Symantec Security Expressions Server manual SecurityExpressions Console Credential Stores

Page 23

Configure Servers

Once you create a credential store, you can't modify it.

To create a credential store:

1.In the Application Setup page, click Add New.

2.In the New Credential Store User Name box, type a user name for logging in to this credential store.

3.Optional: In the New Credential Store User Full Name box, type a descriptive name.

4.Optional: In the New Credential Store User Description box, type any information about this credential store other users might find helpful.

5.In the New Credential Store User Password box, type a password for logging in to this credential store.

6.In the Verify Credential Store User Password box, type the password again.

7.Click Update.

SecurityExpressions Console Credential Stores

When you create a Credential Store in the SecurityExpressions Console, you create a container that securely saves all of your machine list and host (target system) credentials in the database. After you create the credential store, you can delegate the credentials to the Audit & Compliance Server. This allows users belonging to certain Windows Groups to perform operations using the delegated credentials without knowing or seeing the credentials.

Software Registration

The Software Registration options on the Application Setup page let you register the software for use. You must enter a valid license key in order to activate the server application. If you purchased the Audit-on-Connect component, you must activate that feature with a second license key.

To register the software:

1.In the SecurityExpressions Audit and Compliance Server License Key box, enter the license key for general use of the application.

2.If you purchased Audit-on-Connect, in the SecurityExpressions Audit-on-Connect License Key box, enter the license key for that component.

3.Click Apply.

Site Preferences

The Site Preference options on the Application Setup page let you select general settings for the application. Click Apply after changing these settings.

Enable Web Services

Select this check box to enable SecurityExpressions' Web-services layer. To learn more about the Web-services layer, see SecurityExpressions Web Services API guide, included in your installation package.

Allow Remediation

Select this check box to allow Web-services remediation functions to apply fixes to computers audited through Web services.

15

Image 23

Contents SecurityExpressions Server User Guide Page Table Of Contents Page Table Of Contents Page Vii Page Contacting Us Page Contacting Technical Support Technical SupportPage SecurityExpressions Console Other ProductsPage About SecurityExpressions Audit & Compliance Server OverviewPage How to Audit your Local Computer Self-Service AuditWhat is Self-Service Auditing? Self-Service Audit AgreementDisplays on the page. No detailed audit results appear Pages with Role Settings Configure ServersAbout Server Configuration Local Server SettingsDatabase Connection SetupViewing Audit Results Windows 2000 Servers Secure ConnectionCreating Credential Stores Click OK on the Default Web Site Properties windowCredential Store User Site Preferences Enable Web ServicesSecurityExpressions Console Credential Stores Software RegistrationAccess Item Rights Global Machine List Access User RolesCheck the Synchronize with a policy file library box Policy File LibraryLibrary Synchronization How System Scores are Calculated About Policy FilesTarget Options Agent & Service ConfigurationDefault method for remote execution on Windows SSH Agent Authentication Database Cleanup Add Task Update TaskCancel PoliciesClick Use the Following Agreement Agent DownloadsSite Preferences Allow Remediation Page Policies Table What is Audit-on-Connect?Audit-On-Connect PoliciesPage Adding Policies Editing Policies Deleting Policies Configuring with Run-Time Policy VariablesPage Add a New Scope ScopesScopes Page Edit a Scope Scopes Table Supported Operators Deleting ScopesDNS Domain Name Scopes Expression ScopesDetection Method Scopes Supported FunctionsOrg Unit Scopes Notifications Editing Notifications Creating New Command NotificationsCreating New Email Notifications Click Add NewClick Add New Creating New Command Notifications Notification Variables Deleting NotificationsAdding Exceptions ExceptionsExceptions Exceptions Table Column DescriptionConnection Monitors Specify Password and Encrypted PasswordConnection Monitors Deleting ExceptionsEnabling Connection Monitors Configuring Connection MonitorsRemove IP Range Section Connection Monitor Configuration FileOptions DefaultActive Directory Active Directory Connection Monitor only Processing the Configuration FileConfiguration File Syntax Slow Links NetworkInitial Token Trace Route InformationNetwork Admissions Control Unmanaged SystemsRedirection Web HealthyQuarantined/Unknown Reaudit if quarantinedAudit on Connect Tracing Audit on Connect TracingRedirection Web Page Behavior Page Page Audit-On-Schedule What is Audit-on-Schedule?Page Adding Policies Editing Policies Deleting Policies Page Notifications Click Add New Click Add New Deleting Notifications My Machine Lists My Machine ListsEditing Machine Lists Adding Machine ListsScheduled Tasks Scheduled TasksDeleting Machine Lists Editing Global Machine ListsAdding Scheduled Tasks Basic SettingsSchedule Settings Hosts Not Connected Settings Credentials Settings Other Options SettingsEditing Scheduled Tasks Windows Group AccessSchedule Settings Notifications Other Options Settings Deleting Scheduled Tasks Page Adding a New Audit-On-Connect Report Profile View Audit-On-Connect ActivityBrowse Audit-On-Connect Activity Audit-On-Connect Activity Table Column DescriptionDeleting Report Profiles Editing Report ProfilesAudit-On-Connect Exceptions Report Audit-On-Connect Error Log ReportPage Adding a New Audit Results Report Profile View Audit ResultsBrowse Audit Results Page Deleting Audit Report Results Profiles Scheduled Audits Log ReportAdding Custom Reports to the Server Application Editing Audit Report Results ProfilesPage Glossary Page Index ConfigureIP address 33, 44, 45 Rule weights