Tcrnavscan workflow – IBM Tivoli and Cisco User Manual

418

Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

While editing our policy in 6.2, “Configuration of the compliance policies” on
page 152, we have defined the following workflow names to be used for
automated remediation:

TCRNavScan
TCRNavVirusDefUpdate
TCRNavSoftwareInstalled
TCRMSPatchesInstallWinXP
TCRMSServicePackInstallWinXpSp2
TCRZLSoftwareInstalled
TCRZLSoftwareRunning
TCRMessengerDisabled

For each of them there must be a remediation package defined and published on
the Tivoli Configuration Manager Web Gateway server.

Below we describe how to build all of the packages, one by one.

TCRNavScan workflow

The

TCRNavScan

workflow was defined in the SCAN_WF parameter in the

Symantec Antivirus policy to be used when the compliance check generated a
FAIL or WARNING status. The purpose of the workflow is to initiate the
Symantec Antivirus scan. In this case, for simplicity’s sake, the workflow will only
instruct the user on how to initiate the scan using the graphical user interface.

Assuming the above, the software package block we must build is very simple. It
will contain a Visual Basic® script that pops up a window with the instructions for
the user.

The steps to create and publish the TCRNavScan remediation package using the
sputil.sh utility are:

1. Open a command prompt, import the environment variables for the Tivoli

Framework, and start bash. Then create a directory for the workflow files. To
do this issue the following commands:

cmd /k %SystemRoot%\system32\drivers\etc\Tivoli\setup_env.cmd
bash
cd $BINDIR/tcmremed/download
mkdir TCRNavScan
cd TCRNavScan