10/19/2004 -- Bosom buddies Cisco Systems Inc. and IBM Corp. struck again last week, announcing a new joint solution that draws from a range of Cisco and IBM products and which is designed to help limit the damage caused by viruses, worms and security vulnerabilities in network environments.

The new integrated solution is based on IBM’s Tivoli security policy compliance software and Cisco’s Network Admission Control technologies. The idea, Cisco and IBM say, is to let IT organizations automatically identify, quarantine and remediate at-risk computing devices—such as laptops, desktops and wireless devices—before they’re granted access to network resources.

The new offering is similar to features offered in firewall and network security products from other vendors, such as Microsoft Corp., which introduced a Network Quarantine feature with its ISA Server 2004 in July. Technology of this kind typically lets IT organizations define security policies—including requiring that a user’s operating system patches and anti-virus software are current—and vet users for access to network resources based on their compliance.

In this case, IBM’s Tivoli Security Compliance Manager determines whether or not a client device is compliant, while Cisco’s Secure Access Control Server (ACS), which is part of its NAC architecture, makes a decision to grant or deny it access to the network. In the event that a device is judged not to be in compliance with the prescribed policy, Cisco ACS moves it to a pre-determined security zone, such as a virtual LAN, where it’s isolated from the network.

There’s a remediation component to the offering, too. When a device has been quarantined, organizations can configure IBM’s Tivoli Provisioning Manager to automate tasks—such as prompting users for stronger passwords or installing operating system patches or anti-virus software updates—in order to bring that device into compliance with security policy. If successful, the device is then provided full access to the network.

In addition, the two partners say, customers can also tap IBM's Orchestration and Provisioning Automation Library (OPAL), which is an online resource where IBM business partners and customers share automated workflows for things like security remediation processes. -Stephen Swoyer