Table of Contents
Advertisement
Remote access protection
Remote access users use dial-up or VPN to connect to corporate resources. To
enforce these users to comply to the corporate policies, a policy enforcement
device may be deployed at the remote access entry points (Figure 3-16).
Figure 3-16 Remote access protection
The policy enforcement points can vary, depending on which section of the
enterprise the organization would like to enforce compliance. The physical
locations of posture enforcement points depend on the organization's network
and security architecture.
3.5 Conclusion
The IBM Integrated Security Solution for Cisco Networks is an integration of
products from IBM and Cisco. New components have been added to each of the
individual product sets so they can work in unison. The components in this
chapter have been described with integration being the prime objective. Some of
the components can perform other functions not mentioned here. This chapter
has dealt with the various logical and physical components that make up the IBM
Integrated Security Solution for Cisco Networks. A logical data flow has been
provided to show how the various components communicate and deliver the
desired result of policy compliance validation and remediation.
74
Building a Network Access Control Solution with IBM Tivoli and Cisco Systems
Remote Access Protection
A A A
A A A
A A A
Internet
Corporate
Network
Legacy VPN
Concentrators
Mobile
Users
Posture Enforcement
Points
Router
VPN
Concentrator
Advertisement
Table of Contents
