Cisco, Microsoft partner on security, but products nowhere to be found

By Jim Rendon, News Writer 19 Oct 2004 | SearchNetworking.com

Digg This!     StumbleUpon     Del.icio.us

Cisco Systems Inc. and Microsoft have agreed to cooperate on end-point security, which will ultimately make some of their products interoperable, but analysts said the partnership may be more about posturing than product development.

Microsoft and Cisco said they will share application programming interfaces (APIs) that will enable Microsoft's client software and RADIUS server to communicate with Cisco's security-enabled networking gear. This will allow businesses to implement Cisco gear utilizing Cisco's Network Access Control (NAC) protocol in conjunction with Microsoft's operating system and/or RADIUS server.

Users would no longer have to deploy Cisco's Trust Agent client software on devices for possible security vulnerabilities. Businesses will also be able to use Microsoft's Radius server instead of Cisco's Secure Access Control Server, said Dave King, director of business development for Cisco's security technology group.

This, in all likelihood, is vaporware. Dan Golding, Senior analyst, Burton Group

"This is a way to give our customers choice and flexibility in how they implement network admission control," King said.

But this announcement is not tied to any product releases. The two companies have simply agreed to share APIs and work toward establishing standards that enable communications between the client, the authentication server and network devices.

The first interoperable products will arrive from Cisco in 2005, according to King. Steve Anderson, Microsoft's director of marketing for Windows Server, said it will take his company longer to get any products to market. Microsoft's Longhorn operating system, due out in 2007, will be interoperable with Cisco's NAC gear, he said.

"This, in all likelihood, is vaporware," said Dan Golding, a senior analyst with Midvale-Utah-based research firm, the Burton Group.

Without any specific product released tied to the announcement or even expected in the near term, Golding said businesses should take a skeptical view of the partnership.

"Microsoft and Cisco will cooperate until the moment they realize that competitive advantage lies in not cooperating," Golding said.

Microsoft and Cisco have had collaborative efforts fail in the past, Golding said. For example, the two tried to collaborate on a wireless LAN user authentication protocol, but in the end, both companies ended up pursuing their own approaches, he said.

But Anderson said the partnership is not driven by narrow interests but instead by customers' demand for interoperability. He said both companies would prefer to help create secure networks than derive revenue from their own specific security products.

And both companies plan to push toward an industry standard for end-point security, which will help grow the entire market for these products, Anderson added.

For more information Learn why security strategies have put Microsoft and Cisco at odds.   Read our exclusive: Cisco defends its NAC security strategy.

Cisco has a solid track record of innovating and then pushing for standards, Golding said. Microsoft, however, makes its living from developing its own code, and has therefore been less enthusiastic about opening up that code to competitors.

"When Microsoft does open standards, it ends up giving away what it is selling," Golding added. "It ends up giving away the store, and that is hard for a company to do."

Nonetheless, the fact that these companies have finally come to an agreement over security is encouraging, said Joel Conover, principal analyst with the Sterling, Va.-based research firm Current Analysis.

Unlike its summer partnership announcement with multiple network vendors, none of which included Cisco, Microsoft is now committed to sharing APIs so it can address security at the physical layer of the network, Conover said. That in itself is a significant step forward.

"It should help lower the level of heartburn for IT managers that have to deal with this issue," he said.

But it is unlikely to stop the heartburn completely. Product rollouts will be slow, Conover said, and even if the strategy comes to fruition, not everyone will benefit.

"This is likely to affect about 50% of the market," Conover said. "The other half of the market is no better off, but also no worse off."

Tags: Network Security Monitoring and Analysis,  Network Security Best Practices and Products,  Network Access Control,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Security Monitoring and Analysis Application-specific network intrusion detection systems emerge Anomaly-based intrusion protection configuration and installation How can I calculate perimeter firewall throughput? How do I find the application on my network that's dropping packets? Integrating NAC with network security tools Where can I find a sample security audit report? How can I run my own? The firewall remains the network traffic cop, but its role is changing Troubleshooting VLANs: How to monitor 802.1q tagged traffic Poor data-loss prevention practices almost cost Intel a billion How can I block my competitor's IP address range from my website? Network Security Best Practices and Products How do I change my security setting to allow ActiveX? What are two common devices that control outbound network access? 3Com acquisition confirms HP-Cisco battle for China Enterprises demand next-generation firewalls with IPS, app visibility Preventing hacker attacks with network behavior analysis IPS Is there a way to trace my stolen laptop computer? Integrating NAC with network security tools Should organizations separate technical from administrative security? What network equipment is needed to secure a small business LAN? Ethical hacking and countermeasures: Network penetration testing intro Network Access Control What are two common devices that control outbound network access? Using NAC for smartphone security on wireless LAN Network security risks multiply when enterprises begin outsourcing Dynamic policy ensures faster, safer network for school district NAC appliance vendors: Can you depend on them? NAC integration at the endpoint Extending NAC enforcement to network security devices Integrating NAC with network security tools Network access control market crushed by economy, but future is bright Joel Snyder discusses Network Access Control Day at Interop Las Vegas

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary deep packet inspection (DPI)  (SearchNetworking.com) FCAPS  (SearchNetworking.com) Nessus  (SearchNetworking.com) netstat  (SearchNetworking.com) port mirroring  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary