fighting for truth, justice, and a kick-butt lotus notes experience.

tell traveler security delete - no longer needed

 6 April 2016 17:16:04
 
It is no longer mandatory for administrators to manually perform tell traveler security delete to remove the device security administration data from IBM Traveler after a device has been deleted or reset.

Starting with version 9.0.1.10, IBM Traveler will automatically quarantine deleted devices and move them into the deleted state. These deleted devices will not be seen in the "Devices" view, however they will continue to be seen in the "Devices Security" view for up to 30 days. IBM Traveler keeps deleted device security data for the 30 day period in order to
  • Publish device security data to the IBM Traveler Web Administration Console so that Administrators can take further action on those deleted devices
  • Allow IBM Traveler Administration REST API consumers query for a list of all deleted devices.
  • Allow sufficient time for any security actions taken against the device to complete.

If there is no device activity for 30 days, the corresponding device security data will be automatically removed. This means any security action previously completed or still pending against the device will be lost. However, if a deleted or reset device happens to connect and/or sync with IBM Traveler within the 30 day window, it will be moved to an active state and will resurface in the "Devices" view.

A notes.ini setting, NTS_ADMIN_CLEANUP_TIMEOUT, is available to customize the 30 day period for security data removal.

If an administrator wants the security data to be immediately removed during device deletion, they can assign a value of 0 to this ini setting. This forces IBM Traveler to remove both the device and its security data when tell traveler delete or tell traveler reset is performed. Any previous security (such as approval, deny, or wipe) actions taken against the device will be immediately lost. In environments where NTS_ADMIN_CLEANUP_TIMEOUT = 0 has been set, we recommend not to delete a device immediately after a security action has been issued. Instead, wait for the server and/or device to complete the action before deleting the device. For example, if a device or application wipe has been issued and the device is deleted immediately following that wipe, even before the device acknowledges the wipe, the wipe action will be lost from IBM Traveler.

Note: There is still no explicit indication available on the IBM Traveler Administration UI to highlight devices in the deleted state. If a device is deleted, it will not appear in the "Devices" view.

Can be found here: http://www.ibm.com/support/knowledgecenter/?lang=en#!/SSYRPW_9.0.1/tellcommandreference.dita


Kommentare
noch keine Kommentare vorhanden
  •  
  • Hinweis zum Datenschutz und Datennutzung:
    Bitte lesen Sie unseren Hinweis zum Datenschutz bevor Sie hier einen Kommentar erstellen.
    Zur Erstellung eines Kommentar werden folgende Daten benötigt:
    - Name
    - Mailadresse
    Der Name kann auch ein Nickname/Pseudonym sein und wird hier auf diesem Blog zu Ihrem Kommentar angezeigt. Die Email-Adresse dient im Fall einer inhaltlichen Unklarheit Ihres Kommentars für persönliche Rückfragen durch mich, Detlev Pöttgen.
    Sowohl Ihr Name als auch Ihre Mailadresse werden nicht für andere Zwecke (Stichwort: Werbung) verwendet und auch nicht an Dritte übermittelt.
    Ihr Kommentar inkl. Ihrer übermittelten Kontaktdaten kann jederzeit auf Ihren Wunsch hin wieder gelöscht werden. Senden Sie in diesem Fall bitte eine Mail an blog(a)poettgen(punkt)eu

  • Note on data protection and data usage:
    Please read our Notes on Data Protection before posting a comment here.
    The following data is required to create a comment:
    - Name
    - Mail address
    The name can also be a nickname/pseudonym and will be displayed here on this blog with your comment. The email address will be used for personal questions by me, Detlev Pöttgen, in the event that the content of your comment is unclear.
    Neither your name nor your e-mail address will be used for any other purposes (like advertising) and will not be passed on to third parties.
    Your comment including your transmitted contact data can be deleted at any time on your request. In this case please send an email to blog(a)poettgen(dot)eu

Archive