IBM, Cisco in enterprise security tie-up
IBM Corp. and Cisco Systems Inc. unveiled product updates that will tie technology from the two companies more closely together in an effort to secure customer networks from worms and viruses.
The companies said that updates to IBM's Tivoli software will enable those products to work with Cisco network gear to scan devices that are attempting to connect to a network to ensure compliance with network security policies. For example, the Tivoli Compliance Manager might detect that a system attempting to connect uses a weak password, or lacks a key operating system or antivirus software update, IBM said in a statement.
The announcement marks the promised integration of Tivoli with Cisco's Network Admission Control (NAC) program to link security software and network infrastructure devices in an effort to better protect networks from security threats, according to a statement released by IBM.
Working from the information discovered by the Tivoli Security Compliance Manager, Cisco's Secure Access Control Server (ACS) can grant or deny a device access to the network, moving noncompliant devices to a security quarantine area isolated from the rest of the network.
Companies also can use IBM's Tivoli Provisioning Manager to automate remediation for noncompliant devices, such as patch installation or antivirus software updates, after which Cisco devices will automatically attempt to connect them to the network. IBM is using automated, policy-based provisioning technology it acquired after purchasing Think Dynamics Inc. in May 2003, to distribute software updates and fixes to noncompliant devices, according to an IBM spokesman.
The announcement fulfills a promise IBM and Cisco made in February, when they announced a "global security initiative" to improve the security of network infrastructure. At that time, IBM said it would join the NAC program and begin working on a software agent that will tie Tivoli to ACS.
Unveiled in November, the NAC program is part of Cisco's Self-Defending Network strategy and pairs the San Jose, California, equipment maker with security companies, enabling Cisco routers to evaluate information provided by security products before allowing machines to connect to a network.
Cisco has been building support for NAC with security software vendors of all stripes in recent months. Companies such as McAfee Inc. and Trend Micro Inc. already offer NAC-compliant products. On Wednesday, Computer Associates International Inc. said that it was joining the NAC program, offering NAC-compliant eTrust antivirus and antispyware products.
IDG News Service
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
Crimeware: Understanding New Attacks and Defenses
By Markus Jakobsson, Zulfikar Ramzan
Published Apr 6, 2008 by Addison-Wesley Professional. Part of the Symantec Press series.
Enter now! | Official rules | Sample chapter
Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures
By Peter Thermos, Ari Takanen
Published Aug 1, 2007 by Addison-Wesley Professional.
Enter now! | Official rules | Sample chapter
