![[Contents]](FIGURE/CONTENT.GIF)
![[Glossary]](FIGURE/GLOSS.GIF)
![[Index]](FIGURE/INDEX.GIF)
![[Back]](FIGURE/FRONT.GIF)
![[Next]](FIGURE/AFTER.GIF)
Job Management Partner 1/Client Security Control Description, User's Guide and Operator's Guide
- action execution condition
- A condition for implementing an action. The condition may be either a consecutive number of days or a consecutive number of times. When an action execution condition is set for a security level, the action is implemented when that security level is unchanged in successive judgments for the specified number of days or times.
- action policy
- A policy to implement an action based on a client security level. An administrator can use the Edit Action Policy window to set action policies. Based on the security level, warning messages can be sent to client users, and client network connections can be denied.
- administrator
- A CSC administrator responsible for client security management or an Asset Information Manager administrator who manages asset information.
- AMT Linkage facility
- See JP1/Software Distribution (AMT Linkage facility).
- anti-virus product
- A product that guards PCs from viruses, restoring files infected with viruses and recovering computers to their state before infection. The anti-virus products managed by a client security control system are those supported by JP1/Software Distribution.
- asset information
- Information for managing hardware and software in a company.
- Asset Information Manager
- A program that centrally manages IT assets such as hardware information and software information, in the asset management database. The client inventory information collected by JP1/Software Distribution is managed in the asset management database.
- Asset Information Manager Subset Component of JP1/Software Distribution Manager
- A component of JP1/Software Distribution Manager, providing centralized management of IT assets such as hardware information and software information in an asset management database. The client inventory information collected by JP1/Software Distribution is managed in the asset management database.
- asset management database
- The database in which asset information is stored. This database is managed by AIM.
- asset number
- A number used to identify each asset. This is chosen by the user. On a client security control system, this number is the basic unit for client management.
- asset number file
- A file containing asset numbers for clients whose security levels are to be judged. This is used when the security level judgment command is executed.
- audit log
- A log that is output as part of an audit trail of internal controls. An audit log includes information about who executed what operation, at what time. The information can be used to review and evaluate the internal controls of the system.
- authentication server
- A server required for authenticating clients; also called a RADIUS server. An authentication server uses either IEEE 802.1X authentication, which authenticates a user based on a user ID and a password, or MAC authentication, which authenticates a client based on a MAC address.
- When a quarantine system is linked to an authentication server, the authentication server both authenticates clients and instructs the switch to control network connections from clients based on the connection control list.
- JP1/CSC - Agent and either Microsoft IAS or Network Policy Server must be installed on the authentication server.
- client
- A PC that is connected to the network and managed by the client security control system.
- client security control system
- A system for managing client security measures, realized by the programs JP1/CSC, AIM, and JP1/Software Distribution. A client security control system can be used to manage client asset information, monitor clients, and deal with security risks.
- Client Security Management window
- The Web browser interface for monitoring clients and registering permitted PCs. The Client Security Management window is opened from the initial window of AIM.
- cluster system
- A cluster system is one that consists of multiple linked server systems running as one, to facilitate continued operation when a failure occurs. When a failure occurs on the server performing operations (active), processing can be carried over to a standby server (standby). Note that cluster system can also refer to load distribution functionality via parallel processing, but in this manual, it refers to functionality to prevent interruption in operations via system switching.
- connection control list
- A list of network connection control actions performed by JP1/CSC - Manager in a quarantine system linked to an authentication server. Client access to the network is controlled according to this list.
- The connection control list is managed by JP1/CSC - Agent. It contains registered information about client network connections (permitted or denied), MAC addresses, and IP addresses.
- CSC administrator
- A user with the administrator role for JP1/CSC. CSC administrators can perform tasks such as monitoring clients in the Client Security Management window of AIM, and setting security policies in the JP1/CSC Security Policy Management window.
- CSC user
- A user with the user role for JP1/CSC. CSC users can use some of the functionality provided by the Client Security Management window of AIM.
- Customize Job windows
- Functionality to control the processing that can be executed from each operation window, according to the user role. The elements in each operation window (buttons, search conditions, and editable items) depend on the user role.
- excluded user definition file
- A file containing user accounts that are to be excluded from the password-related judgment in the PC security settings.
- export file
- An output file used when exporting a connection control list by the cscrexport command.
- Export files are text files in CSV format.
- form
- This refers to the content (settings for showing/hiding button and search conditions) of the settings customized for each operation window of the Job window. Forms are set in each operation window, and multiple settings can be performed for one operation window.
- group
- Asset information managed by AIM.
- In the Policy Management main window in JP1/CSC - Manager, the group tree view in the left pane shows the hierarchy of groups in which clients are managed.
- IEEE 802.1X
- A standard that defines the user authentication protocol on a network. Users connecting to the network are checked by user ID or password to determine whether they are legitimate users, and only authenticated users are permitted access. Authentication requires an IEEE 802.1X-compliant network device (switch, for example), a RADIUS server (authentication server), and supplicant.
- import file
- A text file in CSV format, used when importing a connection control list by the cscrimport command.
- inventory information
- Information needed for client management, such as the hardware usage for the client and types of software installed on the client. Inventory information is collected by JP1/Software Distribution, and is managed in an asset management database by AIM.
- IT assets
- This refers to the hardware information and software information about the IT devices, software, and network environment for the various PCs in the company.
- JP1/Base
- A program that provides the event service. This controls the start order for services, and sends and receives JP1 events. JP1/Base is a prerequisite product for JP1/IM.
- JP1/CSC - Agent
- A program that receives instructions from JP1/CSC - Manager when client network control is performed, and directs actions to the linked network control product.
- JP1/CSC - Manager
- A program for managing client security. It judges client security levels according to previously defined judgment policies, based on inventory information in the asset management database. As a result of the judgment, actions are implemented according to the security level.
- JP1/CSC - Manager Remote Option
- A program that supports client security management in the remote environment when the JP1/CSC system is configured with a remote management server linked to a remote system, such as a model system for anti-virus products. This program also links with anti-virus products installed on the remote management server to automatically update judgment policies and control network connections from another system.
- JP1/IM
- A program that provides integrated monitoring of distributed systems. JP1/IM links to JP1/CSC, to notify administrators of JP1 events occurring on a client security control system, and to provide a platform for operations to understand and investigate problem areas.
- JP1/NM
- A program that monitors and manages client network connections. JP1/NM consists of JP1/NM - Manager, which provides integrated management of network connection control, and JP1/NM, which monitors clients on a subnetwork basis.
- JP1/Software Distribution - Asset Information Manager Subset Component of JP1/Software Distribution Manager
- See Asset Information Manager Subset Component of JP1/Software Distribution Manager.
- JP1/Software Distribution (AMT Linkage facility)
- A JP1/Software Distribution facility that, when a computer compatible with AMT is used as a client, uses the AMT packet control functionality to control client connections to the network.
- JP1/Software Distribution Client
- A program that collects client inventory information, and sends it to JP1/Software Distribution Manager.
- JP1/Software Distribution Manager
- A program that uses a network to distribute software and manage clients by means of batch processes. It manages client inventory information collected from JP1/Software Distribution Client.
- JP1/Software Distribution Manager (relay manager)
- A program for assisting with remote installation and setup in a large-scale network or in a configuration with numerous clients. This product works as a relay system for JP1/Software Distribution Manager.
- JP1/Software Distribution SubManager
- A program that relays remote installations, to perform setup on large-scale networks, and when numerous clients exist.
- JP1 event
- Information sent to JP1/Base when a client security level changes on a client security control system. JP1 events are managed by the JP1/Base event service.
- judgment item
- An item to judge a client security level, such as the application status of client security updates and installation of anti-virus products. An administrator sets a judgment policy for each judgment item.
- The following types of judgment items exist:
- Security update
- Anti-virus product
- Prohibited software
- Mandatory software
- PC security settings
- User definition
- judgment policy
- A policy to judge a client security level. An administrator edits judgment policies in the Edit Judgment Policy window or by using the judgment policy update command (cscpolimport).
- judgment policy information file
- A text file used for importing judgment policies by using the cscpolimport command. When the cscpolexport command is executed, an export file that has the same format as this file is output.
- MAC address list file
- A file used to delete information about multiple clients from a connection control list in JP1/CSC - Agent. Deletion is performed as a batch operation using the asset deletion command (cscrdelete). The MAC address list file contains the MAC addresses of the clients whose information is to be deleted.
- management server
- A server that manages client inventory information and client security measures. JP1/CSC - Manager, AIM, and JP1/Software Distribution Manager are installed on the management server.
- mandatory software
- Software that is required to be installed on a client.
- MBSA
- A Microsoft tool to implement security audits for Windows products. It can manage Windows security updates (patches and service packs) not applied to a client.
- Microsoft Internet Authentication Service
- The Internet authentication service provided in Windows Server 2003 as a standard component for authenticating clients. When a quarantine system linked to an authentication server is set up, this product is required on the authentication server.
- monitoring server
- A server configured when running a quarantine system linked with JP1/NM.
- The monitoring server controls client network connections based on instructions from the management server.
- NetMonitor
- A program to monitor and manage client network connections. This consists of NetMonitor/Manager, which provides integrated management of network connection control, and NetMonitor, which monitors clients on each sub-network.
- network control product
- A product that links to JP1/CSC - Agent, providing functionality to refuse or permit client network connections.
- network control server
- This is set up to control client network connections. JP1/CSC - Agent and a network control product are installed on a network control server.
- Network Policy Server
- The network policy server provided in Windows Server 2008 as a standard component for authenticating clients. When a quarantine system linked to an authentication server is set up, this product is required on the authentication server.
- non-Software Distribution host
- This refers to a device on a network, on which JP1/Software Distribution has not been installed.
- number of consecutive days
- An action execution condition. The set action is implemented when the security level is unchanged in successive judgments for the specified number of days. This value can be set separately for each action.
- number of consecutive times
- An action execution condition. The set action is implemented when the client's security level is unchanged in successive judgments for the specified number of times. This value can be set separately for each action.
- patch information file
- A file containing information used to acquire patches from Microsoft's servers. This file is required to automatically update judgment policies relating to security updates. Patch information files are collected by Job Management Partner 1/Software Distribution, and updated to reflect the patches being offered by Microsoft.
- policy assignment definition file
- A file used when executing the policy assignment command (cscassign). The recipients and names of the policies to be assigned are defined in this file.
- Policy Management window
- A generic name for the windows and dialog boxes for managing security policies.
- prohibited software
- Software that is not used for company operations, or may expose clients and networks to risk when installed.
- quarantine system
- A system that permits clients previously disconnected from the network due to a high security risk level to be reconnected to the network after the latest security measures are implemented.
- quarantined network
- A network (VLAN) in which security measures are implemented on clients when JP1/CSC - Agent is linked to an authentication server in a dynamic VLAN environment. The quarantined network is set up with a switch that supports IEEE 802.1X authentication.
- Clients without adequate security can be connected to the quarantined network, enabling security measures to be implemented online.
- RADIUS server
- A server required for authenticating clients when IEEE 802.1X or MAC authentication is used.
- This server is required when a quarantine system is linked to an authentication server.
- In this manual, a RADIUS server is called an authentication server.
- remote installation
- Functionality to transfer and install packaged software from JP1/Software Distribution Manager to a client.
- remote management server
- A system that supports judgment policy management and client security measures on a management server when JP1/CSC is linked with a remote system, such as a model system for anti-virus products. JP1/CSC - Manager Remote Option must be installed on the remote management server.
- search condition file
- A file used in the -k option of the security level judgment command (cscjudge), action command (cscaction), PC list information output command (cscexportpclist), and statistics output command (cscexportcount) to specify a target group for command execution. The file defines the name of the group to which the command applies.
- search host
- Functionality to detect devices connected to the network from JP1/Software Distribution Manager, and to collect host information.
- security level
- A level that indicates the risk of client security measures. Security levels are set in the Edit Judgment Policy window. The following types of security level exist:
- Danger
- Warning
- Caution
- Safe
- security policy
- A generic name for judgment policies and action policies. These are rules that set judgment and action conditions for client security levels.
- Security Policy Management windows
- A generic name for the Policy Management window, Edit Judgment Policy window and Edit Action Policy window.
- security update
- A program to strengthen functionality and correct bugs in an OS or application. This term applies to patch and service pack information.
- statistics
- Information that summarizes the status of security measures over time for individual groups. Using the Client Security Management window, an administrator can monitor trends in the status of security measures for each group in the form of evaluation points, countermeasure usage, and other information.
- supplicant
- Software required on the client in order to authenticate users by using IEEE 802.1x authentication. This software is required when using a quarantine system that is linked to an authentication server by using IEEE 802.1x authentication.
- JP1/CSC supports only a supplicant installed in Windows as standard. The Windows standard supplicant is installed in Windows 2000 (SP4 or later), Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7.
- treatment server
- A server required for setting up a quarantine system linked to JP1/Network Monitor or an authentication server.
- A treatment server maintains communication with clients that have been disconnected from the network because they pose a security risk. This allows security measures to be implemented on the clients in an online environment.
- unauthenticated network
- A network required for implementing security measures on clients when JP1/CSC - Agent is linked to an authentication server in a static VLAN environment. Connection to the unauthenticated network is controlled by a switch that supports either IEEE 802.1X or MAC authentication.
- Clients for which security measures have not been fully implemented are first connected to the unauthenticated network, where the needed security measures can be implemented online.
- WUA
- A Microsoft tool for implementing security audits on Windows products. WUA can be used to manage Windows security updates (patches and service packs) that have not been applied on the client. In addition to OS security updates, WUA can manage software security updates for Microsoft Office and other applications.
All Rights Reserved. Copyright (C) 2009, 2011, Hitachi, Ltd.
Copyright, patent, trademark, and other intellectual property rights related to the "TMEng.dll" file are owned exclusively by Trend Micro Incorporated