IBM plans to release updates to two products that tighten integration between its Tivoli product and Cisco Systems's Network Admission Control (NAC) technology, according to a statement from the company.
Tivoli Security Compliance Manager version 5.1 and Tivoli Provisioning Manager version 2.1 have new "autonomic" features that will reduce the damage and disruption to businesses caused by viruses, worms and vulnerable software. Both products will now integrate with Cisco's Secure Access Control Server (ACS), allowing organizations to deny network access to insecure or virus-infected systems, IBM said.
Compliance Manager is software that can inspect devices attempting to connect to a network, flagging systems that do not adhere to corporate security policy. The product can assess issues such as whether antivirus software is up to date, or the computer operating system is running the latest software patches. That information can now be used by Cisco's ACS to quarantine machines deemed insecure, said Ric Telford, director of architecture and development in IBM's Autonomic Computing group.
Provisioning Manager allows administrators to fix noncompliant devices to conform to security policies. Administrators can use workflow features in Provisioning Manager to automate tasks such as installing operating system or antivirus software updates, IBM said.
The release of new versions of Compliance Manager and Provisioning Manager delivers on a promise made by both companies in February, when they announced a "global security initiative" to improve the security of network infrastructure. IBM promised to join the NAC program and begin working on a software agent that will tie Tivoli to ACS. In October, the companies announced the updates to Compliance Manager and Provisioning Manager, which are now available to the public.
"These products will ensure compliance of devices as they come onto the network and allow remediation if devices are not in compliance," Telford said. "This release closes the loop of security problem detection and remediation automatically and limits the need for human intervention," he said.
Cisco has steadily built support for NAC with security software vendors of all stripes in recent months. Companies such as McAfee, Trend Micro and Computer Associates International already offer NAC-compliant products.
On Monday, security vendors StillSecure and WholeSecurity said they would join the NAC Program. Network security vendor StillSecure said it will integrate its Safe Access endpoint security compliance solution with NAC components such as the Cisco Trust Agent and Cisco Secure Access Control Server. WholeSecurity, which makes behavior-based threat detection technology for servers and PCs, said that its Enterprise Edition Always-On product will be integrated into NAC.