A SERVICE OF

logo

Open as PDF
next previous
468 Building a Network Access Control Solution with IBM Tivoli and Cisco Systems
Remediation handler:
Since semaphore is -1, PopUp Remediation Interface.
User can click Fix Now for autoremediation.
Runs compliance scan. In this case no violations are found, so set
semaphore to 1.
User clicks Next.
NAC Appliance now finds Security Compliance Manager Client running
and semaphore=1, so admit client.
Scenario 6 - post-admission, Security Compliance Manager running,
noncompliant client
In this case, the semaphore starts as 1 since we have been admitted.
Windows Scheduler or cron job runs statuscheck.exe.
Statuscheck.exe:
Requests rescan from Security Compliance Manager Client
Security Compliance Manager Client:
Runs compliance validation. In this case, violations are found and
semaphore equals 1, so set it to 0.
Since violations are found, instructs client to run remediation handler.
Remediation handler:
Since semaphore is 0, call NAC Appliance Kick User API.
•Exit.
NAC Appliance restarts the admission process.
Client is now in same state as state #5.