Cisco, Microsoft Demo Network Security Cooperation

It has taken nearly two years, but Microsoft and Cisco Systems are finally ready to demonstrate how their network access security products will work together.

The demonstration will be held at the Security Standard Conference in Boston this week, where the two companies also will announce plans to roll out an early beta program for certain customers who want to test the new products.

Cisco and Microsoft have both developed their own sets of protocols and technologies to control which devices are allowed to connect with corporate networks. Called Network Admission Control (NAC) by Cisco and Network Access Protection (NAP) by Microsoft, these products are designed, for example, to prevent virus-laden laptops and remote PCs from connecting behind the firewall and infecting other systems on the network.

In addition to providing a demonstration for Security Standard show attendees, the two vendors will announce NAC/NAP beta program, set to roll out by year’s end, that will allow certain select customers to test their respective products. A white paper on NAC/NAP interoperability will be posted here.

The companies have been promising to work together on NAC and NAP since October 2004, and that work is finally beginning to bear fruit, said Bob Gleichauf, chief technology officer for Cisco’s security networking group.

“We’ve really sent a clear message here: ‘Damn, they finally have figured out how to do something together,’ ” he said. “The industry needed to see that.”

Microsoft and Cisco have also signed a cross-licensing deal that would allow Cisco to develop NAP products and Microsoft to develop NAC products at some point in the future, Gleichauf said.

Since the interoperability plans were first announced, Cisco and Microsoft haven’t said much about how the work was progressing, causing some customers to wonder when and if the work would be completed, analysts said.

“It took them a long time to get here, and I think the biggest problem they had was due to the fact that they weren’t telling anybody [what was going on],” said Robert Whiteley, a senior analyst with Forrester Research.

Cisco has written software for the NAP Agent component of Windows Vista that will allow Vista clients to work with Cisco’s NAC products, but full interoperability between the two platforms will not occur until Microsoft ships its next-generation Longhorn server software, said Mike Schutz, a product manager with Microsoft’s infrastructure marketing group.

“The last piece of the puzzle will be when Longhorn server ships in the second half of 2007,” he said.

Simultaneous with the Longhorn release, Cisco will update its Secure Access Control Server to support NAP.

The two companies hope that Wednesday’s demonstration and road map update will give customers one less reason to hold off on NAC and NAP deployments. Though network access control is a hot topic in the security space right now, customers have been holding off on deployments as the vendors sort out interoperability issues, analysts said.

For customers, Microsoft and Cisco’s interoperable products cannot come soon enough, said Forrester’s Whiteley. Customers are “not asking for whiz-bang features,” he said. “They’re just asking for them to get it done.”

-Robert McMillan, IDG News Service (San Francisco Bureau)

Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.