Cisco, Microsoft Join Forces On Security

At The Security Standard conference in Boston this week, the two companies are demonstrating an interoperable architecture that will enable customers to use both Cisco's Network Admission Control (NAC) and Microsoft's Network Access Protection (NAP) technologies. Both offerings are designed to protect corporate networks by verifying the security health status of devices before granting them access.

With Cisco and Microsoft unveiling definitive interoperability plans, channel partners should expect more robust sales of network access solutions, said Christian Rolland, CTO of VLSystems, an Irvine, Calif.-based solution provider.

"The biggest value in the announcement is to ease customers' minds about going ahead and moving forward with NAC today. It's not going to be obsolete, and they'll be able to leverage the investment," Rolland said. "The opportunity it creates for us is tremendous."

Executives from Cisco and Microsoft said customer demand is driving the push toward interoperability.

Sponsored post

"We're giving our customers the choice to figure out which components to enable," Bob Gleichauf, CTO of the Security Technology Group at Cisco, San Jose, Calif., said during a press conference. "Our job is to provide integration and interoperability so customers can figure it out for themselves."

The interoperability came as a result of nearly daily contact between Cisco and Microsoft, company executives said.

"We're working as closely with Cisco as we do with any internal team at Microsoft," said Mark Ashida, general manager of Windows networking at Microsoft, Redmond, Wash.

Cisco and Microsoft's move to cooperate on security follows recent moves by Microsoft that spurred competition between the two vendors in the unified communications space. Though the companies collaborate on that front as well, Microsoft in July forged a deep joint development, sales and marketing pact with Nortel Networks and plans future product launches that will put it in direct competition with Cisco's IP communications push.

While Cisco and Microsoft will continue with their own network-access control strategies, they have taken steps to provide interoperability for customers that want the flexibility of using both, executives said. In October 2004, the two companies said they planned to collaborate and develop interoperability between NAC and NAP.

Besides demonstrating interoperability at the conference, Cisco and Microsoft also released a white paper explaining the architecture. Executives said the companies plan to begin beta testing with a select group of customers by the end of the year.

General availability of the interoperable technology will come with Microsoft's launch of its "Longhorn" Windows Server, slated for release in the second half of 2007.

Components of the interoperable architecture include Cisco's development of EAP-FAST and a corresponding supplicant, which provide interoperability with the native Extensible Authentication Protocol (EAP) and 802.11x supplicant that will be included with Windows Vista and Longhorn. In addition, Cisco and Microsoft are enabling the use of a single agent, since computers running Vista and Longhorn will include the Microsoft NAP Agent as part of the core operating system that will be used for both NAP and NAC.

ISV partners will have access to NAP client APIs to encourage third-party development of health agent and health enforcement components of the offering. In addition, Microsoft plans to license elements of its NAP client technology to third parties to support non-Windows platforms, Ashida said. Cisco's NAC already supports non-Windows technology, according to Gleichauf.