IBM Tivoli and Cisco manual Remote access protection, Remote Access Protection

Remote access protection

Remote access users use dial-up or VPN to connect to corporate resources. To enforce these users to comply to the corporate policies, a policy enforcement device may be deployed at the remote access entry points (Figure 3-16).

Figure 3-16 Remote access protection

The policy enforcement points can vary, depending on which section of the enterprise the organization would like to enforce compliance. The physical locations of posture enforcement points depend on the organization’s network and security architecture.

3.5 Conclusion

The IBM Integrated Security Solution for Cisco Networks is an integration of products from IBM and Cisco. New components have been added to each of the individual product sets so they can work in unison. The components in this chapter have been described with integration being the prime objective. Some of the components can perform other functions not mentioned here. This chapter has dealt with the various logical and physical components that make up the IBM Integrated Security Solution for Cisco Networks. A logical data flow has been provided to show how the various components communicate and deliver the desired result of policy compliance validation and remediation.

74Building a Network Access Control Solution with IBM Tivoli and Cisco Systems