St. Bernard Software v7.01 manual Download SecurityEXPERT Templates

St. Bernard Software, Inc. ­ Protecting Your Network Investment

Download SecurityEXPERT Templates

New security templates are shown in the Security Templates tab (shown below) for queried machines. Templates may be seen in Machine (shown below) or Research View. Templates are available for Windows 2000 Professional and Server, XP Professional, and 2003 Server.

Go to the Security Templates tab for a queried machine, right-click the template, and “Download.”

Downloading a template parses an XML data stream and writes new security point data to the

configured MSDE or SQL database. Be patient, the templates contain a significant amount of

data and may take longer than the average patch to download. Blue diskettes indicate the XML data stream has been written to the MSDE or MSSQL database on the SecurityEXPERT server

(as shown above). You can serially download all templates using Research View (see notes).

Note1: It is always strongly recommended that you download one Security Template at a time. A template download error (Orange Diskette) will typically occur if attempting to download multiple templates. If a download error occurs, try again, downloading one template, then the next, etc.

Note2: In the future, if you see a Grey diskette for a template you know you already downloaded (i.e., it used to have a Blue diskette), this is an indication that a revised template has now become available. This usually implies the addition of new security points and should not affect existing policies, scans etc.

Once downloaded to the relational database, Security Templates are used to create user­defined policies, which are user specified security points to assess and potentially enforce.

Note that security points ...

·are sourced from well­known “experts” such as Microsoft and various security organizations. Different templates support different numbers of experts, hence security points, i.e., templates are not identical.

·may or may not apply to a certain machine configurations (which indicates type of usage) such as “Server” or “Laptop” or “Desktop Client.”

In summary, security points are determined by a combination of selected experts and machine configuration.

Once a named policy exists, the policy is assigned to one or more machines. Assessment and enforcement can then occur.

It is also possible to create a policy from scratch, focusing on specific items of interest. This may be appropriate for assessing and setting existing machines. This is what we will illustrate here.