Cisco Systems Inc. and IBM Corp. last week said they would tie together products that give customers better network access control and help prevent worm and virus attacks.
The companies said updates to IBM’s Tivoli software would work with Cisco gear to scan devices trying to connect to corporate networks. The collaboration would ensure devices allowed to access the network were compliant with network security policies. The products also could quarantine non-compliant client devices to a virtual LAN where they could be evaluated.
The companies have integrated Cisco’s Access Control Server (ACS) – a RADIUS-based authentication server – and IBM Tivoli Security Compliance Manager software to determine which devices and users could access a network and if those devices had features such as proper anti-virus software. IBM Tivoli Security Compliance Manager is software that lets customers define security policies and monitor compliance of those policies.
For example, a Tivoli software agent installed on a user endpoint would capture the device credentials and scan those against pre-set policies in the compliance software installed on a dedicated server. At that point, the device credentials would be passed to ACS for further interrogation.
If deemed up to snuff, the device would be granted access. If not, IBM Tivoli Provisioning Manager – a software distribution product – would scan the device to see if it could provide the appropriate patches to let the device gain access. In cases in which it could not, the software would alert IT staff to the device’s presence in the quarantined area and notify them to take appropriate actions.
“The products will work together to access and provision network services based on identity. The two in concert can get a very granular picture of who is trying to gain access and what is on the machine at the time,” says Dave King, director of business development for the security technology group at Cisco.
The products are set for December and draw on technology Cisco uses in its Network Admission Control (NAC) initiative, which involves the company partnering with anti-virus vendors to scan client devices and determine if they can gain access to a network. The Cisco/IBM effort, the companies say, is a step beyond NAC by taking into consideration more than virus definitions. For example, the Tivoli compliance software will scan for operating systems, patches, firewalls, applications such as Kazaa and viruses to determine if a device can gain access.
The joint effort could let customers eliminate some guesswork in granting network access, industry watchers say. “The two companies realized they can’t do it all alone and that working together will help customers get a handle on the authentication nightmare of employees connecting all over the place,” says Chris Byrnes of the Meta Group Inc.