IBM Tivoli and Cisco manual Security compliance and remediation concept

Personal computer workstations are used in the office, at home, or at a remote client location. Telecommuters must use mobile PC workstations to meet customer expectations and provide quicker response to queries, quotes, and information.

In this book, we introduce a new concept: a comprehensive integrated security solution jointly developed by IBM and Cisco Systems, trusted leaders in this

arena for many years who have established enviable synergy in the industry. This solution is based on the IBM Enterprise Class Autonomic Computing Model and the Cisco Self-Defending Network. This new concept provides an integrated security model that can help an organization protect its reputation by enabling its network to self-defend. This also enables corporations to proactively secure IT infrastructure and protect from loss of productivity, loss of revenue, and the constant battle of escalation due to noncompliance. Every time an auditor finds an IT resource that is noncompliant, it costs the enterprise a lot of money to fix (reactive measure) and to regain compliance, which leads to loss of productivity. Security auditors can even shut down a mission-critical server or deny access to users if found to be vulnerable due to noncompliance.

The solution discussed in this book addresses corporations’ security concerns by validating users against a centrally predefined policy before granting them access to the network. It also provides a path for an automated remediation process to fix noncompliant workstations quickly (improved productivity).

This solution can be deployed in stages by first targeting the most vulnerable user community, such as wireless local area network (WLAN) users or a branch office that is less secure, and then expanding the deployment enterprise-wide. This concept resolves the human-intensive process that is involved in fixing infected workstations that do not have antivirus software or the latest antivirus signature and so on. This concept further helps customers to act proactively in defending their network by denying access to unauthorized users.

1.1 The security compliance and remediation concept

IBM and Cisco are working together on this new concept that offers a solution to companies to defend their network. This solution is called the IBM Integrated Security Solution for Cisco Networks. The IBM Tivoli Security Compliance

Manager (SCM) and Cisco Network Admission Control (NAC) integration in this solution can assist you in safeguarding your IT resources and enables security compliancy to users. The IBM Integrated Security Solution for Cisco Networks is a first of its kind in the industry that provides a full cycle self-defending and automated remediation mechanism to corporate networks. Both Security

Compliance Manager and NAC are independent solutions. Combined, they complement each other and can provide the best self-defending and compliance

4Building a Network Access Control Solution with IBM Tivoli and Cisco Systems