Symantec Security Expressions Server Server User Manual

Open as PDF

of 97

Audit-On-Connect

and modify the .CONFIGURE rule. When you create a new Policy and select an associated policy

file, the server application determines if a .CONFIGURE rule exists and displays prompts for

modifications. This rule may require synchronization between the database and the policy file. To

synchronize the database and the new file, save the policy file in the database with a new name

with new parameters for the .CONFIGURE rule, if previously saved in the database.

Scopes

A scope is a set of target systems that get audited together when using Audit-on-Connect. Each

scope is associated with one or more policies, which indicates how to audit the scope. When a

system connects to the network, the server software checks all scopes to see if the system falls

within one. If it does, and it is not part of an exception, it gets audited using the policy

associated with the scope.

All scopes are assigned an order number. The first scope that matches the system is the scope

used for the audit. All systems in the scope get audited.

The Scopes page displays the Scopes table and lets you add, edit, and delete scopes.

Add a New Scope

1. Click Add New on the Scopes page.

2. If you want to use an order number other than the one automatically generated, type

one in the Order box.

Order number is the numeric order in which the scope should be checked for resolution.

SecurityExpressions Audit & Compliance Server automatically increments the order

number. If you enter a new number or change the order, the application automatically

rearranges the order of any existing scopes. For example, if you already have scopes 1

through 4 in the table and you create a new scope with an order number of 1, the existing

scopes become scopes 2 through 5.

3. In the Name box, type a scope name.

4. Select the scope type.

You may define scopes of the following types:

• IP Range

• Windows Domain This scope only works if you are using the Active Directory

connection monitor.

• Org Unit

• DNS Domain Name

• Device Type

• Machine List

• Expression

• Detection Method

5. Enter values to determine which target systems belong to the scope. The values entered

are determined valid or invalid depending on the scope type selected.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Symantec Security Expressions Server Server User Manual