SecurityExpressions Server User Guide

1.The name for the new rule must be .CONFIGURE.

2.The check type can be blank, or you can type CONFIGURE.

3.In the Parameters tab, the Config parameter is set to .CONFIGURE (Config=.CONFIGURE). When you set the Config key, the WizParams tab appears. On this tab you can type text using the WizParams syntax that controls the available text, input options, and parameters to modify in the Wizard.

4.View the WizParams tab to see the syntax that defines the Wizard's display for the rule. This example displays the question, "Enable safety net for NSA parameters?" In the Wizard you can select Yes or No.

The Wizard tab displays MoreInfo for this .CONFIGURE rule and the options defined in the Wizparams.

5.Review the CrashOnAuditFull rule in the Parameters tab. Note the Modifiers parameter, %get(.CONFIGURE:SAFETYNSA). The %get function calls the .CONFIGURE rule and uses the setting that enables the safety net setting for NSA parameters.

If you open the NSA Guidelines for Windows XP and Windows 2000 policy file, in the Preview pane you can click Configure to see the Wizard and the available options. If your policy file does not have a .CONFIGURE rule, the Configure link does not appear in the Preview pane.

Tip: This example describes how to use a .CONFIGURE rule in the console application. Rather than change the parameters there, you can select the variable settings in the server application

32

Page 40
Image 40
Symantec Security Expressions Server manual