Symantec Security Expressions Server manual Editing Policies

Page 38

SecurityExpressions Server User Guide

policy. This establishes which users can access this policy and its audit results due to their role. If a Windows User Group isn't on the local computer, you'll need to enter the group in domain\groupname format.

In the Use Policy field, enter the Windows groups who should be able to modify the policy.

In the Remediate field, enter the Windows groups who should be able to remediate audit results generated using this policy.

In the View Audit Results field, enter the Windows groups who should be able to view results from audits using the policy.

To grant all users access, type Everyone. To restrict all users, type None.

12.Click Add Policy to revise the policy settings in the database.

Some policy files display a Policy Configuration box at this point. If the Policy Configuration box appears, select the configuration settings in the box. Then click Add Policy again.

Now you may base audits on this policy when setting up Audit-on-Connect or Audit-on-Schedule.

Editing Policies

When editing a policy, you can modify any policy characteristics. For example, by clearing the Make this policy active check mark, that policy no longer applies for the Scope. You could also

change the policy by selecting a previously saved file or uploading a policy file from our Web site.

Policies are saved to the database. If more than one person is editing the same policy at the same time, the version saved last is the only version that will be stored.

To edit a policy:

1.In the table at the top of the Policies page, click the Edit hyperlink in the same row as the policy you want to edit.

The Update settings appear below the table. Make the necessary changes.

2.Select a policy file to associate with the policy using one of the following methods.

Upload a policy file – Type the name or Browse to transfer a copy of a file from the console application to the server application. If the SIF file is encrypted, type a password in the Password box to decrypt it.

Download this file from the Policy File Library – Transfer a copy of a policy file from the Policy File Library to the requesting computer by means of a modem or network. Click the Choose button to display a list of the policy files available in

the library. Click a policy file to select it.

This option is available only if the server can access a Policy File Library.

3.Some policy files display a Policy Configuration box when you select them. If the Policy Configuration box appears, select the configuration settings in the box.

4.Change the name or optional description of the policy.

5.If you want the policy to be available to use in audits, check the Make this policy active box.

Clear the check box to make the policy unavailable to use in audits without deleting the policy.

30

Page 37 Page 39
Image 38
Page 37 Page 39
Contents SecurityExpressions Server User Guide Page Table Of Contents Page Table Of Contents Page Vii Page Contacting Us Page Technical Support Contacting Technical SupportPage Other Products SecurityExpressions ConsolePage Overview About SecurityExpressions Audit & Compliance ServerPage Self-Service Audit Agreement Self-Service AuditWhat is Self-Service Auditing? How to Audit your Local ComputerDisplays on the page. No detailed audit results appear Local Server Settings Configure ServersAbout Server Configuration Pages with Role SettingsDatabase Connection SetupViewing Audit Results Secure Connection Windows 2000 ServersCreating Credential Stores Click OK on the Default Web Site Properties windowCredential Store User Software Registration Enable Web ServicesSecurityExpressions Console Credential Stores Site PreferencesAccess Global Machine List Access User Roles Item RightsCheck the Synchronize with a policy file library box Policy File LibraryLibrary Synchronization About Policy Files How System Scores are CalculatedTarget Options Agent & Service ConfigurationDefault method for remote execution on Windows SSH Agent Authentication Database Cleanup Policies Update TaskCancel Add TaskClick Use the Following Agreement Agent DownloadsSite Preferences Allow Remediation Page Policies What is Audit-on-Connect?Audit-On-Connect Policies TablePage Adding Policies Editing Policies Configuring with Run-Time Policy Variables Deleting PoliciesPage Add a New Scope ScopesScopes Page Edit a Scope Scopes Table Expression Scopes Deleting ScopesDNS Domain Name Scopes Supported OperatorsDetection Method Scopes Supported FunctionsOrg Unit Scopes Notifications Click Add New Creating New Command NotificationsCreating New Email Notifications Editing NotificationsClick Add New Creating New Command Notifications Deleting Notifications Notification VariablesExceptions Table Column Description ExceptionsExceptions Adding ExceptionsDeleting Exceptions Specify Password and Encrypted PasswordConnection Monitors Connection MonitorsEnabling Connection Monitors Configuring Connection MonitorsRemove Connection Monitor Configuration File IP Range SectionDefault OptionsActive Directory Active Directory Connection Monitor only Processing the Configuration FileConfiguration File Syntax Network Slow LinksUnmanaged Systems Trace Route InformationNetwork Admissions Control Initial TokenReaudit if quarantined HealthyQuarantined/Unknown Redirection WebAudit on Connect Tracing Audit on Connect TracingRedirection Web Page Behavior Page Page What is Audit-on-Schedule? Audit-On-SchedulePage Adding Policies Editing Policies Deleting Policies Page Notifications Click Add New Click Add New Deleting Notifications My Machine Lists My Machine ListsAdding Machine Lists Editing Machine ListsEditing Global Machine Lists Scheduled TasksDeleting Machine Lists Scheduled TasksBasic Settings Adding Scheduled TasksSchedule Settings Hosts Not Connected Settings Other Options Settings Credentials SettingsWindows Group Access Editing Scheduled TasksSchedule Settings Notifications Other Options Settings Deleting Scheduled Tasks Page Audit-On-Connect Activity Table Column Description View Audit-On-Connect ActivityBrowse Audit-On-Connect Activity Adding a New Audit-On-Connect Report ProfileEditing Report Profiles Deleting Report ProfilesAudit-On-Connect Error Log Report Audit-On-Connect Exceptions ReportPage Adding a New Audit Results Report Profile View Audit ResultsBrowse Audit Results Page Editing Audit Report Results Profiles Scheduled Audits Log ReportAdding Custom Reports to the Server Application Deleting Audit Report Results ProfilesPage Glossary Page Configure IndexIP address 33, 44, 45 Rule weights
Top Page Image Contents