For years, TCG and IETF have been working together to create a complete set of Network Access Control (NAC) standards recognized and approved by both groups. This week, we achieved that goal.
IETF has released RFC 7171 (PT-EAP) and TCG has released IF-T/EAP 2.0. These two documents are entirely equivalent and interchangeable. The only difference is the name. These documents complete the set of NAC standards, which IETF calls the NEA standards and TCG calls the TNC standards.
Why care?
In the past, NAC products have implemented a mish-mash of open standards and proprietary protocols. Interoperability was spotty. Now that the NAC standards are complete and recognized by both standards bodies (IETF and TCG), we should be able to move toward increased interoperability.
How can I get more interoperability?
TCG has created a TNC Certification Program that verifies compliance with the TCG NAC specifications and interoperability with other compliant products. Customers should ask their NAC vendors and endpoint vendors if their products have been certified through this program. If not, ask when they will be.
What’s next for NAC standards?
Now that we have a complete set of NAC standards, TCG is building on that solid base. We have defined specifications for several optional extensions. The PTS Protocol supports secure software integrity checks (e.g. verifying BIOS or OS integrity). SCAP Messages for IF-M handles configuration checks using the SCAP standards. And SWID Messages for IF-M does software inventory using the SWID standard.
What if I have questions?
If you have questions about the TNC/NEA standards, emailadmin@trustedcomputingroup.org.
Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.
Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.
Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.