At the show, the companies will demonstrate that Mirage's NAC gear can report to and be managed by IBM Internet Security Systems (ISS) management software. The alliance calls for integrating Mirage's Endpoint Control appliances with IBM ISS's Proventia Management Site Protector platform.
The offering is designed for customers with heterogeneous networks who want to manage network access control (NAC) and other network features from a single platform. Current customers of IBM ISS's management platform could add NAC capabilities to their networks by buying a Site-Protector-enabled Endpoint Control box from Mirage.
Expect more such alliances between NAC vendors and vendors of other network gear, says Mounil Patel, vice president of information management and security for Aberdeen Group. "We'll see more big players [like IBM] come around and adopt partners for NAC," he says.
With these alliances, customers can get more complete and automated network security, he says. For instance, in the future a network management platform with hooks into NAC gear and patch management gear could automatically update desktops that the NAC gear discovered to be patched incorrectly, Patel says. Such an arrangement would be useful in cases where the NAC vendor's gear doesn't interoperate directly with the patch-management gear, he says.
He also says it is a way to leverage existing gear when adding NAC to a network. Many businesses are leery of deploying NAC because they fear it means paying for a network overhaul, Patel says.
When an ISS-enabled Mirage box is added to a network that uses Site Protector, the box automatically registers to be managed by Site Protector.
The Mirage appliance detects devices trying to access the network, challenges them and runs the results of the challenge through its policy engine to decide whether to grant entry. With the ISS integration, data about this interaction is fed to Site Protector.
Once on the network, devices are monitored to make sure they don't break policies such as threat rules or policy violations such as starting up a peer-to-peer network.
Security and network operations people can view the activity of the Mirage appliances via Site Protector. If they see a device go into an insecure mode because of some configuration change while on the network, for instance, Site Protector administrators can drill down into the Mirage-supplied data to find out more. If no automated response was triggered within Mirage to block the device, an administrator can block it by hand via Site Protector if the change is deemed a risk.
Mirage says its Site-Protector-enabled appliances will sell for more than those that are not, but pricing has not been set yet.
Learn more about this topicMirage updates network gear
02/06/06Security appliances should not be in-line rather than out of band
01/29/07ISS founder on IBM and beyond