St. Bernard Software v7.01 manual SecurityEXPERT Overview

St. Bernard Software, Inc. ­ Protecting Your Network Investment

SecurityEXPERT Overview

Settings Management (Services, Registry, File, and Security Policy settings) is provided by downloading one or more security templates from the UpdateEXPERT Security Templates Tab, and using the settings management information to:

·Create Policies, i.e., research and select security points of interest

·Test Compliance, i.e., assess the status of machines

·Enforce Policy, i.e., implement settings changes to enhance security

Important: The actual enforcement of settings policy can change registry items, file­system permissions, and services settings. Settings changes can negatively impact applications and users. It is strongly recommended that you completely research and understand your chosen security points when creating policy, and that you first test enforcement on appropriate test platforms. You must test the effects of enforcement on applications & users. In general, understand what you are doing and why, and be conservative. Deployed settings changes cannot be easily reversed or undone.

Related to the point above, is that file­system permission enforcements currently replace permissions that currently exist on the target file(s). SecurityEXPERT will apply the specified permissions for the accounts listed and will remove any other account or permission. Again, test how the permission replacement may impact applications/users.

Note: SecurityEXPERT settings that affect remote access are displayed with a warning icon. Losing remote access will prevent patch management and settings management.

Assuming you included SecurityEXPERT during installation, using SecurityEXPERT requires the following:

·Downloading SecurityEXPERT Templates

·Researching Security Points and Creating Policy

·Assigning Machines to a Policy

·Assessing Machines by Policy

·Policy Enforcement

The example that follows creates a policy starting with an “expert” recommendation for a “desktop” XP machine. For the sake of simplicity, you will clear all the security points, and create a simple policy for two services. This allows rapid familiarization with the SecurityEXPERT workflow. Using expert recommendations would be appropriate for setting a security “baseline” for newly installed or imaged machines. For existing machines, careful construction of your own policy, adding specific items over time, may work best. The intention of this Evaluation is to get you started on using basic SecurityEXPERT features and workflow. See the UpdateEXPERT User Guide for more information on SecurityEXPERT.