Microsoft and Cisco clash on security

The two companies have each proposed competing "end to end" security architectures, marking the latest evolution in network defence -- an approach concerned not only with scanning for viruses but also with policing networks to deny connections to machines that don't conform with security policies. For now at least, however, the twin offerings are not interoperable. That means customers might be forced to choose between using technology from one company or the other, unless the two tech giants can strike a deal to guarantee compatibility.

Choosing could be tough, given that both companies thoroughly dominate their respective markets: Microsoft has a monopoly in desktop operating systems, and Cisco's share of the corporate network routing market exceeds 70 percent.

Microsoft and Cisco say they are working to ensure interoperability. But at this stage, it's difficult to know how quickly the two sides will come together and what the resulting security plan will look like -- or if bridging the gap between their respective technologies is even feasible.

"We know how important it is for us to interoperate with Cisco," said Steve Anderson, director of Microsoft's Windows server group. "But we're both big companies, and it takes a lot of time to work this stuff out. Bill Gates and John Chambers have already been talking. We expect to announce the first step in this process sometime this fall when we announce an interoperability agreement."

A decision is crucial to customers, who now face the prospect of spending their already tight security budgets on running incompatible architectures. At the heart of the debate is the Remote Authentication Dial In User Service, or Radius, the de facto standard for authenticating users accessing networks remotely. In each of the proposed architectures, the companies use their own Radius servers to centrally enforce security policy and provide administration of user profiles.