Endpoint security is one of today’s most important subjects in the area of IT Security. Several architectures focus on this subject, e.g. Cisco NAC, Microsoft’s Network Access Protection (NAP) and Trusted Computing Group’s Trusted Network Connect (TNC). The Trusted Network Connect Sub Group (TNC-SG) has defined and released an open architecture and a set of standards for interoperable network access control (NAC) solutions. The TNC architecture enables network operators to enforce policies regarding endpoint integrity at or after network connection.


TNC@FHH is an open source implementation of the TNC architecture. TNC@FHH implements many core TNC components and the main interfaces between them. Its first release was the result of two completed master’s theses at the Fachhochschule Hannover, University of Applied Sciences and Arts. Among other things, TNC@FHH features:

  • a TNC server running as an extension of FreeRADIUS
  • several IMC/IMV pairs
  • basic policy management
  • verified interoperability with other TNC implementations (xsupplicant, wpa_supplicant, libtnc)
  • implemented in C++
  • available under the terms of the GNU GPL

In the last months, several aspects of the implementation have changed:

  • The TNC@FHH client is not supported anymore. Instead of that, wpa_supplicant and Xsupplicant are now used.
  • The TNC@FHH server has been completely redesigned.
  • Our EAP-TNC method is now an integrated part of FreeRADIUS, though in an outdated version.
  • For further information feel free to contact the TNC@FHH team via .



Documentation for TNC@FHH is provided as part of the downloadable tarballs. Furthermore, our wiki contains how-tos that describe the installation and configuration process in detail.

External Links

Hochschule Hannover
University of Applied Sciences and Arts
Faculty IV, Dept. of Computer Science
Ricklinger Stadtweg 120
30459 Hannover, Germany
Youtube Atom-Feed