Symantec Security Expressions Server manual Scopes Table, Column Description

Page 44

SecurityExpressions Server User Guide

•notifications

•Windows Group access

Credential Precedence: If your organization uses the console application and someone delegated one or more database machine lists to the server application, and if one of the systems identified in this scope is also listed in one of those database machine lists, the server uses the database machine list's credentials to access the system rather than the scope credentials you enter here.

3.Click Update to store the new Scope configuration in the database.

Scopes Table

The Scopes table identifies each scope. The columns include:

Column	Description

Edit	Make changes to this policy entry in the table.
Delete	Remove this entry from the table.
Order	Numeric order in which the scopes should be checked
	when a computer connects to the network.
Name	Name of the scope.
Type	You may define scopes of the following types:
	IP Range
	Windows Domain This scope only works if you are using
	the Active Directory connection monitor.
	Org Unit
	DNS Domain Name
	Device Type
	Machine List
	Expression
	Detection Method
Value	The values that determine which target systems belong to
	the scope. The values entered are determined valid or
	invalid depending on the scope type selected.
	All scope types except Expression can accept as many
	values as you want to enter, listing one value per line.
	Scope type Expression only accepts one expression.
Link Speed	Indicate whether the network-connection speed of the
	systems in this scope is Unspecified, Slow or Fast. If all
	systems in the scope use a fast connection, for example,
	indicating this in the scope's definition prevents the need
	to check each system's speed during audits. Select
	Unspecified if you are unsure of network-connection
	speed or the scope contains a mix of slow and fast
	connections.
Username	User name of the credentials to use when auditing
	computers in this scope.
Policies	Names of the policies to use when auditing computers in
	this scope.
Device Connect Notifications	Notifications to run when a computer in this scope is
	detected, regardless of audit posture. This value may be

36

Image 44

Contents SecurityExpressions Server User Guide Page Table Of Contents Page Table Of Contents Page Vii Page Contacting Us Page Technical Support Contacting Technical SupportPage Other Products SecurityExpressions ConsolePage Overview About SecurityExpressions Audit & Compliance ServerPage Self-Service Audit What is Self-Service Auditing?Self-Service Audit Agreement How to Audit your Local ComputerDisplays on the page. No detailed audit results appear Configure Servers About Server ConfigurationLocal Server Settings Pages with Role SettingsDatabase Connection SetupViewing Audit Results Secure Connection Windows 2000 ServersCreating Credential Stores Click OK on the Default Web Site Properties windowCredential Store User Enable Web Services SecurityExpressions Console Credential StoresSoftware Registration Site PreferencesAccess Global Machine List Access User Roles Item RightsCheck the Synchronize with a policy file library box Policy File LibraryLibrary Synchronization About Policy Files How System Scores are CalculatedTarget Options Agent & Service ConfigurationDefault method for remote execution on Windows SSH Agent Authentication Database Cleanup Update Task CancelPolicies Add TaskClick Use the Following Agreement Agent DownloadsSite Preferences Allow Remediation Page What is Audit-on-Connect? Audit-On-ConnectPolicies Policies TablePage Adding Policies Editing Policies Configuring with Run-Time Policy Variables Deleting PoliciesPage Add a New Scope ScopesScopes Page Edit a Scope Scopes Table Deleting Scopes DNS Domain Name ScopesExpression Scopes Supported OperatorsDetection Method Scopes Supported FunctionsOrg Unit Scopes Notifications Creating New Command Notifications Creating New Email NotificationsClick Add New Editing NotificationsClick Add New Creating New Command Notifications Deleting Notifications Notification VariablesExceptions ExceptionsExceptions Table Column Description Adding ExceptionsSpecify Password and Encrypted Password Connection MonitorsDeleting Exceptions Connection MonitorsEnabling Connection Monitors Configuring Connection MonitorsRemove Connection Monitor Configuration File IP Range SectionDefault OptionsActive Directory Active Directory Connection Monitor only Processing the Configuration FileConfiguration File Syntax Network Slow LinksTrace Route Information Network Admissions ControlUnmanaged Systems Initial TokenHealthy Quarantined/UnknownReaudit if quarantined Redirection WebAudit on Connect Tracing Audit on Connect TracingRedirection Web Page Behavior Page Page What is Audit-on-Schedule? Audit-On-SchedulePage Adding Policies Editing Policies Deleting Policies Page Notifications Click Add New Click Add New Deleting Notifications My Machine Lists My Machine ListsAdding Machine Lists Editing Machine ListsScheduled Tasks Deleting Machine ListsEditing Global Machine Lists Scheduled TasksBasic Settings Adding Scheduled TasksSchedule Settings Hosts Not Connected Settings Other Options Settings Credentials SettingsWindows Group Access Editing Scheduled TasksSchedule Settings Notifications Other Options Settings Deleting Scheduled Tasks Page View Audit-On-Connect Activity Browse Audit-On-Connect ActivityAudit-On-Connect Activity Table Column Description Adding a New Audit-On-Connect Report ProfileEditing Report Profiles Deleting Report ProfilesAudit-On-Connect Error Log Report Audit-On-Connect Exceptions ReportPage Adding a New Audit Results Report Profile View Audit ResultsBrowse Audit Results Page Scheduled Audits Log Report Adding Custom Reports to the Server ApplicationEditing Audit Report Results Profiles Deleting Audit Report Results ProfilesPage Glossary Page Configure IndexIP address 33, 44, 45 Rule weights