The following options for configuring an agent are:
Indicates that the agent is configured from the Policy Server. The policy store holds the set of configuration parameters that a group of agents shares. Parameter settings are configured using the Administrative UI.
The Agent configuration is specified in an Agent Configuration Object.
Note: Central configuration does not apply to RADIUS, EJB, Servlet, or Custom Agents—those Agents can only perform local configuration.
Indicates that the Web Agent is configured from a local configuration file on each web server where the Agent is installed.
You can store some parameters centrally and others locally.
Note: You can only enable and disable the agent from a file on the web server, not from the Policy Server.
When you centrally configure agents, the settings are stored in the policy store, not on a local configuration file on a web server.
Compared with local configuration, central configuration provides:
On the agent-side of a network, several main in agent operation:
A virtual interface to a web server; triggers rules and enforces policies.
A client computer where one or more agents are installed. This host handles the connection to the Policy Server. You can have more than one trusted host on a server, but each requires a unique name.
The trusted host is “trusted,” because it is registered with the Policy Server. Register a trusted host so the Web Agents installed on that host can communicate with the Policy Server.
The following data identifies a trusted host:
Stored on the web server where the Agent resides, this file is used for local configuration. The LocalConfig.conf file holds the Agent configuration parameters for each Web Agent. The WebAgent.conf file enables or disables the agent and loads any related plug-ins.
Stored on the web server where the Web Agent resides, this file holds initialization parameters for the trusted host. Once the trusted host connects to a Policy Server, the trusted host uses the settings in the Host Configuration Object. The Host Configuration Object is named in the hostconfigobject parameter of this file.
On the Policy Server-side the following objects relate to agent configuration:
Names the Agent, establishing an Agent identity that can be mapped to a specific web server.
Contains the Web Agent configuration parameters. Use an Agent Configuration Object for managing groups of agents centrally. Though this object is primarily for central Agent configuration, it also contains the parameter that tells the Policy Server to use local configuration.
Contains the trusted host configuration parameters. Except for initialization parameters, trusted host parameters are always maintained in a Host Configuration Object.
Configuration objects are stored in the policy store. Create or modify these objects with the Administrative UI.
You associate a configured Agent with a realm, which is a collection of resources that you want to protect. Realms are protected by rules, which get included in an access control policy.
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|