Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring the Remote Integrity Measurement Verifier Server (NSM Procedure)

    The Trusted Network Connect (TNC) standard enables the enforcement of security requirements for endpoints connecting to networks. The client-side components of the TNC are the IMCs and the TNC-client (TNCC). The TNCC compiles the IMC measurements and sends them to the server. At the server, there is a corresponding set of components: the TNC-server (TNCS) and the IMVs. The TNCS manages the messages between the IMVs and the IMCs and sends the recommendations, based on the IMVs, to the policy engine.

    To configure the remote IMV server so that the Secure Access device can communicate with it:

    1. In the NSM navigation tree, select Device Manager > Devices.
    2. Click the Device Tree tab, and then double-click the Secure Access device for which you want to configure the remote IMV server.
    3. Click the Configuration tab. In the configuration tree, select Authentication > Endpoint Security > Host Checker.
    4. Add or modify settings as specified in Table 1.
    5. Click one:
      • OK—Saves the changes.
      • Cancel—Cancels the modifications.

    Table 1: Configuring the Remote IMV Server Details

    OptionFunctionYour Action
    Remote IMV > Remote IMV Servers

    Name

    Specifies the name for the server.

    Enter the name for the remote IMV server.

    Description

    Describes about the server.

    Enter a brief description about the server.

    Host

    Specifies the hostname.

    Enter either the IP address or hostname as defined in the server certificate.

    Port

    Specifies the port number that the Secure Access device uses to communicate with the remote IMV server.

    Enter a unique port number.

    Note: Ensure that no other service is using this port number. The default port number is the same as the default https port number.

    Shared secret

    Specifies the shared secret information.

    Enter the same shared secret used in the client information entry on the remote IMV server.

    Remote IMV > Remote IMVs

    Name

    Specifies the name of the IMV.

    Enter the name for the remote IMVs.

    Description

    Describes the IMV.

    Enter a brief description about the IMV.

    IMV Name

    Specifies the IMV name that matches the “human readable name” in the IMV’s well-known registry key on the remote IMV server.

    Enter a name for the IMV.

    Primary Server

    Specifies the primary remote IMV server where the IMV is installed.

    Select the primary remote IMV server from the drop-down list.

    Secondary Server

    Specifies the secondary remote IMV server where the IMV is installed.

    Note: The secondary server acts as a failover in case the primary server becomes unavailable.

    Select the secondary remote IMV server from the drop-down list.

    Published: 2013-01-03