Filter
Top Products
Appendix A. Hints and tips 459
A high-level overview of this design is depicted in Figure 8-42.
Figure 8-42 High-level overview
Integration components
The following components are to be considered prototypes for use in labs,
demos, training classes, and similar purposes. They are implemented in an
insecure manner to allow interested parties to better understand how this
integration works.
NAC Appliance Agent
This specially built agent is customized to run the TSCMAgent.bat file whenever
the required compliance state is not met on the client. When the production
version of this file is delivered, it will not run a .bat file, but will require a signed
executable.
NAC Appliance
Client
Start
Authentication
(TSCM Client Running) &&
(Compliance Semaphore File
Exists)?
No
Yes
Start
TSCMAgent.bat
file
Directive
Allow Host into production
network
TSCM Client
Rescan all posture
collectors
Check for violations
If Violations exist, terminate
client’s session and handle
interface with remediation
solution
If no violations exist, create
Compliance Semaphore
File.
User can now request
network to rescan*
TSCMAgent.bat
Start TSCM Client service
Direct TSCM Client to
rescan
Wait for user to
request rescan*
Scheduler
Direct TSCM
Client to rescan at
regular intervals