![[Contents]](FIGURE/CONTENT.GIF)
![[Glossary]](FIGURE/GLOSS.GIF)
![[Index]](FIGURE/INDEX.GIF)
![[Back]](FIGURE/FRONT.GIF)
![[Next]](FIGURE/AFTER.GIF)
Job Management Partner 1/Client Security Control Description, User's Guide and Operator's Guide
The example below describes the quarantine process when the JP1/NM quarantine support facility is not used.
This example is based on the following assumptions:
- Managed clients
Of clients A, B, and C, an unapplied patch is found only for client C.
- Security policy (judgment policy) setting
The security level for clients with unapplied patches is judged to be Danger.
- Security policy (action policy) setting
- Clients whose security level is Danger are denied access to the network.
- Clients whose security level is Safe are permitted access to the network.
- Organization of this subsection
- (1) Inspection process
- (2) Isolation process
- (3) Treatment process
- (4) Recovery process
(1) Inspection process
In the inspection process, client security levels are judged, and clients that are a security risk are identified.
The following figure shows the inspection process.
Figure 14-5 Inspection process
- Inventory information for clients is reported to JP1/Software Distribution Manager on the management server.
Inventory information for clients A, B, and C is reported to JP1/Software Distribution Manager on the management server.
- JP1/CSC - Manager on the management server judges client C to be Danger.
JP1/CSC - Manager on the management server compares the inventory information against the judgment policy, and judges client C to be Danger.
(2) Isolation process
In the isolation process, client network connections are controlled based on the security policy.
The following figure shows the isolation process.
Figure 14-6 Isolation process
- JP1/CSC - Manager on the management server instructs the network control server to deny a network connection.
Based on the action policy, JP1/CSC - Manager on the management server instructs the network control server to deny a network connection.
- The network control server instructs the monitoring server to deny the network connection by client C.
- The monitoring server denies the network connection by client C.
JP1/NM on the monitoring server denies the network connection by client C.
(3) Treatment process
In the treatment process, security measures are implemented on clients denied access to the network. For details about how to implement security measures on clients, see 14.1.4 Implementing client security measures.
The following figure shows the treatment process.
Figure 14-7 Treatment process
- Package the patch and register it in JP1/Software Distribution Manager on the management server.
Package the patch you intend to install offline, and register it with JP1/Software Distribution Manager on the management server.
- Prepare an installation medium and an inventory acquisition medium.
Prepare an installation medium containing the patch you want to apply to client C, and an inventory acquisition medium on which to record the latest inventory information for client C.
- Transport the media you prepared in step 2 to client C, and install the patch.
Run the program on the installation medium to apply the patch to client C. This implements security measures on client C.
(4) Recovery process
In the recovery process, clients for which security measures were implemented are judged again, and those judged Safe are reconnected to the network.
The following figure shows the recovery process.
Figure 14-8 Recovery process
- Save the latest inventory information for client C to the inventory acquisition medium.
Run the program on the inventory acquisition medium. The latest inventory information for client C is written to the medium.
- Transport the medium containing the inventory information for client C to JP1/Software Distribution Manager on the management server, and read the inventory information from the medium.
JP1/Software Distribution Manager retrieves the latest inventory information for client C from the medium you prepared in step 1.
- JP1/CSC - Manager on the management server judges client C to be Safe, and instructs the network control server to permit a network connection.
JP1/CSC - Manager compares the inventory information against the security policy, and finds that all patches are applied. As a result, client C is judged to be Safe. JP1/CSC - Manager then instructs the network control server to permit a network connection based on the action policy.
- The network control server instructs the monitoring server to restore the network connection for client C.
- The monitoring server restores the network connection for client C.
JP1/NM on the monitoring server restores the network connection for client C, allowing client C to access the network.
All Rights Reserved. Copyright (C) 2009, 2011, Hitachi, Ltd.
Copyright, patent, trademark, and other intellectual property rights related to the "TMEng.dll" file are owned exclusively by Trend Micro Incorporated
![[Figure]](FIGURE/ZU140500.GIF)
![[Figure]](FIGURE/ZU140600.GIF)
![[Figure]](FIGURE/ZU140700.GIF)
![[Figure]](FIGURE/ZU140800.GIF)