Cloud Security Authors: Elizabeth White, Zakia Bouachraoui, Pat Romanski, Yeshim Deniz, Liz McMillan

Related Topics: Cloud Security

News Feed Item

Trusted Network Connect Provides Pervasive Security with New Support for Remote Access, Clientless Endpoints and Federated ID

Trusted Computing Group (TCG) today announced it has extended its Trusted Network Connect (TNC) security architecture and multi-vendor standards to allow all devices on any IP network to be protected against threats and unauthorized access.

This extends the architecture beyond PCs on an enterprise network, adding security for remote users, printers, scanners, and process control or SCADA (Supervisory Control and Data Acquisition) systems. Integration with physical access control systems is also supported, allowing network and physical security to be tied together for greater security.

In TCG’s booth at Interop Las Vegas (booth #869), TCG members will show how customers are using TNC specifications in a typical enterprise setting to secure employee cubicles, conference rooms, data centers, remote users and the factory floor.

New Specifications Extend TNC Security To All Devices on Any IP Network

To support and enable this new broader scope for the TNC architecture, TCG is releasing three new specifications today. These new TNC specifications provide standards that ensure multi-vendor interoperability for the following technologies:

  • Running TNC protocols across any IP network using the widely deployed security protocol TLS. This means that any IP network can benefit from TNC’s security measures without changes to that network. This specification (known as “IF-T for TLS”) also permits ongoing monitoring of device health so that infections or vulnerabilities can be immediately detected and repaired.
  • Securing “clientless endpoints” (devices without native TNC support), such as printers, VoIP phones, and guest PCs. This “Clientless Endpoint Support Profile” means that any IP device can benefit from TNC’s security measures without changes to that device. This will help protect against attacks from devices on the network and assist in monitoring them.
  • Conveying TNC security information across security domains when necessary. This “Federated TNC” is based on the widely supported federated identity standard SAML (Security Assertion Markup Language). This capability enables users to be authenticated and assessed not just in their home organizations, but in other locations.

“As network threats and attack vectors continue to increase, protecting not just typical endpoints but any device on any network significantly increases the value of TNC in both the traditional enterprise as well as newer, more dynamic deployments,” noted David O’Berry, Director of Information Technology Systems and Services, South Carolina Department of Probation, Parole and Pardon Services. “Static health checks are now of limited value due to the rapid evolution of the digital environment. However, if you take that next step and can combine persistent real-time monitoring of users who have the capability to roam between security domains with authentication vetted by their own organization, you have the potential to offer much higher security assurances to organizations concerned with defending their networks, systems and data while actually increasing the computing services available to users. TNC has taken significant steps forward with these specifications and set the stage for a flexible open framework which can enable advanced correlation and mitigation of threats in a potentially much more effective and usable model.”

FAQs and more information on these new specifications can be found at http://www.trustedcomputinggroup.org/resources/interop_las_vegas_2009_press_kit.

From Cubicle to Remote Locations, Network Security Demonstrated at Interop

Here at Interop Las Vegas in TCG’s Booth #869, Hirsch Electronics, Infoblox, Juniper Networks, Lumeta Corporation, nSolutions, Trapeze Networks, and eight other TCG member companies are showing how these pervasive security applications will secure the entire enterprise.

  • In the employee cubicle, TNC interfaces enable location, identity, endpoint health and behavior-based access control decisions, including for unmanaged devices. Integration with physical security access control using contact and contactless smart card readers also is shown.
  • TNC-based technology interoperates to provide appropriate access for conference room users, including visitors, partners, contractors, employees, and privileged employees, based on their identity, physical presence, endpoint compliance, role, and behavior.
  • TNC interfaces enable a consistent user experience and thorough compliance checking for remote users, who connect via a number of untrusted or semi-trusted intermediate networks. Optional integration with a TPM provides additional hardware-based assessment to thwart rootkits.
  • In the data center, the TNC metadata access protocol (IF-MAP) enables detection and remediation of illicit activity, such as data leakage to an endpoint or unauthorized changes to network device configurations, as well as integration with physical security devices that access the network.
  • Protection for a process control network such as a factory floor is demonstrated, allowing provisioning, defense against attacks and enforcement against unauthorized access.

About TCG

TCG is an industry standards body formed to develop, define, and promote open standards for trusted computing and security technologies, including hardware building blocks and software interfaces, across multiple platforms, peripherals, and devices. TCG specifications are designed to enable more secure computing environments without compromising functional integrity with the primary goal of helping users to protect their information assets from compromise due to external software attack and physical theft. More information and the organization’s specifications are available at www.trustedcomputinggroup.org.

Brands and trademarks are the properties of their respective owners.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

IoT & Smart Cities Stories
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...