Term
|
Definition
|
---|---|
The presence and currency of antivirus software
on an OfficeScan client.
In this implementation, security posture refers to whether or not
the OfficeScan client program
exists on client computers, the status of certain OfficeScan client settings, and whether
or not the Virus Scan Engine and Virus Pattern are up-to-date.
|
|
Created by the Policy Server after OfficeScan client validation.
It includes information that tells the OfficeScan client to
perform a set of specified actions, such as enabling Real-time Scan
or updating antivirus components.
|
|
The process of evaluating client security posture
and returning the posture token to the OfficeScan client
|
|
Policy Server rule
|
Guidelines containing configurable criteria
the Policy Server uses to measure OfficeScan client security
posture. A rule also contains actions for the OfficeScan client and the Policy
Server to carry out if the security posture information matches
the criteria (see Policy Server Policies and Rules for detailed information).
|
Policy Server policy
|
A set of rules against which the Policy
Server measures the security posture of OfficeScan clients.
Policies also contain actions that OfficeScan clients and
the Policy Server carry out if the criteria in the rules associated
with the policy do not match the security posture (see Policy Server Policies and Rules for detailed
information).
|
Describes the three main services used to
control end-user OfficeScan client access
to computer resources. Authentication refers to identifying a client,
usually by having the user enter a user name and password. Authorization
refers to the privileges the user has to issue certain commands.
Accounting refers to a measurement, usually kept in logs, of the
resources utilized during a session. The Cisco Secure Access Control
Server (ACS) is the Cisco implementation of an AAA server.
|
|
An authority on a network that distributes
digital certificates for the purposes of performing authentication
and securing connections between computers and/or servers.
|
|
An attachment used for security. Most commonly,
certificates authenticate clients with servers, such as a web server,
and contain the following: user identity information, a public key
(used for encryption), and a digital signature of a Certificate
authority (CA) to verify that the certificate is valid.
|
|
An authentication system requiring clients
to enter a user name and password. Cisco Secure ACS servers support
RADIUS.
|
|
A security protocol enabled through AAA
commands used for authenticating end-user clients. Cisco ACS servers
support TACACS+.
|