• United States
Editor in Chief

Interop abuzz with yap about NAC

May 08, 20063 mins
Cisco SystemsNetworking

Some of the buzz was back at Interop in Las Vegas last week. Early figures put attendance at 18,000 and the show had a healthy, vibrant feeling (see our complete Interop coverage).

“I had gotten really concerned about Interop in the last few years,” said Thomas Noonan, CEO of Internet Security Systems (ISS). “Companies weren’t making any product announcements. I thought it might have plateaued, but it seems like it might have climbed out. There are a lot of announcements here, some excitement.”

ISS used the event to unveil its Virtual Security Operations Center (V-SOC), a portal that will give customers a centralized view of on-premise and remotely managed devices. The V-SOC is a key deliverable in the company’s plans to offer on-demand security services that can take advantage of its installed base of intrusion-prevention devices that are already on customer networks performing deep packet inspection.

The first two on-demand services are security event management and security log management. Future services might include VoIP security, compliance management and IP TV security, he said. The idea is to get away from “every new threat category resulting in a new security category,” Noonan said. “That’s not scalable.”

Security remains a big topic at the show, and there was a lot of noise around network access control (NAC).

A number of companies are looking to help you safeguard your network by scanning newly attached devices for things such as proper patch levels, anti-virus tools and so on, but confusion reigns (see The competition for NAC).

For one, people confuse Cisco‘s product, Network Admission Control, with the broad NAC product category, said Brian Berger, executive vice president of sales and marketing for Wave Systems and head of marketing for the Trusted Computing Group (TCG). TCG is a vendor consortium that is building a NAC reference model called Trusted Network Connect.

While TCG boasts some 136 vendors, Cisco isn’t one of them, having decided instead to promote its approach as an IETF standard. In a session on NAC, Jeff Platon, vice president of product and technology marketing at Cisco, argued that establishing the standards is more important than participating in building a reference model.

There is some hope, however, that the TCG and Cisco camps will come together. There was a gathering at a recent IETF meeting co-chaired by Cisco and TCG reps to discuss ways to address differences.

One thing NAC suppliers agree on is customers should get their feet wet today by using NAC to scan mobile and guest devices before they are allowed to attach. Those are primary attack vectors, and limited NAC deployments can provide big gains.