Manuals / IBM / Computer Equipment / Network Card

IBM Tivoli and Cisco manual Posture token, Acs

Models: Tivoli and Cisco

1 516
Download 516 pages 58.69 Kb
Page 128
Image 128

focus on how our posture policy, as established by the Tivoli Security Compliance Manager, interrelates with the Cisco Secure Access Control Server and how its associated polices form an interlocked security solution (Figure 5-12).

ACS

Policy

ACS evaluates client status

y What is health status of workstation? y What are the permissions for that

particular health status?

ACS

SCM

Policy

Workstation

Client Sends posture status

Policy Version

Violation Count

Network

Resources

Network Access

Device

Figure 5-12 Simplified policy interrelations

Posture token

For all of the moving parts and pieces, at the time of this writing1, only two pieces of posture status information are transmitted from the Security Compliance Manager posture client to the network:

￿The version of the posture policy the client is running. This parameter is a string value and is established at the time of policy collection. We set this value in “Establishing the policy collector parameters” on page 104.

￿The violation count, which is the total sum of all violations found by the posture collector policies assigned to the client.

1Enhancements may be seen in future releases, including finer-grained posture data transmission.

110Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

Page 127 Page 129
Page 128
Image 128
IBM Tivoli and Cisco manual Posture token, Acs
Page 127 Page 129