SecurityExpressions Server User Guide

Password = AES: cb789817f8d99c7e5a1e5beb8510bf71

Once you enable the connection monitor, it can be processed at any time.

Connection Monitor Configuration File

Connection Monitors use a text file named dmconfig.txt that resides in the same directory as the Connection Monitor (\Program Files\Altiris\Security Management\SecurityExpressions Connection Monitors). The file contains four sections. You must complete the IP Range and Options sections. The Default and Active Directory sections are optional.

Tip: If you are using more than one connection monitor on the same computer, use the same configuration file to configure them.

After editing and saving the configuration file, you must stop and restart the DHCP or Active Directory monitor service through the Service Management Console, which is accessible through Administrative Tools.

Tip: Use the # character at the beginning of all comment lines to ensure they get ignored when the file processes.

Click here to review the configuration file's syntax.

IP Range Section

Create one section per IP range. The IP range section consists of:

IP and default IP range of the target devices

Distribution methods

Comma-separated list of audit server names

IP Ranges

The IP Ranges section of the configuration file identifies the IP ranges of the device groups.

Zero or more IP ranges – IP ranges divide newly detected devices into different groups. If an IP range does not exist, no devices are audited.

Default IP range – All IP addresses not previously placed in one of the IP range groups.

Distribution Methods

Two distribution methods, Round Robin and First Available, comprise the Connection Monitor sequencing. To indicate which method you want to use, type either Round Robin or First Available.

Round Robin – Each SecurityExpressions Audit & Compliance Server in the list is contacted in sequence as new devices are detected, wrapping around to the beginning of the list after contacting every listed audit server. If a connection times out, the Connection Monitor tries the next audit server in the list until it attempts contact with every audit server on the list.

First Available – To begin, the Connection Monitor always contacts the first Audit & Compliance Server. If the connection fails, it tries to contact the second audit server, and so forth, until connection is successful after trying to contact one or every audit server on the list. The First Available method is important if the first server goes down.

46

Page 53 Page 55
Page 54
Image 54
Symantec Security Expressions Server manual Connection Monitor Configuration File, IP Range Section
Page 53 Page 55
Top Page Image Contents