Endpoint security needs open standards: experts

Security experts have criticized Microsoft Corp. and Cisco Systems Inc. for pushing their own proprietary technologies instead of relying on open-standards protocols.

Microsoft and Cisco earlier this month announced what they’re calling an interoperability architecture that will allow Cisco’s Network Admission Control (NAC) to work with Microsoft’s Network Access Protection (NAP), included in Longhorn and Vista. The two technologies aim to address what’s become known as network access control, which combines user identity management with endpoint client security checks. Based on a set of policies, the network is able to identify authorized users connecting to the network and then scans PCs, laptops and mobile devices to ensure they’re virus-free and patched with the latest updates. Network access control uses scanning agents that contain EAP (extensible authentication protocol) modules to perform authentication and security checks.

The cross-licensing agreement between Cisco and Microsoft means Microsoft’s NAP Agent will include EAP modules contained in Cisco’s Trust Agent, and effectively opens communication between Longhorn’s Network Policy Server and Cisco’s Access Control Server.

But integrating two proprietary technologies is just a big step backwards, says Jon Oltsik, a senior analyst for Milford, Mass.-based Enterprise Strategy Group.

“Users don’t want interoperability between two proprietary standards,” says Oltsik. “They want openness. They want the ability to integrate anyone’s gear, to do enforcement at any point, integrate any type of client, and use any type of EAP.” Networking companies like Juniper and Nortel have joined forces with security vendors such as Symantec, CA, Check Point and McAfee to work towards open-standards network access control.

Trusted Network Connect (TNC), a working group within the Trusted Computing Group, has provided a set of protocols that will allow interoperability across any network

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now