IBM Tivoli and Cisco manual Conclusion

EAR file. This application must be installed on the same WebSphere Application Server as the Web Gateway component.

Remediation handler

In the current release of the solution, the remediation handler is delivered in the form of the Security Compliance Manger collector JAR file and is automatically downloaded to the client workstation together with the compliance policy. See 8.1, “Automated remediation enablement” on page 357, for more detailed configuration information.

5.4 Conclusion

In this chapter we described how the business objectives are combined with the pain points to drive a set of functional requirements. We then explored the functional requirements to effectively map them to a technology solution.

Compliance-based Network Admission Control is still an emerging technology that brings with it a huge paradigm shift in network security management. There are three main parts outlined in this chapter. In part one, the security compliance infrastructure is established, allowing the workstations to be validated against a desktop security policy checking on password quality, unauthorized Windows services, antivirus statistics, personal firewall status, and installed hotfixes. In Part 2, “Customer environment” on page 75, the Network Admission Control technology is utilized for user authorization and limiting the network access for noncompliant clients. In Part 3, “Appendixes” on page 439, we provide the infrastructure for automatic remediation of noncompliant systems before they are admitted to the secure network.

In the chapters that follow we provide detailed installation and configuration walkthroughs. These walkthroughs drill down further into the specifics, such as installing and configuring the server components, the client components, and the automatic remediation subsystem.

Chapter 5. Solution design 123