Two years after pledging to work together on a joint network access control architecture, Microsoft and Cisco Systems last week delivered on their promise, unveiling a roadmap for an interoperable NAC solution.
But the roadmap is a long one, and although it does weave together elements of each company's NAC offering, giving customers some flexibility, it does not offer much hope for enterprises running non-Windows or non-Cisco environments.
The architecture itself is a hybrid, comprising elements of Microsoft's Network Access Protection (NAP) and Cisco's Network Admission Control (NAC) solutions. It relies heavily on the use of Cisco routers and switches, as would be expected, and will be incorporated into Microsoft's Longhorn Server, scheduled for release in the second half of 2007.
The system will be offered to a limited number of beta customers later this fall, but Cisco and Microsoft officials said customers should not anticipate a lot of bells and whistles when they deploy the joint solution.
"It won't be flashy, because it shouldn't be. The recurring them here is choice, giving customers a choice on which components to use," said Bob Gleichauf, CTO of the Security Technology Group at Cisco.
The choices are, in fact, limited to Cisco or Microsoft components. The companies plan to license some of the proprietary protocols they developed to third-party vendors, and Cisco's standalone NAC solution does provide support for non-Windows devices. Bit the joint architecture is designed to run best on Cisco networking gear and Windows systems.
Still, officials from the two companies acknowledged that many enterprises may opt for other NAC solutions.
"Some form of admission control will be standard on enterprise networks," said Mark Ashida, general manager of the Enterprise Networking Group at Microsoft.
Ashida and Gleichof also made it clear that the work their companies did on the NAC-NAP solution is not the end of their cooperation.
"This is a model Cisco and Microsoft can return to over and over," Gleichauf said.