TCG’s Trusted Network Connect, or TNC, is constantly evolving. Our scope addresses more solutions and more technologies than it did when we began our work a decade ago – and yet our goals are, fundamentally, the same objectives that we’ve had all along. We feel that our name needs to reflect both aspects of this state of affairs! So we’re both changing our name and keeping it the same.
When TNC was formed, we had one primary focus area – network access control (NAC). Our name – Trusted Network Connect – reflected that focus. We were working on one basic problem: a standard way to add endpoint integrity (posture) information to an access control decision, starting when an endpoint requests admission to a network and continuing for the duration of its connection. That work is largely complete today, with a full suite of TNC interfaces (forming the basis for IETF NEA RFCs) in real-world use for several years.
Our focus on network access control led organically into security automation. We wanted to add a behavioral input to the NAC decision; to do so, we needed a way to incorporate behavioral information from components (such as scanners, profilers, detectors) not involved in the initial client/server access negotiation.
So we created specifications to enable network security automation for NAC – and then we realized that instead of a hammer, we’d built a Swiss Army Knife! In addition to network security, this orchestration is now used in additional applications such as industrial control system (ICS) security, infrastructure coordination, etc. Our work continues in extending and adapting our standards for these new environments.
Our next evolution came when we recognized that endpoint posture information isn’t only useful as an input to access control decisions – it’s an essential component of compliance, an overlapping but independent matter. Software asset management, threat defense, and security management all rely on accurate compliance information. Our current work focuses on standards to collect and store identity and posture information for each endpoint, enabling awareness of the health of the entire enterprise, as well as analysis of enterprise state both past and present.
Our new name – Trusted Network Communications – reflects both our current status and our future direction. We started out by enabling an administrator to establish trustworthiness of endpoints connecting to the enterprise networks that existed at the time. But we’re not the only ones evolving – the network security scene is transforming, with mobility, cloud, and Internet of Things (IoT) being the primary drivers of new challenges and requirements. As these environments expand, TNC continues to enable administrators to extend the establishment of endpoint trust into these current and emerging security scenarios.
Trusted Network Communications is about establishing end-to-end trust as endpoints communicate with each other and with the networks in which they reside. TNC continues to work towards our goals of enabling security and interoperability in the expanding network landscapes of today and developing challenges of tomorrow.
Watch for news about updated and new specifications, and new applications of our existing specifications. More information is available on the TCG website, including solutions enabled by TNC and resources for implementing and deploying TNC-enabled technology.
Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.
Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.
Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.