IBM Tivoli and Cisco User Manual page 480

using the example HTML form provided. It should be noted that default security
settings on most browsers will prevent active content or ask the user whether to
allow it, meaning that the user will still have to manually intervene in the process.
This HTML form must be customized to the environment as follows:
The client's MAC address must be placed in the <INPUT TYPE="HIDDEN"
NAME="mac" VALUE="001125CEF56C"> tag.
The administrator UID of the NAC Appliance Manager must be placed in the
<INPUT TYPE="HIDDEN" NAME="admin" VALUE="admin">
The password for the specified administrator ID must be placed in the
<INPUT TYPE="HIDDEN" NAME="passwd" VALUE="cisco123">.
There is sensitive information placed in this file, which is another reason why this
version of the integration is not suitable for production.
Installing and configuring prototype integration components
The following instructions are intended to assist the reader in implementing this
integration.
NAC Appliance Agent
The prototype version of this agent installs on the client in the same manner as
the production version. It is basically a wizard install and there are no
configuration parameters required.
On the NAC Appliance Manager, the agent must be registered as follows:
1. Unzip the IBMTivoli.zip file. You will find two sub-directories, CAM and Agent.
2. Copy the two jsps from the CAM sub-directory into the
/perfigo/control/tomcat/Webapps/admin/ directory on the Clean Access
Manager.
3. Upload the CCAAgentSetup.tar.gz file in the Agent sub-directory on to the
Clean Access Manager using CleanAccess → CleanAccess Agent →
Distribution with Version 4.0.1.1.
Policy collector
The prototype policy collector is delivered as a .jar file named
com.ibm.scm.nac.posture.PolicyCollector.jar. This file is installed as a collector
using the Security Compliance Manager Server's Administration Console. This
collector is assigned Release Version 500, which is several hundred versions
higher than the production versions, to distinguish it from production versions of
the collector. Whenever a system with this prototype collector is updated with a
production version, the installer will be warned that the new version is lower than
462
Building a Network Access Control Solution with IBM Tivoli and Cisco Systems