Audits can detect systems on the network using the following methods: DHCP, EVENTLOG, NAC,
A system matches this scope if the connection monitor used to connect to it matches the value entered.
Device Type Scopes
Lets you indicate a kind of system to audit. Choices are Windows, UNIX, or Unknown.
A system matches this scope if it's the kind of system selected. Selecting Unknown includes all systems.
IP Range Scopes
A system matches this scope if its IP address is in the range. Use - or : to indicate an IP range.
Use / to indicate an IP range expressed using netmask length.
Ex.: 10.0.3.0/24
You can also enter single IP addresses.
Machine List Scopes
If your organization uses the console application and someone created one or more database machine lists (also known as global machine lists) on it, you may use this scope. Type the names of database machine lists from the console.
A system matches this scope if it's in the machine list.
If a global machine list has Windows Group Results Access restricted in the ML Access page, the restrictions do not affect viewing audit results when a scope is a machine list scope. Only
the Windows Group Results Access setting for the scope applies.
Windows Domain Scopes
A system matches this scope if its fully qualified domain name matches the value entered. Type domains in either Netbios (SYMANTEC) or DNS (symantec.com) format.
This scope only works if you are using the Active Directory connection monitor.
Notifications
Notifications
You can opt to receive email or
You may use notifications created in SecurityExpressions console in addition to the ones created in SecurityExpressions server. This application lets you select notifications created in
both applications in the Schedules Tasks page and the Scopes page.
The Notifications table displays the notification Name, Type, and Values. From this page you create an email or command notification that you can edit or delete.
39
