strongSwan Open Source Project
strongSwan open source project has been provided courtesy of HSR University of Applied Sciences Rapperswil and its ITA Institute for Internet Technologies and Applications.
The strongSwan VPN software fully supports Network Endpoint Assessment (NEA) and is able to collect evidence from the Integrity Measurement Architecture (IMA) on a Linux client and to transfer measurement data on more than 1000 system files via the Trusted Network Connect (TNC) protocols PA-TNC, PB-TNC, and PT-EAP over IKEv2 EAP-TTLS to a strongSwan TNC server. A quote signature by the Trusted Platform Module (TPM) on the TNC client establishes the trustworthiness of the IMA measurements. The overall decision process of either giving a client full network access or to relegate it to an isolation network takes less than 20 seconds.
strongSwan’s open source project can be viewed here.
Dr. Andreas Steffen has published a paper titled “The Linux Integrity Measurement Architecture and TPM-Based Network Endpoint Assessment” and is available here.