Audit Integration Component 6.2 Release Notes

Article:DOC1463  |  Created: 2007-07-05  |  Updated: 2007-08-20  |  Article URL http://www.symantec.com/docs/DOC1463
Article Type
Documentation


Description



Question
What do I need to know about the 6.2 release of Altiris® Audit Integration Component?

Answer

Altiris® Audit Integration Component 6.2

Build number 6.2.124

Release Notes

Introduction

Installation and Upgrade

What's New in this Release

Known Issues in this Release

Additional Documentation

Document History

Introduction

Altiris® Audit Integration Component adds security-audit features to the Altiris® Notification Server infrastructure to help you eliminate security vulnerabilities throughout your organization’s global network. The integration component transfers security-audit data from the security-management application into Notification Server so you can apply the data to Notification Server tasks such as updating collections, refining notification policies, designing reports, and creating Altiris® Helpdesk and Alert Manager tickets.

Installation and Upgrade

Installation information is provided in the the Altiris Audit Integration Component User's Guide.

Note: Installing or upgrading Audit Integration Component installs the latest versions of dependent solutions and components. Dependent solutions and components are:

  • Altiris® Console
  • Altiris Console 6.5 hotfix (Altiris Knowledgebase article 25949)
  • Altiris Console data
  • Altiris Console data language pack
  • Altiris Console documentation
  • Altiris® Task Manager
  • Altiris® Connector Solution

Prerequisites

Before you install the software, make sure you meet all of the following hardware and software requirements for both Audit Integration Component and the security-management application.

  • Notification Server 6.0 Service Pack 2 or later, installed and ready to use.
  • Microsoft SQL Server 2000 or later database to use as a dedicated security-audit database, with a system data-source name (DSN) already set up and pointing to it. This database must be separate from the Notification Database, although it can reside within the same SQL Server.
  • SecurityExpressions 4.0 or later, or AuditExpress 1.4 or later, to use as the security-management application.
    Tip: If you’re using SecurityExpressions Server as the security-management application, you can access it directly from the Altiris Console to perform audits and some configuration tasks. We recommend using SecurityExpressions Server as the security-management application.
  • SecurityExpressions 4.0 or AuditExpress 1.4 hotfix.
  • System requirements listed in the security-management application’s release notes.

Where to Download

You can download the SecurityExpressions or AuditExpress hotfix from Altiris Knowledgebase article 34851, 34852, or 34853.

Upgrade Steps

To upgrade to Audit Integration Component 6.2 from a previous version of the software, you must reinstall it from the Solution Center. A full installation automatically installs all components necessary for this version of the software to work with Altiris Console 6.5.

After reinstalling Audit Integration Component, you can upgrade the security-management application and any security-audit agents you use.

Important: Don’t use the Update button in the Solution Center’s Currently Installed tab to upgrade the software. You must reinstall the software from the Available Solutions tab.

To upgrade Audit Integration Component

  1. Download Audit Integration Component from the Solution Center’s Available Solutions tab to update features and automatically restore data.
  2. Upgrade the security-management application. 
    AuditExpress is included with Audit Integration Component. You can install AuditExpress straight from the Altiris Console. SecurityExpressions is not included with Audit Integration Component. You can download it from http://www.altiris.com/Download.aspx to install for the first time or upgrade from a previous version.
  3. Install the hotfix for the security-management application.
    See Altiris Knowledgebase articles 34851, 34852, and 34853 for details about the hotfix and instructions for installing it.
  4. Configure the security-management application.
  5. Upgrade any security-audit agents installed on target computers.

For complete instructions on installing Audit Integration Component, the security-management application, or the security-audit agent, see Audit Integration Component User’s Guide. You can find this and all Altiris documentation at http://www.altiris.com/support/documentation.

What's New in this Release

Improvements for this release include the following new features:

Accessing SecurityExpressions Server from the Altiris Console

If you’re using SecurityExpressions Server as the security-management application, now you can access it directly from the Altiris Console to perform audits and some configuration tasks. We recommend using SecurityExpressions Server as the security-management application.

Auditing from the Altiris Console

Now you can schedule audits entirely within the Altiris Console through Altiris® Task Manager, without using the security-management application. Task Manager lets you create a “Run SecurityExpressions Audit” server task with several possible options. After creating the task, you can create a Task Manager schedule for it.

Import and Export Tasks

Now you can import and export audit data from the security-audit database through Task Manager, taking advantage of Task Manager features. In addition, you can still use the import and export rules in the Configuration tab if you want.

Main Settings Now Called General Settings; New Options 

The Main Settings page is now called General Settings. In addition to the settings in the previous version of the software, the page contains new settings for using short computer names and using SecurityExpressions Server with Audit Integration Component.

New Automatic Import on Audit Complete Feature

A new check box on the Import rule page, called “Run Automatically on Audit Complete Notifications,” automatically imports audit data from the security-audit database whenever Notification Server receives notification that an audit completed. For Notification Server to receive that notification, you must select Send a Notification Server Event or Send a Notification Server Event for Each Target when creating a Run SecurityExpressions Audit task in Task Manager.

Known Issues in this Release

The following are unresolved issues in this release.

Known Issue
Connecting to a SQL Server security-audit database 

While Notification Server automatically creates the SQL Server database it uses when you install it, the security-management application does not create SQL Server databases. Because Audit Integration Component communicates with SQL Server databases only, you or your database administrator must manually create a new, dedicated security-audit database before installing the security-management application. This must be a separate SQL Server database, although it can reside within the same SQL Server.

After installing the security-management application, you must connect it to this newly created database. When you run the security-management application for the first time, it creates the necessary database tables for you

Installing SecurityExpressions 

Whereas AuditExpress comes with Audit Integration Component and you can install AuditExpress from the Altiris Console, you must obtain and install SecurityExpressions separately. 

Running Audit Integration Component on Altiris Console 6.5 (alt255 14049)

If you run Audit Integration Component on Altiris Console 6.5 with Console Data Pack version 6.5.1144 or earlier installed, the Configure > Solutions menu lists the integration component under the name “AuditExpress Integration Component” instead of “Audit Integration Component.”

Errors when generating Web reports with no data (LB 44094) 

Generating Web reports about security-audit data in the Altiris Console causes an overflow error when 1. there is no security-audit data imported or 2. when the report’s query returns no results. 

Security-policy categories and SecurityExpressions 

Like AuditExpress, SecurityExpressions collects data based on security policies. Unlike AuditExpress, these security policies don’t contain separate categories of security checks. In places where you need to select or enter a security-policy category to complete a task, the only option available in the Category field will be the same as the security policy. These places are:

  • New Collection wizard
  • New Notification Policy wizard
  • Purging Maintenance page
  • Audit Detail views
  • Reports tab, generating and viewing Web reports 
Selecting collections after setting the credential-store password (alt255 14769)

If, while creating a Run SecurityExpressions Audit task in Altiris Task Manager, you enter a credential-store password before selecting collections to audit, closing the Collection Selector dialog box clears any entry in the Credential Password field. 

Using SecurityExpressions Server (alt255 14897)

If you’re using SecurityExpressions Server as the security-management application, note that Audit Integration Component requires version 4.0. You can’t use SecurityExpressions Server 3.4.1 with this version of the integration component. SecurityExpressions Server 3.4.1 installs a DLL file that conflicts with it. 

Using Run SecurityExpressions Audit tasks after switching security-audit databases (alt255 14869)

If you connect Audit Integration Component to a different security-audit database than the one you used while creating Run SecurityExpressions Audit tasks, those tasks will no longer work. You must delete the tasks and create new ones. 

Upgrading the Main Settings page (alt255 14913)

After upgrading the software from a previous version, the Main Settings page’s title remains “Main Settings” instead of changing to “General Settings.” The page will have all the latest settings; it’s just the page’s title that doesn’t get upgraded. 

Additional Documentation

Altiris product documentation is available in Microsoft* HTML Help (.chm) and Adobe Acrobat* (.pdf) formats. To view Altiris product documentation in .PDF format, use Adobe Acrobat Reader (available at: http://www.adobe.com/products/acrobat/readstep2.html).

Documentation files are installed in the following directory on the Altiris® Notification Server™ computer:

C:\Program Files\Altiris\Notification Server\NSCap\Help.

The following documentation is provided:

Audit Integration User Guide.pdf
Audit Integration Component.chm

Altiris Information Resources

Source What Information it Includes Location
Altiris Documentation Information about new features, update instructions, and known issues for each release. Includes Altiris formal documentation such as release notes, help, reference guides, best practice articles, and technical reference articles. http://www.altiris.com/support/documentation
Altiris Knowledgebase Comprehensive collection of articles, incidents, and issues for Altiris solutions. http://kb.altiris.com/
Altiris Juice:
an online magazine for Altiris users
Best practices, tips and tricks, and articles for users of Altiris solutions. http://www.altiris.com/juice
Online Forums Forums for Altiris solutions and suites. http://forums.altiris.com/

Document History

Date Changes
8/8/07 first revision
8/24/07 second revision - dependent solutions and components installed


Legacy ID



36039


Article URL http://www.symantec.com/docs/DOC1463


Terms of use for this information are found in Legal Notices