By Topic

TNC-compatible NAC System implemented on Network Processor

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
An'an Luo ; Tsinghua University, China ; Chuang Lin ; Zhen Chen ; Xuchai Peng
more authors

In this paper, based on the trusted network connect architecture, we designed a novel TNC-compatible network access control system which ensures that network administrators enforce security policies on endpoint connection and communication with corporate network depending on the endpoint integrity and security status. The platform framework is built on the Intel IXP2400 network processor and a set of network access control mechanisms is implemented. The paper introduces the system design and implementation based on hardware characteristic of the IXP2400 architecture, presents emulation performance results of the system, and then proposes systemic performance optimizations, especially cryptographic performances, according to IXP2400 shared memory hierarchy and access latency, which averagely boost the throughput more than 25%. The novelty of system design is the utilization of IXP2400 multi-core and multi-thread network processor's software and hardware platform to implement the NAC system framework through secure and reliable communication to ensure endpoint integrity and platform-authentication, which is compatible with trusted network connect.

Published in:

32nd IEEE Conference on Local Computer Networks (LCN 2007)

Date of Conference:

15-18 Oct. 2007