Cisco going open source with NAC client
Move will let the company free up development resources for other areas of its network admission control client
InfoWorld - As it develops the next-generation of network security infrastructure, Cisco Systems Inc. is planning to cease development on its network admission control (NAC) client, the Cisco Trust Agent (CTA), and submit the source code for the software client to the open-source community, Bob Gleichauf, chief technology officer of Cisco's Security Technology Group, told InfoWorld.
Cisco has a goal of making the CTA open source within "a couple months," allowing the company to free up development resources for other areas of NAC, Gleichauf said. Cisco's decision is more evidence that Cisco will cede control of the desktop to Microsoft Corp.'s Vista, following a deal in September to use the Microsoft Network Access Protection Agent (NAP) as the client for both Cisco NAC and NAP.
"CTA will be something that's open source. That's just logically where it should end up," Gleichauf told InfoWorld. "We don't want to be in the CTA business, so we're going to just open it up."
In September, Cisco and Microsoft unveiled the fruits of a long, cross company effort to integrate their network access control architectures. The plan devised by the two companies called for computers running Windows Vista or Windows Server to include the NAP Agent component as part of the core operating system, and to use that agent for both NAP and NAC. The NAP added support for Extensible Authentication Protocol over UDP and EAP-FAST support, developed by Cisco and distributed over Windows Update in addition to native EAP methods and an 802.1X supplicant to enable it to work for both NAC and NAP.
Computers running Windows XP with Service Pack 2, as well as non-Windows systems, would need to run the Cisco Trust Agent for NAC and run the NAP Agent for NAP. Cisco also promised to continue developing CTA for non-Windows Vista and non-Windows Server "Longhorn" platforms.
Since then, however, Microsoft and Cisco have extended both 802.1x and EAP support to Windows XP, reducing the need for the CTA, said Mark Ashida, General Manager of Enterprise Networking Servers at Microsoft.
Open-sourcing the CTA agent is just part of a much larger effort at Cisco to push beyond mere network access control to a much broader security architecture that addresses problems such as data leaks and policy enforcement -- architecture in which Cisco's Security Agent (CSA) will play a much bigger role, Gleichauf said.
"Data leakage is about things crossing boundaries from areas you control to areas where you have less control: e-mail attachments going over IM, or data going from someone in [human resources] to someone in manufacturing who shouldn't see it," he said.
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Binary Option: Neustar SiteProtect Case Study Learn how Neustar helped Top10optionbinaire.com protect against DDoS attacks with SiteProtect DDoS mitigation technology.
- Four Ways DNS Can Accelerate Business Growth This DNS eBook describes how DNS has developed over the years to support business growth as new needs have emerged, for example, advanced...
- Architecting the Network of the Future Networks need to change, as does the way IT thinks about and manages them. In addition to reliability, IT must now add higher...
- Ecommerce Site Needs Protection Against Cyber 'Pirate' Learn how a Neustar customer thwarted 'Blackbeard,' a self-styled DDoS Pirate. Using Neustar SiteProtect, a cloud-based DDoS mitigation service, this everyday IT hero...
- Tales from the Trenches - Industry Risks and Examples of DDoS Watch Neustar experts as they discuss how DDoS impacts technology companies including online gaming, e-commerce and more. All Network Security White Papers | Webcasts