Cisco has performed an abrupt U-turn and will not now be releasing ts NAC client software code to the open source community. Earlier this month, Bob Gleichauf, CTO of the company's Security Technology Group, said that Cisco planned to open-source its Cisco Trust Agent; Cisco is now retracting this statement.
What a difference a few weeks make. "CTA will be something that's open source," Gleichauf said earlier this month . "We don't want to be in the CTA business, so we're going to just open it up."
And now. "Cisco is not open-sourcing CTA," said a Cisco spokesperson. "Cisco is taking a different approach to being open via standards" regarding NAC.
This 'different approach' means no more than the company participating in some NAC standards efforts, such as the Network Endpoint Assessment (NEA) Working group, which is part of the IETF, and is working on an industry-wide protocol to standardise NAC.. "The corporate direction is to take that avenue towards that kind of openness" with NAC, the Cisco spokesman said. "But Cisco has decided not to open-source CTA. And there are no discussions to do that."
The CTA client is already distributed free to Cisco customers implementing Cisco's NAC technology, which allows LAN switches and other network gear to block unsafe client machines from a corporate network. CTA is an agent which collects security data about an endpoint and communicates the endpoint's status to the authentication layer of a NAC infrastructure - such as authentication, authorization and accounting servers. In Cisco's model, if the CTA reports security data on an endpoint that does not meet a certain level, authentication servers and network gear work in concert to block port access to the endpoint.
Cisco has also worked to make its NAC technology interoperable with Microsoft's Network Access Protection (NAP) technology. The two companies last year said Microsoft's NAP client would work with Cisco's NAC infrastructure.
However, Cisco is not playing with all NAC standardisation and interoperability efforts. The company is still a hold-out from the 70-member Trusted Computing Group's Trusted Network Connect (TNC) - which counts Juniper, Extreme Networks, HP ProCurve, and Nortel as members. The TCG is a vendor-neutral alliance which is working on ways to standardise how network hardware and security products communicate in a NAC deployment.
Original story by Network World