October 14, 2004 8:58 AM PDT
IBM, Cisco tackle security's weak link
- Related Stories
Cisco, Microsoft in security showdownSeptember 17, 2004
Alcatel hopes security will get users to switchAugust 16, 2004
Microsoft spearheads latest security partnershipJuly 13, 2004
From Cisco, self-defense weapons for networksJune 18, 2004
Cisco, others plan to ban insecure PCsNovember 18, 2003
The two companies announced Thursday that they have integrated IBM's Tivoli network management software with Cisco's networking products to help businesses protect their networks from worms and viruses before employees get on the network. The combined offering sets criteria for users and devices logging on to the network.
IBM and Cisco first announced their partnership in February.
When someone tries to log on to the network, IBM's Tivoli software scans the machine to ensure that it has all the required security patches, antivirus updates and other software running on it. The update is sent to Cisco's Access Control Server through the Cisco Trust Agent, software that is pre-installed on every user's machine. If the device connecting to the network complies with all the security policies that have been previously set, the person is allowed to log on. If it doesn't, the device is quarantined on a separate virtual LAN (local area network) link and the Tivoli software prompts the person to download the necessary software.
Cisco has similar partnerships with makers of antivirus software through its Network Admission Control (NAC) program. Network Associates, Symantec and Trend Micro have been working with Cisco since NAC was announced last year. Earlier this week, Cisco announced that Computer Associates also joined the NAC alliance.
Cisco's NAC initiative is part of a broader effort to help protect networks from worms and viruses before they propagate throughout the network. As the work force becomes more mobile, many workers are inadvertently exposing their companies to security threats. For example, employees who take their laptops with them when they travel may pick up viruses and worms while they are connected to another network on the road. When they return to headquarters and plug into the corporate network, they can infect the entire company.
Cisco is not the only company that has developed a strategy to address this issue. Microsoft also has proposed a plan it calls Network Access Protection, or NAP. Both architectures work in similar ways, but they are not interoperable. Other networking vendors also have developed similar security strategies, including Enterasys and Alcatel.
A consortium of vendors called the Trusted Computing Group is already working on an architecture that will use open standards.
So far, Cisco's NAC architecture is only supported on its IP routers. The company plans to add the functionality to its Ethernet switches sometime next year.
The integrated Cisco and IBM offering will be available in December.
2 commentsJoin the conversation! Add your comment