Microsoft and Trusted Computing Group Announce Interoperability

Trusted Computing Group’s Trusted Network Connect architecture to incorporate Network Access Protection’s primary client-server protocol

INTEROP LAS VEGAS 2007 — May 21 , 2007 — Trusted Computing Group (TCG), which develops open standards for computing security, and Microsoft Corp., a TCG member and active participant, today announced they will provide customers and partners interoperability of TCG’s Trusted Network Connect (TNC) architecture and Microsoft® Network Access Protection (NAP) for network access control (NAC). This interoperability means customers can use NAP products in TNC-protected networks and TNC products in NAP-protected networks. NAP partners can support TNC clients and servers, and TNC implementers can support NAP clients, servers and protocols.

The first step in the interoperability of NAP and TNC will be enabled by Microsoft’s contribution of its Statement of Health (SoH) protocol to the Trusted Computing Group. A new specification, the IF-TNCCSSOH, is being released today as part of the TNC architecture. Vendors can begin implementing the IFTNCCS-SOH specification immediately. Several demonstrations of the new specification will be shown on the Interop show floor this week in TCG’s booth #211 and in Microsoft’s booth #1548.

With this interoperability, customers of both Microsoft and TNC-enabled networks can realize significant benefits:

Interoperability and customer choice: Customers are now provided with a choice of architectural and product options. They will be able to choose components, infrastructure and technology as best serves their business needs while being assured of interoperability.

Simplification, clarity, and confidence: The interoperability of NAP and TNC provides helpful guidance for customers considering network access control architectures and products and offers assurance that a wide variety of products will work together.

Investment protection: The interoperability of TNC and NAP platforms enables customer reuse and investment protection of their TNC and/or NAP deployments. For example, customers can begin deploying products based on TNC specifications today and integrate NAP into the environment concurrent with their deployment of Windows Vista® and Windows Server® 2008.

Single agent included in Windows®: Computers running Windows Vista, Windows Server 2008, and future versions of Windows XP will include the NAP Agent component as part of the core operating system. The NAP Agent will be used for both NAP and TNC.

As products supporting the new IF-TNCCS-SOH specification become available in the coming months, customers will be able to start implementing portions of NAP-TNC interoperability. TNC servers that support the SoH protocol can interoperate with Windows Vista and other NAP clients without requiring any extra software to be downloaded or installed on the client. TNC clients that support the SoH protocol can participate in NAP-protected networks, authenticating and participating in health checks.

"The contribution of the Statement of Health, Microsoft’s primary client-server protocol, to the TNC architecture enables a wide variety of network access control implementations for customers and for vendors, ultimately helping provide significantly better protection of corporate information and assets," said Steve Hanna, co-chair of the TCG TNC work group and distinguished engineer, Juniper Networks. "Agreeing on common security standards provides a solid foundation on which we can build a more secure computing future."

"With this interoperability, Microsoft has reaffirmed its commitment to the Trusted Computing Group and to the development of industry standards that benefit all users," said Henry Sanders, general manager, Windows Networking and a Distinguished Engineer. "TCG is providing both the IT community and the networking industry with the benefits of integration and interoperability."

TCG and Microsoft have published a technical white paper that describes how Microsoft NAP and TCG TNC interoperate for security policy enforcement and health assessment. The white paper can be downloaded at https://www.trustedcomputinggroup.org/news/events/interop_2007.

Leading networking and security companies expressed their support for the announcement: "The inclusion of the statement of health capability in the TNC specification and resulting interoperability with the Microsoft NAP architecture allows organizations to deploy NAC solutions with confidence today– without worrying about which standard will win," noted Paul Sangster, TCG TNC work group co-chair and distinguished engineer, Symantec. "As a leading security provider, Symantec welcomes the interoperability of these leading NAC architectures and will continue to support the TNC architecture."

"As a TNC contributor, TCG director and a Microsoft NAP partner, Wave Systems Corp is very pleased to see the convergence of these capabilities that delivers an interoperable trustworthy solution," said Brian Berger, executive vice president of marketing and sales at Wave Systems. "By providing a trusted endpoint and the use of the Trusted Platform Module for end-point integrity, these NAC solutions provide the enterprise assurance that the endpoint is authentic and trustworthy."

"TCG continues to play a key role in creating and evangelizing open standards for trusted platform security, and the interoperability of Microsoft Network Access Protection with the TCG’s Trusted Network Connect architecture for network access control broadens the impact of industry standards in infrastructure security, while offering customers more choice on how they implement NAC," said Mark Schiller, president of the TCG and director of Hewlett Packard’s Trusted Computing Strategy. "This interoperability will help accelerate the development of products and the deployment of network access control towards better security of systems, networks and mission-critical data."

About Microsoft
Founded in 1975, Microsoft (Nasdaq "MSFT") is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

About TCG
TCG is an industry standards body formed to develop, define, and promote open standards for trusted computing and security technologies, including hardware building blocks and software interfaces, across multiple platforms, peripherals, and devices. TCG specifications are designed to enable more secure computing environments without compromising functional integrity with the primary goal of helping users to protect their information assets from compromise due to external software attack and physical theft. More information and the organization’s specifications are available at www.trustedcomputinggroup.org.

Microsoft, Windows Vista, Windows Server and Windows are trademarks of the Microsoft group of companies. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Industry Supports Trusted Network Connect (TNC), Network Access Protection (NAP) Interoperability

"We are committed to open standards and are pleased to be able to offer our Trusted Network Connect compliant solutions to customers using Microsoft Network Access Protection," said Pierre Trudeau, chief technology officer at Colubris Networks. "This development enhances our ability to offer the optimal Wi-Fi infrastructure, as it seamlessly integrates with the security tools and policies of the enterprise LAN,
while offering the highest levels of wireless performance, QoS and mobility."

Contact: Kathy Sucich
Davies Murphy Group
ksuchich@daviesmurphy.com
781-418-2409

"As a TNC contributor and a Microsoft NAP partner, Infoblox is very excited about this development," said Richard Kagan, vice president of marketing at Infoblox. "Assuring interoperability among products compatible with TNC and Microsoft NAP enables customers to make investments in network security with greater confidence."

Contact: Jennifer Jasper
jjasper@infoblox.com
408-625-4309

“Customers have made it clear that interoperability amongst the major network access control architectures and solutions is critical to helping them reduce overall cost of ownership and time to value,” said Karthik Krishnan, senior product line manager at Juniper Networks. “Today’s announcement from Microsoft and the Trusted Computing Group is a watershed event for our industry. Interoperability between Juniper Networks Unified Access Control (UAC) and Microsoft Network Access Protection (NAP) leveraging this new TNC specification will provide customers with greater choice, flexibility and investment protection for their network access control deployments."

Contact: Roger T. Fortier
rfortier@juniper.net
Juniper Networks Public Relations
408-936-7631 – office
408-348-1569 — mobile

"Today’s announcement of the interoperability of Microsoft Network Access Protection and the Trusted Computing Group’s TNC architecture is great news for customers. This announcement provides customers the investment protection they require in network access control technology and gives customers a wider degree of openness and flexibility in meeting their network security requirements. Nortel, with our Secure Network Access Solution (http://www.nortel.com/snas4050), is working with NAP technology from Microsoft and continues to be a contributing member of TNC to ensure our customers the best possible solution based on open industry standards," said Steve Slattery, president, Enterprise Networks, Nortel.

Contact: Mary Pretotto
maryp@nortel.com
Media Relations, Nortel
905-863-7777 (ESN 333)
416-671-5048 – cell

"ProCurve Networking by HP is an active participant in TCG and a consistent contributor to the TNC architecture and standards. Today’s announcement delivers on the promise of interoperable, open standards network access control solutions. ProCurve is dedicated to solutions that are interoperable with both the TNC architecture and Microsoft NAP to increase productivity, fortify security, and reduce complexity for today’s networks," said Kevin Porter, Access Control Solutions manager from ProCurve Networking by HP.

Contact: Nancy Stebbins
GoldRush Communications
nstebbins@goldrushpr.com
916-939-6655

"Today’s announcement of the interoperability of the Microsoft Network Access Protection and Trusted Network Connect architectures gives customers with multi-vendor networks a wider variety of products and services to help them implement network access control," said Tom Turner, vice president of marketing, Q1 Labs. "Q1 Labs will extend its ‘post-admission’ monitoring and policy feedback to include this important collaboration."

Contact: Christine Major
Perkett PR
cmajor@perkettpr.com
603-743-4534

"Today’s announcement heralds a new era for NAC adoption because users no longer have to agonize over which industry framework or standard is right for them. It is a victory for open standards, validating the importance of the major NAC vendors and frameworks working together to provide solutions for any organization with a heterogeneous environment," said Alan Shimel, chief strategy officer at StillSecure. "Because of StillSecure Safe Access’ flexible architecture, both TNC and NAP are options for our customers. Administrators can implement Safe Access today knowing that it will be compatible with open standards even as the market continues to evolve."

Contact: Sonya Hausafus
shausafus@stillsecure.com
303-381-3843
303-909-8580

"Trapeze Networks Smart Mobile™ products support interoperability between Trusted Network Connect and Microsoft’s NAP across our entire enterprise Wi-Fi product line. This helps give our enterprise customers the best protection and flexibility in securing their wireless deployments," said Ahmet Tuncay, vice president of product management for Trapeze Networks.

Contact: Ted Fornoles
tfornoles@trapezenetworks.com
925-474-2602

For more information please contact:


Anne Price, Trusted Computing Group
press@trustedcomputinggroup.org
602-840-6495
602-330-6495 mobile
Rapid Response Team, Waggener
Edstrom Worldwide for Microsoft
rrt@waggeneredstrom.com
(503) 443-7070

Wave Logo

About Wave Systems Corp.

Wave is a pioneer in hardware-based PC security that provides software to help solve critical enterprise PC security challenges such as data protection, strong authentication, network access control and the management of these enterprise functions.  Wave is a founding member of the Trusted Computing Group (TCG), a consortium of more than 100 companies that forged open standards for hardware security.  Wave’s EMBASSY® line of client- and server-side software leverages and manages the security functions of the TCG’s industry standard hardware security chip, the Trusted Platform Module (TPM) as well as hard drives that comply with TCG’s “Opal” self-encrypting drive (SED) standard.  Self-encrypting drives are a growing segment of the data protection market, offering increased security and better performance than most existing software-based encryption solutions.  TPMs are standard equipment on many enterprise-class PCs shipping today and have shipped on an estimated 300 million PCs worldwide.  Using TPMs and/or SEDs and Wave software, enterprises can substantially and cost-effectively strengthen their current security solutions.  Visit http://www.wave.com for more information.

Safe Harbor for Forward Looking Statements

Under the Private Securities Litigation Reform Act of 1995. This press release may contain forward-looking information within the meaning of Section 21E of the Securities Exchange Act of 1934, as amended (the Exchange Act), including all statements that are not statements of historical fact regarding the intent, belief or current expectations of the company, its directors or its officers with respect to, among other things: (i) the company’s financing plans; (ii) trends affecting the company’s financial condition or results of operations; (iii) the company’s growth strategy and operating strategy; and (iv) the declaration and payment of dividends. The words "may," "would," "will," "expect," "estimate," "anticipate," "believe," "intend" and similar expressions and variations thereof are intended to identify forward-looking statements. Investors are cautioned that any such forward-looking statements are not guarantees of future performance and involve risks and uncertainties, many of which are beyond the company’s ability to control, and that actual results may differ materially from those projected in the forward-looking statements as a result of various factors.

All brands are the property of their respective owners.

For more information please contact:

Company:
Wave Systems Corp.
Michael Wheeler
413-243-7026
mwheeler@wave.com
Wave Media Contact:
Schwartz Communications
Michael Schultz / Tiffany Archambault
781-684-0770
wave@schwartz-pr.com
Wave Investor Relations Contact
David Collins, Ratula Roy
Catalyst Global LLC
212-924-9800
wavx@catalyst-ir.com

Stay up-to-date on news relating to Wave. Join our email list by putting your email address in the space below.