LAN changes have ebbed and flowed on a nearly consistent five-year basis. In 1990, 10M bit/sec shared Ethernet emerged as the LAN standard – only to be usurped five years later by the introduction of Fast Ethernet and Ethernet switching. Between 1995 and 2000, two important innovations occurred: virtual LANs and Gigabit Ethernet. Now in 2005, the LAN market is about to make another fundamental transition: from virtual LANs to trusted LANs, which let secure internal networks be provisioned at high speeds whether transport is wireless or wired.
Nearly all network vendors are involved in developing the trusted LAN market. Cisco, along with partners such as IBM, Network Associates, Symantec, Trend Micro, Microsoft and Computer Associates, is taking the lead in spearheading trusted LANs with its Network Admission Control technology. The major switched Ethernet vendors, such as Enterasys, Extreme Networks, Foundry Networks, 3Com and HP, are all working on and investing in trusted LAN products. Enterasys has focused its entire company and much of its R&D efforts on secure networking, making it a leader in trusted LANs. Wireless LAN players such as Colubris, Aruba Wireless Networks, AirMagnet, Legra, Bluesocket and Chantry, will become trusted LAN providers as WLANs increasingly become folded into a trusted LAN framework. And IP telephony and trusted networks have become inextricably linked as CIOs strive to resolve infrastructure vulnerabilities before voice and data ride on the same IP network.
With trusted LANs, IT departments can segment their networks into secure domains. For example, some employees might be working on a federal contract that restricts data access on a need-to-know basis. A secure domain can be wrapped around these employees and systems, creating a firewall between them and all other corporate IT resources. Financial performance information can be placed into a secure domain that includes only the executives and financial and accounting staff. Secure domains will crisscross trusted LANs; some could overlap while others would be mutually exclusive.
The move to embed security features deeply into a range of network equipment will transcend LANs to encompass networks in general. IT resources will be organized domains with different levels of security, while trusted networks will be an organization of secure domains. The impact of this new activity will be huge. Security appliance companies will be forced to change their business models and work with network equipment suppliers. This is already happening. Consolidation and market exit will hit the security appliance market hard late this year and well into next year. Trusted networks will usher in fundamental change in network design and industry structure. It has to be this way because the cost of securing networks today is way too high.