Mobile working Toolkit

Cisco teams up with Big Blue over network security

Marguerite Reardon CNET News.com

Published: 15 Oct 2004 11:55 BST

IBM and Cisco Systems have expanded a partnership to provide businesses with automated identity and access security to networks.

The two companies announced on Thursday that they have integrated IBM's Tivoli network management software with Cisco's networking products to help businesses protect their networks from worms and viruses before employees get on the network. The combined offering sets criteria for users and devices logging on to the network.

IBM and Cisco first announced their partnership in February.

When someone tries to log on to the network, IBM's Tivoli software scans the machine to ensure that it has all the required security patches, antivirus updates and other software running on it. The update is sent to Cisco's Access Control Server through the Cisco Trust Agent, software that is pre-installed on every user's machine. If the device connecting to the network complies with all the security policies that have been previously set, the person is allowed to log on. If it doesn't, the device is quarantined on a separate virtual LAN link and the Tivoli software prompts the person to download the necessary software.

Cisco has similar partnerships with makers of antivirus software through its Network Admission Control (NAC) program. Network Associates, Symantec and Trend Micro have been working with Cisco since NAC was announced last year. Earlier this week, Cisco announced that Computer Associates also joined the NAC alliance.

Cisco's NAC initiative is part of a broader effort to help protect networks from worms and viruses before they propagate throughout the network. As the work force becomes more mobile, many workers are inadvertently exposing their companies to security threats. For example, employees who take their laptops with them when they travel may pick up viruses and worms while they are connected to another network on the road. When they return to headquarters and plug into the corporate network, they can infect the entire company.

Cisco is not the only company that has developed a strategy to address this issue. Microsoft also has proposed a plan it calls Network Access Protection, or NAP. Both architectures work in similar ways, but they are not interoperable. Other networking vendors also have developed similar security strategies, including Enterasys and Alcatel.

A consortium of vendors called the Trusted Computing Group is already working on an architecture that will use open standards.

So far, Cisco's NAC architecture is only supported on its IP routers. The company plans to add the functionality to its Ethernet switches sometime next year.

The integrated Cisco and IBM offering will be available in December.