Webcam User Manual

St.BernardSoftware,Inc.  ProtectingYourNetworkInvestment

June19th,2006 UpdateEXPERTPremiumv7.01EvaluationGuide 25

SecurityEXPERTOverview

Settings Management (Services, Registry, Fil e, andSecurity Policy settings) is provided by

downloadingoneormoresecuritytemplatesfrom theUpdateEXPERTSecurityTemplatesTab,

andusingthesettingsmanagementinformationto:

· CreatePolicies,i.e.,researchandselectsecuritypointsofinterest

· TestCompliance,i.e.,assessthestatusofmachines

· EnforcePolicy,i.e.,implementsettingschangestoenhancesecurity

Important: The actual enforcement of settings policy can change registry items, filesystem

permissions,andservicessettings.Settingschangescannegativelyimpactapplicationsand

users. It is strongly recommended that you completely research and understand your

chosen security points wh en creating policy, and that you first test enforcement on

appropriatetestplatforms.Youmusttesttheeffectsofenforcementonapplications&users.In

general, understand what you are doing and why, and be conservative. Deployed settings

changescannotbeeasilyreversedorundone.

Related to the point above, is that filesystem permission enforcements currently replace

permissions that currently exist on the target file(s). SecurityEXPERT will apply the specified

permissionsfortheaccountslistedandwillremoveanyotheraccountorpermission.Again,test

howthepermissionreplacementmayimpactapplications/users.

Note: SecurityEXPERT settings that affect remote access are displayed with a warning icon.

Losingremoteaccesswillpreventpatchmanagementandsettingsmanagement.

AssumingyouincludedSecurityEXPERTduringinstallation,usingSecurityEXPERTrequiresthe

following:

· DownloadingSecurityEXPERTTemplates

· ResearchingSecurit yPointsandCreatingPolicy

· AssigningMachinestoaPolicy

· AssessingMachinesbyPolicy

· PolicyEnforcement

The example that follows creates a policy starting with an “expert” recommendation for a

“desktop”XPmachine.Forthesakeofsimplicity,youwill clearallthesecuritypoi nts,andcreate

a simpl e policy for two services. T his allows rapid familiarization wi th the SecurityEXPERT

workflow. Usingexpertrecommendations woul d be appropriateforsettingasecuri ty“baseline”

fornewlyinstalledorimagedmachines.Forexistingmachines,carefulconstructionofyourown

policy,addingspecificitemsov ertime,mayworkbest.Thei ntentionofthisEvaluationi st oget

you started on using basic SecurityEXPERT features and workflow. See the UpdateEXPERT

UserGuideformoreinformationonSecurityEXPERT.