The first stop on our guided tour of NAC standards is Trusted Network Connect (TNC). TNC is a complete set of standards for NAC, covering each step in the NAC process, from assessment to evaluation and enforcement. Like all good standards, TNC is completely vendor-neutral and open for anyone to implement.

What does this mean concretely? When you buy products that support the TNC standards, you can use a NAC server from one vendor with an enforcement device from another vendor. A NAC client from one vendor can be health checked by a NAC server from another vendor. And you can add assessment and evaluation components from other vendors, plugging those into the NAC client and NAC server.

Sure, that’s cool. But what are the specific customer benefits? First, you avoid vendor lock-in. Proprietary NAC architectures are designed to lock you into one vendor’s products. That way lies madness: single-vendor contracts, high prices, etc. Second, with the TNC standards you can reuse the technology you already have: switches, wireless access points, client security software, etc. There’s no better way to improve ROI than to reuse something you already bought! Finally, you get better security. Open standards go through a rigorous review process that has given us the strongest security available today: AES, TLS, IPsec, etc.

How did TNC come to be? It was developed by the Trusted Computing Group, a consortium of about 175 vendors and customers. The TNC standards were published in 2005 and 2006. Since that time, dozens of products that support the TNC standards have shipped. Hundreds of customers have deployed them. TNC adoption is accelerating, especially since Microsoft announced that TNC support is included in Windows Vista and will be included in Windows XP Service Pack 3. The TNC standards have become the de facto standard for NAC interoperability.

Want to learn more? Check out the presentations, podcasts, and specifications on the TNC web site.