Filter
Top Products
178 Building a Network Access Control Solution with IBM Tivoli and Cisco Systems
To configure the policy with the right service name check it in the Services
window on the client workstation and then enter the exact value on the
REQ_SERVICE tab. In our lab we will check for TrueVector Internet
Monitor, which is the name of the service for the ZoneAlarm personal firewall.
As we want this service to be running the value of REQ_RUNNING must be
set to 1.
Do not change the name of the workflow on the SERVICE_RUNNING_WF
tab unless you have changed the service name (in case you are checking for
a different firewall). In this second case you will need to change the name of
the workflow on the Tivoli Configuration Manager server accordingly.
The ZoneAlarm firewall requires high security on the service access, so
usually this service cannot be disabled by the end user, so we will not specify
any values for the REQ_DISABLED and SERVICE_DISABLED_WF fields.
The summary of the settings for this policy is presented below:
– SERVICE_REQ equal to TrueVector Internet Monitor
– REQ_RUNNING equal to 1
REQ_RUNNING Operational A Boolean parameter used to
indicate that the services listed in
the REQ_SERVICE parameter
must be running. A true value (1)
indicates that the service must be
running. A false value (0) indicates
that the service must not be
running. All other values are
ignored.
SERVICE_RUNNING_WF Workflow The workflow used if the
REQ_RUNNING check fails.
REQ_DISABLED Operational A Boolean parameter used to
indicate that the services listed in
the REQ_SERVICE parameter
must have their startup mode set to
disabled. A true value (1) indicates
that the service must have its
startup mode set to disabled. A false
value (0) indicates the service must
not have its startup mode set to
disabled. All other values are
ignored.
SERVICE_DISABLED_WF Workflow The workflow used if the
REQ_DISABLED check fails.
Parameter name Parameter type Description