computerwoche.de

Archiv

Novell, Honeywell team on physical-IT security

02.02.2007
Novell and Honeywell are planning to announce the fruits of a project to link physical and logical access products from the two companies, offering government agencies and large enterprises a way to tie building and network access privileges together seamlessly, according executives from the two companies.

The two companies plan to announce software updates and new products that are part of the solution in February, said Beth Thomas product manager for Honeywell's Smart Plus platform. The integration is Federal Information Processing Standards Publication 201 (FIPS 201) compliant and the first such effort by Novell to work with a physical access security vendor.

The news comes as companies look for ways to tap into a fast-growing market for integrated physical and logical control systems mandated by Homeland Security Presidential Directive 12 (HSPD-12).

In February, Honeywell will release a new version of its ProWatch access control system and Smart Plus, a server that provides a Web services interface to Honeywell's physical access products. Novell released an update to its Identity Assurance identity management product in December, adding connectors to facilitate integration with physical access systems. The company will add more workflows and XML signing capabilities to the product in April to assist convergence, said Baber Amin, Novell's senior product manager for security and identity.

The technology partnership, which was announced in October, will allow customers using products from both companies to link user credentials from data stores and user provisioning systems such as PeopleSoft through Novell's Identity Assurance product to Honeywell's ProWatch, so that physical access to buildings and rooms is linked closely with logical access to computers and network resources. Similarly, actions to revoke an employee's physical access in ProWatch can be used to trigger automated network deprovisioning on the logical side, Amin said.

The integrated solution provides a partial answer to a vexing problem within enterprises, where physical security and logical security are often managed by different groups with little overall coordination. Many times that means that employees or contractors who are denied building access on their last day of work continue to enjoy remote access to network resources days or even weeks later, Amin said.