Identity-management technologies are beginning to weave together the application and network layers of corporate networks, significantly improving access control, easing management burdens and helping users meet stringent compliance and security mandates.
"Man on the Street" at The Security Standard
9/8/06
The NAC train is leaving the station
8/26/06
The tools of this emerging trend will be on display this week at the annual Digital ID World conference in Santa Clara, where vendors such as Apere, Applied Identity, Caymas, ConSentry Networks, Identity Engines and Trusted Network Technologies (TNT) will display their network access control (NAC) gear. NAC relies on identity to determine which machines get on the network - and more important, what users are authorized to do once there.
While NAC is gaining momentum, users and analysts say the unification of the network and application layers via identity is a missing link to reducing risk in a compliance-driven world where access is expected from anywhere and network perimeters are disappearing.
Click to see: Identity and the network
| Identity and the network A number of network access-control vendors slated to appear at this week's Digital ID World conference are adopting identity technology to help improve network and data security by integrating the network layer and the application layer. |
|||||||||||||||||||||
|
"It is becoming more important to know who is on the other end of the wire," says Jon Oltsik, senior analyst for information security at the Enterprise Strategy Group. "Security, compliance and global business initiatives are going to drive these two [layers] together."
To underscore this emergence of sophisticated NAC options, Cisco and Microsoft last week at the Security Standard conference introduced a white paper detailing how users can integrate Cisco's Network Admission Control and Microsoft's Network Access Protection (NAP) technologies. The companies said they would support each other's protocols, but stuck to their previous statements that they would develop their own NAC frameworks while providing methods for users to integrate the two.
They said interoperability would hinge in part on a single agent that will ship with Vista and Longhorn Server, and that will work on the Cisco and Microsoft platforms and can be used by third parties to tie their systems into the architecture. Cisco will continue to develop its Trust Agent to support non-Microsoft platforms.
The companies plan to begin a beta test with a limited number of users by year-end, but the entire architecture won't be available until Microsoft's Longhorn Server ships in late 2007.
By contrast, Caymas, ConSentry, TNT and others are shipping hardware and software that goes beyond validating that a machine is current on patches and antivirus and spyware signatures - which are the pre-admission to the network checks Cisco and MS initially are focused on - into postadmission controls that use identity and policies stored at the application layer to govern how the network looks and reacts to a particular user.
|
Does Verizon's Voyager stack up to the iPhone? |
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
