RealTime IT News

A Bid For Open NAC From Juniper

Juniper Networks believes that open standards are the key to network access control (NAC) adoption.

To that end, the networking giant today is officially rolling out its Unified Access Control (UAC) 2.0 solution which was first previewed in September at Interop NYC.

UAC 2.0 builds on Juniper's UAC 1.x offering, which includes Juniper Infranet controllers, UAC 2.0 adds on that were released last October and are part of Juniper UAC 1.2 offering.

The release also includes new 802.1x technologies that Juniper gained with its acquisition of Funk Software. For example, the Odyssey Access Client (OAC) which is an 802.1x supplicant and Steel-Belted Radius (SBR) which provide authentication functionality, are built in to this release.

The new UAC 2.0 solution also provides integration with NAC standards from the Trusted Computing Group's Trusted Network Connect (TNC) specification as well as the IETF 802.1x port based authentication standard.

The TNC support provides a wider berth of interoperability between Juniper's solution and those from other TNC compliant vendors. The TNC specifications are an industry effort to create interoperability between access control solutions from various vendors.

Stephen Philip, director of product marketing for Juniper Networks explained that some of the functionally that Juniper had with UAC 1 is similar to what UAC 2 with TNC will offer particularly on the endpoint compliance piece.

"What we were using in earlier versions was something we called Juniper End Point Defense Initiative (J.E.D.I), where we worked with a whole bunch of partners and we developed an API  that allowed communication between endpoints and our agents," Philip said. "With 2.0, we've moved from having that API to now having a standard interface using the TNC specification."

By supporting TNC, UAC 2.0 is able to support more solutions from different vendors than Juniper's previous solution.

With the 802.1x support in UAC 2.0, Juniper is taking advantage of a growing industry trend toward 802.1x deployment. When Juniper acquiredFunk Software, for example, it not only acquired its technology assets but also its installed base. Philip noted that Juniper has somewhere in the order of 900,000 to 1 million Funk end point clients under maintenance.

Demand for 802.1x continues to grow. In the last quarter alone, Juniper added one customer that bought 140,000, 802.1x Funk Odyssey Access Client 802.1x supplicants.

Philip argued that though the UAC 2.0 solution may be new, the technology behind it is very mature. The 802.1x piece from Funk is widely deployed and the policy engine has its roots in Juniper's SSL-VPN technology.

"The reality is we're not really doing it (access control) for the first time," Philip said.