5.1 Business requirements

As described in Chapter 4, “Armando Banking Brothers Corporation” on page 77, Armando Banking Brothers Corporation (ABBC) is well vested in the IBM Tivoli Identity, Access, and Compliance management solutions. With the emergence of the Network Admission Control program, as sponsored by Cisco Systems, it is ABBC’s direction to introduce a Network Admission Control program based on workstation posture-compliance status information.

The CEO of ABBC emphasizes the following business requirements:

￿ABBC has experienced loss of productivity caused by the introduction of viruses and worms, the spread of which must be stemmed by limiting production network access to systems that comply with the ABBC security policy, such as weekly full-system scans.

￿ABBC wishes to implement identity-based networking services, using the IEEE 802.1x protocol in the LAN environment, to identify who can access what information in the network.

￿ABBC requires a method to ensure that basic safeguards are employed at the workstation level, such as:

Password quality standards

Detection of unauthorized Windows services

￿ABBC requires a method to protect the mobile users from being attacked or infected when working outside of the corporate network by ensuring that personal firewall software is installed and running all the time.

￿Mobile (and work-at-home) worker remote access must be maintained; at the same time, increased controls must be put in place to reduce risks to the corporate infrastructure.

￿The solution must include a way to remediate noncompliant systems.

￿The solution must be built largely upon existing infrastructure to help keep costs at a minimum.

￿ABBC requires a minimally intrusive method to institute and enforce emergency change procedures for the company security posture-policy. The utilized method must not heavily consume help desk and system administrator resources.

￿ABBC requires a method to ensure that required software, updates, and hotfixes are automatically installed on all workstations.

Chapter 5. Solution design

95

Page 113
Image 113
IBM Tivoli and Cisco manual Business requirements