Eric: I just viewed a video clip at inxpo.com in which you discuss the current state of NAC. I perked up when you brought up the TCG IF-MAP standard as one of the more promising means of deploying effective NAC solutions. Hirsch Identive is possibly the only physical security member of TCG, and we have implemented IF-MAP as part of our offering. We publish our events (persons swiping cards at doors, etc) to an IF-MAP server, making a person’s presence as a piece of IF-MAP metadata. Compliant systems and devices can then subscribe to those events. The first use case we have identified is NAC, and both Juniper Networks and Enterasys NAC solutions can subscribe to our events and add physical presence a policy in granting access to network resources. We see this as a real-world example of the long-awaited “convergence” of physical and network security. We have learned that when it comes to convergence, technology providers are sometimes ahead of customers, and are always looking for ways to reach out beyond our usual physical security customer base for feedback on these kinds of concepts. I recognize that you must be very busy, but since you seem to be finely attuned to the topic, I was hoping to get your thoughts on the feasibility in the real world. If you have a few minutes, I would appreciate your thoughts. I have provided a link to a whitepaper that covers the topic from a physec point of view. http://hirsch-identive.com/sites/default/files/resources/IFMAP%20White%20Paper%20OCT2011.pdf Thanks so much for your time and regards,
Thursday, June 14, 2012
TechTarget security video reaches out
Sometimes threads just come together at opportune times. Earlier this week my friend Liz was asking me how many followers I had for my Security Vibes blog. My answer was that I didn’t know - I don’t check because my work tends to get around to the right people just fine. A day later I receive this nice email from John at Hirsch Identive (reprinted below without permission, but I don’t think he’ll mind :^). It refers to a video I shot for TechTarget’s security university a few months ago where I mention that NAC is a much better control technology than blocking technology with some interesting events coalescing around IF-MAP. I know I need to be better at tracing where my stuff appears and publishing links. I’ll get started on that Monday!