The upside of 802.1x for NAC users

Clarifying issues surrounding this emerging security architecture

ProCurve from HP has joined the OpenSEA alliance, which is developing an open source 802.1x client. The upside of this for NAC users is that if they are implementing NAC and using 802.1x as the authentication and enforcement mechanism, they don't have to rely on Cisco, Juniper or Microsoft, the three major commercial vendors of such software.

While ProCurve has worked with these other vendors for interoperability with its NAC appliance and intelligent edge switches, it sees this open source effort as a way for customers using multiple operating systems on their end devices to standardize on a single 802.1x client, also known as a supplicant.

HP is also toying with installing the open source X supplicant on PCs so it is available for customers if they want it. Meanwhile, HP will reference the supplicant as being interoperable with its gear.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

ProCurve from HP has joined the OpenSEA alliance, which is developing an open source 802.1x client. The upside of this for NAC users is that if they are implementing NAC and using 802.1x as the authentication and enforcement mechanism, they don't have to rely on Cisco, Juniper or Microsoft, the three major commercial vendors of such software.

While ProCurve has worked with these other vendors for interoperability with its NAC appliance and intelligent edge switches, it sees this open source effort as a way for customers using multiple operating systems on their end devices to standardize on a single 802.1x client, also known as a supplicant.

HP is also toying with installing the open source X supplicant on PCs so it is available for customers if they want it. Meanwhile, HP will reference the supplicant as being interoperable with its gear.

802.1x is important to NAC because it can be used as a means to enforce NAC policies about the status of endpoints trying to access networks. The client 802.1x software responds to requests for identification, and based on its identity, is allowed access or not. Access is enforced by an 802.1x network device such as a switch.

OpenSEA is important, according to the group’s founders, because the major commercially available 802.1x supplicants are owned by Cisco, Juniper and Microsoft, which makes it less likely that third-party NAC gear can enhance its functionality based on extending the supplicants. The third parties may not be able to get access to the proprietary 802.1x supplicant code to do so.

OpenSEA, which stands for Open Secure Edge Access, also has Aruba, Extreme Networks, Identity Engines, Infoblox, Symantec, TippingPoint and Trapeze Networks as members.

Read more about security in Network World's Security section.

Tim Greene is senior editor at Network World.