computerwoche.de

Archiv

SMB - Cisco, Microsoft to announce NAC progress

06.09.2006
Cisco Systems and Microsoft will announce progress on a 2-year-old effort to link their separate technologies for network client health screening, commonly known as "network access control," according to sources familiar with the companies' plans.

The companies will use The Security Standard conference in Boston to unveil application program interfaces (APIs) in Microsoft's upcoming Vista operating system that will allow Cisco NAC-compliant switches and routers to evaluate the security posture of Vista systems.

Network access control technology allows companies to perform health checks on endpoint devices such as PCs and mobile devices before they are granted access to company networks. For example, worker PCs might be checked to make sure they are not infected with a virus, have up-to-date antivirus definitions, and a desktop firewall enabled before being allowed onto a corporate LAN.

Cisco first unveiled products that support (http://www.infoworld.com/article/04/06/21/HNciscocontrol_1.html) its NAC architecture in June 2004. Since then it has slowly expanded NAC support from routers to switches and introduced a NAC appliance, formerly known as "Clean Access." Microsoft's Network Admission Protection (NAP) client health screening architecture has always been linked to its upcoming desktop and server operating system releases Vista (http://www.infoworld.com/reports/SRmswindowsvista.html) and Longhorn, both due in 2007.

In the face of strong customer pressure to simplify the competing architectures, the two companies said in October, 2004 that they would integrate NAC and NAP (http://www.infoworld.com/article/04/10/18/HNmsciscogap_1.html). However, the companies have been sparing with details of the collaboration during the two-year project, prompting speculation that the promised integration was more PR than reality.

On Wednesday, the companies plan to show that they have made progress, putting features into Vista that allow companies with Cisco's Secure Access Control Server (ACS), Vista desktop systems, and a Longhorn network policy server to provide security status information from the Vista Security Center directly to Cisco switches, which can then evaluate the status against network policies. Systems that violate one or more security policies can be shunted off to quarantine for remediation, according to John Pescatore, an analyst at Gartner who has seen a demonstration of the system.