beautypg.com

3 remediation – IBM Tivoli and Cisco User Manual

Page 69

background image

Chapter 3. Component structure

51

Posture cache

This component provides the caching area where posture collectors store the
results of posture determination in a temporary file. The policy collector refers to
the information captured in the posture cache for determining the violation count.

Posture plug-in

Posture plug-ins are the means by which the Cisco Trust Agent requests and
receives security posture information from NAC-compliant applications installed
on the system.

Default remediation handler

The

default remediation handler

provides a graphical interface for displaying the

compliance posture data and a method for reinitiating the compliance scanning
process. The default remediation handler supports the passing of noncompliance
data and remediation request data to the remediation client.

3.1.3 Remediation

The compliance component identifies and reports policy violations. To make the
client productive again, these violations must be mapped to corresponding
corrective actions that are provided through a remediation subsystem. This
remediation subsystem provides a set of software and configuration
management capabilities that an enterprise can leverage to centrally manage
and automate the remediation process for noncompliant endpoints.

The remediation subsystem consists of a remediation server and the remediation
client.

Remediation server

IBM Tivoli Configuration Manager can automate the manual tasks of installing
software and updating configurations on endpoints. It enables an enterprise to
centrally manage and automate software and configuration for endpoints.

For our solution, Tivoli Configuration Manager helps automate the remediation of
noncompliant endpoints by installing required software updates or correcting
configuration issues. Its remediation capabilities include software levels, typically
operating system levels and fix packs, patch levels, virus and firewall updates,
last virus scans history, password strength and history, and policy level.

Outside the IBM Integrated Security Solution for Cisco Networks environment,
Tivoli Configuration Manager uses the

Tivoli Framework

to monitor software

levels on clients, manage remediation content in self-installing objects, and
perform a number of other functions. In the IBM Integrated Security Solution for
Cisco Networks, requests for the required corrections are initiated by the client,

See also other documents in the category IBM Hardware: