IBM Tivoli and Cisco manual Reqrunning, Servicerunningwf, Reqdisabled, Servicedisabledwf

To configure the policy with the right service name check it in the Services window on the client workstation and then enter the exact value on the REQ_SERVICE tab. In our lab we will check for TrueVector Internet Monitor, which is the name of the service for the ZoneAlarm personal firewall. As we want this service to be running the value of REQ_RUNNING must be set to 1.

Do not change the name of the workflow on the SERVICE_RUNNING_WF tab unless you have changed the service name (in case you are checking for a different firewall). In this second case you will need to change the name of the workflow on the Tivoli Configuration Manager server accordingly.

The ZoneAlarm firewall requires high security on the service access, so usually this service cannot be disabled by the end user, so we will not specify any values for the REQ_DISABLED and SERVICE_DISABLED_WF fields. The summary of the settings for this policy is presented below:

–SERVICE_REQ equal to TrueVector Internet Monitor

–REQ_RUNNING equal to 1

178Building a Network Access Control Solution with IBM Tivoli and Cisco Systems