[February 05, 2007] Trusted Computing Group Adds Support for Java and VoIP Endpoints to Trusted Network Connect (TNC) Open Specification for Network Access Control Tweet SAN FRANCISCO --(Business Wire)-- The Trusted Computing Group (TCG), whose open specifications for computing security are implemented on virtually every new enterprise PC, in many vendors' networking equipment and in servers, today announced enhancements to its Trusted Network Connect (TNC) non-proprietary specifications for network access control. A number of companies will show trusted computing in action at RSA 2007 Booth #2643. TNC Updates for Network Access Control TCG's TNC architecture provides a common framework for the collection and exchange of endpoint integrity data in heterogeneous networking environments. It is based on the concepts of integrity, or the state of the client's "health," and identity, in which systems are authenticated for authorized users only. For example, clients trying to connect to a network are measured and evaluated against a set of policies and pre-determined platform configurations established by their organization's IT department. Clients not meeting pre-determined policies, such as those for patch levels, anti-virus software or operating system configuration, can be quarantined for remediation. Four TNC specifications have been updated to add capabilities and to incorporate features suggested by implementers and users. The updates include: -- New support for the Java Platform in IF-IMC and IF-IMV (the Integrity Measurement Collector and Integrity Measurement Verifier interfaces, TNC-standard APIs for integrating plug-in components on the client and server). With this new feature, IF-IMC and IF-IMV are the only standard specifications for implementing network access control using Java. TNC client software can now be deployed more easily to guest machines, because Java-based software can be easily and dynamically downloaded over the network. Adding Java support also extends TNC support to a wider variety of systems, such as any system that supports Java 2 Standard Edition version 1.4.2 or later. -- The addition of a standard way for an IMV to give a human-readable, localized reason string explaining its recommendation. This enables detailed diagnostic messages to be presented in the user's native language. Adding this feature required changes to IF-IMV (the Integrity Measurement Verifier interface, the server plug-in API) and IF-TNCCS (the TNC Client-Server interface, the client-server protocol) but these changes are backward-compatible so old and new components can work together. -- Support for VLAN-aware endpoints in the TNC's IF-PEP protocol. IF-PEP (the Policy Enforcement Point interface) is the TNC protocol used to communicate access restrictions to Policy Enforcement Points. TNC supports a wide variety of enforcement technologies including stateful and stateless firewall filters, remote access gateways, and dynamic VLAN assignment. With this new feature, endpoints can be checked and cleared for simultaneous access to multiple VLANs, allowing sensitive applications such as telephony (VOIP) and video on demand to receive the full security protection provided by TNC. At RSA During RSA 2007 at Moscone Center, San Francisco, attendees can learn more about trusted computing at the following events: -- Mon., Feb. 5, 12:00 - 4:00 p.m., in the Esplanade Gold 301 room, attendees can get hands-on at "Trusted Computing in Action: A Workshop to Secure the Enterprise." -- Tues., Feb. 6, 6:00 - 7:30 p.m., security and computing experts will host an "Ask the Expert" session at LJ's Martini Bar, located at the Metreon across from Moscone Center, for RSA attendees. -- In Booth #2643, TCG demonstrations include protection against network intrusion, ability to quarantine and remediate clients, and endpoint integrity authentication, all based on the TNC architecture for network access control. Other demonstrations include single sign-on, password protection, and key management and file and disk encryption using the TPM in PC clients and protection of data at rest. About TCG TCG is an industry standards body formed to develop, define, and promote open standards for trusted computing and security technologies, including hardware building blocks and software interfaces, across multiple platforms, peripherals, and devices. TCG specifications are designed to enable more secure computing environments without compromising functional integrity with the primary goal of helping users to protect their information assets from compromise due to external software attack and physical theft. More information and the organization's specifications are available at www.trustedcomputinggroup.org. Brands and trademarks are the properties of their respective owners. [ Back To TMCnet.com's Homepage ]