SecurityExpressions Server User Guide

If the system on which you installed the server software is not running Windows 2000 Server, skip this procedure.

1.On the Windows 2000 server, open Control Panel and double-click Administrative Tools and then Internet Information Services to open the IIS Administrative Panel.

2.In the Web Site folder, right-click Default Web Site and choose Properties.

3.On the Directory Security tab, in the Secure communications section, click Server Certificate.

4.Click Next in the Wizard. On the second page of the Wizard, select Assign an existing certificate.

5.In Available Certificates, select the SecurityExpressions Audit & Compliance Server Certificate.

6.Finish the Wizard.

7.Click OK on the Default Web Site Properties window.

Now you are ready to access the site using SSL.

Credential Store User

The Credential Store User settings on the Application Setup page let you create and log in to credential stores. Stored credentials are a way for a user with the proper credentials to give a user without them the access needed to audit the target systems without actually revealing the credentials. A credential store is a place in the database where you can save the credentials in encrypted form. Auditors can use the credentials without seeing what they are. Security is not compromised and the organization has the flexibility to assign auditing duties to someone without top security credentials.

When an audit begins, it obtains the credentials of each target computer from the credential store selected in the Credential Store User section of the Application Setup page. If it does not find these credentials, it looks for credentials delegated from the console application.

You must configure a credential store for the application to log in to every time someone uses the application. On the SecurityExpressions Audit & Compliance Server, you can create new Credential Stores on the Application Setup page or use Credential Stores previously created from the SecurityExpressions Console.

If you haven’t created any credential stores in the console application that you can log in to, you need to create a credential store first.

To log in to a credential store:

1.In the Credential Store Name box, select the credential store's user name.

2.In the Credential Store Password box, type the credential store's password.

3.Click Apply.

All servers connected to the same database must use the same credential store.

Creating Credential Stores

You must configure a credential store for the application to log in to every time someone uses the application. You can either create a credential store in the server application or use a credential store created in SecurityExpressions Console. Each group of SecurityExpressions Audit & Compliance Servers will have its own Credential Store.

14

Page 22
Image 22
Symantec Security Expressions Server manual Click OK on the Default Web Site Properties window, Credential Store User