Microsoft and Trusted Computing Group Announce Interoperability
May 21, 2007
Trusted Computing Group’s Trusted Network Connect architecture to incorporate Network Access Protection’s primary client-server protocol.

LAS VEGAS — May 21, 2007 — Trusted Computing Group (TCG), which develops open standards for computing security, and Microsoft Corp., a TCG member and active participant, today announced at Interop Las Vegas 2007 that they will provide customers and partners interoperability of TCG’s Trusted Network Connect (TNC) architecture and Microsoft® Network Access Protection (NAP) for network access control (NAC). This interoperability means customers can use NAP products in TNC-protected networks and TNC products in NAP-protected networks. NAP partners can support TNC clients and servers, and TNC implementers can support NAP clients, servers and protocols.

The first step in the interoperability of NAP and TNC will be enabled by Microsoft’s contribution of its Statement of Health (SoH) protocol to the Trusted Computing Group. A new specification, the IF-TNCCS-SOH, is being released today as part of the TNC architecture. Vendors can begin implementing the IF-TNCCS-SOH specification immediately. Several demonstrations of the new specification will be shown on the Interop show floor this week in TCG’s booth #211 and in Microsoft’s booth #1548.

With this interoperability, customers of both Microsoft and TNC-enabled networks can realize significant benefits:

Interoperability and customer choice: Customers are now provided with a choice of architectural and product options. They will be able to choose components, infrastructure and technology as best serves their business needs while being assured of interoperability.

Simplification, clarity, and confidence: The interoperability of NAP and TNC provides helpful guidance for customers considering network access control architectures and products and offers assurance that a wide variety of products will work together.

Investment protection: The interoperability of TNC and NAP platforms enables customer reuse and investment protection of their TNC and/or NAP deployments. For example, customers can begin deploying products based on TNC specifications today and integrate NAP into the environment concurrent with their deployment of Windows Vista® and Windows Server® 2008.

Single agent included in Windows®: Computers running Windows Vista, Windows Server 2008, and future versions of Windows XP will include the NAP Agent component as part of the core operating system. The NAP Agent will be used for both NAP and TNC.

As products supporting the new IF-TNCCS-SOH specification become available in the coming months, customers will be able to start implementing portions of NAP-TNC interoperability. TNC servers that support the SoH protocol can interoperate with Windows Vista and other NAP clients without requiring any extra software to be downloaded or installed on the client. TNC clients that support the SoH protocol can participate in NAP-protected networks, authenticating and participating in health checks.

“The contribution of the Statement of Health, Microsoft’s primary client-server protocol, to the TNC architecture enables a wide variety of network access control implementations for customers and for vendors, ultimately helping provide significantly better protection of corporate information and assets,” said Steve Hanna, co-chair of the TCG TNC work group and distinguished engineer, Juniper Networks. “Agreeing on common security standards provides a solid foundation on which we can build a more secure computing future.”

“With this interoperability, Microsoft has reaffirmed its commitment to the Trusted Computing Group and to the development of industry standards that benefit all users,” said Henry Sanders, general manager, Windows Networking and a Distinguished Engineer. “TCG is providing both the IT community and the networking industry with the benefits of integration and interoperability.”

TCG and Microsoft have published a technical white paper that describes how Microsoft NAP and TCG TNC interoperate for security policy enforcement and health assessment. The white paper can be downloaded at https://www.trustedcomputinggroup.org/news/events/interop_2007. Leading networking and security companies expressed their support for the announcement:

“The inclusion of the statement of health capability in the TNC specification and resulting interoperability with the Microsoft NAP architecture allows organizations to deploy NAC solutions with confidence today — without worrying about which standard will win,” noted Paul Sangster, TCG TNC work group co-chair and distinguished engineer, Symantec. “As a leading security provider, Symantec welcomes the interoperability of these leading NAC architectures and will continue to support the TNC architecture.” 

“As a TNC contributor, TCG director and a Microsoft NAP partner, Wave Systems Corp. is very pleased to see the convergence of these capabilities that delivers an interoperable trustworthy solution,” said Brian Berger, executive vice president of marketing and sales at Wave Systems. “By providing a trusted endpoint and the use of the Trusted Platform Module for end-point integrity, these NAC solutions provide the enterprise assurance that the endpoint is authentic and trustworthy.”

“TCG continues to play a key role in creating and evangelizing open standards for trusted platform security, and the interoperability of Microsoft Network Access Protection with the TCG’s Trusted Network Connect architecture for network access control broadens the impact of industry standards in infrastructure security, while offering customers more choice on how they implement NAC,” said Mark Schiller, president of the TCG and director of HP’s Trusted Computing Strategy. “This interoperability will help accelerate the development of products and the deployment of network access control towards better security of systems, networks and mission-critical data.”

About TCG

TCG is an industry standards body formed to develop, define, and promote open standards for trusted computing and security technologies, including hardware building blocks and software interfaces, across multiple platforms, peripherals, and devices. TCG specifications are designed to enable more secure computing environments without compromising functional integrity with the primary goal of helping users to protect their information assets from compromise due to external software attack and physical theft.

More information and the organization’s specifications are available at www.trustedcomputinggroup.org.

About Microsoft

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

Microsoft, Windows Vista, Windows Server and Windows are trademarks of the Microsoft group of companies.

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Note to editors: If you are interested in viewing additional information on Microsoft, please visit the Microsoft Web page at http://www.microsoft.com/presspass on Microsoft’s corporate information pages. Web links, telephone numbers and titles were correct at time of publication, but may since have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/presspass/contactpr.mspx.

Industry Supports Trusted Network Connect (TNC), Network Access Protection (NAP) Interoperability

“We are committed to open standards and are pleased to be able to offer our Trusted Network Connect compliant solutions to customers using Microsoft Network Access Protection,” said Pierre Trudeau, chief technology officer at Colubris Networks. “This development enhances our ability to offer the optimal Wi-Fi infrastructure, as it seamlessly integrates with the security tools and policies of the enterprise LAN, while offering the highest levels of wireless performance, QoS and mobility.”

—Kathy Sucich - Davies Murphy Group

“As a TNC contributor and a Microsoft NAP partner, Infoblox is very excited about this development,” said Richard Kagan, vice president of marketing at Infoblox. “Assuring interoperability among products compatible with TNC and Microsoft NAP enables customers to make investments in network security with greater confidence.” 

—Jennifer Jasper

“Customers have made it clear that interoperability amongst the major network access control architectures and solutions is critical to helping them reduce overall cost of ownership and time to value,” said Karthik Krishnan, senior product line manager at Juniper Networks. “Today’s announcement from Microsoft and the Trusted Computing Group is a watershed event for our industry. Interoperability between Juniper Networks Unified Access Control (UAC) and Microsoft Network Access Protection (NAP) leveraging this new TNC specification will provide customers with greater choice, flexibility and investment protection for their network access control deployments.”

—Roger T. Fortier - Juniper Networks Public Relations

“Today’s announcement of the interoperability of Microsoft Network Access Protection and the Trusted Computing Group’s TNC architecture is great news for customers. This announcement provides customers the investment protection they require in network access control technology and gives customers a wider degree of openness and flexibility in meeting their network security requirements. Nortel, with our Secure Network Access Solution (http://www.nortel.com/snas4050), is working with NAP technology from Microsoft and
continues to be a contributing member of TNC to ensure our customers the best possible solution based on open industry standards,” said Steve Slattery, president, Enterprise Networks, Nortel.

Mary Pretotto - Media Relations, Nortel

“ProCurve Networking by HP is an active participant in TCG and a consistent contributor to the TNC architecture and standards. Today’s announcement delivers on the promise of interoperable, open standards network access control solutions. ProCurve is dedicated to solutions that are interoperable with both the TNC architecture and Microsoft NAP to increase productivity, fortify security, and reduce complexity for today’s networks,” said Kevin Porter, Access Control Solutions manager from ProCurve Networking by HP.

—Nancy Stebbins - GoldRush Communications

“Today’s announcement of the interoperability of the Microsoft Network Access Protection and Trusted Network Connect architectures gives customers with multi-vendor networks a wider variety of products and services to help them implement network access control,” said Tom Turner, vice president of marketing, Q1 Labs. “Q1 Labs will extend its ‘post-admission’ monitoring and policy feedback to include this important collaboration.”

—Christine Major - Perkett PR

“Today’s announcement heralds a new era for NAC adoption because users no longer have to agonize over which industry framework or standard is right for them. It is a victory for open standards, validating the importance of the major NAC vendors and frameworks working together to provide solutions for any organization with a heterogeneous environment,” said Alan Shimel, chief strategy officer at StillSecure. “Because of StillSecure Safe Access’ flexible architecture, both TNC and NAP are options for our customers. Administrators can implement Safe Access today knowing that it will be compatible with open standards even as the market continues to evolve.”

—Sonya Hausafus

“Trapeze Networks Smart Mobile™ products support interoperability between Trusted Network Connect and Microsoft’s NAP across our entire enterprise Wi-Fi product line. This helps give our enterprise customers the best protection and flexibility in securing their wireless deployments,” said Ahmet Tuncay, vice president of product management for Trapeze Networks.

—Ted Fornoles

Read More: