News Release

IBM and Cisco Automate Enterprise Security

Second Phase of Global Security Alliance Results in Autonomic Tools to Manage Compliance, Mitigate Risk and Reduce Costs
Oct 14, 2004

ARMONK, N.Y. and SAN JOSE, Calif., October 14, 2004 - IBM and Cisco Systems today announced integrated solutions designed to reduce the damage and disruption that viruses, worms and other security vulnerabilities can cause to networks and minimize the impact they have on day-to-day business operations.

IBM and Cisco have extended their global security alliance through the integration of IBM Tivoli security policy compliance software with Cisco Network Admission Control technologies with the aim to automatically comply, quarantine and remediate at-risk computing devices, such as laptops, desktops and wireless devices. The collaboration offers preventative, self-protecting solutions that help users automatically control who and what is given access to the network based on enterprise-wide security policies, helping companies trim the time employees and IT staff spend recovering from computer security attacks and lapses.

In today's mobile computing environment, systems and devices with out-of-date operating systems, missing firewalls, security vulnerabilities and weak passwords, are all too easily connected to the enterprise. These at-risk computing devices can infect the entire network without proper proactive systems management.

For example, a traveling salesman may not always install the latest critical security update on his laptop due to his hectic travel schedule. During his trip, his computer can become infected with a worm making him a major risk to his company upon his return. When he reconnects to the network, the worm could spread causing damage to the entire business, resulting in downtime and lost productivity for employees across the company.

The IBM and Cisco products can help improve employee productivity by making access to applications, network resources and data as convenient and secure as possible for employees and providing an auditable, policy-driven compliance system for administrators.

"Since implementing IBM and Cisco's security technologies, we've been able to better serve our customers by streamlining our business processes and increasing staff productivity," said Bernardo Zapata, Security Information Officer, Bancolombia. "We look forward to working with IBM and Cisco as they expand their collaboration in security to help us in our continued goal of improving our business processes through the use of technology."

IBM and Cisco are helping clients:

  • Comply

    - With IBM Tivoli Security Compliance Manager, working in conjunction with the Cisco network infrastructure, enterprises can enforce their established security policies and automatically probe devices connecting to the network to flag non-compliant systems. IBM's software is designed to determine if the device is compliant with current security policies, such as operating system patch version, anti-virus update level, password settings, and other custom policies.
  • Quarantine

    - Once IBM Tivoli Security Compliance Manager determines the compliance status of the device, the Cisco Secure Access Control Server (ACS), a key component of Cisco's Network Admission Control architecture, will make the decision to grant or deny access to the network. If the device is deemed compliant based on the ACS criteria, the user will be allowed to access the network. If the device is not deemed compliant, the Cisco ACS will move the device to a specific security zone, such as a virtual LAN, where it will be isolated from other parts of the network.
  • Remediate

    - Once the device is placed in an isolated state, IBM Tivoli Provisioning Manager can automate simple tasks, such as prompting users for stronger passwords, or more detailed tasks such as installing operating system patches or anti-virus software updates before transparently re-engaging the Cisco network for admission and restoring full access to the production network. Using IBM and Cisco technologies provides a closed-loop remediation mechanism and process for non-compliant devices attempting to access network resources. Customers also have access to IBM's Orchestration and Provisioning Automation Library (OPAL), an online resource where IBM business partners and customers can share automated workflows such as security remediation processes. Additionally, users of IBM ThinkPad and ThinkCentre personal computers can use IBM Rescue and Recovery Antidote Delivery Manager, a ThinkVantage Technology, to check a repository for updates and automatically update devices in Windows environments.

IBM Global Services also offers services to help clients understand the current security level of their IT infrastructure and what steps should be taken to enhance security and network operations. IBM Global Services offers a variety of services that range from individual product implementation to consulting services to overall architecture and design related services that help with businesses deploy and mange the IBM and Cisco security solution.

IBM and Cisco Global Strategic Alliance

IBM and Cisco Systems have a long-standing global strategic alliance that has produced a number of integrated solutions across a range of technologies and industries. The new security automation capabilities are the latest to emerge from a global security initiative IBM and Cisco announced this year.

In February, the companies announced a new model for enterprise security, an automated approach to information security to help simplify security, reduce implementation and administration costs, and bolster business productivity. The companies integrated various identity management products for network access and integrated laptop and desktop security technologies. The access enforcement technologies can help control and manage access to applications and network resources.