IBM and Cisco tackle enterprise security automation
IBM and Cisco tackle enterprise security automation
Oct 15, 2004: IBM and Cisco Systems have created integrated solutions designed to reduce the damage and disruption that viruses, worms and other security vulnerabilities can cause to networks and minimise the impact they have on day-to-day business operations.
IBM's Tivoli security policy compliance software has been combined with Cisco Network Admission Control technologies with the aim to automatically comply, quarantine and remediate at-risk computing devices, such as laptops, desktops and wireless devices.
According to the pair, the collaboration offers preventative, self-protecting solutions that help users automatically control who and what is given access to the network based on enterprise-wide security policies, helping companies trim the time employees and IT staff spend recovering from computer security attacks and lapses.
IBM's Tivoli Security Compliance Manager, working in conjunction with the Cisco network infrastructure, allows enterprises to enforce their established security policies and automatically probe devices connecting to the network to flag non-compliant systems. IBM's software is designed to determine if the device is compliant with current security policies, such as operating system patch version, anti-virus update level, password settings, and other custom policies.
Once the compliance status of the device has been determined, the Cisco Secure Access Control Server (ACS), a key component of Cisco's Network Admission Control architecture, will make the decision to grant or deny access to the network. If the device is deemed compliant based on the ACS criteria, the user will be allowed to access the network. If the device is not deemed compliant, the Cisco ACS will move the device to a specific security zone, such as a virtual LAN, where it will be isolated from other parts of the network.
Once the device is placed in an isolated state, IBM Tivoli Provisioning Manager can automate simple tasks, such as prompting users for stronger passwords, or more detailed tasks such as installing operating system patches or anti-virus software updates before transparently re-engaging the Cisco network for admission and restoring full access to the production network. Using IBM and Cisco technologies provides a closed-loop remediation mechanism and process for non-compliant devices attempting to access network resources. Customers also have access to IBM's Orchestration and Provisioning Automation Library (OPAL), an online resource where IBM business partners and customers can share automated workflows such as security remediation processes.
Related Article: