Job Management Partner 1/Client Security Control Description, User's Guide and Operator's Guide

1.3.3 Distributing the latest security update programs and definition files to clients with inadequate security

n Overview

The example below shows how the latest security update programs and definition files can be distributed to a client with inadequate security via a client security control system configured as a quarantine system.

Figure 1-13 Distributing the latest security update programs and definition files to clients with inadequate security

n Work flow

1. Security policy setup
   Based on the corporate security policy, the administrator sets the judgment policy (judgment items) and the action policy (actions triggered according to the judgment result).
   
   • Consider the security policy. 4.7 Considerations for security policies
   • Set the security policy. 6. Managing Security Policies
2. Collection of IT asset information
   The client's IT asset information is collected and centrally managed in the asset management database.
   
3. Security level judgment (inspection process)
   To determine the client's security level, the IT asset information collected at step 2 is compared against the judgment policy set at step 1.
   A security level judgment can be triggered in any of three ways: Automatic judgment when inventory information is updated, periodic judgment via Scheduled Tasks in Windows, or judgment by an administrator.
   
   • Judge the security level. 2.4 Judging security levels
4. Denial of network access (isolation process)
   Based on the action policy set at step 1, the client is denied access to the corporate network.
   
5. Distribution of the latest security update programs and definition files (treatment process)
   Based on the judgment policy set at step 1, the administrator distributes the latest security update programs and definition files to the client either from JP1/Software Distribution Manager on the management server or by using installation media.
   
6. Permission to access network (recovery process)
   The client's security level is re-evaluated and the client is granted permission to access the corporate network.
   

[Contents][Back][Next]

All Rights Reserved. Copyright (C) 2009, 2011, Hitachi, Ltd.
Copyright, patent, trademark, and other intellectual property rights related to the "TMEng.dll" file are owned exclusively by Trend Micro Incorporated