To import Security Compliance Manager attributes, perform the following steps:

1.Copy the Security Compliance Manager attributes definition file to a directory accessible to the Cisco Secure ACS. Example 7-1shows the content of the Security Compliance Manager attribute definition file for information purposes. We strongly urge you not to modify this file.

Example 7-1 Security Compliance Manager attributes

[attr#0] vendor-id=2

vendor-name=IBM Corporation application-id=50 application-name=SCM attribute-id=00020 attribute-name=Policy Version attribute-profile=in out attribute-type=string [attr#1]

vendor-id=2 vendor-name=IBM Corporation application-id=50 application-name=SCM attribute-id=00021 attribute-name=Violation count attribute-profile=in out attribute-type=unsigned integer [attr#2]

vendor-id=2 vendor-name=IBM Corporation application-id=50 application-name=SCM attribute-id=00010 attribute-name=Action attribute-profile=out attribute-type=String

2.Open a command prompt and change to the directory containing CSUtil.exe. If you install Cisco Secure ACS in the default location, the CSUtil.exe is located in the C:\Program Files\CiscoSecure ACS v4.0\Utils directory.

3.Add the Security Compliance Manager attributes to ACS by running: csutil.exe -addavp filename

224Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

Page 241 Page 243
Page 242
Image 242
IBM Tivoli and Cisco manual Example 7-1 Security Compliance Manager attributes
Page 241 Page 243
Top Page Image Contents