On CHOW: Groundbreaking hangover cure
BNET Business Network:
BNET
TechRepublic
ZDNet

August 3rd, 2006

John Cougar Mellencamp on NAC

Posted by Eric Norlin @ 6:28 am

Categories: General

Tags:

Much is being made of a presentation at Black Hat by Ofir Arkin of Insightix. In that session, Arkin "raised questions" about the ability of Network Access Control technologies to do what they say they can do. Without the benefit of having actually seen the presentation, my sense of it is that the paradigm of NAC itself was questioned. And rightly so, because one version of that paradigm may be broken.

Defending the Network

Nearly all of the language around IT security (especially Network security) still lives in the middle ages; in the days of castles and moats and walls (made of fire, inevitably) and defense. Network security is a constant battle, a daily walk of siege mentality. One problem: the business guys keep demanding that the walls have holes in them. This problem led Jim Allchin of Microsoft to use the more than awkward phrase, "semi-permeable firewall" back in 2002.

Semi-permeable?

Network access control (especially as it exists in the Cisco and Microsoft product sets) is still wrestling with this metaphor of a "semi-permeable" firewall. They’re trying to come to terms with the idea that *context* is really the key to network health and security. Context, in turn, demands understanding the role that any given individual or device is playing in the network. And understanding roles leads one *firmly* into the land of identity. The real issue with NAC is the missing steps of context and role.

Vendors that *are* working on the context and role problem (vendors like Identity Engines, Trusted Network Technologies, ConSentry and Forescout) are beginning to find a marketplace awakening to a post-medieval paradigm. Lessened in importance are the castle walls, moats and forces of defense, while knowing who someone is, what they want to do and whether or not they have the right to do it is being elevated. Innovative NAC vendors are now beginning to tip-toe into a new paradigm that operates on that old John Cougar Mellencamp ditty - "When the Walls Come Tumbling Down."

Postscript: I debated going with the Pink Floyd, "Another Brick in the Wall" ending, but thought Mellencamp more appropriate. I’d be interested in hearing your thoughts.

  • Talkback
  • Most Recent of 3 Talkback(s)
Standards will be hard to establish
Being in this space, I can tell you that developing standards will be extremely difficult since many of the vendors have patents on exactly HOW the technology works for their solution.

I think ... (Read the rest)
Posted by: identitystuff Posted on: 08/10/06 You are currently: a Guest | | Terms of Use
I notice  ordaj@... | 08/03/06
Standards will be hard to establish  identitystuff | 08/10/06
Not sure what opinion you were seeking  Xwindowsjunkie | 08/05/06

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

Top Rated

    Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
    advertisement
    Click Here

    Archives

    ZDNet Blogs

    White Papers, Webcasts, and Downloads

    Enterprise Applications

    • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
    • New Online Dashboard
    • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline