The amount of metadata generated by all the devices on the network is exploding. Security automation has become a big category and way to coordinate all this data so networks become smarter, even self-healing, while protecting critical data, systems and the network itself. Trusted Computing Group created its IF-MAP (Metadata Access Protocol) to enable this coordination.

IF-MAP is a standard client/server protocol for accessing a Metadata Access Point (MAP). The MAP server has a database for storing information about network security events and objects (users, devices, etc.); it acts as a central clearinghouse for information that infrastructure devices can act on. The IF-MAP protocol defines a powerful publish/subscribe/search mechanism and an extensible set of identifiers and data types. MAP clients can publish metadata and/or consume metadata published by other clients.

A number of companies now have developed MAP servers based on the TCG specifications. Uses for these servers include:

• Network infrastructure systems (routers, switches and the like)
• Network security systems, such as firewalls, intrusion detection/prevention, endpoint scanning and event management systems (SEIM)
• RADIUS and Active Directory authentication
• Asset management, ERP, CRM, HR and similar applications

This week, three organizations announced they’ve passed rigorous testing via TCG’s certification program to certify their IF-MAP servers. Infoblox certified its Orchestration Server (IBOS). Trust@FHH, part of FH-Hannover, certified its irond and omapd, another open source project, certified its IF-MAP server.