Identity-Aware Networking

Get the White Paper

By Jon Oltsik, Principal Analyst at the Enterprise Strategy Group

Say “identity management” and what usually comes to mind is LDAP directories, strong authentication and Single Sign-On (SSO) systems. These technologies are used for access to Windows networks, e-mail and other internal applications. Generally, network identity is associated with IP and MAC addresses, VLAN tags and subnets. It also plays a role in security in areas like device authentication, VPNs and IPSEC. ESG believes that the historical differences and separation between application- and network-layer identity no longer make sense. This white paper describes why and proposes a new model for identity-aware networking.

One Response to Identity-Aware Networking

  1. richard.h.paine said:

    There is no mention of the IETF’s Host Identity Protocol (HIP) in this paper. There are actually plenty of proprietary tunnel network applications that do work (NetmotionWireless, etc), but they are not standardized. The Open Group published the Secure Mobile Architecture (SMA) in Feb of 2004 and Boeing implemented it for manufacturing and robotic requirements. SMA uses HIP to secure the networks over both wired and wireless connections. SMA uses the Trusted Computing Group’s IF-MAP and the ISA machine controls security to accomplish a standards-based means of network identity management.

    The paper is an excellent premise: work on network identity management – it is at the core of the problem of network security and Intercloud. Let’s also work on the standards issues, not on yet another proprietary identity management solution.