Symantec Security Expressions Server manual Access

Page 24

SecurityExpressions Server User Guide

Session Duration

Session duration is a time-out period that sets the maximum number of minutes for a Web session. The session lasts until this time passes or a different Browser accesses the server. When the session expires, local session information, including authentication, is lost. Many settings, once initialized, remain through the session duration.

Once you open a new Browser, the session duration resets to the configured time period.

Maximum number of simultaneous audits for Audit-on-Connect

Simultaneous audits affect network capacity and speed. If you find the default number of simultaneous Audit-on-Connect audits consumes too many CPU and network resources, change this setting to a smaller number until you find the right balance.

Maximum number of simultaneous audits for Audit-on-Schedule

Simultaneous audits affect network capacity and speed. If you find the default number of simultaneous Audit-on-Schedule audits consumes too many CPU and network resources, change this setting to a smaller number until you find the right balance.

Do not use more than __ Mbps (megabits per second) of bandwidth

To control the amount of network bandwidth the software uses during an audit, select this check box and type the maximum number of megabits per second of bandwidth you want audits to consume. The less bandwidth allotted to audits, the longer audits will take to complete. You must enter a number between 0.01 and 10,000.0.

Other Servers Local Settings

Other servers in the System on the Application Setup page lists the other servers in this system that use the central database. When you click a link, you view the Local Settings page for those servers, but only one server is available to view at a time. By navigating to the local settings for each individual server, you can change the local settings on all servers in the system from one location.

All settings other than those on the Setup page are shared across all servers using the same database.

Page Access

Page Access identifies who has access to each SecurityExpressions Audit & Compliance Web page, including the Home and Self-Service Audit pages. For each page, type the name of a Windows User Group that you want to grant access to the page. You cannot enter individual users. Any user belonging to that Group has access, while users who do not belong to the group are denied access.

To allow all users to access a page, type Everyone. To prevent all users from accessing a page, type None.

If you enter multiple Windows groups, separate them with commas. If a Windows User Group isn't on the local computer, you'll need to enter the group in domain\groupname format.

Tip: Before making Group assignments to a specific page, become familiar with Windows Users and Groups in your organization. To see the current Users and Groups, open Control Panel and double-click the Administrative icon. Then open Computer Management and view Local Users and Groups.

16

Page 23 Page 25
Image 24
Page 23 Page 25
Contents SecurityExpressions Server User Guide Page Table Of Contents Page Table Of Contents Page Vii Page Contacting Us Page Technical Support Contacting Technical SupportPage Other Products SecurityExpressions ConsolePage Overview About SecurityExpressions Audit & Compliance ServerPage Self-Service Audit What is Self-Service Auditing?Self-Service Audit Agreement How to Audit your Local ComputerDisplays on the page. No detailed audit results appear Configure Servers About Server ConfigurationLocal Server Settings Pages with Role SettingsSetup Viewing Audit ResultsDatabase Connection Secure Connection Windows 2000 ServersClick OK on the Default Web Site Properties window Credential Store UserCreating Credential Stores Enable Web Services SecurityExpressions Console Credential StoresSoftware Registration Site PreferencesAccess Global Machine List Access User Roles Item RightsPolicy File Library Library SynchronizationCheck the Synchronize with a policy file library box About Policy Files How System Scores are CalculatedAgent & Service Configuration Default method for remote execution on WindowsTarget Options SSH Agent Authentication Database Cleanup Update Task CancelPolicies Add TaskAgent Downloads Site PreferencesClick Use the Following Agreement Allow Remediation Page What is Audit-on-Connect? Audit-On-ConnectPolicies Policies TablePage Adding Policies Editing Policies Configuring with Run-Time Policy Variables Deleting PoliciesPage Scopes ScopesAdd a New Scope Page Edit a Scope Scopes Table Deleting Scopes DNS Domain Name ScopesExpression Scopes Supported OperatorsSupported Functions Org Unit ScopesDetection Method Scopes Notifications Creating New Command Notifications Creating New Email NotificationsClick Add New Editing NotificationsClick Add New Creating New Command Notifications Deleting Notifications Notification VariablesExceptions ExceptionsExceptions Table Column Description Adding ExceptionsSpecify Password and Encrypted Password Connection MonitorsDeleting Exceptions Connection MonitorsConfiguring Connection Monitors RemoveEnabling Connection Monitors Connection Monitor Configuration File IP Range SectionDefault OptionsProcessing the Configuration File Configuration File SyntaxActive Directory Active Directory Connection Monitor only Network Slow LinksTrace Route Information Network Admissions ControlUnmanaged Systems Initial TokenHealthy Quarantined/UnknownReaudit if quarantined Redirection WebAudit on Connect Tracing Redirection Web Page BehaviorAudit on Connect Tracing Page Page What is Audit-on-Schedule? Audit-On-SchedulePage Adding Policies Editing Policies Deleting Policies Page Notifications Click Add New Click Add New Deleting Notifications My Machine Lists My Machine ListsAdding Machine Lists Editing Machine ListsScheduled Tasks Deleting Machine ListsEditing Global Machine Lists Scheduled TasksBasic Settings Adding Scheduled TasksSchedule Settings Hosts Not Connected Settings Other Options Settings Credentials SettingsWindows Group Access Editing Scheduled TasksSchedule Settings Notifications Other Options Settings Deleting Scheduled Tasks Page View Audit-On-Connect Activity Browse Audit-On-Connect ActivityAudit-On-Connect Activity Table Column Description Adding a New Audit-On-Connect Report ProfileEditing Report Profiles Deleting Report ProfilesAudit-On-Connect Error Log Report Audit-On-Connect Exceptions ReportPage View Audit Results Browse Audit ResultsAdding a New Audit Results Report Profile Page Scheduled Audits Log Report Adding Custom Reports to the Server ApplicationEditing Audit Report Results Profiles Deleting Audit Report Results ProfilesPage Glossary Page Configure IndexIP address 33, 44, 45 Rule weights
Top Page Image Contents