This fall I spent a week with the InteropLabs team preparing a network access control interoperability demonstration for Interop New York, held in September. Although we wanted to update things from our initial round of testing conducted in the spring, our general objective was to replicate what we had done for Interop Las Vegas in May and not reengineer everything. Despite this modest goal we had almost 30 people working on the labs — more than we had for the Las Vegas show.
This proves that NAC has become one of the hottest technologies of the year. I learned three main things from this latest round of testing:
• The Trusted Computing Group (TCG) team is quickly getting its act together. Everyone wants to play with NAC powerhouses Cisco and Microsoft, but the lure of open protocols and industry standards is strong. TCG’s work on NAC is ongoing, with most of the protocols defined. Still, compared with Cisco’s more mature framework, we had no problem getting enthusiastic support to build a full TCG-based solution.
• Cisco has an amazingly broad solution and great industry support. When most people talk about NAC, they end up tongue-tied when it comes to the details. That’s not good enough for a complete and successful deployment. Having a framework is nice, but having answers for all the details is critical. Cisco has those answers, either from its own portfolio or from a broad set of supporting partners.
Cisco’s extensive enterprise experience should not be underestimated. Cisco is the big cheese of the LAN and knows enough to cross NAC borders when the opportunity arises.
• Microsoft is marshalling its forces. We had an astonishing number of vendors gathered around the Microsoft table trying to make the Vista/Longhorn-based NAC solution work with their own products. This included hardware from Aruba Wireless Networks, Avaya, Cisco, Enterasys, Extreme Networks, HP and Nortel, along with software from Lockdown, Microsoft and Trend Micro. This tells me that when Microsoft does release Longhorn, it’s going to be strong out of the gate.
Even after spending all this time and energy taking in all three NAC schemes, I hope Microsoft, Cisco and TCG can come together on a single solution. In the long run, that would be better for everyone.