This is cache of http://www.stillsecureafteralltheseyears.com/ashimmy/2008/03/if-it-quacks-li.html. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
If it quacks like a duck, walks like a duck, it must be NAP
2008-03-27 03:04:22 by ashimmy in StillSecure, After All These Years
 

ducklingI had an interesting meeting with Microsoft on NAP the other day.  While, I think you would have to pretty delusional to not realize that eventually NAP will dominate pre-connect health checks of devices, I was surprised at the "Microsoft-ease" they still speak about around NAP. First of all they insist that NAP is not a product or even in deference to my friend Hoff, a feature. Instead NAP is a platform. Implying that other products will run on top of it. Next they again reiterated what we have heard before, that NAP is not a security tool, but just a real estate play.  Enabling devices to be up to spec.

My take on this is I don't know if the Microsoft folks are being disingenuous regarding these two points or just are they that naive?  My gut tells me that Microsoft is usually not naive.Yes, third party vendors can show that they can add more tests than NAP will have. Yes, you can use SHVs and SHAs, but how much are people really going to value them?  You can take the information it generates and do some reporting around it. But lets be clear the NAP "platform" is most certainly going to be used as a product. 

It will be used as a product, it will be a security product at that.  Configuration management could be said to be borderline security by some.  But when you add the ability to deny access to those not up to snuff on configuration, I think you have clearly crossed the line into security.  I think Microsoft would come of better saying that NAP is not meant to keep out the determined hacker, but saying it is not a security tool just doesn't ring well.

So what is the rest of the NAC vendor world to do?  Should we all pack up and follow Vernier and Lockdown to the next cool thing?  No, not at all.  I think there are exciting opportunities at hand with NAP. Yes it is a security product, but it also is an enabler for more NAC features. The successful NAC vendor has to figure out what those are and capitalize on them.  Also NAP is all about health checks.  Post-connect, identity based NAC and other NAC  features can be used here to enhance the health checks.  Overall NAP will drive the NAC market to move beyond just health checks and that will be a good thing for the NAC market and customers.  But guys lets be real, it is a security product!

 
Tags: nap, security, borderline security, security tool, security product, product, pre-connect health checks, health checks, microsoft folks
 
 
 
 
 
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia