Cisco And Microsoft Promise More Secure Networks ... Next Year - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

05:35 PM

Cisco And Microsoft Promise More Secure Networks ... Next Year

After two years of working together, the vendors say it will take another year before their integrated network security products are available.

Effective security isn't easy and building it into key systems and software takes time--more time than many businesses can afford to wait. Two years ago, Cisco Systems and Microsoft promised to work together on a better way to protect networks and computers from growing security threats. The vendors last week revealed the first details of how they plan to accomplish that goal by the time they finish rolling out the necessary technology in the latter half of next year.

The goal is to get Cisco's Network Admission Control, or NAC, technology to work with the Microsoft Network Access Protection, or NAP, capabilities available in the upcoming Windows Vista and Longhorn operating systems, in order to prevent malware-infested computers from connecting to networks.

The result should be a breakthrough in integrated IT security when the package arrives in the second half of next year, the target date for Longhorn's release. But the need for network access control won't wait, so businesses will have to continue to use technology available in some of Cisco's and other security vendors' products.

Combined NAP and NAC consists of several client-side software apps that check and communicate the health of laptops, desktops, and other devices attempting to connect to a network. The process begins when a client running Vista attempts to authenticate to the network by sending a "statement of health" to a Cisco Secure Access Control Server via a switch or router. System-health agent software is available from Microsoft, as well as third-party vendors, including Altiris, McAfee, and Symantec.

Once the Access Control Server receives the authentication and admission request, it communicates with the Microsoft Network Policy Server, which in turn connects to a health-registration authority server or policy server to determine whether the client should get access, and then passes that decision back to the Access Control Server.

Legal Hurdles
Cisco and Microsoft have said little until now about how their technologies will work together. "We wanted to be sure this worked first," says Mark Ashida, general manager of Microsoft Enterprise Networking. The biggest challenges were corporate rather than technological. "We're governed by who owns what intellectual property," Ashida says. Adds Bob Gleichauf, CTO of Cisco's Security Technology Group, "We had to get our respective legal teams together to work out the cross-licensing."

Cisco's and Microsoft's work in this area won't be a big deal to most companies until they're running Vista and Longhorn. But they shouldn't wait, Gartner VP John Pescatore says. "If you're not going to Vista by 2008, you should be looking for appliances and other technologies that offer [access control] and asking those vendors how they plan to fit into Microsoft and Cisco's plans," he says.

Astrium North America can't wait. The unit of EADS Space Transportation knew that even with more time, Microsoft and Cisco couldn't handle all the Windows, Linux, Mac, and Unix clients attempting to connect to its networks. Astrium, which works on projects classified under State Department arms-trafficking regulations, is preparing to roll out a NAC appliance from Lockdown Networks, says George Owoc, director of business administration. "I'm a big Cisco fan," he says, but "I don't see anything that Microsoft and Cisco will provide that I can't get through Lockdown."

Security Over Time


Cisco and Microsoft announce plans to integrate their respective Network Admission Control and Network Access Protection technologies


Bill Gates demos NAP in his RSA Security conference keynote address

JUNE 2006

Researcher finds a vulnerability that could let attackers gain administrative access to Cisco Secure ACS servers, a key NAC component

JULY 2006

Cisco buys Meetinghouse Data Communications for $43.7 million to bolster its support of 802.1x, another key NAC technology


Cisco and Microsoft deliver details of how their NAC and NAP technologies will work together


NAC and NAP products will be available from Cisco and Microsoft

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Remote Work Tops SF, NYC for Most High-Paying Job Openings
Jessica Davis, Senior Editor, Enterprise Apps,  7/20/2021
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
White Papers
Register for InformationWeek Newsletters
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
Flash Poll