Smaller Players Filling NAC VoidBy Paul F. Roberts | Posted 2006-02-13 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
The RSA Conference could serve as a launching point for rapid adoption of endpoint security products by enterprises in the coming year, experts say.
Security products that perform health checks on desktop and laptop computers will be in abundance at this week's RSA Conference. But industry leaders Cisco Systems and Microsoft remain mum about a long-promised integration of their dominant network access control architectures, leaving IT managers wondering whether to go with one of the solutions that is already available or wait for an integrated offering that may never come.
Security industry mainstays and startups alike will unveil new NAC products and show off updates at the RSA Conference in San Jose, Calif. The show could serve as a launching point for rapid adoption of endpoint security products by enterprises in the coming year, experts say.
Sonnenschein Nath & Rosenthal, a Chicago-based law firm, is one of those companies, according to Adam Hansen, the firm's security manager.
Sonnenschein plans to deploy Cisco's Network Admission Control technology to help secure the firm's network against attacks from mobile laptops connected to the firm's network by visitors, according to Hansen.
The firm uses both Cisco and Microsoft products, but Hansen said that pressure from partners at the firm meant he couldn't wait for Microsoft to release Vista, which is slated to include NAP (Network Access Protection) technology, and that Cisco, of San Jose, Calif., has a more comprehensive endpoint security solution than other stand-alone vendors. "I hated picking one camp or the other, but you gotta go with what you know. ... NAC is real," he said.
Executives at Cisco and Microsoft still have little to say about how their endpoint security architectures will work together, almost 14 months after they pledged to cooperate.
"Everybody's heads are down, and we're working on collaboration," said Mike Schutz, group product manager in Microsoft's Security and Access Product Management group in Redmond, Wash. "Both companies feel like we're on track, but there's nothing new to report."
In an interview with eWEEK, Jayshree Ullal, Cisco's senior vice president of Data Center, Switching, Security Technology and Application Networking Services, said the company had done internal testing of NAC technology with Microsoft and agreed to use a single client and the 802.11x protocol for policy enforcement. Beyond that, Cisco will wait until Vista ships to announce more plans, he said.
In the meantime, a slew of companies have jumped into the void created by Cisco and Microsoft and plan to use the stage at RSA to highlight their wares.
Most notably, the Trusted Computing Group plans to demonstrate new capabilities for its standards-based NAC architecture, called TNC (Trusted Network Connect), at RSA, said Brian Berger, marketing chairman of TCG, in Portland, Ore.
TCG will demonstrate machines using its secure chip, the TPM (Trusted Platform Module) connecting to the TNC architecture, according to Berger.
"This is [TCG's] secret sauce," said Steve Hanna, a distinguished engineer at Juniper Networks and a TCG executive, in Sunnyvale, Calif. "We have the ability to integrate with trusted hardware on the client and detect and foil rootkits."
McAfee plans to announce its Policy Enforcer 1.0, an NAC solution that uses the company's existing desktop security agent and ePolicy Orchestrator network policy management platform and Foundstone vulnerability scanning technology, said Chris Kenworthy, senior vice president at McAfee, in Santa Clara, Calif.
Enforcer uses a new managed agent that is integrated with McAfee's existing desktop agent and a sensor that works with DHCP (Dynamic Host Configuration Protocol) servers to permit or deny network access based on the outcome of client health checks by Policy Enforcer, company officials said.
Policy Enforcer leverages McAfee's installed base of 40 million managed corporate desktops and offers an alternative to Cisco's NAC, which requires companies to rely entirely on recent vintage networking equipment from that company, McAfee executives said.
Continental Airlines, which has McAfee VirusScan 8.01 deployed on corporate desktops, plans to use Policy Enforcer, said Andre Gold, director of information security at Continental, based in Houston.
Continental is a heavy user of Cisco's networking gear but uses products from other vendors, too, which makes using Cisco's NAC impossible, Gold said.
Larry Seltzer says some form of network access control needs to be at least in the works for any large network, and administrators should insist on standards compliance. Click here to read his column.
ConSentry Networks is another NAC player banking on the need for cross-platform solutions. The company plans to unveil a new version of its LANShield product that uses Check Point Software Technologies' Integrity Clientless Security technology to integrate endpoint security agents for Cisco's NAC, Microsoft's NAP and TCG's TNC specification.
Security companies are responding to strong demand from enterprise customers for technology that can help them comply with new federal and state regulations and to counter the threat posed by mobile and remote workers, said John Oltsik of Enterprise Strategy Group, in Milford, Mass.
"IT administrators want to know what users are doingwhat device is coming onto the network and where it's coming from," Oltsik said.
Senior Editor Paula Musich contributed to this story.
Check out eWEEK.com's for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's Weblog.