While editing our policy in 6.2, “Configuration of the compliance policies” on page 152, we have defined the following workflow names to be used for automated remediation:

￿TCRNavScan

￿TCRNavVirusDefUpdate

￿TCRNavSoftwareInstalled

￿TCRMSPatchesInstallWinXP

￿TCRMSServicePackInstallWinXpSp2

￿TCRZLSoftwareInstalled

￿TCRZLSoftwareRunning

￿TCRMessengerDisabled

For each of them there must be a remediation package defined and published on the Tivoli Configuration Manager Web Gateway server.

Below we describe how to build all of the packages, one by one.

TCRNavScan workflow

The TCRNavScan workflow was defined in the SCAN_WF parameter in the Symantec Antivirus policy to be used when the compliance check generated a FAIL or WARNING status. The purpose of the workflow is to initiate the Symantec Antivirus scan. In this case, for simplicity’s sake, the workflow will only instruct the user on how to initiate the scan using the graphical user interface.

Assuming the above, the software package block we must build is very simple. It will contain a Visual Basic® script that pops up a window with the instructions for the user.

The steps to create and publish the TCRNavScan remediation package using the sputil.sh utility are:

1.Open a command prompt, import the environment variables for the Tivoli Framework, and start bash. Then create a directory for the workflow files. To do this issue the following commands:

cmd /k %SystemRoot%\system32\drivers\etc\Tivoli\setup_env.cmd bash

cd $BINDIR/tcmremed/download mkdir TCRNavScan

cd TCRNavScan

418Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

Page 436
Image 436
IBM Tivoli and Cisco manual TCRNavScan workflow