Trusted Computing Group

PORTLAND, MARCH 11, 2010 - Trusted Computing Group today announced that two specifications created by its Trusted Network Connect (TNC) work group have been accepted and published as specifications by the Internet Engineering Task Force (IETF). This means that developers and OEMs wanting to create network access control products now will have a single set of standards to support.
"Enterprise users are the real winners; the agreement on a single standard for network access control and endpoint assessment will provide consistency across products from leading networking vendors," said Russ Housley, chairman of the IETF.

Noted Steve Hanna, co-chairman of the TCG TNC work group and of the IETF working group on this topic, "This industry-wide agreement on standards will increase the number of vendors and customers adopting standards-based network security. In addition, products developed for the new standards can be deployed with the many existing products using TNC specifications to protect the network and critical assets from a myriad of threats."

The first standard (called PB-TNC by the IETF and IF-TNCCS 2.0 by the TCG) defines a standard way to perform a health check of a network "endpoint" such as a laptop computer or printer. If the endpoint is not healthy, it can be fixed or have its network access restricted. The second standard (called PA-TNC by the IETF and IF-M 1.0 by the TCG) defines a standard set of health checks that are commonly performed, such as checking anti-virus status. These newest standards are based on the TNC standards that customers have been using for years.

"With the IETF adoption of the TNC NAC specifications, network managers now have the assurance that the best minds from vendors, enterprises, and academia have come together behind a common set of protocols," commented Joel Snyder, senior partner, Opus One, an industry consulting firm.

Already, the new IETF and TCG specifications are being adopted by developers with the OpenSEA Alliance announcing its intention to add support for both protocols to the open source OpenSEA Xsupplicant.

"The OpenSEA Alliance intends to support the new IETF NEA and TCG TNC common protocols in our popular, open source supplicant software. We believe the convergence of NAC protocols should greatly improve interoperability of NAC solutions, so the OpenSEA supplicant hopes to pave the way toward rapid adoption of these important new protocols", said Paul Sangster, chairman of the OpenSEA Alliance and TNC work group co-chairman.

In coming months, IETF and TCG participants will agree on standard transport protocols for health checking. TCG has submitted proposals to the IETF, which will be considered for standardization. Once the transport standards have been approved (estimated for late 2010), the complete set of standard health checking protocols will be ready for full implementation.

Information and complete TNC specifications can be found on TCG's website, http://www.trustedcomputinggroup.org/developers/trusted_network_connect.

About TNC
Trusted Network Connect (TNC) is an open, non-proprietary architecture and set of specifications that enable the application and enforcement of security requirements for endpoints connecting to the corporate network. The specifications are available for download free of charge to any interested party. The TNC architecture helps IT organizations enforce corporate configuration requirements and to prevent and detect malware outbreaks, as well as the resulting security breaches and downtime in multi-vendor networks. Microsoft's adoption of the TNC standards in 2007 resulted in TNC support in systems operating on Windows XP SP 3, Windows Vista, Windows 7, and Windows Server 2003, and Windows Server 2008.

About TCG
Trusted Computing Group, an industry organization that enables computing security, has created a portfolio of specifications to enable more secure computing across the enterprise in PCs, servers, networking gear, applications, other software, storage and embedded devices. More information and the organization's specifications and work groups are available at the Trusted Computing Group's website, www.trustedcomputinggroup.org.

"Internet Engineering Task Force Publishes Network Access Control Standards Based on Trusted Computing Group Specifications" is also available for download.