Trusted Network Connect (TNC) HOWTO » History » Version 6

« Previous - Version 6/92 (diff) - Next » - Current version
Andreas Steffen, 13.12.2010 17:26

Trusted Network Connect (TNC) HOWTO¶

The Trusted Computing Group (TCG) has defined and released an open architecture and a growing set of standards for endpoint integrity called Trusted Network Connect.

strongSwan supports both the older XML-based IF-TNCCS 1.1 "TNC Client-Server Interface" and the latest IF-TNCCS-2.0 "TLV Bindings" but currently not the IF-TNCCS SoH 1.0 "State of Health Protocol Bindings" used by Microsoft's Network Access Protection (NAP) framework. The TCG IF-TNCCS 2.0 protocol is equivalent to the "Posture Broker (PB) Protocol Compatible with Trusted Network Connect" (PB-TNC) defined by RFC 5793 which is part of the IETF "Network Endpoint Assessment" (NEA) framework defined by RFC 5209.

NEA Architecture

As a transport protocol to exchange IF-TNCCS 1.1 or IF-TNCCS 2.0 messages between TNC Client and TNC Server strongSwan uses the EAP-TNC method defined by IF-T "Protocol Bindings for Tunneled EAP Methods 1.1" which is encapsulated in an outer IKEv2-EAP-TTLS tunnel.

Files (5)

NEA_Architecture_small.png (40.2 KB) NEA_Architecture_small.png	NEA Architecture	Andreas Steffen, 13.12.2010 16:41
TCG_TNC_Architecture.png (86 KB) TCG_TNC_Architecture.png	TCG TNC Architecture	Andreas Steffen, 14.08.2011 15:30
raspberry_2.jpg (298 KB) raspberry_2.jpg	Raspberry Pi 2 IoT Device	Andreas Steffen, 16.08.2015 10:32
raspi_front_small.jpg (78.3 KB) raspi_front_small.jpg	Booth at CeBIT 2016	Andreas Steffen, 18.03.2016 13:38
raspi_back_small.jpg (98.2 KB) raspi_back_small.jpg	Raspberry Pi 2 Hardware	Andreas Steffen, 18.03.2016 13:39

Project

General

Profile

strongSwan

Documentation¶

Resources¶

Wiki

Trusted Network Connect (TNC) HOWTO » History » Version 6

Trusted Network Connect (TNC) HOWTO¶