IBM Tivoli and Cisco Network Card User Manual

Open as PDF

of 516

18 Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

Port details and communication flows between Security Compliance Manager

server and client can be found in “Security Compliance Manager server and

client” on page 450.

Details of the activities performed by server and client include:

 Security Compliance Manager server

– Provides an interface for defining complex policies that specify conditions

that should exist on a client.

– Manages

when the security compliance data is collected and which clients

collect what kind of data using the data collection components.

– Determines

what security compliance data is collected, and how to

interpret the data using the compliance management components.

– Stores the security compliance data received from the clients in a central

database and provides the available data to users through the

administration console and administration commands.

– Provides security violation details as a basis for the compliance report

components.

 Security Compliance Manager client

– Collects information about its environment required to assess compliance

with the security policy at a predefined schedule. Using different

collectors, this data is sent back to the Security Compliance Manager

server. With new

posture collectors introduced with Security Compliance

Manager Fix Pack 2, the data is stored locally in a posture cache.

– If enabled for NAC, the client performs a local compliance assessment

using the security policy based on the data from the posture cache. It then

provides the posture assessment data to the Cisco Trust Agent via posture

plug-in for further processing.

– Receives the network admission decision from either the Cisco Secure

Access Control Server (ACS) via Cisco Trust Agent (in case of using the

NAC Framework solution) or the Clean Access Server (CAS) via the Clean

Access Agent (in case of using the NAC Appliance solution) and presents

current status information using a GUI. It displays the compliance status

and posture data, and enables re-initiating the compliance scanning

process.

– On user request, it can initiate an automated remediation process.

More information about Tivoli Security Compliance Manager can be found in the

IBM Redbook Deployment Guide Series: IBM Tivoli Security Compliance

Manager, SG24-6450.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

IBM Tivoli and Cisco Network Card User Manual