What do you do when you’re locked in a battle for network access market share with
the world’s largest networking provider? If you’re Nortel, you team up with
one of the world’s largest software providers.
Nortel is strengthening its Microsoft integration by supporting Microsoft’s Network Access Protection (NAP) and its critical
Statement of Health (SOH) protocol. The move, Nortel said, is to help enterprises contend with one of the key
barriers of access control adoption, namely complexity.
Nortel’s Secure Network Access (SAN) technologies now fully support SOH, which helps determine the
security posture of an endpoint. With the full embrace of NAP, Nortel is
placing itself in the Microsoft camp as an alternative to Cisco’s Network Access Control (NAC).
“We’ve picked a path to move forward and that path is the Microsoft
paradigm,” John Gray, portfolio leader of business optimized networking for Nortel, told
InternetNews.com. “Customers have a choice they can make against
Cisco, and we can now sit at the table shoulder to shoulder with Microsoft to
help customers with that choice.”
Microsoft’s NAP access control architecture is part of the upcoming Windows
Server 2008 release and will support both Windows Vista and XP desktops as
Microsoft opened the SOH protocol in May to the Trusted Computing Group’s
Trusted Network Connect (TNC) access control architecture. Nortel’s SNA
access control solution is TNC-compliant and is expected to make use
of Microsoft’s protocol as an extension of Nortel’s existing TNC compliance.
When it comes to NAP, Microsoft is building a large ecosystem of vendors
that will support it as part of a bid to ensure its dominance. In February, Microsoft had already boasted that it had some 100
partners, with varying degrees of intent and support for NAP compatibility.
Nortel’s full embrace of Microsoft’s NAP will include support across a broad
range of Nortel equipment. This week Nortel announced a
number of new additions to its Ethernet Routing Switch Portfolio, including
updates to the 2500, 4500 and 5500 series of Ethernet Routing Switches that
will all support Nortel’s SNA access control.
Gray said the Microsoft NAP solution in Windows Server 2008 is a less
complex approach than going with a full Cisco NAC approach.
Where Nortel intends to add its own value on top of Microsoft’s NAP and the
SOH protocol is with full post-admission policy control. SOH is typically
used as a pre-network admission control check and is not used as part of a
Gray explained that Nortel’s SNA also provides post-connect security protection by fully integrating with Nortel’s line of
Intrusion Detection Systems (IDS) and firewalls.
“So if an IDS sensor detects from a post connect something anomalous, it can
enable an action to occur at the switch level, such as shutting off a port,”
For users who are connecting remotely to the enterprise, Nortel has just
updated its VPN Gateway to provide additional security protections.
Nortel’s VPN Gateway 7.0 is a blended IPsec (define) and SSL VPN
(define) solution that lets users connect either via an IPsec
client or through an SSL-encrypted interface. The solution now includes
integration with Symantec’s On Demand Protection tool for SSL VPN. The
Symantec tool ensures that nothing stays on the endpoint in terms of cache
or temporary files and that nothing can be pulled from the VPN session to
the local device.