in concert."

Under the interoperable architecture, it appears Microsoft will be responsible for running the client, testing the endpoints and creating policy, while Cisco will be charged with enforcement, according to a StillSecure white paper.

By agreeing to integrate, though, Cisco, a pioneer of NAC, is basically admitting defeat, Murchison said.

"This announcement really signifies to me that the Cisco NAC strategy has failed, and they are handing it over to Microsoft," he said. "It's a graceful exit plan."

But Cisco Chief Development Officer Charlie Giancarlo said in the release: "Interoperability provides the flexibility customers need to deploy a comprehensive solution that fits their business needs and hardens their IT infrastructure against security threats - threats that today are more complex and require greater coordinated protection throughout the network."

A beta version is scheduled for release later this year.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.