Your Network Will Know Who You Are, What You Want
How networking vendors are building a real-life Big Brother.
In 1949, George Orwell published his masterpiece novel 1984. Even if they haven't read it, most people remember the book's key takeaway: Big Brother is watching.
Fast forward to 2008 and Big Brother really is watching. The vehicle that makes Big Brother's omniscience possible is the network.
The network: that mass of boxes, interface cards, cables and antennae that when combined become a platform for every type of human interaction and collaboration on the planet Earth (and beyond).
Let's take a look at how the networking world of 2008 will become all-knowing and all-seeing -- a silicon- and fiber-based Big Brother, if you will.
A theme I heard time and again from vendors big and small during 2007 was that the network was getting "smarter." More intelligence is being embedded into the network layer than ever before, with 2008 now poised to be a watershed year for the smart network.
Today, networks at a basic level are no longer "dumb" pipes that transport information. The networks of 2008 will build on recent and coming innovations to become application- and user-aware -- they'll know who you are and what you are allowed to do (or what you're prohibited from doing).
Intelligence in 2008 will arrive in the form of more Ethernet standards that provide increasing amounts of information about data types. Intelligence will also come in the form of smarter quality-of-service (QoS) and bandwidth-management offerings that intelligently provision the right bandwidth at the right QoS for users and their applications.
The smarter network of 2008 will rely strongly on Network Access Control (NAC). While NAC has been a buzzword for several years, NAC will go mainstream in the coming year thanks to Microsoft.
A key component of Microsoft Windows Server 2008 is what it terms Network Access Protection, or NAP. The cornerstone of the technology is pre-admission control: A NAP server will first validate the health of an endpoint (a user or machine, for instance) before allowing admission to the network.
Microsoft's Windows XP Service Pack 3, as well as Windows Vista, are both ready to serve as NAP endpoints. Due to Windows's massive installed base, Microsoft's NAP will be something that enterprises can activate out of the box to begin to secure their networks.
The power of access control for the smart network of 2008 cannot be understated. If hundreds of millions of Windows users are using NAP, it may end up being the single most important security innovation since the invention of the firewall.
Imagine: a world where insecure endpoints aren't granted access to do their dirty deeds. What a wonderful world it would be.
The smart network of 2008 isn't just more secure, it also knows who you are and what you need access to. While directories such as Microsoft's ActiveDirectory have been used for identity for years, they're not enough. The 2008 network will have identity built into the framework of the network itself.
The big push for network identity in 2008 will come from Cisco, with its TrustSec initiative. Instead of a user needing to enter multiple passwords for each and every application they need to visit, a TrustSec-powered network essentially will know who they are, what their business function is and where they're allowed to go.
From a Big Brother-auditing point of view, TrustSec, and its various competitive implementations from vendors other than Cisco, also will offer a full audit trail of a user's activities at both a network level and the application level.
By embedding identity into the network layer, the network will have better understanding and control over what users are doing.
Next page: Networks will become faster and more pervasive.
Business News Solutions