IBM Tivoli and Cisco manual Company profile

4.1 Company profile

Armando Brothers Banking Corporation (ABBC) is a fictional financial institution that traces its roots back to the early days of industrialization. During a time of radical change and growing financing needs, the Armando brothers founded a bank situated in the pioneer town of Waterloo — now known as Austin, Texas. In the early years, ABBC helped many entrepreneurial pioneers finance their business ventures. In part due to their history of progressive management, as well as their diligent awareness of emerging technologies, ABBC developed an ability to rapidly expand and open branches throughout the state, the nation, and ultimately the world. As the 20th century drew to a close, ABBC was an early adopter of electronic banking technologies; they were among the first banks offering their customers online account access. Today ABBC is one of the dominant players in the highly competitive realm of worldwide finance.

ABBC is keenly aware that providing increased electronic access for its customers requires ever-increasing security measures to protect its electronic assets. Currently ABBC is leveraging the existing IBM product solutions of the IBM Tivoli Identity Manager and the IBM Tivoli Access Manager to manage and enforce its authentication and authorization policies. Like many companies, ABBC has found that traditional hacker attempts to gain unauthorized access are only part of the security threat factor. In today’s environment network, worms, trojans, and viruses pose an equally tangible threat. ABBC is aware that more than 90% of security attacks exploit known security flaws for which a patch is available or a preventive measure is known. ABBC is further challenged by compliance legislation such as the Gramm-Leach-Bliley Act (GLBA) and the Sarbanes-Oxley Act (SOX), as are many companies. To assist with both threat mitigation and management of business policy compliance issues, ABBC has adopted the IBM Security Compliance Manager product.

The inclusion of the IBM Security Compliance Manager product enables ABBC to reap a quick return on investment by automating and centralizing security compliance monitoring. Previously ABBC limited the use of the IBM Security Compliance Manager product to their servers. In the current project, ABBC will extend the use of the IBM Security Compliance Manger product to its workstations. Following workstation client deployment, they will embark on the next logical step: integrating their existing IBM Security Compliance Manager infrastructure with the Cisco-sponsored Network Admission Control program.

ABBC decided also to enhance the scope of the project by employing Tivoli Configuration Manager software currently used by the operations department to provide the users with help in keeping their workstation compliant with the corporate security policy.

78Building a Network Access Control Solution with IBM Tivoli and Cisco Systems