Nine months after it acquired Funk Software for $122 million, Juniper Networks is rolling out network access control (NAC) security products based on Funk’s technology.
Memo to Cisco and Microsoft. Your competition in the NAC sector is heating up.
Funk Software’s two flagship products are the Odyssey Access Client (OAC) and Steel-Belted Radius (SBR). OAC is an 802.1x supplicant, which is defined a piece of software that provides access to an 802.1x- enabled network.
802.1x is an IEEE standard that provides for port-based security.
Oliver Tavakoli, vice president of engineering at Juniper (and the former CTO of Funk Software), explained that 802.1x helps a network figure out at a port-by-port level who is accessing the network and what kind of access to allow.
The Steel Belted Radius (SBR) product is the authentication server; it figures out who the client is and makes decisions about whether to let the client on the network.
Juniper’s latest release hits the market as its chief rival, Cisco Systems (Quote, Chart) ramps up its own technology and acquisitions in the increasingly competitive 802.1x and network access control space.
The 802.1x protocol is widely considered the standard in the nascent network access control market. It should come as no surprise then, that technologies based on 802.1x are coveted by the key players in network access control market, including Cisco, Juniper and Microsoft (Quote, Chart).
Both SBR and OAC were available prior to Juniper’s Funk acquisition but have been upgraded. OAC version 4.5 provides additional configuration options that aim to provide greater network connection control than previous versions. SBR version 5.4 adds new diagnostic tools and additional configuration management features.
If you’re interested in even more information on this topic, make sure to register for our upcoming Trends in Network Access Webcast, featuring ENP contributing writer Charlie Schluting.
Prior to the Juniper acquisition, Funk had been working with Cisco. Post acquisition, however, is a different story. All those arrangements have gone away.
Earlier this month, Cisco helped itself to a new 802.1x supplicant with the acquisition of Meetinghouse Data Communications for $43.7 million, which is seen as filling out its NAC product lines. Tavakoli referred to Meetinghouse as “the second best supplicant” in the market.
Now that the former Funk CTO finds himself in an opposing camp to Cisco’s NAC; it’s unlikely that he’ll be going out of his way to support Cisco. Juniper’s vision of network access control, which includes its infranet controller and participation its TNC Unified Access Control (UAC) effort, are not necessarily interoperable with Cisco’s NAC version.
“We know we want the standalone market and we’re going squarely after the endpoint integrity market,” Tavakoli said. “And if we ultimately lose some business because we’re not going to go out of our way to add proprietary features to Radius and Odyssey that basically support proprietary architectures by Cisco, so be it,” he said. “We’re happy with our UAC solution competing directly against NAC.” (internetnews.com was not able to reach Cisco for comment about interoperability.)
Cisco’s NAC and 802.1x efforts aren’t the only potential competition that Juniper faces in this space. Microsoft’s upcoming Vista operating system also includes 802.1x features. Tavakoli claims he isn’t overly concerned about the competition.
“We are confident in the feature gap between what will ship in Vista and what we have in Odyssey Access Client and that we will continue to be head and shoulders above. We will continue to innovate and in fact increase the gap,” Tavakoli added.
“It’s a lot easier for us to ship new client technology than the 4 or 5 years it takes Microsoft to roll out a new version of Windows.”