Manuals / IBM / Computer Equipment / Network Card

IBM Tivoli and Cisco manual Compliance User Interface, Remediation handler

Models: Tivoli and Cisco

1 516
Download 516 pages 58.69 Kb
Page 38
Image 38

tables that contain data gathered by the collectors. In a generic Security Compliance Manager deployment, the compliance queries are evaluated on the server, but with NAC-enabled clients using new posture collectors they can also be evaluated on the client. A compliance query is written to return a list of policy violations.

The results of the compliance queries associated with a particular policy can be

used on the Security Compliance Manager server to provide a current picture, or snapshot, of the level of compliance for all clients in a client group. The results of

the compliance queries evaluated locally on the client are passed as a posture status. They define the client’s compliance status.

Compliance User Interface

When a client is found to be out of compliance, the Tivoli Security Compliance Manager Client opens a window that notifies the user of the violation and provides a means to invoke the remediation process. This user interface includes a functional Web browser that supports customized HTML content that can assist the user in remediating. In addition, if an automated remediation handler is installed, a button to start automated remediation is presented to the user.

Remediation handler

A remediation handler performs the functions of communicating with the remediation server to download remediation content, installing downloaded content and providing respective notification to the user.

Network Admission Control process

The following are the conceptual steps of the Network Admission Control process. Figure 2-3 on page 21 displays the result of what happens to compliant, noncompliant, and clientless devices.

￿A user tries to connect (remotely or locally) to the corporate network.

￿A Network Access Device (NAD) challenges the client for compliance posture information.

￿The Security Compliance Manager policy-enabled client communicates with the NAC system.

￿The NAC system validates the client’s health (posture) based on predefined rules.

￿The NAC system either admits the client to the network if it complies with all of the policies or quarantines the client, allowing access only to a remediation network if the client is not complying with the policies.

20Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

Page 37 Page 39
Page 38
Image 38
IBM Tivoli and Cisco manual Compliance User Interface, Remediation handler, Network Admission Control process
Page 37 Page 39