2 compliance – IBM Tivoli and Cisco User Manual

46

Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

Clean Access Policy Updates

These are regular updates of pre-packaged policies/rules that can be used to
check the up-to-date status of operating systems, antivirus (AV), antispyware
(AS), and other client software.

3.1.2 Compliance

Tivoli Security Compliance Manager, a a client/server-based policy compliance
solution, supports the definition of policies that specify conditions that should
exist on a client, detects the state of these conditions and stores the collected
current state information on the server. Security Compliance Manager collectors
are written to evaluate system data and state information. Collectors can be
written to evaluate virtually any system parameter.

Compliance server

The server is the central component of a Security Compliance Manager
infrastructure. The server’s responsibilities include:

Creating and deploying new policies

Determining what security compliance data is collected and how to interpret
the data using the compliance management components

Managing security compliance data collection frequency and grouping of
policies for different types of user groups

Storing the security compliance data received from the clients and providing
the available data to users through the administration console and
administration commands

Providing security violation details as a basis for the compliance report
components