|
Trusted Computing Group Developing
New, Open Trusted Network Connect Specification to Ensure Endpoint
Integrity
Extreme Networks, Foundry Networks, Funk Software, InfoExpress,
Juniper Networks, Meetinghouse Data Communications, Network Associates,
Sygate, Symantec, Trend Micro and Zone Labs Join HP, Intel, Verisign
and other TCG Members to Define Open, Industry-Standard Architecture
to Protect Networks, Endpoints, Applications, and Information
Las Vegas, NV - May 11, 2004—The Trusted
Computing Group (TCG), an open industry standards organization whose specifications
help vendors build products that let users protect critical data and information,
today announced it is developing an open specification to improve network
security and integrity.
The Trusted Network Connect specification, anticipated to
be available later this year, will assist in protecting networks from viruses,
worms, denial of service attacks and host software vulnerabilities by allowing
users to enforce security policies to prevent vulnerable or untrusted systems
from connecting to the network.
Extreme Networks, Foundry Networks, Funk Software, InfoExpress, Juniper
Networks, Meetinghouse Data Communications, Network Associates,
Sygate, Symantec, Trend Micro and Zone Labs have joined TCG to
participate in this effort. TCG members HP, Intel, Verisign and others also
are participating. A Trusted Network Connect sub-group has been formed under
TCG's Infrastructure Work Group to develop the specification.
In Booth 111 at this week's Networld+Interop, members participating
in the Trusted Network Connect effort are demonstrating interoperable
and currently available technologies for securing endpoint connections
to networks. It's anticipated that these technologies will be enhanced
by the Trusted Network Connect specification to be more interoperable
over multi-vendor networks.
"With more than 60 members representing virtually every aspect of computing,
networking and security, TCG is in the leading position to develop
a non-proprietary specification to help network operators establish
security policies requiring endpoints to achieve a minimum level
of trust before connecting to their networks," said
Jim Ward , president, TCG board of directors. "This specification
will help protect networks from damage and illicit access and complement
TCG specifications that protect systems and information."
"If there is any single topic more important than security, I'm
not aware of it in today's market," said Rob Enderle, principal
analyst for the Enderle Group. "Executives have learned that point
solutions simply are not good enough, and that you need an end-to-end,
comprehensive approach to the security problem. An industry standards-based
solution to securing the endpoints of host connections is a critical
step on the path to this comprehensive approach, and it is critical
for an acceptable solution to our growing network security problem."
The Trusted Network Connect specification for multi-vendor networks
will provide a common architecture for vendor solutions that
will:
- Ensure endpoint integrity by establishing a level of "trust" in
the state of an endpoint. Specifically, solutions based on the
specification will ensure the presence, status, and upgrade level
of mandated applications; revisions of signature libraries for
antivirus and intrusion detection and prevention system applications;
and the patch level of the end-points operating system and applications.
- Maintain access policy by helping ensure that the endpoint machine
and/or its user authenticate and establish a level of trust before connecting
to the network.
- Provide quarantine measures for endpoint machines not meeting the
security policy requirements for "trust", and if possible,
apply appropriate remediation, such as upgrading software
or virus signature libraries to enable the endpoint to comply
with security policy.
The Trusted Network Connect specification is being developed for implementation
on platforms with or without the Trusted Platform Module, a microchip that
stores encryption keys, passwords and digital certificates in platforms.
While any networks incorporating solutions based on the Trusted Network
Connect specification will be protected, networks of systems using Trusted
Platform Modules will benefit from a higher level of security and trust.
TCG is an industry standards body formed to develop, define, and
promote open standards for trusted computing and security technologies,
including hardware building blocks and software interfaces, across
multiple platforms, peripherals, and devices. TCG specifications are designed
to enable more secure computing environments without compromising functional
integrity with the primary goal of helping users to protect their
information assets from compromise due to external software attack and
physical theft.
More information and the organization's specifications are
available at the Trusted Computing Group's website, www.trustedcomputinggroup.org.
For Zone Labs LLC
Te Smith
Zone Labs LLC
415/633-4833
Joanne Rasch
A&R Partners
650/533-4095
jrasch@arpartners.com
Editor's Notes: © 2004 Zone Labs LLC, A Check Point Company All
rights reserved. IMsecure, TrueVector, ZoneAlarm and Zone Labs are
registered trademarks of Zone Labs LLC, A Check Point Company The Zone Labs logo, Zone
Labs Integrity and Cooperative Enforcement are trademarks of Zone
Labs, Inc. Zone Labs Integrity protected under U.S. Patent No. 5,987,611.
Reg. U.S. Pat. & TM Off. All other trademarks are the property
of their respective owners. v.07.18.03
|
