Trusted Network Connect

Trusted Network Connect (TNC) is an open architecture for network access control, promulgated by the Trusted Network Connect Work Group (TNC-WG) of the Trusted Computing Group (TCG).

History

The TNC architecture was first introduced at the RSA Conference in 2005. TNC was originally a network access control standard with a goal of multi-vendor endpoint policy enforcement.

In 2009 TCG announced expanded specifications which extended the specifications to systems outside of the enterprise network. Additional uses for TNC which have been reported include Industrial Control System (ICS), SCADA security, and physical security.

Specifications

Specifications introduced by the TNC Work Group:

• TNC Architecture for Interoperability
• IF-IMC - Integrity Measurement Collector Interface
• IF-IMV - Integrity Measurement Verifier Interface
• IF-TNCCS - Trusted Network Connect Client-Server Interface
• IF-M - Vendor-Specific IMC/IMV Messages Interface
• IF-T - Network Authorization Transport Interface
• IF-PEP - Policy Enforcement Point Interface
• IF-MAP - Metadata Access Point Interface
• CESP - Clientless Endpoint Support Profile
• Federated TNC

Adoption

A partial list of vendors who have adopted TNC Standards:

• ArcSight
• Aruba Networks
• Avenda Systems
• Enterasys
• Extreme Networks
• Fujitsu
• IBM
• Pulse Secure

• Juniper Networks
• Lumeta
• McAfee
• Microsoft
• Nortel
• ProCurve
• strongSwan
• Wave Systems

Also, networking by

• Cisco
• HP
• Symantec
• Trapeze Networks
• Tofino

TNC Customer Adoption

The U.S. Army has planned to use this technology to enhance the security of its computer networks.

The South Carolina Department of Probation, Parole, and Pardon Services has tested a TNC-SCAP integration combination in a pilot program.

See also

• IF-MAP
• Trusted Computing
• Trusted Computing Group
• Trusted Internet Connection

References

Sources

• Dornan, Andy. “'Trusted Network Connect' Puts Hardware Security Agent In Every PC”, “Information Week Magazine”, UBM Techweb Publishing.
• Vijayan, Jaikumar. “Vendor Group Adds Net Access Specs”, “Computer World Magazine”, IDG Publishing.
• Higgins, Kelly Jackson. “Trusted Computing Group Widens Security Specs Beyond Enterprise Networks”, “Dark Reading”, UBM Techweb Publishing.
• Townsend, Mark. “Naked endpoints on your net, and what to do about them”, “SC Magazine”, Haymarket Media.
• Fang, Juan and Zeng, Hongli. “The Model of Trusted Network Connect Based on Credibility of the Hierarchy”, nswctc, vol. 2, pp. 454–457, 2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing, 2010.
• Howard, Scott (2010-06)(“Securing SCADA and Control Networks”, “Ürün Koruma”.
• Mağaza Güvenlik. https://www.securitypoint.com.tr/magaza/urun-koruma-sistemleri/”, “Mağaza Güvenlik”.
• Mağaza Alarm Sistemleri. http://magazaguvenlik.com.tr/”, “Mağaza Alarm Sistemleri”.