1 architecture overview – IBM Tivoli and Cisco User Manual

14

Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

2.1 Solution architectures, design, and methodologies

Our objective for this chapter is not to discuss any general approach for
architecting a security solution; however, we follow the IBM Method for
Architecting Secure Solutions (MASS), which is closely aligned with the Common
Criteria objectives. IBM MASS uses a systematic approach for defining,
modeling, and documenting security functions within a structured design process
in order to facilitate greater trust in the operation of resulting IT solutions. More
information about MASS may be found in the IBM Redbook Enterprise Security
Architecture Using IBM Tivoli Security Solutions, SG24-6014.

2.1.1 Architecture overview

The IBM Integrated Security Solution for Cisco Networks involves several
products and components from IBM and Cisco Systems. In this section, we
present an overview of the solution and define some of the terms used in
subsequent sections and chapters.

Figure 2-1 IBM Integrated Security Solution for Cisco Network components overview

Network

Admission

Control

Posture

Validation

Server

Policy

Enforcement

Device

Admission Control

Client

Compliance

Compliance

Server

Compliance Client

(Posture plug-in)

Remediation

Remediation

Server

Remediation

Client