Last week’s long-awaited first pass at a display of interoperability between network access control components from Cisco and Microsoft only underscores the complexity of the task that remains and the need to involve more vendors, experts say.

The good news, they add, is that the cooperation building between these industry giants should benefit most those organizations that have built their infrastructures around Microsoft and Cisco products.

“The interoperability is important based on who the players are, but it is hard to get excited about two vendors patching together their proprietary hardware and software,” says Andrew Braunberg, senior analyst for information security at Current Analysis. “We are no closer to open standards for network access control.”

Openness is being pushed by the Trusted Network Connect (TNC) group, which is working on a set of open NAC specifications within the Trusted Computing Group (TCG) industry association, and by the IETF’s Network Endpoint Assessment (NEA) working group. Microsoft is a member of both groups and says it plans to focus more on those efforts after completing its initial work with Cisco. Cisco is not a member of TCG, but does work within the NEA.

At IDG’s Security Standard conference last week, the companies put on a demonstration involving integrating Cisco’s Network Admission Control (C-NAC) and Microsoft’s Network Access Protection (NAP) frameworks. They also released a white paper and announced plans for a private beta later this year.

“They have some form of interoperability, but you still end up with a proprietary architecture that is tied down to their business interests,” says Steve Hanna, co-chair of the TNC group, which in May released the final specifications for building an open standards-based NAC system. Hanna says the goals are adoption, greater functionality and compatibility, and compliance testing.

Observers say interoperability gains by Cisco and Microsoft are only small steps forward, because they center on consolidation around agent protocols used to provide data on the health of network endpoints, not around the frameworks themselves.

In fact, the two vendors specifically pointed out that customers would have to deploy the Cisco Secure Access Control Server (ACS) and the Microsoft Network Policy Server (NPS) for the initial interoperability release.