Trusted Network Connect

The TNC architecture was first introduced at the RSA Conference in 2005.{{cite web |url=http://www.informationweek.com/news/hardware/desktop/showArticle.jhtml?articleID=180201733 |title='Trusted Network Connect' Puts Hardware Security Agent in Every PC - - - Informationweek |website=www.informationweek.com |access-date=3 February 2022 |archive-url=https://archive.today/20120904004418/http://www.informationweek.com/news/hardware/desktop/showArticle.jhtml?articleID=180201733 |archive-date=4 September 2012 |url-status=dead}} TNC was originally a network access control standard with a goal of multi-vendor endpoint policy enforcement.{{cite web|last=Vijayan |first=Jaikumar |url=http://www.computerworld.com/s/article/101608/Vendor_Group_Adds_Net_Access_Specs?taxonomyId=016 |title=Vendor Group Adds Net Access Specs |publisher=Computerworld |date=2005-05-09 |accessdate=2017-05-03}}

In 2009 TCG announced expanded specifications which extended the specifications to systems outside of the enterprise network.{{cite web|url=http://www.darkreading.com/security/perimeter/showArticle.jhtml?articleID=217500658 |title=Trusted Computing Group Widens Security Specs Beyond Enterprise Networks |website=Darkreading.com |date= 18 May 2009|accessdate=2017-05-03}} Additional uses for TNC which have been reported include Industrial Control System (ICS), SCADA security,{{cite web|url=http://www.tofinosecurity.com/blog/not-your-fathers-control-system |title=Not your Father's Control System | Tofino Industrial Security Solution |website=Tofinosecurity.com |date= |accessdate=2017-05-03}}{{cite web |url=http://www.automation.com/content/securing-scada-and-control-networks |title=Securing SCADA and Control Networks |accessdate=2010-09-13 |url-status=dead |archiveurl=https://web.archive.org/web/20110728101509/http://www.automation.com/content/securing-scada-and-control-networks |archivedate=2011-07-28 }} and physical security.{{cite web |url=http://www.hirschelectronics.com/Hirsch-PR--PhysSec-NAC_interoperability_demo.asp |title=Hirsch Demonstrates Industry's First Standards-Based Network / Physical Access Control Enforcement Solution |accessdate=2010-10-14 |url-status=dead |archiveurl=https://web.archive.org/web/20091230012003/http://www.hirschelectronics.com/Hirsch-PR--PhysSec-NAC_interoperability_demo.asp |archivedate=2009-12-30 }}

Specifications introduced by the TNC Work Group:{{cite web |url=http://www.currentanalysis.com/h/2009/TrustedComputingGroup-TNC.asp |title=Trusted Computing Group Continues to Extend TNC Specifications | Current Analysis |accessdate=2010-09-15 |url-status=dead |archiveurl=https://web.archive.org/web/20100109114422/http://www.currentanalysis.com/h/2009/TrustedComputingGroup-TNC.asp |archivedate=2010-01-09 }}

• TNC Architecture for Interoperability
• IF-IMC - Integrity Measurement Collector Interface
• IF-IMV - Integrity Measurement Verifier Interface{{cite web |url=http://www.opus1.com/nac/tnc/TNC_IFIMV_v1_2_r8.pdf |title=Archived copy |accessdate=2010-10-14 |url-status=dead |archiveurl=https://web.archive.org/web/20110103124034/http://www.opus1.com/nac/tnc/TNC_IFIMV_v1_2_r8.pdf |archivedate=2011-01-03 }}
• IF-TNCCS - Trusted Network Connect Client-Server Interface{{cite web|url=http://www.opus1.com/nac/tnc/if-tnccs-soh-v1_0_r8.pdf |title=TCG Trusted Network Connect : TNC IF-TNCCS: Protocol Bindings for SoH |website=Opus1.com |accessdate=2017-05-03}}

• IF-M - Vendor-Specific IMC/IMV Messages Interface
• IF-T - Network Authorization Transport Interface{{cite web |url=http://www.trustedcomputinggroup.org/files/resource_files/51F0757E-1D09-3519-AD63B6FD099658A6/TNC_IFT_TLS_v1_0_r16.pdf |title=Archived copy |accessdate=2010-10-14 |url-status=dead |archiveurl=https://web.archive.org/web/20110928031429/http://www.trustedcomputinggroup.org/files/resource_files/51F0757E-1D09-3519-AD63B6FD099658A6/TNC_IFT_TLS_v1_0_r16.pdf |archivedate=2011-09-28 }}
• IF-PEP - Policy Enforcement Point Interface{{cite web |url=http://www.opus1.com/nac/tnc/TNC_IF-PEP_v1_1_rev_0_7.pdf |title=Archived copy |accessdate=2010-10-14 |url-status=dead |archiveurl=https://web.archive.org/web/20110930155120/http://www.opus1.com/nac/tnc/tnc_if-pep_v1_1_rev_0_7.pdf |archivedate=2011-09-30 }}
• IF-MAP - Metadata Access Point Interface
• CESP - Clientless Endpoint Support Profile
• Federated TNC

A partial list of vendors who have adopted TNC Standards:[http://scap.nist.gov/events/2010/itsac/presentations/day2/Network_Automation-TNC.pdf#page=18] {{webarchive|url=https://web.archive.org/web/20110716165856/http://scap.nist.gov/events/2010/itsac/presentations/day2/Network_Automation-TNC.pdf |date=2011-07-16 }}

{{col-begin}}

{{col-break}}

• ArcSight
• Aruba Networks
• Avenda Systems
• Enterasys
• Extreme Networks
• Fujitsu
• IBM
• Pulse Secure

{{col-break}}

• Juniper Networks
• Lumeta
• McAfee
• Microsoft
• Nortel
• ProCurve
• strongSwan
• Wave Systems

{{col-end}}

Also, networking by

• Cisco
• HP
• Symantec
• Trapeze Networks
• Tofino

The U.S. Army has planned to use this technology to enhance the security of its computer networks.{{cite web |url=https://www.trustedcomputinggroup.org/news/press/member_releases/2006/General_Dynamics_Release.pdf |title=Archived copy |accessdate=2006-08-05 |url-status=dead |archiveurl=https://web.archive.org/web/20061003160426/https://www.trustedcomputinggroup.org/news/press/member_releases/2006/General_Dynamics_Release.pdf |archivedate=2006-10-03 }}

The South Carolina Department of Probation, Parole, and Pardon Services has tested a TNC-SCAP integration combination in a pilot program.{{cite web|last=Jackson |first=William |url=http://fcw.com/articles/2010/09/28/scap-and-tnc-combine-in-south-carolina.aspx |title=Speed of cybersecurity rises with combination of Trusted Network Connect and Security Content Automation Protocols |website=Fcw.com |date=2010-09-28 |accessdate=2017-05-03}}

• IF-MAP
• Trusted Computing
• Trusted Computing Group
• Trusted Internet Connection

{{Reflist|30em}}

• Dornan, Andy. [http://www.informationweek.com/news/hardware/desktop/showArticle.jhtml?articleID=180201733 “'Trusted Network Connect' Puts Hardware Security Agent In Every PC”], “Information Week Magazine”, UBM Techweb Publishing.
• Vijayan, Jaikumar. [http://www.computerworld.com/s/article/101608/Vendor_Group_Adds_Net_Access_Specs?taxonomyId=016 “Vendor Group Adds Net Access Specs”], “Computer World Magazine”, IDG Publishing.
• Higgins, Kelly Jackson. [http://www.darkreading.com/security/perimeter/showArticle.jhtml?articleID=217500658 “Trusted Computing Group Widens Security Specs Beyond Enterprise Networks”], “Dark Reading”, UBM Techweb Publishing.
• Townsend, Mark. [http://www.scmagazineus.com/naked-endpoints-on-your-net-and-what-to-do-about-them/article/165892/ “Naked endpoints on your net, and what to do about them”], “SC Magazine”, Haymarket Media.
• Fang, Juan and Zeng, Hongli. [https://ieeexplore.ieee.org/document/5480880 “The Model of Trusted Network Connect Based on Credibility of the Hierarchy”], nswctc, vol. 2, pp. 454–457, 2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing, 2010.
• Howard, Scott (2010-06)([http://www.urunkoruma.com/content/securing-scada-and-control-networks “Securing SCADA and Control Networks”], [http://www.urunkoruma.com/ “Ürün Koruma”].
• Mağaza Güvenlik. [https://www.securitypoint.com.tr/magaza/urun-koruma-sistemleri/”], [https://www.securitypoint.com.tr/magaza/urun-koruma-sistemleri “Mağaza Güvenlik”].
• Mağaza Alarm Sistemleri. [http://magazaguvenlik.com.tr/”], [http://magazaguvenlik.com.tr/magaza-alarm-sistemleri/ “Mağaza Alarm Sistemleri”].

Category:Computer network security

Category:Trusted computing