Security posture

The presence and currency of antivirus software on an OfficeScan client. In this implementation, security posture refers to whether or not the OfficeScan client program exists on client computers, the status of certain OfficeScan client settings, and whether or not the Virus Scan Engine and Virus Pattern are up-to-date.

Posture token

Created by the Policy Server after OfficeScan client validation. It includes information that tells the OfficeScan client to perform a set of specified actions, such as enabling Real-time Scan or updating antivirus components.

Client validation

The process of evaluating client security posture and returning the posture token to the OfficeScan client

Policy Server rule

Guidelines containing configurable criteria the Policy Server uses to measure OfficeScan client security posture. A rule also contains actions for the OfficeScan client and the Policy Server to carry out if the security posture information matches the criteria (see Policy Server Policies and Rules for detailed information).

Policy Server policy

A set of rules against which the Policy Server measures the security posture of OfficeScan clients. Policies also contain actions that OfficeScan clients and the Policy Server carry out if the criteria in the rules associated with the policy do not match the security posture (see Policy Server Policies and Rules for detailed information).

Authentication, Authorization, and Accounting (AAA)

Describes the three main services used to control end-user OfficeScan client access to computer resources. Authentication refers to identifying a client, usually by having the user enter a user name and password. Authorization refers to the privileges the user has to issue certain commands. Accounting refers to a measurement, usually kept in logs, of the resources utilized during a session. The Cisco Secure Access Control Server (ACS) is the Cisco implementation of an AAA server.

Certificate Authority (CA)

An authority on a network that distributes digital certificates for the purposes of performing authentication and securing connections between computers and/or servers.

Digital Certificates

An attachment used for security. Most commonly, certificates authenticate clients with servers, such as a web server, and contain the following: user identity information, a public key (used for encryption), and a digital signature of a Certificate authority (CA) to verify that the certificate is valid.

Remote Authentication Dial-In User Service (RADIUS)

An authentication system requiring clients to enter a user name and password. Cisco Secure ACS servers support RADIUS.

Terminal Access Controller Access Control System (TACACS+)

A security protocol enabled through AAA commands used for authenticating end-user clients. Cisco ACS servers support TACACS+.