Symantec Security Expressions Server manual Configure Servers, About Server Configuration

Page 19

Configure Servers

About Server Configuration

Before you can audit systems using the server application, you must configure server settings. From fundamental settings such as database connection and policy-file-library synchronization to specific settings that drive scheduled and Audit-on-Connect, the Settings tab provides a central

location for configuring the server.

To access the Settings tab, click Configure Servers on the application's home page. Use the links at the top of the tab to open the various settings pages.

Local Server Settings

Local Settings include parameters of individual audit

servers. Most settings are global to all servers in the system, but the Local Settings apply only to one named audit server. The heading, such as Local Settings are for Server: ENTERPRISEHOST indicates that the displayed settings are for the server named ENTERPRISEHOST. The database server and database name also appear.

About User Roles

If the tasks involved in auditing computers for security compliance are divided among different people in your organization, we recommend establishing user roles to control who can use different features in this application. Several key pages contain settings that let only members of specified Windows User Groups access certain pages and their features. This allows each user to focus on their tasks while preventing unauthorized users from performing restricted operations. For example, administrators of the product need access to all pages including configuration pages, but auditors only need access to pages used for setting up audits and viewing results.

Tip: Create Windows User Groups based on the access level you plan to grant different users of the application. Then assign these groups to the corresponding pages.

Pages with Role Settings

You establish user roles by entering Windows Group Access settings on the following pages in the application. You may restrict access to the pages or features themselves, plus the reports and audit results based on the restricted machine lists, policies, scopes, and scheduled tasks.

Page Access

Machine List Access

Policies

Scopes

My Machine Lists

Scheduled Tasks

11

Image 19

Contents SecurityExpressions Server User Guide Page Table Of Contents Page Table Of Contents Page Vii Page Contacting Us Page Contacting Technical Support Technical SupportPage SecurityExpressions Console Other ProductsPage About SecurityExpressions Audit & Compliance Server OverviewPage How to Audit your Local Computer Self-Service AuditWhat is Self-Service Auditing? Self-Service Audit AgreementDisplays on the page. No detailed audit results appear Pages with Role Settings Configure ServersAbout Server Configuration Local Server SettingsViewing Audit Results SetupDatabase Connection Windows 2000 Servers Secure ConnectionCredential Store User Click OK on the Default Web Site Properties windowCreating Credential Stores Site Preferences Enable Web ServicesSecurityExpressions Console Credential Stores Software RegistrationAccess Item Rights Global Machine List Access User RolesLibrary Synchronization Policy File LibraryCheck the Synchronize with a policy file library box How System Scores are Calculated About Policy FilesDefault method for remote execution on Windows Agent & Service ConfigurationTarget Options SSH Agent Authentication Database Cleanup Add Task Update TaskCancel PoliciesSite Preferences Agent DownloadsClick Use the Following Agreement Allow Remediation Page Policies Table What is Audit-on-Connect?Audit-On-Connect PoliciesPage Adding Policies Editing Policies Deleting Policies Configuring with Run-Time Policy VariablesPage Scopes ScopesAdd a New Scope Page Edit a Scope Scopes Table Supported Operators Deleting ScopesDNS Domain Name Scopes Expression ScopesOrg Unit Scopes Supported FunctionsDetection Method Scopes Notifications Editing Notifications Creating New Command NotificationsCreating New Email Notifications Click Add NewClick Add New Creating New Command Notifications Notification Variables Deleting NotificationsAdding Exceptions ExceptionsExceptions Exceptions Table Column DescriptionConnection Monitors Specify Password and Encrypted PasswordConnection Monitors Deleting ExceptionsRemove Configuring Connection MonitorsEnabling Connection Monitors IP Range Section Connection Monitor Configuration FileOptions DefaultConfiguration File Syntax Processing the Configuration FileActive Directory Active Directory Connection Monitor only Slow Links NetworkInitial Token Trace Route InformationNetwork Admissions Control Unmanaged SystemsRedirection Web HealthyQuarantined/Unknown Reaudit if quarantinedRedirection Web Page Behavior Audit on Connect TracingAudit on Connect Tracing Page Page Audit-On-Schedule What is Audit-on-Schedule?Page Adding Policies Editing Policies Deleting Policies Page Notifications Click Add New Click Add New Deleting Notifications My Machine Lists My Machine ListsEditing Machine Lists Adding Machine ListsScheduled Tasks Scheduled TasksDeleting Machine Lists Editing Global Machine ListsAdding Scheduled Tasks Basic SettingsSchedule Settings Hosts Not Connected Settings Credentials Settings Other Options SettingsEditing Scheduled Tasks Windows Group AccessSchedule Settings Notifications Other Options Settings Deleting Scheduled Tasks Page Adding a New Audit-On-Connect Report Profile View Audit-On-Connect ActivityBrowse Audit-On-Connect Activity Audit-On-Connect Activity Table Column DescriptionDeleting Report Profiles Editing Report ProfilesAudit-On-Connect Exceptions Report Audit-On-Connect Error Log ReportPage Browse Audit Results View Audit ResultsAdding a New Audit Results Report Profile Page Deleting Audit Report Results Profiles Scheduled Audits Log ReportAdding Custom Reports to the Server Application Editing Audit Report Results ProfilesPage Glossary Page Index ConfigureIP address 33, 44, 45 Rule weights