Internet Security Systems 3.5, Desktop Protector The ICEcap Tab

Appendix B: Configuration Tabs

The ICEcap Tab

Introduction The ICEcap tab allows you to manually control how RealSecure Desktop Protector reports

intrusion information to an ICEcap server. When ICEcap reporting is enabled, all events

are reported to an ICEcap server for enterprise-wide reporting and analysis. For more

information, see “Connecting to ICEcap Manager” on page 32.

ICEcap tab features This table describes the settings you can configure on the ICEcap tab.

This setting... Has this effect...

Reporting Enabled Select this box to enable ICEcap reporting. Clear this box to turn off

ICEcap reporting.

Caution: Clearing Reporting Enabled on the ICEcap tab disconnects

Desktop Protector from the ICEcap server. This stops all event reporting

to ICEcap. It also prevents ICEcap from downloading any configuration,

security or software updates to the local Desktop Protector installation.

URL The fully qualified URL for the ICEcap server, in the format

http://

<ICEcap server name>:<HTTP event port number>

. For

example, if ICEcap is on a server named ICECAP using event port 8082,

then the entry would be

http://ICECAP:8082

(the default). You can

use the ICEcap server’s IP address or DNS name.

Account Name The ICEcap account name to use when Desktop Protector uploads data.

Refer to your ICEcap documentation for more information about account

names. The default account name is iceman.

Event Password Enter the current ICEcap event password. This is the password that

Desktop Protector uses to report events to the ICEcap server.

Group Name The ICEcap group of which the local system is a member, for event

reporting purposes. This group must exist in ICEcap and possess the

correct configuration settings to report properly. See the RealSecure

ICEcap Manager User Guide for more information about Groups and

group name precedence settings.

Proxy URL If there is a proxy server between the local system and the ICEcap

server, enter the fully qualified URL for the proxy server. If you are not

using a proxy server, leave this field blank.

Configuration Priority Displays the current status of configuration sharing with ICEcap. It is for

informational purposes only and is always disabled.

Enable Local

Configuration Editing

If this box is selected, the local system has some control or total control

over the local configuration settings. If ICEcap reporting is enabled,

ICEcap Manager controls this setting and it cannot be changed from the

local computer. For more information on shared configuration, see “How

ICEcap Manager Works With RealSecure Desktop Protector” on

page14.

Configuration Priority If Enable Local Configuration Editing is selected, one of these option

buttons is selected:

•Local: The agent has complete control over all the local configuration

settings.

•Remote: The agent can only add configuration settings that ICEcap

has not already explicitly set.

Table 25: ICEcap tab settings