Under the terms of the agreement the computing giants have integrated IBM's Tivoli security policy compliance software with Cisco's Network Admission Control technologies. According to the companies, this collaboration offers preventative, self-protecting systems that help users automatically control who and what is given access to the network based on enterprise-wide security policies.
The combined security system aims to identify systems and devices with out-of-date operating systems, missing firewalls, security vulnerabilities and weak passwords, which have the potential to infect entire networks. It is designed to allow IT security mangers to automatically scan, quarantine and disinfect at-risk computing devices, such as laptops, desktops and wireless devices.
With IBM Tivoli Security Compliance Manager, working with the Cisco network infrastructure, enterprises can enforce their established security policies and automatically probe devices connecting to the network to flag up non-compliant systems. IBM's software determines if the device is compliant with current security policies, such as operating system patch version, anti-virus update level, password settings, and other custom policies.
Once IBM Tivoli Security Compliance Manager determines the compliance status of the device, the Cisco Secure Access Control Server (ACS), a component of Cisco's Network Admission Control architecture, will make the decision to grant or deny access to the network. If the device is compliant, the user will be allowed to access the network. If the device is not compliant, the Cisco ACS will move the device to a specific security zone, such as a virtual LAN, where it will be isolated from other parts of the network.
Once a device has been placed in an isolated state, IBM Tivoli Provisioning Manager can automate simple tasks, such as prompting users for stronger passwords, or more detailed tasks such as installing operating system patches or anti-virus software updates before re-engaging the Cisco network for admission and restoring full access to the network.