IBM Tivoli and Cisco manual Caused by worms and other hostile software

allows us to warn users if any noncompliance is found and explain the current desktop security policy requirement. This helps to keep users aware of the current security policy requirements and allow reporting on the compliance status of all of the workstations in the environment.

The second functional requirement is to restrict network access for noncompliant workstations. This limits or prevents the interruption of network operations

caused by worms and other hostile software.

The third functional requirement is to provide a means of facilitating automated

remediation for eligible workstations. While increasing the security level, the solution should not increase the operational costs of maintaining the workstation environment.

Utilizing the existing Tivoli Security Compliance Manager and Tivoli Configuration Manager software minimizes training and maintenance costs, thereby addressing the fiscal business requirement. Note that the Network Admission Control methodology is being extended only to workstations.

98Building a Network Access Control Solution with IBM Tivoli and Cisco Systems