Cisco/Microsoft network control move prompts enterprise re-think

Companies considering whether to roll out new network access control (NAC) systems may want to wait until a joint Cisco/Microsoft system comes to fruition.

Companies considering whether to roll out new network access control (NAC) systems may want to wait until a joint Cisco/Microsoft system comes to fruition.

Last week, Cisco Systems and Microsoft outlined how their network access control frameworks will interoperate.

Analyst Gartner said organisations must now decide whether to continue with their current NAC plans or wait for the integrated solution.

Cisco and Microsoft announced plans to deliver interoperability between Cisco Network Admission Control (CNAC) and Microsoft Network Access Protection (MNAP).

Later in 2006, the companies will implement a joint select beta with CNAC and MNAP interoperability.

Customers would be able to implement the CNAC-MNAP interoperability after Microsoft's Longhorn server operating system (OS) ships.

This integration promises to provide an interoperable NAC-enabled infrastructure to enterprises that use NAC-capable network equipment from Cisco and who have moved to Microsoft's Windows Vista OS on their desktops.

Gartner said this infrastructure could offer enterprises more architectural and product choices than are available through either supplier’s current frameworks.

The solution will not require software agents, policy servers or other NAC-related infrastructure from third parties. It will, however, require the use of an updated version of Cisco’s Access Control Server, Microsoft’s Active Directory, and Microsoft’s Network Policy Server (formerly known as Windows Internet Authentication Server).

With these in place, enterprises can integrate third party partner solutions with the application programming interfaces jointly developed by Cisco and Microsoft.

Gartner estimates that Longhorn will ship in the second half of next year, and both suppliers will continue to deliver their individual NAC solutions once the integrated solution is available.

Since enterprises must wait until Longhorn ships to deploy the integrated CNAC/MNAP approach, Gartner believes that the success of large-scale joint framework implementations (those using 10,000 or more nodes) cannot be assessed until the first quarter of 2008 or later.

Once the integration has been completed, said the analyst, independent NAC suppliers will have to show how they provide value outside of a Cisco/Microsoft-centric environment.

Network equipment suppliers that compete with Cisco will have to demonstrate the same level of interoperability with Microsoft while also showing how their NAC approaches support heterogeneous environments.

For joint Cisco/Microsoft customers, Gartner says firms planning to deploy Windows Vista to their desktops by year-end 2007, and preparing to implement Longhorn on select servers, should evaluate the integrated CNAC/MNAP framework along with independent NAC solutions for early 2008 deployment.

For firms planning a full Vista deployment into 2008 and beyond, Gartner said companies had more time and may want to consider alternative NAC solutions.

Vote for your IT greats

Who have been the most influential people in IT in the past 40 years? The greatest  organisations? The best hardware and software technologies? As part of Computer Weekly’s 40th anniversary celebrations, we are asking our readers who and what has really made a difference?

Vote now at:


Read more on Business applications