IBM, Cisco Team to Deliver Integrated Security

February 13, 2004

Cisco and IBM have joined forces to take data networking security into a new era. Network security has become a priority for nearly any organization, but traditional methods—which require cobbling together stand-alone products--are proving inadequate to address the growing threats facing today's businesses. Cisco and IBM plan to offer a better way. Two of the industry's most respected vendors are creating integrated security products, tools and support for both the network infrastructure and its connected servers, PCs, and applications. By combining their individual expertise and products, Cisco and IBM aim to make network security easier to manage and more comprehensive in its protection.

News@Cisco spoke with Richard Palmer, vice president of Cisco's VPN and Security business unit, and Arvind Krishna, IBM's vice president of Tivoli Security Products, about this agreement and how it will help corporations and other organizations protect their networks.

Why did Cisco and IBM join together to develop security products?

Richard Palmer: The economics of security are ripe for a collaborative effort like this. Corporations are demanding better security at lower costs, and the skills and security products of our two companies are extremely complementary. Cisco is a leader in firewall, intrusion detection and other IP-based network security protections. IBM is an expert in security administration software and services. Together, we cover the entire IT infrastructure. More importantly, we cover most of the key areas that need protection against manual or automated hacker attacks.

How will Cisco and IBM security products improve on existing network security offerings?

Arvind Krishna: Security is a problem people have been solving one piece at a time, but that approach is proving unviable. Vendors have been producing good firewall or intrusion detection or virus products, but none of these tools alone solves all security problems. Each helps, certainly, but today's IT infrastructure is becoming more complex, with many more points of attack. And managing user identities in this challenging environment is a very time-consuming, costly process. But user identities are critical for enforcing effective security policies.

As people are learning, security must be comprehensive, system-wide and integrated. But such integrated security requires a broad range of expertise, not just in networks, which Cisco certainly has, but also in the elements connected to a network, including servers, PCs, applications, and their users. That's where IBM's expertise comes in. So to create more integrated security management, we are developing products that span the network infrastructure and the "end-points"—PCs, servers and their applications.

Richard Palmer: An important part of this effort is to not simply offer more powerful security but at the same time make it easier to manage. Because network security has been so onerous and expensive, companies haven't used all the tools available to them despite the risk of security breaches. So a big part of our work with IBM is to make security easier and cheaper to use by consolidating and streamlining management.

What are the products Cisco and IBM will produce and when will they be on the market?

Richard Palmer: The initial portfolio of products will focus on integrating security services in four areas: managing identities, creating secure remote connections, automating compliance, and providing security services. For managing identities, Cisco and IBM have integrated the Cisco Access Control Server (ACS) and IBM Tivoli Identity Manager. This will help organizations reduce the costs of managing a great number of employee, business partner, and customer identities for network access. For creating secure remote connections, IBM is integrating Cisco wired and wireless VPN technologies with the embedded security chips in its ThinkPad laptops and Think Centre desktop computers. Also, IBM will offer Cisco Security Agent as an option for its PCs and servers. The Cisco Security Agent provides "day zero" protection from new worms and viruses. To automate policy compliance, IBM is joining the Cisco Network Admission Control (NAC) program and plans to integrate its IBM Tivoli management software with Cisco's NAC hardware and software components. IBM will also follow up with enhanced security services for network assessment, design, implementation, and administration. The NAC program fosters more network security by protecting end-points—laptops, PCs, servers—with active communications between the network and the end-point devices. NAC is the first phase of Cisco's long-term security strategy, known as the Self-Defending Network.

Arvind Krishna: We've been working on integrating these products and have been testing them in our labs for several months. Our initial group of products will be ready for market in March. It's important to note that our agreement with Cisco is not just a one-time announcement but also a long-term plan to improve security for our customers through greater integration. We will be looking to deliver new product opportunities every six months or so. We see it as a staged set of product rollouts. The basic idea is wherever new security products from Cisco or IBM can integrate to make our customers' lives easier, we will pursue those opportunities.

How will these new products help companies save money while also boosting security?

Arvind Krishna: In the past network managers either had to hire personnel to manually manage access control lists and other security functions or else they had to write their own software to automate such functions. Both options require additional money and resources. Our efforts aim to drastically reduce this sort of work for network managers by providing much more refined and useful tools for managing security. Everyone recognizes network security is crucial but companies still struggle with the practical limitations of managing multiple, disparate security products. Our efforts integrate multiple management and provisioning systems to lower management costs. Such integration will make it much easier to eliminate old users and manage existing ones. Industry studies indicate it typically takes 28 days to remove a user from network system access. As you can imagine, such a delay can lead to many security weaknesses. Our goal is to bring down the time it takes to make system-wide or granular changes to security settings from days to minutes.

Richard Palmer: Also, integration of the endpoint security technologies with the systems and management solutions from IBM can dramatically reduce the likelihood of infection from attacks and viruses. This is one of the thorniest problems our customers face today. By protecting endpoint PCs and servers from compromise - and making good decisions about how their status compares to expected policy - IBM and Cisco can provide a higher level of trust about the users and systems accessing a company's IT resources.

Cisco and IBM have been in a strategic alliance for years. How is this recent announcement noteworthy?

Richard Palmer: This announcement is just one more case of IBM and Cisco joining together to make IT easier for any corporation or organization. The existing Cisco and IBM global corporate strategic alliance—now more than five-years old—has delivered scaleable, proven, and secure e-enabled solutions, which have generated increased productivity, revenue growth, and business agility for our customers. Security today is costly, ineffective, and difficult to deploy. By expanding our alliance activities into the security space, Cisco and IBM are striving to meet another of our customers' needs. We believe that our collaboration will help drive the industry forward and will lead to the creation of new, open standards that will improve security technologies for the enterprise. Companies can rely on their two most trusted partners, IBM and Cisco, to deliver a more efficient and integrated set of products to manage security for their enterprise. This security partnership can provide tools and products that will help customers reduce risk, drive productivity and lower costs.