Today Cisco Systems Inc. and IBM announced a partnership to foster increased end-point security for customers who use both Cisco's networking equipment and IBM's Tivoli software.
The companies have integrated IBM's Tivoli network and systems management software with Cisco's Network Admission Control (NAC) technologies to help enterprises set and enforce criteria for users and devices logging onto the network.
When a device attempts to log on, IBM's Tivoli Security Compliance Manager client program will scan it to ensure that it is using the required patches, antivirus updates and other software. If it is, the user will be allowed access to the network. Otherwise, the device will be quarantined on a vLAN and the IBM Tivoli Provisioning Manager will prompt the user to download the required software.
The announcement stems from a change in how employees use networked devices. Today workers often take their PCs or mobile devices off site and log on to other networks, which can cause a security risk when they return to their home networks.
"End points are not the destination for attacks," said Chris Christiansen, an analyst with Framingham, Mass.-based research firm International Data Corp. "Now even friendly end points can be the source of attacks."
IBM and Cisco are reacting to those concerns, said Don Cronin, a senior technologist with IBM's corporate security strategy group. "It is not about patches or viruses or spam, but about solving the underlying business issue," he said. "Individuals need to have the right kind of access for their circumstance."
The new security integration will address both the identity of the person logging on to the network and whether the device is in compliance. To do that, the system uses a Tivoli client on the device.
Cisco has been working toward such end-point security for some time, said Jeff Platon, Cisco's senior director of product and technology marketing. The company's switches and routers are compliant with 802.1x, a standard for enabling identity management.
Cisco has also been moving more security and intelligence into its switches and routers.
But when it comes to end-point security, Platon said. Cisco is better off partnering with companies such as IBM.
However, only those companies that use 802.1x-complaint Cisco gear and IBM's Tivoli management software can benefit. Customers must also use the Cisco Secure Access Control Server for identity management, rather than a standardized Radius server.
"At this point, [Cisco's partnership with IBM] does not seem applicable to heterogeneous environments," Christiansen said.
Platon said Cisco plans to work with standards bodies to make its approach into an industry-wide standard. At the same time, he said Cisco plans to make future announcements with other management vendors in the future.
"This was a good place to start," Platon said of the partnership with IBM. "But from both Cisco's and IBM's perspective, we have a strategy to open it up to a broader collection of partners."