ACS 4.0 and IBM TSCM

Answered Question
Feb 5th, 2007

Hi,

I try to load NAC attributes for IBM Corporation (TSCM) from ftp server (NAC Attributes Management), but these don't appear in System

Configuration -> Logging Configuration -> CSV Failed Attempts File Configuration or CSV Passed Authentications File Configuration.

My server is ACS 4.0 appliance. On ACS 3.3 my NAC attributes is works well.

[attr#0]

vendor-id=2

vendor-name=IBM Corporation

application-id=50

application-name=SCM

attribute-id=00020

attribute-name=Policy Version

attribute-profile=in out

attribute-type=string

[attr#1]

vendor-id=2

vendor-name=IBM Corporation

application-id=50

application-name=SCM

attribute-id=00021

attribute-name=Violation count

attribute-profile=in out

attribute-type=unsigned integer

[attr#2]

vendor-id=2

vendor-name=IBM Corporation

application-id=50

application-name=SCM

attribute-id=00010

attribute-name=Action

attribute-profile=out

attribute-type=String

I loaded list with attributes for Symantec on ACS 4.0 and these is OK, but for Tivoli Security Compliance don't works.

PLS, help me if you have a solutions!

Thanks!

I have this problem too.
0 votes
Correct Answer by chenyokechuan about 9 years 4 months ago

Hi,

Yup, you can't have a space between the vendor-name, i have case that after loaded the file i can't see the attribute from ACS Appliance, but can see it appear at logging. After reboot the ACS SE it ok.

I have NAC deployment with IBM TSCM also, can you share the experince? what version of TSCM client we should use? i only can get the version 5.1.0 but it look like need version 5.1.2 above only can patch the latest update.

Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
mugurelgherghe Thu, 05/03/2007 - 03:52

It works with:

[attr#0]

vendor-id=2

vendor-name=IBM_Corporation

application-id=50

application-name=SCM

attribute-id=00020

attribute-name=Policy Version

attribute-profile=in out

attribute-type=string

[attr#1]

vendor-id=2

vendor-name=IBM_Corporation

application-id=50

application-name=SCM

attribute-id=00021

attribute-name=Violation count

attribute-profile=in out

attribute-type=unsigned integer

[attr#2]

vendor-id=2

vendor-name=IBM_Corporation

application-id=50

application-name=SCM

attribute-id=00010

attribute-name=Action

attribute-profile=out

attribute-type=String

Without "space" character in vendor-name.

Correct Answer
chenyokechuan Sun, 05/20/2007 - 07:00

Hi,

Yup, you can't have a space between the vendor-name, i have case that after loaded the file i can't see the attribute from ACS Appliance, but can see it appear at logging. After reboot the ACS SE it ok.

I have NAC deployment with IBM TSCM also, can you share the experince? what version of TSCM client we should use? i only can get the version 5.1.0 but it look like need version 5.1.2 above only can patch the latest update.

Thanks

mugurelgherghe Sun, 05/20/2007 - 22:28

Hi!

I want to use IBM Tivoli Security Compliance Manager V5.1.1.1. PLS tell me what remediation server use. TPM?

Thanks!

Actions

This Discussion