IBM Integrated Security Solution for Cisco Networks.
Organizations are increasingly working to leverage their IT infrastructure to remain competitive and meet the challenges of the on demand world. They extend the use of their IT investments in networks, systems, and applications to connect with customers, suppliers, and business partners. While this increased connectivity can drive immense benefits, it also can yield corresponding risks. Viruses, worms, and Internet attacks can cause significant IT infrastructure damage and loss of productivity.
IBM and Cisco Systems are helping enterprises address these security exposures in two key areas. The first is managing the identities of users who connect to the enterprise and the second is dealing with the "wellness" of a device connecting to the network. By knowing the identity of the individual connecting to the corporate network, an enterprise can better control the user's access.
The IBM Integrated Security Solution for Cisco Networks offers an outline of the available IBM products and services offerings that contribute to addressing these security concerns on Cisco Networks. Customers can then work with their IBM sales representative or business partner to determine the components that best address their security challenges.
The IBM Integrated Security Solution for Cisco Networks, while helping the right persons, systems, or devices to engage in on demand business processes can also help to protect companies from unauthorized access to their IT infrastructure. The enhanced security components can also help to protect the network from devices which may be corrupted and could infect other parts of the enterprise.
With the IBM Integrated Security Solution for Cisco Networks, customers will be able to select the appropriate Tivoli security management offerings, which are being updated to incorporate integration with Cisco Networks, and relevant services offerings from IBM or their partner of choice based on their own specific security objectives.
The IBM Integrated Security Solution for Cisco Networks accomplishes this in three main steps:
- Verification of identities for network access
- Device security compliance checking for network access
- Remediation of non-compliant devices
An enterprise can select to implement one, two or all three of these steps based on their specific security objectives.
Verification of identities for network access involves components of identity and access management. IBM and Cisco have collaborated to integrate a robust set of layered access enforcement capabilities for controlling access to applications and network resources. Cisco Secure Access Control Server and the network layer are the first line of defense and ensure that unknown people are not allowed onto the network.
IBM Tivoli Access Manager provides a second line of defense at the application layer by managing access to specific applications and UNIX and Linux operating systems. For those using IBM eServer zSeries systems, z/OS with its Resource Access Control Facility (RACF) provides access control capabilities that add yet another layer of strength. Because a network's growing number of users is accompanied by an increasing variety of access rights, and a more substantial enforcement infrastructure, implementing and maintaining a network-level identity model requires an enterprise to implement a robust management solution. By using Tivoli Identity Manager - - one of the leading identity management solutions - - an enterprise can leverage its integration with Cisco Identity-Based Networking Services (IBNS) to automate deployment of a network-level identity environment.
The IBM Integrated Security Solution for Cisco Networks enables enterprises to establish security access policies for devices connecting to a network, then check devices for things such as operating system, patch or anti-virus software levels or configuration settings as they connect to the network to see if they are in fact compliant to the security policies and if not, make the decision to refuse access to the network.
Tivoli Security Compliance Manager acts as an early warning system by identifying security vulnerabilities and security policy violations. This complements Cisco Trust Agent which when installed on devices allows Network Admission Control to determine if Cisco Security Agent or antivirus software is installed and current, the level of the operating system and patches as well as any of the large set of system parameters that can be checked by Tivoli Security Compliance Manager.
Remediation of non-compliant devices
The IBM Integrated Security Solution for Cisco Networks addresses the remediation of non-compliant devices by taking a non-compliant or non-responsive endpoint which Cisco Network Admission Control has moved to an isolated environment with limited or no network access and notifying the remediation subsystem to address the issue.
Tivoli Provisioning Manager which through workflows, automates the manual provisioning and deployment process can address the remediation of the non-compliant devices. IBM Rescue and Recovery with Antidote Delivery Manager, available with IBM ThinkPad and ThinkCentre systems, provides capabilities similar to Tivoli Provisioning Manager for the Microsoft Windows environment. Antidote Delivery Manager enables noncompliant Windows endpoints to retrieve updates and become compliant. It utilizes Cisco Network Admission Control (Cisco NAC), a Cisco-led, multi-partner program designed to limit damage caused by viruses and worms to isolate a noncompliant Windows endpoint from the secure network. When the noncompliant endpoint is isolated, Antidote Delivery Manager automatically checks a repository for required updates and enables the endpoint to retrieve the updates it needs to become compliant. In environments where Tivoli software is not present, Antidote Delivery Manager can also address situations in which the latest Antidote Delivery Manager log entry does not match the requirements for the enterprise.
|
|
|
|
