beautypg.com

2 policy collector, Posture collector parameters – IBM Tivoli and Cisco User Manual

Page 172

background image

154

Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

The status of a posture element can be one of the following:

PASS

The data collection was successful, and the security
posture of the selected item matches the required value.

FAIL

The data collection was successful, but the detected
value indicates that the client is noncompliant and
remediation

must

be performed.

ERROR

The data collection failed or an internal error occurred.

WARN

The data collection was successful, but the detected
value indicates that the client is not optimally compliant
and remediation

is recommended

.

When the posture collector sends data to the Tivoli Security Compliance
Manager server, the contents of the posture item are stored in the posture status
table associated with the posture collector in the database.

Posture collector parameters

Posture collector parameters are generally required and indicate what data
values should be checked, and what remediation should occur if a
noncompliance is found. Parameters are of one of two types:

Operational

Operational parameters are used to make a determination
regarding a client system’s security posture. For example,
an operational parameter might indicate the required
software version, or the required frequency of virus scans,
or the maximum password age. If an operational
parameter is not specified, the posture collector does not
check the security posture represented by that parameter
and indicates a warning in the corresponding posture
element.

Workflow

Workflow parameters are used for remediation purposes,
and their names generally end with a _WF suffix. If a
specific security posture check fails, the information
provided by the workflow parameter is used to remedy the
problem identified.

6.2.2 Policy collector

The com.ibm.scm.nac.posture.PolicyCollector.jar collector (or policy collector, for
short) running on the client uses the information that is collected by the posture
collectors to make a security posture policy decision without contacting the Tivoli
Security Compliance Manager server. If a posture element returned by a posture
collector indicates a violation, the policy collector can communicate that
information, along with any associated remediation workflow information, to the

See also other documents in the category IBM Hardware: