Computerworld - Network giant Cisco Systems Inc. and Microsoft Corp. today announced a collaborative effort to bridge a divide between their emerging network access security architectures.
Under the initiative, the two companies plan to share application programming interfaces (API) and develop protocols intended to improve interoperability between Microsoft's Network Access Protection technology and Cisco's rival Network Admission Control technology.
Both NAC and NAP are being designed to allow companies to enforce security policies on network endpoint devices such as PCs and notebooks. The technologies will allow IT administrators to specify rules that prevent a client device from accessing a network unless it complies with security polices relating to issues such as antivirus software updates, firewall configurations and passwords.
While Cisco's plan is to integrate the functionality into its routers, switches and virtual private network (VPN) devices, Microsoft is focused on embedding NAP into its operating systems. Microsoft will add VPN Quarantine support in the first service pack for Windows Server 2003, due in the first half of next year. But full NAP support won't come until the next major version of Windows, code-named Longhorn, which is expected in 2007, according to Steve Anderson, director of networking in the company's Windows Server group.
Microsoft originally planned to fully support NAP in a product update to Windows Server 2003, code-named R2, due out in the second half of 2005, Anderson said. In addition to delays caused by the deal with Cisco, full support for NAP was pushed back by Microsoft's plans to add IPsec enforcement to existing Dynamic Host Configuration Protocol enforcement, he said. That move was based on customer feedback.
The Microsoft/Cisco agreement means users shouldn't have to worry about interoperability between their respective network-protection technologies, said Joel Conover, an analyst at Current Analysis Inc. in Sterling, Va. "Microsoft and Cisco needed to do this," he said. "A lack of cooperation would have resulted in competing standards or no standards at all, both of which are unattractive to enterprises."
Sharing information on APIs and communication protocols is key to getting the network and operating system layers to work together, he said.
The collaboration was driven by users of both Microsoft and Cisco technologies, said Richard Palmer, vice president and general manager of Cisco's VPN and security business unit. "Our customers are very excited that the respective companies are moving forward [with NAP and NAC]," he said. "They wanted us to collaborate and make sure our respective solutions are compatible and interoperable."
This is the first time the two companies will be collaborating inthe security arena, said Bob Kelly, general manager of Windows Server product management at Microsoft.
"We are going after what we have both identified as one of our customers' most pressing challenge: protecting their assets" against worms, viruses and other attacks, he said.
Read more about Security in Computerworld's Security Topic Center.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
