X

Microsoft spearheads latest security partnership

Software, security, and networking vendors are banding together to provide more comprehensive network protection.

Marguerite Reardon Former senior reporter
Marguerite Reardon started as a CNET News reporter in 2004, covering cellphone services, broadband, citywide Wi-Fi, the Net neutrality debate and the consolidation of the phone companies.
Marguerite Reardon
3 min read
A wave of new security initiatives is rising as software makers and equipment suppliers realize that they must work together to keep networks more secure.

Networking vendors Cisco Systems and Enterasys Networks have already announced partnership programs with security vendors, and now software giant Microsoft has gotten into the game with its own partnership program, intended to eventually link security policies from security devices, management software and networking equipment.

Microsoft's initiative is the most comprehensive of these partnership programs to date. On Tuesday, the company announced partnerships with 25 systems integrators and security, management and networking companies. Using a new technology it calls Network Access Protection, which will be added in the R2 update of Windows Server in late 2005, security policies can be set on the Microsoft remote access servers and linked to policies throughout the network, the company said.

"Our customers are telling us that they need to be more proactive in their security strategy," said Steve Anderson, director of marketing for Microsoft Windows servers. "Patching and updating isn?t enough to keep them protected. They need more comprehensive ways to set and enforce policies."

As part of the initiative, Microsoft plans to develop application programming interfaces, or APIs, that will allow its partners to develop specific applications so that their devices and software can be linked directly to the Microsoft remote access servers, providing corporate IT managers with more centralized control of security policies

By tying the policy engines together, policies can be set and enforced across the network at multiple levels. IP routers and Ethernet switches from such companies as Juniper Networks and Extreme Networks could communicate with antivirus software from Symantec, which is sitting on the client, to find out if that client is up to date on its antivirus scans. A policy could be set to deny network access to users who have not updated their antivirus software.

Microsoft said it will work with its partners to develop a standard way to link these policies, but it is unclear yet which standards body will oversee the work.

Other companies have already started down the partnership path to ensure security policies are more tightly linked. Cisco has developed Network Admission Control (NAC), a collaboration program between Cisco and antivirus companies. Through this program, Cisco has developed technology with three antivirus specialists--McAfee, Symantec and Trend Micro--that will let Cisco's networking products communicate with antivirus software. The company rolled out its first products with embedded NAC technology last month.

In January, Enterasys announced its Secure Networks initiative, which like Cisco's program, relies on partnerships with antivirus and other security specialists to secure access to the network.

"Cisco's NAC is a start, but it is proprietary," said Rod Murchison, senior director of product management for Juniper, which is one of the first 25 partners in Microsoft's NAP partnership program. "The industry needs solutions that are more open and based on standards. To get to the next level of integrated endpoint security, more partnerships are needed."

Microsoft, which virtually owns the server operating system and desktop market, provides a good platform for integration with a wider group of vendors. So far, vendors involved in these other partnerships seem to agree. Enterasys has signed up as a Microsoft partner, and Trend Micro Systems and Symantec, which are both involved in Cisco's NAC initiative, are also Microsoft NAP partners. Cisco is not yet a Microsoft NAP partner, even though most of its switching and routing competitors, such as Juniper, Extreme, Foundry Networks, and ProCurve Networking are all partners. But Anderson said that Cisco will likely be added as a partner soon.

"Cisco is an important partner of Microsoft's," he said. "And we are in deep discussions with them about this specific partnership."