Microsoft Forges Security Alliance With Juniper Networks
Microsoft, Juniper work to integrate Network Access Protection and Unified Access Control
- By Keith Ward
- May 22, 2007
Many public buildings these days have concrete poles or other large barriers on the outside, and metal detectors inside. The idea, of course, is to keep outsiders from bringing anything dangerous inside. The same principal applies to computer security as well, and a hot trend in the security industry these days is technology to keep dangerous computers from corrupting an internal network.
The Microsoft version of this technology is called Network Access Protection, or NAP. Microsoft announced at the Interop Las Vegas conference this week that it is expanding the scope of NAP to work with Juniper Network's version, known as Unified Access Control (UAC).
Sunnyvale, CA-based Juniper makes several hardware appliances for UAC, for use in medium-size business and enterprises. Microsoft's interoperability with Juniper means, among other things, that businesses with Juniper equipment don't have to throw it out to use Microsoft NAP on the network as well.
"Interoperability of NAC infrastructures enables customers to quickly and effectively adapt to changing business and network environments, especially now that companies will be able to leverage Windows Vista and Windows XP as their NAP or UAC clients," Bob Muglia, senior vice president of the Server and Tools Business at Microsoft, said in a press release. "Customers can feel confident in the investments they make today in NAP, Windows and the Juniper Networks UAC solution."
As part of the announcement, Microsoft also stated that it contributed NAP’s primary Statement of Health (SOH) client-server protocol to the Trusted Computing Group’s (TCG) Trusted Network Connect (TNC) open specifications for network access control. The main benefit is that NAP clients, servers and other infrastructure will work with any other systems that use the TNC protocol. That includes Windows XP and Windows Vista, which have NAP clients built in.
The SOH is a determination of the compliance of a computer with a given network's security protocols. For example, a computer attempting to join a network using NAP would need to demonstrate, say, that it is up to date with its virus scans and signatures. If it failed, it would be denied access to the network. Juniper's appliances use the TNC protocol.
Interoperability, in this case, is not synonymous with open source. The TCG is a somewhat controversial organization, having been founded by, among others, Microsoft, Intel, IBM, HP and others to implement trusted computing standards. Much of the free software community is critical of the TCG, claiming that it locks customers into proprietary standards, rather than open standards. Richard Stallman, a free software evangelist, has called Trusted Computing "Treacherous Computing."
Keith Ward is the editor in chief of Virtualization & Cloud Review. Follow him on Twitter @VirtReviewKeith.