![[Contents]](FIGURE/CONTENT.GIF)
![[Glossary]](FIGURE/GLOSS.GIF)
![[Index]](FIGURE/INDEX.GIF)
![[Back]](FIGURE/FRONT.GIF)
![[Next]](FIGURE/AFTER.GIF)
Job Management Partner 1/Client Security Control Description, User's Guide and Operator's Guide
Once the management server, network control server, treatment or monitoring server, and clients have been set up, to begin operating the quarantine system, set up the environment according to the procedures shown in the following figure.
Figure 13-5 Flow of setup before operation
- Organization of this subsection
- (1) Stopping JP1/NM monitoring
- (2) Using the JP1/Software Distribution Manager host search to collect the MAC addresses of all devices connected to the network
- (3) Registering the IP addresses of non-client devices in JP1/NM
- (4) Permitting all client network connections
- (5) Starting JP1/NM monitoring
- (6) Setting a security policy
- (7) Judging the security levels of all clients
(1) Stopping JP1/NM monitoring
From the Integrated Management window for JP1/NM - Manager, execute Stop Network Monitor on the treatment/monitoring server. Since this stops the treatment or monitoring server from monitoring the network, all client network connections will be permitted.
(2) Using the JP1/Software Distribution Manager host search to collect the MAC addresses of all devices connected to the network
Perform a host search from JP1/Software Distribution Manager to collect network configuration information for all devices connected to the network.
For details about the JP1/Software Distribution Manager host search, see the manual Job Management Partner 1/Software Distribution Setup Guide, for Windows systems.
(3) Registering the IP addresses of non-client devices in JP1/NM
An administrator can register the IP addresses of non-client network connection devices in JP1/NM, using the information collected in (2) above. The IP addresses of the following devices are registered in JP1/NM:
- Network connection devices such as routers, printers, shared servers, and UNIX machines
- Management servers, network control servers, and treatment or monitoring servers
IP addresses of non-client devices are registered as Fixed device in the Integrated Management window of JP1/NM - Manager. IP addresses can also be registered by specifying a range, and MAC addresses can also be registered.
For details about how to register IP addresses and MAC addresses in JP1/NM - Manager, see the manual Job Management Partner 1/Network Monitor - Manager Description, User's Guide and Operator's Guide.
- Note
- Be sure to register all IP addresses and MAC addresses. If there are routers or servers whose IP address or MAC address is not registered with JP1/NM, these devices will be shut off from the network and no longer accessible once monitoring is restarted.
(4) Permitting all client network connections
Check that JP1/Software Distribution Client is installed and set up on all clients. Then, select all clients in the PC List window of the Client Security Management window, and in Network connection, click the Permit button. This will automatically register all the client MAC addresses with JP1/NM, and permit network connections for these clients.
For details about permitting client network connections, see 9.3 Controlling client network connections.
- Note
- Do not use JP1/NM directly to control client network connections. Always use the Client Security Management window of AIM.
(5) Starting JP1/NM monitoring
Perform the following environment setting for JP1/NM on the treatment or monitoring server:
- Blocked Mode
Select Block all devices detected to be illegal.
Once you have made this setting, execute Start Network Monitor for the treatment or monitoring server, from the JP1/NM - Manager on the network control server. This will start monitoring for all clients and network connection devices.
- Note
- If any routers or servers were missed in step (3), communication with the entire subnetwork may be lost and the server may no longer be accessible when JP1/NM starts monitoring.
(6) Setting a security policy
Use the Security Policy Management window to set a judgment policy and action policy. For details about security policies, see 6. Managing Security Policies.
Make sure that Control network connection is selected for the action policies.
(7) Judging the security levels of all clients
Perform security level judgment for all clients. In the PC List window of the Client Security Management window, select all clients and click the Judge button to judge their security levels. In the action policy settings in (6), if Refuse connection was selected for Control network connection, clients with the corresponding security level are automatically excluded from the network.
For details about how to judge client security levels, see 8.4 Judging a client security level.
All Rights Reserved. Copyright (C) 2009, 2011, Hitachi, Ltd.
Copyright, patent, trademark, and other intellectual property rights related to the "TMEng.dll" file are owned exclusively by Trend Micro Incorporated
![[Figure]](FIGURE/ZU130300.GIF)