IBM Tivoli and Cisco manual Functional requirements, Security compliance requirements

5.2 Functional requirements

In this section, the business requirements are further examined in order to extract the functional requirements. In subsequent sections of this book, the functional requirements are further distilled down to the implementation details.

5.2.1 Security compliance requirements

As we further examine our security compliance-related business requirements, we find that the following pain points are the requirement drivers.

￿Viruses and worms are becoming more sophisticated, both in their ability to propagate themselves and in causing major business disruptions.

￿Only authorized workstations should be allowed onto the network.

￿Users often change local workstation security settings and run unauthorized services, thereby making their workstation inherently less secure.

￿The operational-level security policy is changing frequently, especially with the high number of security updates and hotfixes being released by the operating system vendor.

5.2.2Network access control requirements

Examining network security related requirements we found that the following pain points are the requirement drivers:

￿The mobile worker presents a challenge for IT staff because of a general lack of ability to ensure that company computer image and update polices are followed.

–Mobile users often move back and forth from client-networks to the ABBC-network, thereby increasing the exposure risk.

–Mobile and work-at-home personnel often access the corporate network from home-based networks shared with other family members, again increasing the exposure risk.

￿Uniform security policies, no matter where a user tries to connect from.

￿The traditional perimeter defense is no longer sufficient because the perimeter is very porous in today’s business environment.

￿Locating and isolating noncompliant systems consumes time and resources.

96Building a Network Access Control Solution with IBM Tivoli and Cisco Systems