Compliance Management in B2B
Hi, can anyone help in how we can answer for Compliance Management in B2B
Hello,
Can you please elaborate this query to help us answer better.
Rgds,Ramesh
Similar Messages
-
Sun Identity Compliance Manager Questions
Hi Everyone,
We are looking for a complete list of supported managed resources for the Sun Identity Compliance Manager (SICM) tool.
Also we have the following specific questions:
1. Does SICM have connectors/adapters to Solaris 8/9/10 and Oracle EBS (as managed resources) to perform access certification of user accounts and associated entitlements/privileges/roles.
For example: Can SICM be used to analyze/report on the status of current and newly provisioned Solaris unix-level accounts and associated RBAC roles (say) -or- Oracle EBS accounts and associated roles /responsibilities to identify if they have been certified or have any SOD conflicts?
2. Can SICM be implemented as a fully functional stand-alone product as opposed to it being integrated with Sun Identity Manager (SIM) ?
3. In a scenario where SIM and SICM are integrated, can SIM do a hand-off to SICM for SOD analysis and checking as part of it account provisioning workflows?
Any insight and/or pointers will be greatly appreciated!
Thanks in advance and please let me know if there is a more relevant forum to post this question.
-TSI have resolved the problem, the problem is because of the idmmanager attribute. In onsite they are using some other idm 6.0 with some patch, so they are getting the idm manager attribute but in offshore we dont have any patch installed for getting the idm manager attribute. Do you have any idea about how to get the idm manager attribute in the idm 6.0 with some patch? Thanks for your help ya.
-
Ciscoworks 3.2 RME Compliance Management w/ 802.1x Port Configs
I am currently trying to use LMS 3.2 Compliance management to verify and alter our access port configurations for 802.1x. Below is our current configuration:
switchport access vlan XX
switchport mode access
authentication control-direction in
authentication event fail retry 0 action authorize vlan XXX
authentication event no-response action authorize vlan XXX
authentication port-control auto
authentication periodic
dot1x pae authenticator
dot1x timeout quiet-period 10
dot1x timeout tx-period 10
dot1x timeout supp-timeout 10
dot1x max-req 1
dot1x max-reauth-req 1
storm-control broadcast level 75.00
spanning-tree portfast
spanning-tree bpduguard enable
I require the configurations to be changed to:
switchport access vlan XX
switchport mode access
authentication event fail action authorize vlan XXX
authentication event no-response action authorize vlan XXX
authentication port-control auto
authentication periodic
dot1x pae authenticator
dot1x timeout tx-period 8
storm-control broadcast level 10.00
storm-control multicast level 10.00
spanning-tree portfast spanning-tree bpduguard enable
Addtionally, I require LMS to verify that the port is indeed an access port with 802.1x already applied to it before adjusting the configurations. I have tried pushing this compliance check out with a prerequisite of having "switchport mode access" applied to it, and then having the next command set state:
Submode: interface [#Ethernet*/*/*#]
- dot1x max-req 1
- dot1x max-reauth-req 1
+ no dot1x max-req 1
+ no dot1x max-reauth-req 1
This was a simple test on a single device to see if I could remove the limits on authentication and requests entered. The job states successful and there are no devices that are non-compliant, however no changes to the device configurations have been made. I seek assistance in command syntax or if there is another way to push this out, as I have about 1k network devices to go through and make these changes.The following tempalte should do what you want:
Name: Global SubMode: No isPrerequisite: No
Ordered : No Prerequisite-Commandset : none Parent: none
Name: Switchport SubMode: Yes isPrerequisite: Yes
Ordered : No Prerequisite-Commandset : none Parent: none
interface [#FastEthernet.*#]
+[#switchport mode access#]
Name: 802fix SubMode: No isPrerequisite: No
Ordered : No Prerequisite-Commandset : Switchport Parent: Switchport
-dot1x max-req 1
-dot1x max-reauth-req 1
Note that I have changed to [#FastEthernet.*#] to be applied on
FastEthernet interfaces. -
Compliance Management in LMS 3.2
I'm having a hard time getting Compliance Manager to accept a "banner login" command I'm attempting to use on 6500 IOS switches. I've edited the template, tried cut-&-paste, looked for the archive file on the server to directly modify it (without success), among other things. I have this feature functioning correctly on CatOS switches, but can't seem to get it properly set on IOS switches. What's the limit, as far as the template is concerned, on the number of characters with this type of command? Where are the archive configs located on the server; in the "shadow" directory?
Thanks,
RickNot sure what you mean when you say "not accepting", but I had some trouble with compliance templates and checking banners. My issue was with multi-line commands as mentioned in the last post of this thread: https://supportforums.cisco.com/message/638950#638950
Once I put the in the template it worked fine. The thread is discussing LMS 2.6 but was applicable in my 3.2 environment. Hope that helps. -
Does Cisco Prime have a replacement product for NCM or Network Compliance Manager?
Does the Cisco Prime application development team have a product that replaces the NCM or Network Compliance Manager?
Both Prime and LMS can do baseline compliance, after a fashion. LMS's is much more mature in my estimation. Prime is more around the lines of deploying templates.
The regulatory compliance functions as of now are in only LMS's Compliance and Audit Manager (CAAM) function. It's quite useful, matching the baseline compliance features.
An LMS license is included with PI, but it does need to be on its own server (or separate VM). -
Installing Security and Compliance Manager on Windows 8.1
Hi
I am trying to install Security and Compliance Manager on my Windows 8.1 workstation. The install is trying to install SQL Express 2008 which seems to not be compatible with Windows 8.1 and that is were the install ends.
I tried installing SQL Express 2012 and then running the install but it looks like the database is not installed.
Is there a new version of Security and Compliance Manager that addresses this or does anyone know how to set up SQL to accept Compliance Manager?Open Regedit and go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
Delete this key under Session Manager "PendingFileRenameOperations". Restart the installation and it will work fine.
Cheers,
Gulab Prasad
Technology Consultant
Blog:
http://www.exchangeranger.com Twitter:
LinkedIn:
Check out CodeTwo’s tools for Exchange admins
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose. -
Microsoft Security Compliance Manager V3 and create GPO
I have created a GPO backup from the compliance manager for Windows 7 SP1. I am trying to find documentation for the exact process of importing these settings into a newly created "blank" gpo. In review of the Backup.xml file, I can see that
it references Contoso.com (the generic MS domain for examples, etc). Is there a clear documented process for configuring the template then creating a domain GPO? Any help is greatly appreciated!
wjkHi,
Thanks for your post.
SCM Baselines for Windows 8.1, IE 11 and Server 2012 R2 are now live!
http://blogs.technet.com/b/secguide/archive/2014/09/04/scm-baselines-for-windows-8-1-ie-11-and-server-2012-r2-are-now-live.aspx
For more SCM related issue, i think you may ask in:
https://social.technet.microsoft.com/Forums/en-US/home?forum=compliancemanagement
Regards.
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Cisco Works Network Compliance Manage NCM
I'm working on the Cisco Works Network Compliance Manager.
I would like to add a device which is behind a firewall.
For this I use the option bastion host to authen. on the firewall and
to get access to the device self.
The problem is the firewall is not listing to the port 22/23, it a different port number
like example 1234.
Is it possible to change the port manually in a configfile, as the webinterface has no option for this ?
I use the version 1.7.1 the latest one.Both Prime and LMS can do baseline compliance, after a fashion. LMS's is much more mature in my estimation. Prime is more around the lines of deploying templates.
The regulatory compliance functions as of now are in only LMS's Compliance and Audit Manager (CAAM) function. It's quite useful, matching the baseline compliance features.
An LMS license is included with PI, but it does need to be on its own server (or separate VM). -
RME - Compliance Management - Deploy strangeness
Hi All,
Here is an interesting one. Got a selection of Compliance management jobs and am having trouble with the deploy phase. Basically I am looking for the following on a series of devices and then removing it.
- [#radius-server host.*#]
So when this runs, it matches what I expect (shown below)
no radius-server host x.x.x.x auth-port 1812 acct-port 1813 key 7 XXXXXXXXXXXX
However when I deploy this, the line above remains on the device?
I have tried changing the compliance check to
- radius-server host x.x.x.x auth-port 1812 acct-port 1813 key 7 XXXXXXXXXXXX
To see if its a regex problem of some form and the job does exactly the same, i.e. it matches the line and tries to deploy however doesn't work?
Any ideas?Hi Yidabear,
Its not a pre-requisite problem as the pre-requisites are fillfilled and hence it deploys the rest of the config to the devices in question. For some reason it is just this one line that it has a problem with. Strangely enough, we had a similar issue with the same format of TACACS server line. It seems to happen when you have the "key 7 xxxxxxxxx" value at the end? Even though it finds it and tried to remove it it fails. -
Security Compliance Manager - version 3.0.60
Does anyone know if this version of Security Compliance Manager supports Windows Server 2012 R2:
3.0.60Hi sayerdi,
As this question is related to Security Compliance Manager (SCM), for quick and accurate response, I would like to recommend that you ask the question in the SCM forum at
https://social.technet.microsoft.com/Forums/en-US/home?forum=compliancemanagement . It is appropriate and more experts will assist you.
Additionally, there is a similar thread about SCM for Windows Server 2012 R2 for your reference.
https://social.technet.microsoft.com/Forums/en-US/9a0b831e-5d38-4b26-9191-16286f10ecab/scm-update-for-windows-81-and-windows-2012-r2?forum=compliancemanagement
Thanks,
Lydia Zhang -
Microsoft Security Compliance Manager - Failed to installed
Every time I try to install Microsoft Security Compliance Manager right when I getto the part where I'm installing it, it gives me this error:
Microsoft Security Compliance Manager Setup Wizard failed while starting the installation/uninstallation The given path's format is not supported.
Then closing the installation and telling me it failed.
Please help I need to install this for a class.Hi,
Thanks for your post.
SCM Baselines for Windows 8.1, IE 11 and Server 2012 R2 are now live!
http://blogs.technet.com/b/secguide/archive/2014/09/04/scm-baselines-for-windows-8-1-ie-11-and-server-2012-r2-are-now-live.aspx
For more SCM related issue, i think you may ask in:
https://social.technet.microsoft.com/Forums/en-US/home?forum=compliancemanagement
Regards.
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
I have downloaded the MS Security Compliance Manager, which is in two parts: MS SQL Server 2008 Express Edition & the SCM. The install instructions state the the server needs to be install before the SCM. So as the install continues I get
an error message, which cancels the installation. So, I am trying to install SQL 2008 EE separate from SCM. My question is:
Can I upgrade from my current SQL Server 2005 Compact Edition [ENU]
directly to SQL Server 2008 Express Edition (or higher)?So as the install continues I get an error message, which cancels the installation.
And which error message did you got?
SQL Server Compact Edition is something different then SQL Server Express (or Standard) Edition, you can't upgrade it as you asked for,.
Olaf Helper
[ Blog] [ Xing] [ MVP] -
Hello
Can someone please help me with the following question.
I have a standalone Server and need to apply settings from SCM, I can see how to do this following the instructions in the following article
http://windowsitpro.com/security/q-how-can-i-apply-security-baseline-i-defined-through-microsoft-security-compliance-manager
The problem is the LocalGPO.wsf that ships with the above version of SCM does not run on Server 2012 R2 (only Server 2012)
my question is,
is there a later version of LocalGPO.wsf I can use that works on Server 2012 R2 ?
Thanks
AAnotherUser__
AAnotherUser__Hi,
Thanks for your post.
SCM Baselines for Windows 8.1, IE 11 and Server 2012 R2 are now live!
http://blogs.technet.com/b/secguide/archive/2014/09/04/scm-baselines-for-windows-8-1-ie-11-and-server-2012-r2-are-now-live.aspx
For more SCM related issue, i think you may ask in:
https://social.technet.microsoft.com/Forums/en-US/home?forum=compliancemanagement
Regards.
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Environmental Compliance Management
Hi friends
Help me how to do the environment compliance management, Emissions Management, Health & Safety, Compliance for products.
Kindly do the needful
Thanks and Regards,
Arul.HI,
Pls. find some details about EH&S ( Environment,Health & Safety) as below:
Basic Data and Tools (EHS-BD)
Purpose
This SAP component contains data and functions that you require for several areas of the SAP component Environment, Health and Safety (EH&S).
Implementation Considerations
The Basic Data and Tools are the prerequisite for you to be able to use the other SAP EH&S components:
· Product Safety (EHS-SAF)
· Hazardous Substance Management (EHS-HSM)
· Dangerous Goods Management (EHS-DGP)
· Waste Management (EHS-WA)
· Occupational Health (EHS-HEA)
· Industrial Hygiene and Safety (EHS-IHS)
This means that regardless of which of the SAP EH&S components you want to use, you need to process Customizing for Basic Data and Tools and create the necessary data in Basic Data and Tools before you implement the other components.
Integration
You must have installed the following SAP components to be able to use all the functions of Basic Data and Tools:
· Engineering Change Management (LO-ECH)
· Document Management (CA-DMS)
· Classification System (CA-CL)
· Material Master (LO-MD-MM)
· Sales and Distribution (SD)
Features
Basic Data and Tools contains the following SAP components:
· In specification management you enter all environmentally relevant data and other data for substances (pure substances, preparations, mixtures, and residual substances), agents, packagings, and waste codes in specifications. This data includes information on identifiers, material assignments, compositions, listings, properties, and assignments to regulatory lists.
You can also enter data for dangerous goods regulations and dangerous goods classifications in specifications. You can use the filling function from the SAP component dangerous goods interfaces to copy dangerous goods classification data to the dangerous goods master. For more information, see the documentation for the SAP component Dangerous Goods Management in the sections Dangerous Goods Basic Data, Dangerous Goods Classification, and Tools.
You can copy data on dangerous goods storage classes, VbF classes, and water pollution classes to Warehouse Management. For more information, see the Implementation Guide (IMG) for Logistics Execution under Transfer Hazardous Substance Data from the Specification Database.
· In the specification information system you can access specification data directly and display it in different ways.
· In report definition you set up the prerequisites for being able to print specification data on EH&S reports (such as material safety data sheets and standard operating procedures). You design the layout of report templates using Windows Wordprocessor Integration (WWI), which gives you access to Microsoft Word functions. Specially defined symbols in the report templates are replaced by values from the SAP system when reports are generated. Phrases are printed in the languages specified. You use ratings and validity areas to specify that only permitted specification data appears on the report.
· You can create standard texts in the form of phrases in phrase management, reducing the amount of writing and translating necessary. Phrases are managed in libraries.
· Under the tools you will find functions for importing data from legacy systems, exchanging and distributing data between systems, editing it, and archiving it.
Hope this helps.
Regards,
Tejas -
Cisco Prime Specific NTP Servers by Compliance Management
Gets,
I have the following NTP servers configured on different switches
ntp server 192.168.1.1
ntp server 10.10.10.10 key 1
ntp server 12.12.12.12
ntp server 13.13.13.13 key 1
ntp server 14.14.14.14 key 30
The correct NTP servers are only 10.10.10.10 and 192.168.1.1. The problem is that as you see, the IP addresses of the NTP servers are very generic, meaning that in my large network, I may find any other NTP server.
Can you develop a code to run by Compliance Management to exclude any unneeded NTP servers ? It is required that the code catches any IP address and any key that is not matching the first two servers.Gets,
I have the following NTP servers configured on different switches
ntp server 192.168.1.1
ntp server 10.10.10.10 key 1
ntp server 12.12.12.12
ntp server 13.13.13.13 key 1
ntp server 14.14.14.14 key 30
The correct NTP servers are only 10.10.10.10 and 192.168.1.1. The problem is that as you see, the IP addresses of the NTP servers are very generic, meaning that in my large network, I may find any other NTP server.
Can you develop a code to run by Compliance Management to exclude any unneeded NTP servers ? It is required that the code catches any IP address and any key that is not matching the first two servers.
Maybe you are looking for
-
How to avoid seeing data for a particular member in the row level
Hello,<BR>I am using Essbase. In that i am having members like taks n/a, demand n/a. Purpose of these members are, if i load data for demand, task wont have data so i am mapping to task n/a.And same for the task loading.I am using alphablox for repor
-
Solman Change Request Management Issue - about create task list
Dears, We are now using Solman ChangeRM. I have created a maintainance project and maintained its logical component and IMG project. when I want to create a task list for this project, a message"The project is not released. Hence cycle can not be
-
Deriving the profit center / segment during Bank Reconciliation
Hi SDN, One of our requirements is to generate a Financial Statement by Segments. For this reason, we also need to derive / tag our Bank Reconciliation documents (Manual and Electronic) to the corresponding profit centers or segments. The problem tho
-
Can not create hi res pdf in Acrobat Pro v9 - distiller
I am having problems creating a high res PDF in Acrobat Pro 9.0, it looks like distiller will not remember or accept that I am selecting hi res definitions before I print from Quark v6.0.
-
I downloaded adobe acrobat xi and installed it, but only the download assistant appears. Can someone help?