Filter
Top Products
50 Building a Network Access Control Solution with IBM Tivoli and Cisco Systems
In the IBM Integrated Security Solution for Cisco Networks, the collector is called
a
posture collector. A posture collector consists of posture data collection and
posture status determination. The posture data collection part of a posture
collector is the same as in a regular Security Compliance Manager collector, but
the posture status determination part of a posture collector is an extension to the
standard model. A posture collector determines the client posture status by
checking or comparing a
collected value with a required value. The required
posture data value, which is part of the collector, is inserted into the collector by
editing collector parameters while creating a collector on the Security
Compliance Manager server.
If required posture data values are null in the parameters, the posture
determination part is not executed. Each posture collector stores into the posture
cache:
Collected posture data
Posture status, which is from the set {PASS, FAIL, WARN, ERROR}
Optional posture messages
Zero or more remediation actions
The posture collector also contains appropriate information to be used in order to
remediate any compliance violations.
A posture collector can be called by the Security Compliance Manager server or
by the policy collector on the client, or it can be scheduled.
Policy collector
After a posture collector collects all required information from the client system,
the policy collector counts the number of posture collector results that show
noncompliance; this result forms the
violation count. The violation count and the
policy collector’s version information together form the
posture credentials. The
policy collector also receives back the client’s posture that is evaluated by the
posture validation server (ACS). Depending on the client’s posture status, the
policy collector calls the default
remediation handler to present information about
noncompliant items on the client system to the end user.
Note: Organizations having Security Compliance Manager deployed can use
Security Compliance Manager collectors and posture collectors at the same
time, but only posture collectors can trigger posture violations and hence
trigger NAC enforcement. To enforce a compliance policy before a client
connects to the enterprise network, posture collectors have to be deployed
using the IBM Integrated Security Solution for Cisco Networks.