Two years after pledging to work together on a joint network
access control architecture, Microsoft and Cisco Systems last week
delivered on their promise, unveiling a roadmap for an
interoperable NAC solution.
But the roadmap is a long one, and although it does weave
together elements of each company's NAC offering, giving customers
some flexibility, it does not offer much hope for enterprises
running non-Windows or non-Cisco environments.
The architecture itself is a hybrid, comprising elements of
Microsoft's Network Access Protection (NAP) and Cisco's Network
Admission Control (NAC) solutions. It relies heavily on the use of
Cisco routers and switches, as would be expected, and will be
incorporated into Microsoft's Longhorn Server, scheduled for
release in the second half of 2007.
The system will be offered to a limited number of beta customers
later this fall, but Cisco and Microsoft officials said customers
should not anticipate a lot of bells and whistles when they deploy
the joint solution.
"It won't be flashy, because it shouldn't be. The recurring them
here is choice, giving customers a choice on which components to
use," said Bob Gleichauf, CTO of the Security Technology Group at
Cisco.
The choices are, in fact, limited to Cisco or Microsoft
components. The companies plan to license some of the proprietary
protocols they developed to third-party vendors, and Cisco's
standalone NAC solution does provide support for non-Windows
devices. Bit the joint architecture is designed to run best on
Cisco networking gear and Windows systems.
Still, officials from the two companies acknowledged that many
enterprises may opt for other NAC solutions.
"Some form of admission control will be standard on enterprise
networks," said Mark Ashida, general manager of the Enterprise
Networking Group at Microsoft.
Ashida and Gleichof also made it clear that the work their
companies did on the NAC-NAP solution is not the end of their
cooperation.
"This is a model Cisco and Microsoft can return to over and
over," Gleichauf said.