The Ashimmy Blog

In the play Waiting for Godot by Samuel Beckett, the characters wait throughout the entire play for the appearance of Godot, who never arrives. Godot's failure to arrive has led to much speculation and interpretation over the years. In much the same way, the ability of the TCG/TNC to capture the NAC buying publics attention has led to much speculation and interpretation over the past 2 to 3 years.  Mike Fratto in writing about the new blog of the TCG, has laid out one of the most insightful analysis for the lack of adoption of the TCG/TNC that I have seen.

Mike points out that Network Computing's own research, in line with other research, indicates that only a minority of potential buyers of NAC technology are aware of the TCG/TNC standards and even fewer actually have a grasp of the technology.  Mike rightfully calls TCG/TNC a group, "for vendors, by vendors". Mike lays bare the soft white underbelly of the situation, in that most TCG/TNC members are not active in the working groups and have taken a wait and see approach regarding the TNC spec.  Mike again nails it when he points out that until customers demand TCG specs, vendors won't provide it. 

Ultimately Mike says vendors are looking to get out from under in providing their own agent for NAC.  The TCG/Microsoft NAP partnership gives vendors hope that this could happen.  Mike wraps it up in a nice circle, "1) Vendors build it when there is customer demand. 2) Customers demand when they trust the technology is good. 3) The first step to trusting the technology is good is knowledge about the standards and the future directions."

While Mike is not wrong, let me put a little vendor perspective in here.  Here at StillSecure, we are TCG members and are committed to supporting the TNC spec.  We have been members for a number of years and frankly like Mike says have been waiting for the TNC standards to mature and gain some market acceptance. Though we were committed to supporting it, it never made it to the top of the priority list when we were adding new functionality to Safe Access.  Frankly, up until the Microsoft announcement, it was starting to look doubtful that the TNC would be anything more than Juniper's effort to combat Cisco's and Microsoft's own NAC frameworks.  However, that did change with the NAP/TNC interoperability and StillSecure like many NAC vendors have been hard at work on developing our support for both of these specs in our product.

It is not necessarily the lure of getting out from under our own agent though that drives this as Mike thinks.  For us the real appeal of the TCG/TNC standard is that it is a true open standard that is not dictated by one tech hegemony or another. Especially ones that have driven countless other tech companies out of business over the years. Do we as NAC vendors trust our future to Cisco, Microsoft or a consortium of many NAC vendors?  If you picked Microsoft or Cisco, you guessed wrong.  However, if you are an end user, trusting the spec to Cisco or Microsoft may not be a bad idea.  Especially if you are not jittery about one vendor who already probably controls much of your technology, controlling one more aspect of it.  But if you value diversity and true open standards based on market economics, a real consortium such as the TCG has to be your choice.

Yes, Cisco and Microsoft will point to all of the companies that are partners in their own respective specs, but lets face it, those are people hedging their bets.  The thought of having to dance to the Cisco/Microsoft beat is frightening to many tech companies, but they don't have a choice.

Another reason to support the TCG is that the world is not made up of just Cisco and Microsoft networks (close but not entirely). If your network has gear other than Cisco gear, if you run another OS that doesn't start with the letter W, than being able to have your diverse gear play nicely with each other from a NAC prospective is what the TCG offers. This cross-vendor interoperability and multi-vendor standardization is the attraction of the TCG to end user customers.

Ultimately it is the lure of diversity and true open standards that draws vendors to the TCG.  However like in the play, unless customers also recognize the importance of supporting this independent standard which will give them the greatest choice going forward, TCG/TNC vendors are destined to wait under a tree for something or someone that never comes.  Lets hope NAC customers who demand TCG compliance are not like Godot.