IBM Tivoli and Cisco manual TCRZLSoftwareRunning

workflows installing or uninstalling software should use silent mode whenever possible.

TCRZLSoftwareRunning

The TCRZLSoftwareRunning workflow was defined in the

SERVICE_RUNNING_WF parameter in the ZoneAlarm Software Active policy to be used when the compliance check generated a FAIL or WARNING status. This is one of the two workflow types called by the nac.win.any.services.PostureService collector. It is executed during the remediation of the violation when a service that should be running is stopped.

To build the remediation package:

1.Open a command prompt, import the environment variables for the Tivoli Framework, and start bash. Then create the directory for the workflow files. To do this issue the following commands:

cmd /k %SystemRoot%\system32\drivers\etc\Tivoli\setup_env.cmd bash

cd $BINDIR/tcmremed/download mkdir TCRZLSoftwareRunning cd TCRZLSoftwareRunning

2.Create the very simple Windows batch file named startupTrueVectorService.bat, which contains only one line, as shown below:

net start “TrueVector Internet Monitor”

Copy this batch file to the TCRZLSoftwareRunning directory.

3.Create the configuration file for the sputil.sh utility containing the instructions about how to build the package. Copy the Sample.properties file from the sample_TCRZLSoftwareRunning directory to the TCRZLSoftwareRunning directory and edit it with the text editor to match the content specified in Example 8-15.

Example 8-15 Sample.properties file for TCRZLSoftwareRunning workflow

WorkflowName=TCRZLSoftwareRunning

CorequisiteFilesFlag=true

SourceFilename.arrayLength=1

ExeArg.arrayLength=1

SourceFilename[0]=startupTrueVectorService.bat

ExeArg[0].arrayLength=0

TmfWebUIEndpoint=tcmweb

434Building a Network Access Control Solution with IBM Tivoli and Cisco Systems