Filter
Top Products
Chapter 2. Architecting the solution 19
Tivoli Configuration Manager
IBM Tivoli Configuration Manager automates the manual provisioning and
deployment process.
Tivoli Configuration Manager provides an automated software and patch
distribution solution that can also run pre-built scripts on a client, essentially
enabling the Tivoli Configuration Manager solution to install any conceivable
software product on a client as well as change a client’s local settings and state.
This functionality is used to provide the noncompliant workstation with the correct
software and settings using reusable remediation objects.
These remediation objects can be triggered automatically after a client has been
tagged noncompliant by the Security Compliance Manager client policy
evaluation process. This can help an individual client regain its compliance status
and access to the production network without manual interaction and within an
acceptable time frame.
A Tivoli Configuration Manager administrator must pre-define all of the objects
necessary to remediate a noncompliant condition on a client. More information
about Tivoli Configuration Manager can be found in the Deployment Guide
Series: IBM Tivoli Configuration Manager, SG24-6454.
More details of each subsystem and its logical components can be found in
Chapter 3, “Component structure” on page 39.
2.1.2 Architectural terminology
In this section we provide a brief introduction of the terms related to the solution
described in this book, as illustrated in Figure 2-1 on page 14.
Security policy
A security policy, as implemented in Security Compliance Manager, is a
collection of compliance objects or queries. A security policy defines what data
has to be collected on the client (collectors and parameters) and the default
schedule for gathering this data. Security policies can be applied to one or more
client groups. The security policy uses a version attribute, which is required for
the IBM Integrated Security Solution for Cisco Networks. Read more about these
attributes in “Establishing the policy collector parameters” on page 104.
Compliance query
A compliance query, or compliance object, is a single check defined to verify one
particular aspect of the enterprise security policy. Security Compliance Manager
compliance objects are SQL queries extracting data from one or more collector