Symantec Security Expressions Server manual Secure Connection, Windows 2000 Servers

Page 21

Configure Servers

We recommend you don’t use SQL Server's master database as the SecurityExpressions database.

To establish a valid database connection:

1.In the Database Type drop-down list, select the manufacturer of the database software you use.

2.In the Database Server Name box, type the name of the computer containing the database software you use.

If you’re not connecting to the default instance of the database, enter the server name in computername\databaseinstance format.

3.In the Catalog (Database) Name box, type the name of the database you want the server software to connect to or create.

4.If you want to create a database instead of connecting to an existing database, check Create.

5.Decide if you want the server application to use SQL Server or Windows authentication to log in to the database.

The application uses the credentials typed in the Database Login and Database Password boxes for all users every time they open the application. You can enter the credentials of any account that has read/write access to the database and tables.

If using SQL Server authentication, type a SQL Server account’s user name and password in the Database Login and Database Password boxes.

If using Windows authentication, check Use Windows Authentication and type a Windows account’s user name and password in the Database Login and Database Password boxes.

This sets the application and all related services to run under this account, including ASP.NET. To increase security, you can create a domain user with limited network access and read/write access to the database, and then use that account’s credentials.

If both the server application and the database are on the same computer, then the you can use the ASP.NET account’s credentials. To do this, grant the ASP.NET user permission to use the database in the database software. Then type .\ASPNET in the Database Login box and leave the Database Password box blank.

6.Click Apply.

Make sure to connect all server applications you install in the organization to this database.

Secure Connection

In order to establish a secure connection to the server-software Web site, whether you're accessing it from the system on which you installed the software or remotely from another system, you must use Secure Sockets Layer (SSL). That means you must include HTTPS in the URL. Use the format https://<hostname>/seserver, where <hostname> is name of the system containing the server software.

Windows 2000 Servers

If you installed the server software on a Windows 2000 Server system running IIS, you must configure SSL by setting up the server certificate on that system.

13

Page 20 Page 22
Image 21
Page 20 Page 22
Contents SecurityExpressions Server User Guide Page Table Of Contents Page Table Of Contents Page Vii Page Contacting Us Page Contacting Technical Support Technical SupportPage SecurityExpressions Console Other ProductsPage About SecurityExpressions Audit & Compliance Server OverviewPage What is Self-Service Auditing? Self-Service AuditSelf-Service Audit Agreement How to Audit your Local ComputerDisplays on the page. No detailed audit results appear About Server Configuration Configure ServersLocal Server Settings Pages with Role SettingsSetup Viewing Audit ResultsDatabase Connection Windows 2000 Servers Secure ConnectionClick OK on the Default Web Site Properties window Credential Store UserCreating Credential Stores SecurityExpressions Console Credential Stores Enable Web ServicesSoftware Registration Site PreferencesAccess Item Rights Global Machine List Access User RolesPolicy File Library Library SynchronizationCheck the Synchronize with a policy file library box How System Scores are Calculated About Policy FilesAgent & Service Configuration Default method for remote execution on WindowsTarget Options SSH Agent Authentication Database Cleanup Cancel Update TaskPolicies Add TaskAgent Downloads Site PreferencesClick Use the Following Agreement Allow Remediation Page Audit-On-Connect What is Audit-on-Connect?Policies Policies TablePage Adding Policies Editing Policies Deleting Policies Configuring with Run-Time Policy VariablesPage Scopes ScopesAdd a New Scope Page Edit a Scope Scopes Table DNS Domain Name Scopes Deleting ScopesExpression Scopes Supported OperatorsSupported Functions Org Unit ScopesDetection Method Scopes Notifications Creating New Email Notifications Creating New Command NotificationsClick Add New Editing NotificationsClick Add New Creating New Command Notifications Notification Variables Deleting NotificationsExceptions ExceptionsExceptions Table Column Description Adding ExceptionsConnection Monitors Specify Password and Encrypted PasswordDeleting Exceptions Connection MonitorsConfiguring Connection Monitors RemoveEnabling Connection Monitors IP Range Section Connection Monitor Configuration FileOptions DefaultProcessing the Configuration File Configuration File SyntaxActive Directory Active Directory Connection Monitor only Slow Links NetworkNetwork Admissions Control Trace Route InformationUnmanaged Systems Initial TokenQuarantined/Unknown HealthyReaudit if quarantined Redirection WebAudit on Connect Tracing Redirection Web Page BehaviorAudit on Connect Tracing Page Page Audit-On-Schedule What is Audit-on-Schedule?Page Adding Policies Editing Policies Deleting Policies Page Notifications Click Add New Click Add New Deleting Notifications My Machine Lists My Machine ListsEditing Machine Lists Adding Machine ListsDeleting Machine Lists Scheduled TasksEditing Global Machine Lists Scheduled TasksAdding Scheduled Tasks Basic SettingsSchedule Settings Hosts Not Connected Settings Credentials Settings Other Options SettingsEditing Scheduled Tasks Windows Group AccessSchedule Settings Notifications Other Options Settings Deleting Scheduled Tasks Page Browse Audit-On-Connect Activity View Audit-On-Connect ActivityAudit-On-Connect Activity Table Column Description Adding a New Audit-On-Connect Report ProfileDeleting Report Profiles Editing Report ProfilesAudit-On-Connect Exceptions Report Audit-On-Connect Error Log ReportPage View Audit Results Browse Audit ResultsAdding a New Audit Results Report Profile Page Adding Custom Reports to the Server Application Scheduled Audits Log ReportEditing Audit Report Results Profiles Deleting Audit Report Results ProfilesPage Glossary Page Index ConfigureIP address 33, 44, 45 Rule weights
Top Page Image Contents