search

IBM Tivoli and Cisco podręczniki

Instrukcje obsługi i podręczniki użytkownika dla Sprzęt komputerowy IBM Tivoli and Cisco.
Dostarczamy 1 pdf podręczników IBM Tivoli and Cisco do pobrania za darmo według typów dokumentów: Instrukcja Użytkownika


Ibm Tivoli and Cisco Instrukcja Użytkownika (516 strony)


Marka: Ibm | Kategoria: Sprzęt komputerowy | Rozmiar: 14.24 MB |

 

Spis treści

Building a Network

1

Access Control Solution

1

IBM Tivoli and Cisco Systems

3

January 2007

3

Second Edition (January 2007)

4

“Notices” on page vii

4

Contents

5

Contents v

7

Trademarks

10

Network

11

Admission Control

11

Preface xi

13

Become a published author

14

Comments welcome

15

Summary of changes

17

Architecture

19

Business context

21

IBM Integrated

22

Cisco Self-Defending Network

23

Endpoint

23

Compliance & Remediation

23

1.7 Conclusion

28

Architecting the solution

31

2.1.1 Architecture overview

32

Network Admission Control

33

Security Compliance Manager

35

Tivoli Configuration Manager

37

Security policy

37

Compliance query

37

Compliance User Interface

38

Remediation handler

38

Quarantined

39

Cisco NAC and IEEE 802.1x

40

Using Cisco terminology

41

Posture agent

42

Network identity provisioning

42

Remediation process

43

Internet

45

2.3 Design process

46

Creation

49

Implementation

49

2.3.3 Solution objectives

50

Default network

51

Quarantine access

52

Trusted network

52

Performance controls

52

2.4 Implementation flow

53

2.6 Conclusion

55

Component structure

57

3.1 Logical components

58

Posture validation server

59

Figure 3-2 ACS architecture

60

Policy enforcement device

61

Admission control client

61

3.1.2 Compliance

64

Compliance client

66

Posture collector

67

3.1.3 Remediation

69

3.2 Physical components

70

Network access device

72

Network Access Profiles

76

Remediation (flow 4)

79

3.3.1 Secure communication

80

3.4 Component placement

81

Figure 3-8 Security zones

82

Controlled zone - intranet

84

Other networks

84

Branch office compliance

85

Campus internal enforcement

86

Branch Office Compliance

87

(Campus Ingress Enforcement)

87

SOHO Compliance

88

(PAT access protection)

88

Extranet compliance

89

Lab compliance

90

Data Center protection

91

3.5 Conclusion

92

Customer

93

Armando Banking Brothers

95

Corporation

95

4.1 Company profile

96

4.2 Current IT architecture

97

Uncontrolled zone - Internet

98

Controlled zone - DMZ

98

Controlled intranet

98

Production network

98

NAC Framework

98

NAC Appliance

100

Firewall

104

Project overview

106

4.4 Conclusion

109

Solution design

111

5.1 Business requirements

113

5.2 Functional requirements

114

Remediation

117

Production

117

Compliance

117

Security compliance criteria

118

Remediation services

118

5.3.1 Logical components

120

Enforcing compliance criteria

127

Posture token

128

Healthy indicates that the

132

Performing remediation

133

5.3.2 Physical components

134

Compliance subsystem

135

Access Control Server

136

NAC-enabled network device

138

Layer 2 devices

138

Layer 3 devices

138

Cisco Trust Agent

139

Remediation subsystem

140

Software Package Web Server

140

5.4 Conclusion

141

Figure 6-11, click Next

155

English and click Next

159

6.2.1 Posture collectors

171

6.2.2 Policy collector

172

Figure 6-34, click Next

177

Figure 6-37 Policies view

180

Rule operators

192

Rule results

193

Rule format

193

TCMCLI utility policy

207

6.3.1 Cisco Trust Agent

208

6. Click Next (Figure 6-66)

214

(Figure 6-71)

219

6.4 Conclusion

230

Network enforcement

231

Installing Cisco Secure ACS

233

Configuring logging

244

client

247

Figure 7-16 AAA clients

251

Figure 7-18 AAA Clients

253

Configuring RADIUS attributes

254

Configuring groups

255

Figure 7-21 Group Setup

256

Configuring users

257

Internal Database

258

Global authentication setup

259

(Figure 7-24 on page 241)

260

6. Click Submit + Restart

261

To do this:

262

Token (APT) of

268

Figure 7-33 on page 251

268

(Figure 7-33)

269

Figure 7-35

271

12.Click Done

271

27.Click Done (Figure 7-44)

280

Allow any Protocol

289

Grant access

290

NAC_IISSCN_Posture_Profile

292

Healthy PA message:

294

24.Click Submit

300

External User Database

301

Unknown user policy

301

Clientless user

301

Figure 7-64 Naming of ACL

303

7. Click Submit

304

Figure 7-66 Binding the ACL

305

Router#

321

7.2.1 Installing CCA Agent

322

The steps are:

325

(Figure 7-77)

327

Figure 7-82 Managed subnets

332

Configure default login page

333

Configuring a Switch Group

334

3. Click Add

335

Configuring a switch profile

337

Configuring Port Profile

338

Configuring SNMP receiver

341

Adding a managed switch

342

IP Address box, and a

343

Figure 7-94 Managed switch

344

Defining user roles

345

Creating traffic policies

347

Access to TCM

349

Creating local users

350

Configure Clean Access Agent

352

Figure 7-106 New rule

356

Validity

358

Figure 7-109 Requirements

359

26.Click Update

363

Discovered clients

364

Logging on as a client

365

Continue

367

7.3 Conclusion

372

8.2.1 Prerequisites

376

Figure 8-16 Welcome window

394

is False) and click Next

401

IISSCN Extension Pack2 for

404

8.3.1 Locating HTML

416

Base HTML

418

Posture item HTML

418

HTML pages example

419

Posture element HTML

420

The wfattribute tag

421

The field Tag

421

The remattribute tag

422

8.3.3 Debug attributes

424

Logging posture items

425

Logging the HTML search path

426

TCRNavScan workflow

436

TCRNavVirusDefUpdate

441

TCRNavSoftwareInstalled

443

TCRMSPatchesInstallWinXP

444

HotfixId

446

TCRZLSoftwareInstalled

450

TCRZLSoftwareRunning

452

TCRMessengerDisabled

453

8.5 Conclusion

455

Appendixes

457

Hints and tips

459

Deployment overview

460

Top-level sequence of events

462

Cisco NAC sequence of events

465

Fault isolation

466

SCM Push Client

468

Tools and tricks

469

Cisco IOS Software router

470

Cisco IOS Software switch

470

Cisco Secure ACS server

471

NAC Appliance details

473

In-band versus out-of-band

474

NAC Appliance integration

475

Integration design

476

NAC Appliance Agent

477

TSCMAgent.bat

478

NACApplianceCompliance.entry

478

Policy collector

478

Scheduler

479

System path

481

Scheduler.bat

481

NAC Appliance Manager

482

State mapping and scenarios

483

Conclusion

488

Executive summary

490

The benefit of NAC

490

NAC implementation options

492

The NAC Appliance

493

NAC Framework solution

494

Investment protection

494

The next steps

496

NAC technology

496

NAC Framework components

497

Additional material

499

Using the Web material

500

Related publications

501

Online resources

502

How to get IBM Redbooks

502

Help from IBM

503

Numerics

505




Więcej produktów i instrukcji dla Sprzęt komputerowy IBM

Modele Rodzaj dokumentu
SY27-0345-06 Instrukcja Użytkownika   IBM SY27-0345-06 User Manual, 148 strony
19K4206PT1 Instrukcja Użytkownika   IBM 19K4206PT1 User Manual, 10 strony
802.11g Wireless Broadband Router WRT-410 Instrukcja Użytkownika   IBM 802.11g Wireless Broadband Router WRT-410 User Manual, 69 strony
22P6972 Instrukcja Użytkownika   IBM 22P6972 User Manual, 46 strony
B50 Instrukcja Użytkownika   IBM B50 User Manual, 198 strony
WebSphere Adapters Instrukcja Użytkownika   IBM WebSphere Adapters User Manual, 226 strony
22P6959 Instrukcja Użytkownika   IBM 22P6959 User Manual, 50 strony
Ultra320 Instrukcja Użytkownika   IBM Ultra320 User Manual, 54 strony
Data Capture Board CLC-CAPT-PCASM Instrukcja Użytkownika   IBM Data Capture Board CLC-CAPT-PCASM User Manual, 15 strony
09-0572-000 Instrukcja Użytkownika   IBM 09-0572-000 User Manual, 101 strony
EP-8KTA Instrukcja Użytkownika   IBM EP-8KTA User Manual, 73 strony
THINKVISION MONITOR L150 Instrukcja Użytkownika   IBM THINKVISION MONITOR L150 User Manual, 35 strony
28L2234 Instrukcja Użytkownika   IBM 28L2234 User Manual, 66 strony
TotalStorage LTO Ultrium T400F Instrukcja Użytkownika   IBM TotalStorage LTO Ultrium T400F User Manual, 136 strony
71P7285 Instrukcja Użytkownika      IBM 71P7285 User Manual, 121 strony
WebSphere Business Integration Adapter Instrukcja Użytkownika   IBM WebSphere Business Integration Adapter User Manual, 92 strony
CFC2 Instrukcja Użytkownika   IBM CFC2 User Manual, 154 strony
2292 Instrukcja Użytkownika   IBM 2292 User Manual, 230 strony
Terminal Emulation TN5250 Instrukcja Użytkownika   IBM Terminal Emulation TN5250 User Manual, 51 strony
All-in-One Super7 Single Board Computer PCM-5896 Instrukcja Użytkownika   IBM All-in-One Super7 Single Board Computer PCM-5896 User Manual, 128 strony

IBM Urządzenia

  • AV Link Techly Nyko Technologies Workhorse CamOne
  • Kohler Krany Gateway Napędy dysków optycznych Philips Nadajniki FM Hannspree Telewizory LCD Philips Odbiorniki muzyczne Bluetooth
  • Husqvarna CT16 Electrolux EOB6631BOX Advantech UTC-520 Nokia N85 Thermador PRD48NCSGU
  • Samsung BD-D8500 Instrukcja Użytkownika Iconbit HD360W Instrukcja Użytkownika Apple MacBook Pro (17-inch, Early 2011) Instrukcja Użytkownika Lg IPS224V Instrukcja Użytkownika Asus ET2700I Instrukcja Użytkownika

    • © 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.025 s |
    Manymanuals.com Manymanuals.de Manymanuals.fr Manymanuals.it
    Manymanuals.pl Manymanuals.cz Manymanuals.es Manymanuals-pt.com