Today welcomes Vista to market, at least to the businesses that have early access to Vista. While Vista brings promises for better security – IPv6 kernel, whole disk encryption and more – it only marks the client phase for Microsoft Network Access Protection.
Network Access Protection (NAP) requires support for both client and server which means enterprises will have to write until the end of 2007 when Windows Longhorn Server is available to fully deploy NAP. Many companies need NAC now and can’t wait another year, as evidenced by a recent Infonetics Research study that suggests 60 percent of North American large enterprises will have NAC deployed by the end of 2008.
Mitchell Ashley, CTO at StillSecure comments: “Microsoft Vista ushers in a host of new changes in the Windows operating system. Much anticipated is Microsoft´s NAP (network access protection) agent technology, included with the upgrade to Vista. The Microsoft NAP agent acts to centralize the security posture reporting of any Microsoft Vista endpoint device. The NAP agent works within Microsoft´s overall NAP framework which takes information from the agent to quarantine or allow access to the network.”
“Microsoft is increasingly posturing NAC as a multi-vendor solution, not Microsoft only. Not only will the NAP agent coordinate security posture information from security tools on the desktop, but the NAC architecture can work with other vendor products to apply policies and quarantine devices. This is important because alone Vista´s NAP agent cannot be used to implement a complete network access control solution. Longhorn, not expected to be available until late 2007, supplies a policy server, a required component needed to implement Microsoft NAP.”
Third party products such as StillSecure´s Safe Access can supply the needed policy server functionality as well as apply quarantine enforcement through 802.1X, DHCP, VPN and wireless technologies. Safe Access supports NAP implementations both prior to the Longhorn release and after.