Job Management Partner 1/Client Security Control Description, User's Guide and Operator's Guide

[Contents][Glossary][Index][Back][Next]

3.1 System configuration

This section explains the system configuration for a client security control system.

The following system configuration examples are provided:

Organization of this section
(1) Basic configuration
(2) System configuration for automatically updating judgment policies for anti-virus products
(3) System configuration with a remote management server
(4) System configuration with a quarantine system

(1) Basic configuration

The following figure shows the basic configuration of a client security control system.

Figure 3-1 System configuration of a client security control system (basic configuration)

[Figure]

The system components are described below.

Management server
A management server manages inventory information in an asset management database, and judges client security levels according to the security policy. It also implements actions appropriate to these security levels.
The following products must be installed on the management server:
  • JP1/CSC - Manager
  • JP1/Software Distribution Manager
  • Asset Information Manager or Asset Information Manager Subset Component of JP1/Software Distribution Manager

Management terminal
A management terminal is used by an administrator to reference the asset management database, manage client asset information, monitor the status of client security measures, and implement actions. These tasks are performed in the AIM windows.
A Web browser must be installed on the management terminal.

Client
A client is the entity that is managed in a client security control system. All updates to the client inventory information are immediately notified to JP1/Software Distribution Manager on the management server.
JP1/Software Distribution Client must be installed on each client.

(2) System configuration for automatically updating judgment policies for anti-virus products

The following figure shows the system configuration when linkage with an anti-virus product installed on a client is used to automatically update the judgment policies for anti-virus products.

Figure 3-2 System configuration for automatically updating the judgment policies for anti-virus products

[Figure]

The system components are described below.

Management server
A management server manages inventory information in an asset management database, and judges client security levels according to the security policy. It also implements actions appropriate to these security levels.
The following products must be installed on the management server:
  • JP1/CSC - Manager
  • JP1/Software Distribution Manager
  • Asset Information Manager Subset Component of JP1/Software Distribution, or AIM

Management terminal
A management terminal is used by an administrator to reference the asset management database, manage client asset information, monitor the status of client security measures, and implement actions. These tasks are performed in the AIM windows.
A Web browser must be installed on the management terminal.

Client subject to judgment policy automatic updating
This type of client has an anti-virus product linked with automatic judgment policy updating for anti-virus products. Judgment policy definitions for the anti-virus products are automatically updated based on the update information for the anti-virus product installed on this client.
The following products must be installed on this client:
For details about the system configuration when the judgment policies for anti-virus products are automatically updated by linkage to JP1/CSC - Manager Remote Option on a remote management server, see (3) System configuration with a remote management server.

Client
A client is an entity that is managed in a client security control system. All updates to the client inventory information are immediately reported to JP1/Software Distribution Manager on the management server.
The Windows version of JP1/Software Distribution Client must be installed on each client.

(3) System configuration with a remote management server

This system configuration is required if you want to control client network connections from a remote system or want to automatically update the judgment policies for anti-virus products by linkage with JP1/CSC - Manager Remote Option.

JP1/CSC - Manager Remote Option must be installed on the remote management server.

Figure 3-3 System configuration with a remote management server

[Figure]

The system components are described below.

Management server
A management server manages inventory information in an asset management database, and judges client security levels according to the security policies. It also implements actions appropriate to the set security levels.
The following products must be installed on the management server:
  • JP1/CSC - Manager
  • JP1/Software Distribution Manager
  • Asset Information Manager or Asset Information Manager Subset Component of JP1/Software Distribution Manager

Management terminal
A management terminal is used by an administrator to reference the asset management database, manage client asset information, monitor the status of client security measures, and implement actions. These tasks are performed in the AIM windows.
A Web browser must be installed on the management terminal.

Remote management server
The following product must be installed on the remote management server:
  • JP1/CSC - Manager Remote Option
The following products and systems are also required, depending on how the remote management server is to be used:
JP1/CSC - Manager Remote Option can be installed on the management server or on the quarantine system's network control server, authentication server, or treatment server.

Client
A client is the entity that is managed in a client security control system. All updates to the client inventory information are immediately notified to JP1/Software Distribution Manager on the management server.
JP1/Software Distribution Client must be installed on each client.

(4) System configuration with a quarantine system

The figures below show examples of system configurations that incorporate a quarantine system. Examples of a quarantine system linked to JP1/Network Monitor and a quarantine system linked to an authentication server are shown.

Linkage with JP1/Network Monitor:
The following figure shows JP1/CSC linked to JP1/NM.

Figure 3-4 System configuration with a quarantine system (linked to JP1/NM)

[Figure]
A client security control system consists of the following components when linked to JP1/NM:
  • Management server
  • Management terminal
  • Remote management server
  • Client subject to judgment policy automatic updating
  • Network control server
  • Treatment and monitoring server
  • Clients
For details about these components, see 12.2.1 Basic configuration of quarantine system linked to JP1/NM.

Linkage with an authentication server:
The following figure shows JP1/CSC linked to an authentication server.

Figure 3-5 System configuration with a quarantine system (linked to an authentication server)

[Figure]
If linked to an authentication server a client security control system consists of the following components:
  • Management server
  • Management terminal
  • Remote management server
  • Client subject to judgment policy automatic updating
  • Authentication server
  • Treatment server
  • Switch supporting IEEE 802.1X or MAC authentication
  • Clients
For details about each component, see 12.3.1(1) Basic configuration of a quarantine system linked to an authentication server.

[Contents][Back][Next]

[Trademarks]

All Rights Reserved. Copyright (C) 2009, 2011, Hitachi, Ltd.
Copyright, patent, trademark, and other intellectual property rights related to the "TMEng.dll" file are owned exclusively by Trend Micro Incorporated