Skip Links

Network World

Mitchell Ashley

Microsoft NAP follows through on Linux and Mac agents

By Mitchell Ashley on Thu, 11/15/07 - 12:38am.

Back in July 2007, Amith Krishnan, senior product manager for NAP at Microsoft, appeared on my podcast (StillSecure After All These Years podcast) to talk about Microsoft's announced support for the Trusted Computing Group's TNC standard, Trusted Network Connect.

As part of that announcement, Microsoft claimed they would open up the NAP agent to other platforms. But rather than develop Linux and Mac NAP clients, Microsoft would make the technology available for third parties who could create NAP agents for non-Microsoft operating systems. True to Amith's word, UNETsystem announced NAP compatible versions of their AnyClick product for Linux and Macintosh OS X operating systems. Microsoft NAP and network access control (NAC) are technologies I'm very familiar with, having created a product in this space with my former company, StillSecure.

One part of the UNETsystem Anyclick solution that's not so clear is who will be providing the NAP logic, often called NAP policies or security tests, for the NAP clients running on Linux and Mac OS X (and Windows OSs). The NAP client is just the mechanics of returning a thumbs up or down as to whether an endpoint gets on the network. The brains are really in a NAC policy management system. Celestix Networks announced they want to play in that part of the NAP ecosystem, but it remains to be seen if Microsoft and/or other vendors will lay claim to this important part of NAP. Avenda Systems is planning a product for Linux clients. Celestix Networks is a firewall, VPN company, and complex policy management may beyond an edge appliance player.

NAP policy management is the center of the universe in network access control and requires some pretty rock solid technology. A false positive or false negative could mean workers are inappropriately booted off the network, impacting business continuity and productivity. The policy management winners for NAP is still to be played out.

About Converging on Microsoft
Mitchell Ashley has a diverse background in software development, network engineering, information security, mobility, collaborative technologies, and IT management and operations. An early adopter of social media in business, he began blogging about security and information technologies in 2006 at theconvergingnetwork.com. Mitchell is VP of Information Technology at CableLabs in Louisville, CO, and previously held positions as CIO, CTO and VP Engineering at prior companies.
 

Most Discussed Posts

Blog Roll
Personal blog
http://www.theconvergingnetwork.com
Personal podcast
http://ashimmy.podomatic.com