Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS 4.0 and IBM TSCM

Hi,

I try to load NAC attributes for IBM Corporation (TSCM) from ftp server (NAC Attributes Management), but these don't appear in System

Configuration -> Logging Configuration -> CSV Failed Attempts File Configuration or CSV Passed Authentications File Configuration.

My server is ACS 4.0 appliance. On ACS 3.3 my NAC attributes is works well.

[attr#0]

vendor-id=2

vendor-name=IBM Corporation

application-id=50

application-name=SCM

attribute-id=00020

attribute-name=Policy Version

attribute-profile=in out

attribute-type=string

[attr#1]

vendor-id=2

vendor-name=IBM Corporation

application-id=50

application-name=SCM

attribute-id=00021

attribute-name=Violation count

attribute-profile=in out

attribute-type=unsigned integer

[attr#2]

vendor-id=2

vendor-name=IBM Corporation

application-id=50

application-name=SCM

attribute-id=00010

attribute-name=Action

attribute-profile=out

attribute-type=String

I loaded list with attributes for Symantec on ACS 4.0 and these is OK, but for Tivoli Security Compliance don't works.

PLS, help me if you have a solutions!

Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: ACS 4.0 and IBM TSCM

Hi,

Yup, you can't have a space between the vendor-name, i have case that after loaded the file i can't see the attribute from ACS Appliance, but can see it appear at logging. After reboot the ACS SE it ok.

I have NAC deployment with IBM TSCM also, can you share the experince? what version of TSCM client we should use? i only can get the version 5.1.0 but it look like need version 5.1.2 above only can patch the latest update.

Thanks

3 REPLIES
New Member

Re: ACS 4.0 and IBM TSCM

It works with:

[attr#0]

vendor-id=2

vendor-name=IBM_Corporation

application-id=50

application-name=SCM

attribute-id=00020

attribute-name=Policy Version

attribute-profile=in out

attribute-type=string

[attr#1]

vendor-id=2

vendor-name=IBM_Corporation

application-id=50

application-name=SCM

attribute-id=00021

attribute-name=Violation count

attribute-profile=in out

attribute-type=unsigned integer

[attr#2]

vendor-id=2

vendor-name=IBM_Corporation

application-id=50

application-name=SCM

attribute-id=00010

attribute-name=Action

attribute-profile=out

attribute-type=String

Without "space" character in vendor-name.

New Member

Re: ACS 4.0 and IBM TSCM

Hi,

Yup, you can't have a space between the vendor-name, i have case that after loaded the file i can't see the attribute from ACS Appliance, but can see it appear at logging. After reboot the ACS SE it ok.

I have NAC deployment with IBM TSCM also, can you share the experince? what version of TSCM client we should use? i only can get the version 5.1.0 but it look like need version 5.1.2 above only can patch the latest update.

Thanks

New Member

Re: ACS 4.0 and IBM TSCM

Hi!

I want to use IBM Tivoli Security Compliance Manager V5.1.1.1. PLS tell me what remediation server use. TPM?

Thanks!

139
Views
0
Helpful
3
Replies
CreatePlease login to create content