Audit-On-Connect
45
Specify and confirm a password. SecurityExpressions Audit & Compliance Server generates an
encrypted password that you must add the to the configuration files for each of the Connection
Monitors. Include the encrypted password in the [Options] section of the configuration file with
the Password option.
Settings for DHCP Plug-In or DHCP Network Monitor Connection Monitors
When a connection event is detected by either of the DHCP connection monitors, the system may
not yet be booted fully to a state that allows an audit to occur. In order to ensure that a system
is audited properly when detected by a DHCP connection monitor, you can configure the system
here to retry any failed connections. These settings control how many seconds will pass between
retries and the number of times a connection will be retried before attempting to audit the
system.
Configuring Connection Monitors
Most of the configuration work is in editing the configuration file (dmconfig.txt). The settings
described here are only part of the process.
List the IP address or fully-qualified name of the computer hosting a Connection Monitor.
To add a Connection Monitor device to the list, type the IP address or fully-qualified device name
and click Add New.
To remove a device from the list, select the IP address or fully-qualified device name and click
Remove.
Once you set the settings on this page, you must enable the connection monitor.
Enabling Connection Monitors
To fully enable a Connection Monitor, you must set complete computer and credential settings:
• IP address or fully-qualified computer name - To enable a Connection Monitor you must
add the IP address or fully-qualified computer name of the devices with installed
Connection Monitors.
• Password and encrypted password - When you create and verify a password, an
encrypted password appears. You must add the encrypted password for each monitor to
the configuration file named dmconfig.txt, which resides in the same directory as the
Connection Monitor.
• Settings for DHCP Plug-In or DHCP Network Connection Monitors - When a connection
event is detected by either of the DHCP connection monitors, the system may not yet be
booted fully to a state that allows an audit to occur. In order to ensure that a system is
audited properly when detected by a DHCP connection monitor, you can configure the
system here to retry any failed connections. These settings control how many seconds
will pass between retries and the number of times a connection will be retried before
attempting to audit the system.
Include the encrypted password in the Options section of the configuration file. For example,
[Options]
Port = 9009