Appendix A. Hints and tips 465
State mapping and scenarios
One way for the solution to approach a design is to consider all of the possible
states that can occur with regards to the client, its compliance state, and its
network admission state. Table 8-8 presents the possible states that should be
considered.
Table 8-8 Possible client states
As indicated by this state table, there are eight different scenarios that must be
accommodated in any design. The following list is the expected behavior for each
of these states.
Scenario 1 - Pre-admission, Security Compliance Manager not running,
noncompliant client
– NAC Appliance detects that the Security Compliance Manager Client is
not running:
i. Pops up Temporary Access Window
ii. User clicks Update
iii. Runs TSCMAgent.bat
– TSCMAgent.bat:
i. Sets semaphore to -1
ii. Starts Security Compliance Manager Client
iii. Runs statuscheck.exe
– Statuscheck.exe:
• Requests rescan from Security Compliance Manager Client
State # Security
Compliance
Manager
Client
running
Compliant to
policy
Admitted to
network
1000
2001
3010
4011
5100
6101
7110
8111
