Cisco Systems Inc. and Microsoft Corp. Monday will announce a collaborative effort designed to bridge a divide between their emerging network access-control architectures.
The two companies said on Friday that they have agreed to share application programming interfaces and jointly develop protocols intended to improve interoperability between Microsoft’s Network Access Protection technology and Cisco’s rival Network Admission Control offering.
NAP and NAC are designed to help companies enforce security policies on network endpoint systems such as PCs and mobile devices. The technologies let IT managers set rules that prevent a client device from accessing a network unless it complies with policies on antivirus software updates, firewall configurations and other issues.
But Cisco’s plan is to integrate the functionality into its routers, switches and virtual private network devices, while Microsoft’s strategy is focused on embedding NAP in its operating systems.
The agreement to collaborate means that users shouldn’t have to worry about interoperability issues, said Joel Conover, an analyst at Current Analysis Inc. in Sterling, Va.
“Microsoft and Cisco needed to do this,” he said. “A lack of cooperation would have resulted in competing standards or no standards at all, both of which are unattractive to enterprises.”
Cisco released an initial set of NAC products in June. Microsoft will add VPN Quarantine support in the first service pack for Windows Server 2003, due by mid-2005. But Steve Anderson, director of networking in Microsoft’s Windows Server group, said full NAP support won’t come until the Longhorn version of Windows, expected in 2007.
Microsoft had planned to fully support NAP in an update to Windows Server 2003 that’s due in the second half of 2005. Anderson said the delay is being caused by the deal with Cisco and a decision by Microsoft to add IPsec enforcement in addition to Dynamic Host Configuration Protocol enforcement.
