Industry giants Cisco and IBM have announced that they will work together to help firms address the security issues caused by integrating multiple security products and services.

Their two main aims are to offer more effective ways to stop external threats such as hackers, viruses and worms; and to give better control in situations where customers, staff and business partners are accessing each other's internal data and applications.

IBM joined Cisco's Network Admission Control (NAC) programme on the day of the announcement and said its Tivoli Identity Manager agent for Cisco's Secure Access Control Server will be available in March, allowing the identities of firms' customers, employees and business partners to be managed more effectively across a wide range of networked business applications.

Other pieces to provide a broader security system are already available. IBM's hardware Embedded Security Subsystem, available on Thinkpads and ThinkCentre desktops, already integrates with Cisco's virtual private network (VPN) client, and the Cisco Security Agent is available on these systems and will be available on the eServer xSeries range.

IBM spokesman Peter Jopling said, "Cisco is number one in VPNs, firewalls and network security and IBM is number one in identity management and security services. This is a powerful combination which gives clarity for dealing with internal and external security issues and ties into the [IBM] on-demand [computing] strategy."

Using the two firms' technologies, an outside user connecting to a network would follow a two-step process. First they would set up a VPN, with encrypted passwords and certificates stored on IBM's security hardware, and then they would be authenticated by Cisco's Network Admin Control.

Cisco spokesman Phil Dean said, "The idea behind this is that if something tries to connect to the network a number of things can be checked. Are the virus signatures up to date? Are there any patches that need to be applied? And ultimately are the correct revision levels present for any software that is to be used over the network."

Dean added, "If there is a problem then options are available to totally block the device, to put it in a quarantine mode with limited access, or in remediation mode where it can access a server to download the correct updates."

The locking, quarantine and remediation options will be based on customers' pre-defined security policies and checked by Tivoli's Identity Manager software. Apart from speeding up employees' access to specific applications and the network, this system can also reduce common security risks such as invalid user accounts, which could otherwise lead to identity data and critical business data being exposed.