REALTIME IT NEWS
REALTIME IT NEWS
Newsletters Select newsletters below and click the button to sign up!
Internetnews BloggersRecent Entries
ArchivesMonthly ArchivesSearch The Blog
« Interop: SAP CTO backs open source for the cloud |
Sean Michael Kerner Blog
| Interop: Is Twitter making us less secure? »
Interop: NAC authentication is where we screw up From the 'truth hurts' files:LAS VEGAS. The promise of NAC has been around for years and users want to know when it will finally be ready. That's the message that audience members of a panel event on NAC (network access control) delivered to vendors including HP ProCurve, Cisco, Microsoft and Juniper Networks. The panel also includes a system consultant who frankly told the audience that to date the industry has left a gaping hole when it comes to figuring out how to do NAC authentication. "Authentication is where we screw up as an industry," Jennifer Jabbusch, CISO, Network Security Specialist, CAD, Inc said. "We haven't made it easy enough. We have 802.1x but it's hard then we have MAC auth but nothing in between."802.1x is a port based security mechanism while Mac is an identification mechanism for hardware. Mauricio Sanchez, Chief Security Architect, HP ProCurve Networking said that many organizations are simply not ready for 802.1x so they use MAC address authentication. Stephen Hanna from Juniper argued that MAC is not authentication it's identification, it is just the identifier the device presents, it's very easy to clone and it also doesn't tie thing in to user identity or provide accountability. Khaja Ahmed, Windows Networking Security at Microsoft agreed with Hanna but added that the practical reality is that MAC addresses are thought of as authentication mechanisms by many organizations. The panel also responded to a member of the audience that asked when would NAC finally be ready. Alok Agrawal, Manager Product Marketing at Cisco noted that they have customer with 30,000 plus end point under NAC. He added that Cisco is also working in IETF to help standardize NAC specification across vendors. "When will NAC be here?" Microsoft's Ahmed said."Don't think of this as a thing that isn't here then it is. You have NAC today companies are using it today, how much can be protected depends on you, the more complex your infrastructure the harder it is, but that's the nature of all IT complexity."Photo: Sean Michael Kerner (from left to right:Jennifer Jabbusch, Mauricio Sanchez, Alok Agrawal, Khaja Ahmed, Stephen Hanna) 0 TrackBacksListed below are links to blogs that reference this entry: Interop: NAC authentication is where we screw up. TrackBack URL for this entry: https://swarm.jupitermedia.com/mt-tb.cgi/8094 1 CommentsLeave a comment |
||
Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs 
|
Microsoft Partner Portal Video: Microsoft Gold Certified Partners Build Successful Practices IBM Webinar: Drive Business Results with New Intelligence |
MORE WEBCASTS, PODCASTS, AND VIDEOS |
|
Iron Speed Designer Application Generator |
MORE DOWNLOADS, EKITS, AND FREE TRIALS |
Digg
Del.icio.us
furl
StumbleUpon
BlinkList
Newsvine
Magnolia
Facebook
Tailrank
Slashdot
Technorati
Google
Bookmarks
Yahoo
Favorites
Windows
Live
Ask
Stop looking for Unicorns! Two comments here Michael. First of all NAC stands for network access control, not network authentication control. Since when did 802.1x become a NAC issue. Lets not put the cart before the horse. On the audience demands, it was one person who is on a hunt for Unicorns and other mythical beings, including perfect NAC. I have written more on my blog at http://www.stillsecureafteralltheseyears.com/ashimmy/2009/05/in-search-of-unicorns.html