IBM Tivoli and Cisco 사용자 설명서
Chapter 2. Architecting the solution
35
revalidation process takes place too often, this pop-up window may become
annoying and significantly lower the user’s productivity. The recommended value
is 14400 seconds (4 hours) or more.
annoying and significantly lower the user’s productivity. The recommended value
is 14400 seconds (4 hours) or more.
The router or the
network access device
(NAD) periodically queries the client for
the current policy compliance status changes. This activity introduces additional
network traffic, which becomes larger as the defined time intervals shorten.
However, frequent polling enables quick disconnection from a client that
becomes noncompliant from the network. Depending on the network architecture
(number of clients connected to one NAD, network bandwidth, current network
load, and so on) the status query period should not be shorter than 30 seconds.
network traffic, which becomes larger as the defined time intervals shorten.
However, frequent polling enables quick disconnection from a client that
becomes noncompliant from the network. Depending on the network architecture
(number of clients connected to one NAD, network bandwidth, current network
load, and so on) the status query period should not be shorter than 30 seconds.
2.4 Implementation flow
IBM best practice in implementation of this concept in an enterprise-wide
deployment has been identified by the following project phases that would assist
in a smooth transition to the new environment:
deployment has been identified by the following project phases that would assist
in a smooth transition to the new environment:
Initiation
Definition
Design
Build
Maintenance
In the
initiation phase
, high-level project requirements are gathered and verified
to be included in the Statement of Work (SoW) document.
During the
definition phase
, those requirements are refined and documented in
detail, and as a result several of the documents are created, including
Project
Definition Report
(PDR),
functional specification
, and
existing system analysis
.
In the
design phase
, the detailed design of the solution is created, typically in the
form of architecture and design documents covering macro and micro design
studies. Then the solution is actually implemented in the
studies. Then the solution is actually implemented in the
build phase
.
The final stage is
maintaining and updating the solution
as the surrounding
environment or business requirements change. This typically is a cyclic process
as described in 2.3.2, “Security policy life cycle management” on page 30.
as described in 2.3.2, “Security policy life cycle management” on page 30.
2.5 Scalability and high availability
Any architecture must be easily scalable and available at all times for secure and
reliable business transactions and the future growth of the business. This
reliable business transactions and the future growth of the business. This