IBM Tivoli and Cisco Network Card User Manual

Open as PDF

of 516

Chapter 2. Architecting the solution 25

This requirement can be fulfilled by providing each user with a unique identity

and verifying it even before the posture condition of a client is checked. This

process was standarized with the IEEE 802.1x protocol, and IBM provides the

solution to facilitate it. IBM Tivoli Identity Manager delivers a flexible provisioning

engine to create and manage user accounts on the Secure Access Control

Server. For more information, contact your IBM representative.

Remediation process

The remediation process, either HTML-assisted or automated, is an integral part

of the IBM Integrated Security Solution for Cisco Networks. The role of this

process is to provide the noncompliant client with a means to become compliant

again and thus providing access to the network.

The remediation process is facilitated by the following components:

 Remediation handler

The

remediation handler initiates the remediation process. It receives the list

of noncompliant settings from the compliance client, then asks the

remediation server to provide the new software or the correct settings as

required by the security policy. In the presented solution, each compliance

check performed by the compliance agent is associated with a related

remediation object that is capable of correcting the client posture if it is not

compliant.

 Remediation server

The

remediation server provides the approved compliant settings templates

for the clients. It listens to the clients’ requests and responds to them. The

response may include a number of elements, for example:

– Installing the software package on the client

– Starting or stopping a service on the client

– Changing software settings on the client

 Remediation object

The

remediation object includes the required software and scripts required for

the client to become compliant again. For example, the object for recovering

from an outdated virus definition file would include the new virus definition file

and would automatically install it.

Depending on the conditions and security policy requirements, objects can be

more or less complex.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

IBM Tivoli and Cisco Network Card User Manual