IBM and Cisco integrate security tools to control network access

IBM and Cisco have introduced a set of products and services that will share security information to control access to corporate...

IBM and Cisco have introduced a set of products and services that will share security information to control access to corporate networks.

The two companies have been working for the past six months to integrate their products in a way that would allow security enforcement technology within businesses to communicate with each other.

Their goal was to offer IT directors a method of identifying systems that were not compliant with established security policies.

According to Vincent Bieri, business development manager at Cisco, when non-compliant systems or threats are detected, the Cisco and IBM product will work together to prevent access to the network or IT resources.

To exchange security information, IBM said it would be participating in Cisco's Network Admission Control (NAC) programme. The programme attempts to bolster security within a corporate network by allowing users to check the security status of PCs and servers automatically.

Based on users' pre-defined corporate IT security policies, Cisco said network security products supporting NAC are able to work in a co-ordinated fashion to prevent or allow access to critical network and system resources.

In practice, Tivoli Policy Manager from IBM would query Cisco's network admission control to determine whether a non-compliant system was attempting to log onto the network. Mike Collins, security manager at Tivoli, said, "A Cisco security agent would be able to look at a client PC to check if it had the right level of patches."

IBM will be bundling the Cisco Security Agent with IBM PC clients and servers in a bid to combat so-called "day zero" network attack.

In such attacks, users are at risk from viruses or worms that are propagating on the internet before anti-virus researchers have developed a suitable patch. Such viruses have no defined signature so users' anti-virus programs cannot offer any immediate protection.

IBM has also embedded a security chip into its Thinkpad notebooks and Thinkcentre desktops to improve the security of connecting to wired and wireless networks based on Cisco virtual private network technology. The chip is used to store encrypted authentication information

The Tivoli Identity Manager agent for Cisco Secure Access Control Server is due to start shipping in March.

Download the Cisco Security Agent for IBM PCs and servers

Read more on IT suppliers