Why the world needs openness, not interoperability.

Network security is a real problem. Even the most sophisticated IT shops suffer from a rash of network vulnerabilities, data breaches, and all sorts of attacks. Something must be done.

One possible solution seems simple enough: Keep infected devices from gaining network access in the first place. Good idea except that Cisco (NAC) and Microsoft (NAP) co-opted this industry effort with their own proprietary technologies to make this happen.

Recognizing that this could get ugly, the two companies are publicly making peace with a number of "hugs and kisses" announcements. Cisco and Microsoft will highlight interoperability between NAC and NAP with a rash of demonstrations, technical bulletins, and marketing dollars. Fear not enterprise companies, your technology guardian angels will cooperate and make your life more blissful.

I wish I had 10% of the money that Cisco and Microsoft will waste in this propaganda campaign! This is nothing but industry hot air for several reasons:

1. NAC remains a Cisco science project. My sources tell me that Cisco sales reps are leading with its NAC appliance (aka Perfigo) not a full-blown NAC architecture. Why? Because Cisco switches, ACS, etc. aren't quite NAC-ready yet so Cisco is leading with acquired technology. As for Microsoft, NAP is a Vista-Longhorn deliverable and who knows when this will arrive (author's note: Is it fair to say that Longhorn will arrive when the cows come home?).

2. In a world with expanding networks, wireless connectivity, and a potpourri of IP devices, NAC and NAP are all about Cisco gear and Windows. NAC/NAP interoperability seems quaint by comparison, kind of like the old CORBA vs. COM debate circa 1997. This isn't about enterprise IT anymore, its about secure connections to the network from any device to any service from anywhere in the world.

3. While Cisco and Microsoft crow about their marketing fluff, there are real standards out there that can solve interoperability problems. If Cisco and Microsoft would simply give up their proprietary agenda and embrace the Trusted Network Connect (TNC) from the Trusted Computing Group, there stuff would work together AND work with everyone else's stuff. In fairness, Microsoft has talked about TNC participation while Cisco says it doesn't work with industry consortiums on standards (a bit of a fib since Cisco participates in the Storage Networking Industry Association (SNIA) but that's another story).

4. A key piece of NAC and NAP is the IEEE 802.1x standard. One would think that an IEEE standard would level the playing field but that is no longer the case. It turns out that Cisco and Microsoft are two of the major commercial providers of the 802.1x client code (802.1x supplicant). This provides a perfect "open" smokescreen for a real proprietary agenda. Cisco and Microsoft can hide behind IEEE standards but they will "embrace and extend" the client code as it fits their business models.

This NAC/NAP lovefest would be laughable if it weren't such a kick-in-the-teeth to the rest of the industry, enterprise IT, and all Internet users. A Cisco/Microsoft oligopoly stalls implementation, stifles innovation, and makes the network less secure. In this way, Cisco and Microsoft are standing in the way of progress.

Attention San Jose and Redmond: It's 2006, not 1995. The world needs openness, not interoperability.