Security compliance manager server and client, Tivoli security compliance manager server, Scm push client – IBM Tivoli and Cisco User Manual

450

Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

collectors, at which time any state changes affected by the remediation process
will be discovered. The next time the network polls for StatusChange, it will
receive a

true

response and will request the new posture data to evaluate

against the existing policy.

Details about this process can be found in the Security Compliance Manager
Client’s client.log file and several log files on the Web Gateway, including the
HTTP Server component’s access.log and the application-specific logs on the
WebSphere Application Server.

Security Compliance Manager server and client

Figure A-5 illustrates Tivoli Security Compliance Manager client/server
communication and the interaction between the server and client and associated
TCP port numbers.

Figure A-5 Communication port usage in Security Compliance Manager server and client

Figure A-5 shows the default port usage for Tivoli Security Compliance Manager.
The direction of the arrows in the diagram indicate the initiator of the
communication. For example, communication from the server to a push client is
initiated by the server on port 1950. Similarly, communication from a push client
to the server is initiated by the client on port 1951.

Tivoli Security Compliance Manager Server

Jlog

(local only)

TCP 1952

Push Client

TCP 1951

Java RMI to

Administration Utilities

TCP 1955

SCM Push Client

Jlog

(local only)

TCP 1953

Server to Client

TCP 1950

Administration console

and commands

Temporary connections

TCP - Transmission Control Protocol