Cisco, Microsoft partner on security, but products nowhere to be found

By Jim Rendon, News Writer 19 Oct 2004 | SearchNetworking.com

Digg This!     StumbleUpon     Del.icio.us

Cisco Systems Inc. and Microsoft have agreed to cooperate on end-point security, which will ultimately make some of their products interoperable, but analysts said the partnership may be more about posturing than product development.

Microsoft and Cisco said they will share application programming interfaces (APIs) that will enable Microsoft's client software and RADIUS server to communicate with Cisco's security-enabled networking gear. This will allow businesses to implement Cisco gear utilizing Cisco's Network Access Control (NAC) protocol in conjunction with Microsoft's operating system and/or RADIUS server.

Users would no longer have to deploy Cisco's Trust Agent client software on devices for possible security vulnerabilities. Businesses will also be able to use Microsoft's Radius server instead of Cisco's Secure Access Control Server, said Dave King, director of business development for Cisco's security technology group.

This, in all likelihood, is vaporware. Dan Golding, Senior analyst, Burton Group

"This is a way to give our customers choice and flexibility in how they implement network admission control," King said.

But this announcement is not tied to any product releases. The two companies have simply agreed to share APIs and work toward establishing standards that enable communications between the client, the authentication server and network devices.

The first interoperable products will arrive from Cisco in 2005, according to King. Steve Anderson, Microsoft's director of marketing for Windows Server, said it will take his company longer to get any products to market. Microsoft's Longhorn operating system, due out in 2007, will be interoperable with Cisco's NAC gear, he said.

"This, in all likelihood, is vaporware," said Dan Golding, a senior analyst with Midvale-Utah-based research firm, the Burton Group.

Without any specific product released tied to the announcement or even expected in the near term, Golding said businesses should take a skeptical view of the partnership.

"Microsoft and Cisco will cooperate until the moment they realize that competitive advantage lies in not cooperating," Golding said.

Microsoft and Cisco have had collaborative efforts fail in the past, Golding said. For example, the two tried to collaborate on a wireless LAN user authentication protocol, but in the end, both companies ended up pursuing their own approaches, he said.

But Anderson said the partnership is not driven by narrow interests but instead by customers' demand for interoperability. He said both companies would prefer to help create secure networks than derive revenue from their own specific security products.

And both companies plan to push toward an industry standard for end-point security, which will help grow the entire market for these products, Anderson added.

For more information Learn why security strategies have put Microsoft and Cisco at odds.   Read our exclusive: Cisco defends its NAC security strategy.

Cisco has a solid track record of innovating and then pushing for standards, Golding said. Microsoft, however, makes its living from developing its own code, and has therefore been less enthusiastic about opening up that code to competitors.

"When Microsoft does open standards, it ends up giving away what it is selling," Golding added. "It ends up giving away the store, and that is hard for a company to do."

Nonetheless, the fact that these companies have finally come to an agreement over security is encouraging, said Joel Conover, principal analyst with the Sterling, Va.-based research firm Current Analysis.

Unlike its summer partnership announcement with multiple network vendors, none of which included Cisco, Microsoft is now committed to sharing APIs so it can address security at the physical layer of the network, Conover said. That in itself is a significant step forward.

"It should help lower the level of heartburn for IT managers that have to deal with this issue," he said.

But it is unlikely to stop the heartburn completely. Product rollouts will be slow, Conover said, and even if the strategy comes to fruition, not everyone will benefit.

"This is likely to affect about 50% of the market," Conover said. "The other half of the market is no better off, but also no worse off."

Tags: Network Security Monitoring and Analysis,  Network Security Best Practices and Products,  Network Access Control,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Security Monitoring and Analysis Where can I find a sample security audit report? How can I run my own? The firewall remains the network traffic cop, but its role is changing Troubleshooting VLANs: How to monitor 802.1q tagged traffic Poor data-loss prevention practices almost cost Intel a billion How can I block my competitor's IP address range from my website? Hospital gains network visibility by convincing vendors to collaborate What software monitors and locks users from accessing my router? Data leak prevention starts with trusting your users NagVis -- 'Nagios: System and Network Monitoring, Second Edition,' Chapter 18 What is a genetic algorithm and where can I learn more about them online? Network Security Best Practices and Products Ethical hacking and countermeasures: Network penetration testing intro Are you on a domain name system (DNS) blacklist database? Rogue access points: Preventing, detecting and handling best practices Network security threats solved by risk management: John Pironti explains How to evaluate and manage UTM for network security Profiling -- and protecting against -- network problem users: The Internet Novice How does a firewall work? Physical network security key to fighting low-tech threats Why are TCP/IP networks considered unsecured? Troubleshooting networks: Can vendor software self-install firewalls? Network Access Control Network access control market crushed by economy, but future is bright Joel Snyder discusses Network Access Control Day at Interop Las Vegas Maturing NAC market gets its first Gartner Magic Quadrant Poor data-loss prevention practices almost cost Intel a billion Network access control poised for a comeback by aiming small Dynamic network access control secures electronics manufacturer Shifting defenses and dynamic perimeters challenge network security Compliance in a virtualized world: Server virtualization and NAC security Securing the new network architecture: Security for distributed, dynamic networks What is data loss prevention? -- An introduction to DLP

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary deep packet inspection (DPI)  (SearchNetworking.com) FCAPS  (SearchNetworking.com) Nessus  (SearchNetworking.com) netstat  (SearchNetworking.com) port mirroring  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary