|
|
May 21, 2007
Microsoft Advances Commitment to Secure and Seamless Networks
at Interop
LAS VEGAS, Nev., May 21, 2007 – This
week at the Interop 2007 trade show, Microsoft announced
that the company’s Network Access Protection (NAP) technology will
be interoperable with the Trusted Computing Group’s (TCG) Trusted
Network Connect (TNC) Network Access Control standard, which includes
the NAC standards for Juniper Networks. This announcement represents
a significant breakthrough for companies with diverse infrastructures and
user needs. With this level of interoperability, companies can
deliver access to users at anytime from anywhere, save
money and simplify and improve network security management. Microsoft
also announced the upcoming public beta of Intelligent Application
Gateway (IAG) 2007 SP1, which contains some key enhancements
to Microsoft’s SSL VPN solution.
Henry Sanders, General Manager, Core
Networking and Collaboration Group, Windows Networking.
Click image for
high res version
For some perspective, we turned
to a longtime networking expert at Microsoft, Henry Sanders,
a Microsoft Distinguished Engineer and the general manager of
the Core Networking and Collaboration group in Windows Networking.
PressPass:
What do customers want in regards to network security?
Henry Sanders: IT departments have users who seek a
consistent connected experience, regardless of their location, the device
they use, or the networks they traverse. At the
same time, IT organizations need to deliver this seamless-access
experience without compromising security or increasing complexity. In simple
terms: it just works, works securely, and at a
lower cost. Microsoft, driven both by these customer requirements
as well as the needs of its own IT
organization, is investing in solutions to deliver upon this
vision of secure and seamless networking. One of the
key components of that vision is NAP. Another is
our SSL VPN product, the Intelligent Application Gateway (IAG)
2007.
PressPass: What is “NAP” and “NAC,” what do these
terms mean, and why are they important to IT?
Sanders: “Network Access Control” is a generic term that
refers to a client/server method of ensuring proper health
“posture” or “state” of endpoints before they can connect
to a computer network. NAC systems usually include a
policy server that checks the health state of a
client attempting to connect to a network for things
like up-to-date antivirus signatures or operating system patches. The
NAC system can then limit access and/or remediate a
device that does not meet minimum health requirements. .
Microsoft understands the importance of protecting networks from computers
that do not meet corporate security policy, regardless whether
the devices connect via a remote access gateway or
locally via a wired or wireless LAN. This level
of infrastructure protection will become a fundamental requirement for
all IT organizations, and, in order to help our
customers, Microsoft has developed an NAC solution called Network
Access Protection (NAP).
Enhancements for Intelligent Application Gateway 2007
May
21, 2007 – Microsoft today announced the technical beta
of Server Pack 1 for Intelligent Application Gateway (IAG)
2007. The IAG 2007 SP1 contains a number of
enhancements designed to help businesses deploy more secure and
stable solutions for remote access to applications and data,
including support for the Windows Vista operating system, support
for Exchange Server push e-mail to Windows Mobile 5.0
devices, enhanced integration with Active Directory Federation Services (ADFS),
and significant performance enhancements. IAG 2007 with SP1 will
also fully support Microsoft Forefront Client Security on both
Windows XP and Windows Vista clients.
Along with the new
integrated solution, Microsoft also announced five new original equipment
manufacturing (OEM) partnerships with appliance manufacturing and distribution companies
–Pyramid Computer Gmbh, nAppliance Networks, SurfControl, Mendax Microsystems and
Baosight – joining existing partnerships with Celestix and Network
Engines.
Microsoft’s NAP is a policy-enforcement platform built
into Microsoft Windows Vista, Windows Server 2008 and Windows
XP (update now in beta testing). NAP enables customers
to better protect network assets by enforcing compliance with
system health requirements. With NAP, customers can create customized
health policies to validate computer health before allowing access
or communication, automatically update clients to ensure ongoing compliance,
and, optionally, confine noncompliant computers to a restricted network
until they become compliant.
PressPass: Tell us more about
this announcement, and what it means for network administrators?
Sanders:
To put this into perspective, there are three primary
NAC architectures. Microsoft’s NAP, the Trusted Computing Group’s Trusted
Network Connect (TNC), and Cisco’s Network Admission Control, or
C-NAC. In September, Microsoft announced an interoperability agreement with
Cisco’s NAC solution. This week at the Interop trade
show, Microsoft announced that NAP would now be interoperable
with the Trusted Computing Group’s TNC. The TNC agreement
makes NAP’s Statement of Health (SoH) protocol, included in
Windows Vista, the standard client-server communication protocol within TNC.
We are very excited because, with this announcement, Microsoft’s
NAP is now interoperable with the two other primary
NAC architecture solutions, TNC and Cisco’s NAC.
The SoH protocol
now allows “client standardization,” as organizations can now standardize
on the (SoH) client protocol, regardless of their NAC
infrastructure. The SoH client is available in Windows Vista,
will be available in the next service pack of
Windows XP, and through NAP partners for non-Microsoft operating
systems. One of our NAP partners, Avenda Systems, is
releasing a NAP client for the Linux operating system
at Interop. The broad level of interoperability removes a
major adoption barrier by providing investment protection, because organizations
can deploy NAP into their existing infrastructure without having
to rip and replace their existing investments. The two
key components of NAP, Windows Vista and Beta 3
of Windows Server 2008 are available now for companies
to deploy and test.
PressPass: How does NAP fit
into Microsoft’s networking vision?
Sanders: NAP’s integration as an industry
standard is also an important milestone in advancing the
vision of secure and easy “anywhere access” announced by
Bill Gates at the RSA trade show in February
2007, as well as Microsoft’s ongoing “Interoperability by Design”
initiative.
“Anywhere Access” is Microsoft’s call to action to
design systems and processes that give people and organizations
a high degree of confidence that the technology they
use will protect their identity, their privacy, and their
information. People increasingly want anywhere access that is easy
to use and manage, with seamless, connected experiences that
extend across networks and devices, so they can access,
share, and use corporate and personal information without fear
that it will be compromised, stolen, or exploited. NAP
helps advance this vision by helping keep malware off
networks, helping keep computers connecting to networks more healthy,
and facilitating connections between networks.
“Interoperability by Design” is
Microsoft’s approach to interoperability, where Microsoft strives to bring
technologies to market in a way that balances competitive
innovation with an ability to connect unique systems and
applications. As a result, technologies such as XML and
web services, among many others, have evolved as industry
standards, and the NAP SoH is now emerging as
Microsoft’s latest contribution to industry standards.
PressPass: Can
you tell us about the Intelligent Application Gateway product?
Sanders:
The Intelligent Application Gateway (IAG) 2007 features Application Optimizers,
SSL VPN, a Web application firewall, and endpoint security
management that enables access control, authorization and content inspection
for a wide variety of line-of-business applications. Together, these
technologies provide mobile and remote workers with easy and
flexible security-enhanced access from a broad range of devices
and locations including kiosks, PCs and mobile devices. IAG
also enables IT administrators to enforce compliance with application
and information usage guidelines through a customized remote access
policy based on device, user, application or other business
criteria.
PressPass: What’s new in this release of
IAG?
Sanders: The SP1 of IAG 2007 offers support
for Windows Vista, which will extend to Windows Vista
clients the IAG 2007’s superb endpoint compliance tools, including,
Download Manager, which helps enforce document and browser download
policies based on user identity, location and end-point profile
to avoid misuse of corporate data, and Attachment Wiper,
the IAG 2007 cache cleaner which helps ensure that
sensitive data is wiped from mobile clients when users
close their sessions.
IAG 2007 improvements to enterprise integration
include remote access support for Active Directory Federation Services
(ADFS), which enables organizations to securely share a user's
identity information across organizational boundaries. Other improvements include performance
increases of up to 100% in certain HTTP deployment
scenarios, and support for Kerberos Constrained Delegation (KCD), which
simplifies authentication based on a broader set of client
credentials.
All news and press releases
Top
Feminized to Extinction
Bayer MaterialScience raises prices for TPU resins
Boeing Awarded $30 Million U.S. Air Force Contract to Upgrade B-52s
Final Assembly Begins on First Boeing 787 Dreamliner
Boeing Business Jets Sales Momentum Continues with Seven New Orders
Boeing 787s to Join Royal Jordanian Fleet
A380 embarks on series of demonstration tours
Petters Group Worldwide orders five Airbus A318 Elites
Energizer(R) and Grammy-Winning Rap Artist Chamillionaire Reward Fresh Hip Hop Talent
BP Makes Fourteenth Oil Discovery in the Ultra-Deep Water Block 31 Angola
|
|
|
