Cisco rolled out their next uber security framework dubbed TrustSec . Unlike the failed Cisco NAC framework, TrustSec has learned some lessons from days gone by of the NAC framework. (I'll say more about that in a separate blog post .)

First, TrustSec is about policy-based networking. Recall something called DEN, or Directory Enabled Networking? It was all the rage in the late ‘90s and early 2000s. But vendors didn't do anything with DEN. I guess we just weren't ready. Cisco has now picked that ball up again, infused identity, authentication and access control into the picture and packaged it as TrustSec. I predict this is also Cisco's way of letting NAC go by the wayside and TrustSec (a brand) deliver on the key customer requirements of identity and access control while on the network.

But let's go back to policy-based networking for a moment. The obvious question is who manages those policies and where are the stored, e.g. which vendor's product are policies built, managed and stored in? Cisco, of course. Microsoft Active Directory plays a few key roles in the TrustSec architecture, that of being able to perform authentication and provide information about the group or organization association. Of course this can also be performed by LDAP directories and of course Cisco's authentication products. The real crown jewels are the policies that drive the policy-based access control, directing the switching fabric as to what traffic is allowed where based on who the idenity and policies of the authenticated user or guest.

Overlay Microsoft's desire to manage what applications you can use (see my previous post about Microsoft's virtualization vision and application virtualization ), and Microsoft's similar host-to-host networking intentions and you can see where Cisco and Microsoft clash.

For homogeneous Cisco networks, TrustSec will likely be a big hit in the network engineering and architecture departments. It's what customers have wanted for some time, and the NAC segment of the security industry has partially tried to evolve into. But somewhere down the road Microsoft and Cisco policy driven ambitions will come to an impasse, creating another tug of war between the two titans.

Like this? Here are more recent posts.
What Cisco TrustSec Learned From Cisco NAC Failures
Virtualization Center Series: Microsoft’s Vision – Diversity of Virtualization
Virtualization Predictions Forrester Forgot
VoIP Security Lessons Microsoft OCS Can Learn From Vonage and Others
Windows Mobile Office 6.1 - Upgrade Done Right

Visit Microsoft Subnet for more news, blogs, opinion from around the Web.
Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)