Microsoft, Cisco not in sync on security

SAN JOSE - While Microsoft and Cisco continue the hard sell on their respective visions for quarantine-based endpoint security, customers and industry experts are asking hard questions about cost, complexity and the willingness of these industry giants to work together.

The dual dynamics were on display at last week's RSA Conference 2006 (see our complete coverage), where Microsoft Chief Software Architect Bill Gates and Cisco CEO John Chambers each used the term "ecosphere" in describing the need to have a broad swath of security vendors in the anti-virus, patch management and endpoint security arenas cooperating to support a common framework that recognizes violations of security policy and restricts access until remediation takes place.

That Gates and Chambers were talking about separate frameworks was not lost on the audience. Microsoft and Cisco are fostering individual technology alliances to back their visions - with many vendors playing in both. Despite assurances to customers more than a year ago that they would merge their efforts, that issue remains unresolved.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

SAN JOSE - While Microsoft and Cisco continue the hard sell on their respective visions for quarantine-based endpoint security, customers and industry experts are asking hard questions about cost, complexity and the willingness of these industry giants to work together.

The dual dynamics were on display at last week's RSA Conference 2006 (see our complete coverage), where Microsoft Chief Software Architect Bill Gates and Cisco CEO John Chambers each used the term "ecosphere" in describing the need to have a broad swath of security vendors in the anti-virus, patch management and endpoint security arenas cooperating to support a common framework that recognizes violations of security policy and restricts access until remediation takes place.

That Gates and Chambers were talking about separate frameworks was not lost on the audience. Microsoft and Cisco are fostering individual technology alliances to back their visions - with many vendors playing in both. Despite assurances to customers more than a year ago that they would merge their efforts, that issue remains unresolved.

This uncertainty has contributed to widespread skepticism about both initiatives, known as Microsoft's Network Access Protection (NAP) - expected out with the Vista operating system later this year - and Cisco's Network Admission Control (NAC), currently in its first release of client software and support on Cisco gear.

"Conceptually, this is a fantastic idea," said conference attendee Keith Weisman, senior security engineer for OfficeMax in Itasca, Ill. "But I'm still generally skeptical. And we're also wondering what this is going to cost."

OfficeMax has turned to other approaches, including Lancope's StealthWatch appliance, to internally monitor for worm infections, spyware and intrusions.

In a conference session on network-access control, Gartner analyst Lawrence Orans alluded to the angst caused by the lack of news from Cisco and Microsoft as to how they will merge their technologies. The companies pledged in October 2004 that they would cooperate to ensure that NAP and NAC worked together. Orans invited panelists Khaja Ahmed, Microsoft software architect, and Russell Rice, Cisco's director of marketing, to clarify how far any joint effort has progressed.

Ahmed said NAP "will cause you to re-architect your network" and will "bind together two distinct groups," that today are largely separate - network and applications security. He also said "we don't have a committed road map" for any joint technology with Cisco and that the NAP effort was turning out to be more complex than once thought.

Rice said the work with Microsoft is ongoing.

NAC works for user

The enterprise customer on the panel, Frank Watts, senior architect in the IT risk-management division at JP Morgan Chase & Co., said he tested the Cisco NAC-based Trust software with LANs in a lab, and it did work to determine the need for Symantec anti-virus on desktops.

"It worked pretty much as advertised," said Watts, who added that JP Morgan Chase sees huge potential in using this type of endpoint security to identify risky or infected computers, quarantine them and get them up to speed quickly in terms of safety.