Manuals / IBM / Computer Equipment / Network Card

IBM Tivoli and Cisco manual Remediation server, Posture cache, Posture plug-in

Models: Tivoli and Cisco

1 516
Download 516 pages 58.69 Kb
Page 69
Image 69

Posture cache

This component provides the caching area where posture collectors store the results of posture determination in a temporary file. The policy collector refers to the information captured in the posture cache for determining the violation count.

Posture plug-in

Posture plug-ins are the means by which the Cisco Trust Agent requests and receives security posture information from NAC-compliant applications installed on the system.

Default remediation handler

The default remediation handler provides a graphical interface for displaying the compliance posture data and a method for reinitiating the compliance scanning process. The default remediation handler supports the passing of noncompliance data and remediation request data to the remediation client.

3.1.3 Remediation

The compliance component identifies and reports policy violations. To make the client productive again, these violations must be mapped to corresponding corrective actions that are provided through a remediation subsystem. This remediation subsystem provides a set of software and configuration management capabilities that an enterprise can leverage to centrally manage and automate the remediation process for noncompliant endpoints.

The remediation subsystem consists of a remediation server and the remediation client.

Remediation server

IBM Tivoli Configuration Manager can automate the manual tasks of installing software and updating configurations on endpoints. It enables an enterprise to centrally manage and automate software and configuration for endpoints.

For our solution, Tivoli Configuration Manager helps automate the remediation of noncompliant endpoints by installing required software updates or correcting configuration issues. Its remediation capabilities include software levels, typically operating system levels and fix packs, patch levels, virus and firewall updates, last virus scans history, password strength and history, and policy level.

Outside the IBM Integrated Security Solution for Cisco Networks environment, Tivoli Configuration Manager uses the Tivoli Framework to monitor software

levels on clients, manage remediation content in self-installing objects, and perform a number of other functions. In the IBM Integrated Security Solution for Cisco Networks, requests for the required corrections are initiated by the client,

Chapter 3. Component structure 51

Page 68 Page 70
Page 69
Image 69
IBM Tivoli and Cisco manual Remediation server, Posture cache, Posture plug-in, Default remediation handler
Page 68 Page 70