Symantec Security Expressions Server Server User Manual


 
SecurityExpressions Server User Guide
14
If the system on which you installed the server software is not running Windows 2000 Server,
skip this procedure.
1. On the Windows 2000 server, open Control Panel and double-click Administrative
Tools and then Internet Information Services to open the IIS Administrative Panel.
2. In the Web Site folder, right-click Default Web Site and choose Properties.
3. On the Directory Security tab, in the Secure communications section, click Server
Certificate.
4. Click Next in the Wizard. On the second page of the Wizard, select Assign an existing
certificate.
5. In Available Certificates, select the SecurityExpressions Audit & Compliance Server
Certificate.
6. Finish the Wizard.
7. Click OK on the Default Web Site Properties window.
Now you are ready to access the site using SSL.
Credential Store User
The Credential Store User settings on the Application Setup page let you create and log in to
credential stores. Stored credentials are a way for a user with the proper credentials to give a
user without them the access needed to audit the target systems without actually revealing the
credentials. A credential store is a place in the database where you can save the credentials in
encrypted form. Auditors can use the credentials without seeing what they are. Security is not
compromised and the organization has the flexibility to assign auditing duties to someone without
top security credentials.
When an audit begins, it obtains the credentials of each target computer from the credential
store selected in the Credential Store User section of the Application Setup page. If it does not
find these credentials, it looks for credentials delegated from the console application.
You must configure a credential store for the application to log in to every time someone uses
the application. On the SecurityExpressions Audit & Compliance Server, you can create new
Credential Stores on the Application Setup page or use Credential Stores previously created from
the SecurityExpressions Console.
If you haven’t created any credential stores in the console application that you can log in to,
you need to create a credential store first.
To log in to a credential store:
1. In the Credential Store Name box, select the credential store's user name.
2. In the Credential Store Password box, type the credential store's password.
3. Click Apply.
All servers connected to the same database must use the same credential store.
Creating Credential Stores
You must configure a credential store for the application to log in to every time someone uses
the application. You can either create a credential store in the server application or use a
credential store created in SecurityExpressions Console. Each group of SecurityExpressions Audit
& Compliance Servers will have its own Credential Store.