Symantec Enterprise Security Manager User Guide

Article:DOC2540  |  Created: 2010-08-13  |  Updated: 2010-11-03  |  Article URL http://www.symantec.com/docs/DOC2540
Article Type
Documentation


Description



Table of Contents:
About Symantec Enterprise Security Manager
About separating security duties
About Symantec Enterprise Security Manager accounts and permissions
Components of Symantec Enterprise Security Manager
About the ESM console
About Symantec ESM managers
About Symantec ESM agents
What you can do with Symantec Enterprise Security Manager
About the policies
About the snapshots
About the templates
About the modules
About suppressions
About Symantec Enterprise Security Manager Reporting
How Symantec Enterprise Security Manager works
About the Client Server Protocol
About the domains
About the security data
How Symantec Enterprise Security Manager displays information
Starting the ESM console
Configuring the ESM console on Windows
Accessing the ESM console
About the console timeout configuration
About changing the ESM console password
Using the ESM console controls
About the menu bar
About the toolbar information
About the enterprise tree
Renaming the enterprise
About the grid information
About modifying the GUI options
Configuring and editing the disclaimer
Connecting to a manager
Disconnecting an ESM manager
About viewing the manager information
About viewing the agent information
About gathering security information
About running security checks
About evaluating your network security
About scheduling routine security checks
Using the Policy Run wizard
About filtering report contents
About creating and viewing reports
About enterprise license management
What you can do with enterprise licenses
Types of enterprise licenses
Installing a new license
Distributing a license
Revoking enterprise licenses
Re-allocating enterprise licenses
Redistributing an enterprise license
How Symantec ESM stores the enterprise license information
About updating the license information during upgrades
Viewing the manager license information
About configuring managers and regions
About the regions
Adding a region to the ESM console
Renaming a region
Deleting a region from the ESM console
Adding a manager to the ESM console
Adding a manager to a region
Removing a manager from a region
Deleting a manager from the ESM console
Displaying a manager name
Moving an installed manager
About locking an SU level on the manager
Configuring logging levels for the manager
About configuring the agents and domains
Creating a new domain
Renaming a domain
Duplicating a domain
Deleting a domain
Adding an agent to a domain
Searching an agent
Viewing agent information
Deleting an agent from a manager
Deleting an agent from a domain
About moving ESM agents across managers
Checking the status of agents
About configuring the user accounts
Adding new accounts
Replicating a user account
Deleting a manager account
About modifying a manager account
Disabling a manager account
Changing the password on a manager account
Setting the manager password configuration
Changing the ESM console passwords
Auditing Symantec Enterprise Security Manager events
About updating Symantec Enterprise Security Manager
Enabling and disabling LiveUpdate on agents
Exporting a list of updatable or non-updatable agents
Performing a LiveUpdate
Creating domains for specific UNIX operating systems
Performing a remote upgrade
Checking remote agent upgrade status
Exporting an agent list
About agent recovery re-registration
Exporting the Symantec ESM agent list
Re-registering the ESM agents
About the policies, modules, and templates
About the policies
About the modules
About editing a module
About managing the policies
Creating a policy
Renaming a policy
Duplicating a policy
Backing up a policy
Restoring a policy
Replicating a policy
Maintaining the policies
Updating the policy information
About the policy tool
Before using the policy tool
About accessing the Policy tool
About the Policy tool command line formatting
About the Policy tool values
About the Policy tool options
About the Policy tool functions
Performing policy runs
Executing and scheduling a policy by using the Policy Run Wizard
About executing a single module
About executing multiple modules
Limiting the number of messages
Scheduling a policy run
Editing a policy run schedule
About manager pulling data
About job throttling
Sending completion notices by email
Sending email notification messages
Viewing the status of a policy run
Querying Policy Runs
Viewing scheduled policy run information
Selecting agents randomly for a policy run
Stopping a policy run
Stopping policy runs at user-defined intervals
Deleting a policy run
Updating the policy run information
About managing templates
Creating a template
Editing the template rows
Copying a template
Editing a template
Editing sublists in a template
Adding an item to a template
Adding hierarchical items to a template
Updating template information
Deleting a template
Removing unused templates
About managing security checks
Enabling and disabling security checks
About specifying options for security checks
About validating the security checks
Editing name lists
About Users and Groups name list precedence
About viewing the summary and detailed data
Retrieving summary data for regions and managers
Updating summary data at the domain level
About using the ESM console grid and chart
Using the drill-down mode
Using the summary mode
Using the trend mode
Setting the chart graphics
About obtaining information on the messages
Filtering the security data
Using the grid functions
Customizing the chart appearance
Showing or hiding the chart legend
Showing or hiding the series labels
Selecting 2D or 3D chart graphics
Selecting pie or bar chart graphics
About the command-line interface conventions
About the case-sensitive characters
About the quotation marks
About the short module names
About the brackets
About running the batch files
Creating a batch file that specifies a policy: an example
Creating a batch file that specifies name list entries: an example
Creating a batch file to write a report to a file: an example
Running the CLI interactively
Accessing a manager using the command-line interface
About navigating within the command-line interface
About the command-line interface help
About the Create command
About the Create access command
About the Create agent command
About the Create domain command
About the Create policy command
About the Create suppression command
About the Delete command
About the Delete access command
About the Delete agent command
About the Delete domain command
About the Delete job command
About the Delete policy command
About the Delete module command
About the Delete suppression command
About the Delete template command
About the Grant/Revoke command
Granting permissions on a policy: an example
Revoking permissions on a policy: an example
Granting permissions on a template: an example
Revoking permissions on a template: an example
Granting permissions on domains: an example
Revoking permissions on domains: an example
Granting advanced rights to user: an example
Revoking advanced rights to user: an example
About the Insert command
About the Insert agent command
About the Insert module command
About the Insert name command
About the Login command
About the Logout command
About the nexport agents command
About the Ping command
About the Query command
About the Quit command
About the Remove command
About the Remove agent command
About the Remove agtcache command
About the Remove module command
About the Remove name command
About the Rename agent command
About the Run command
About the Set command
About the Set access command
About the Set agtdesc command
About the Set config command
About the Set dmnflag command
About the Set dmndesc command
About the Set luagent command
About the Set password command
About the Set proxy command
About the Set variable command
About the Set option command
About the Show command
About the Show access command
About the Show agent command
About the Show config command
About the Show crc command
About the Show domain command
About the Show dmnflag command
About the Show job command
About the Show license command
About the Show module command
About the Show permission command
About the Show policy command
About the Show sumfinal command
About the Show summary command
About the Show variable command
About the Show suppression command
About the Show status command
About the Show template command
About the Show version command
About the Shutdown command (UNIX only)
About the Sleep command
About the Status command
About the Stop command
About the Update snapshot command
About the Upgrade agent command
About the Version command
About the View command
About the View agent command
About the View audit command
About the View checks command
About the View custom command
About the View differences command
About the View domain command
About the View policy command
About the View report command
About the View summary command
About the Symantec ESM reports
Generating standard reports
Generating a Security report
Generating a Domain report
Generating a Policy report
Generating a Policy run report
Generating a Template report
Generating an Executive report
Saving a report
Opening a report
Printing a report
Emailing a report
Deleting a report
Customizing a report
About setting trend datapoints
Securing the network
About suppressing a Security report item
Creating a suppression
Editing a suppression
Replicating a suppression
Viewing a suppression
Deleting a suppression
Correcting a Security report item
Reversing corrections to a Security report item
Updating templates
Updating snapshots
About the Symantec ESM utilities conventions
About the case-sensitive entries
About the quotation marks
About the brackets
About using the Policy tool
Prerequisites for using the Policy tool
About accessing the policy tool
About formatting the Policy tool
About the values for the Policy tool
About the options for the Policy tool
Examples of using the Policy tool
About the Policy tool logs
About the Assign New Permission utility
Using the Assign New Permission utility
About the Change Agent Case utility
Using the Change Agent Case utility
About using the Database Conversion tool
Accessing the external database
About the database file structure
Prerequisites for using the Database Conversion tool
Accessing the Database Conversion tool
Formatting the Database Conversion tool
About the options for the Database Conversion tool
Creating a property file for the Database Conversion tool
Using an encrypted password for the Database Conversion tool
About the parameters for the Database Conversion tool
Examples of using the Database Conversion tool
View security data in the drill-down mode
About the Finalizer log file
Syntax rules
Symantec ESM keywords
Format file structure
General directives
Header definition directives
Record definition directives
Footer definition directives
About the summary databases
Manager sumfinal database
Local summary database
Local summary database file structure
Agents table
AgentTrend table
DatabaseInfo table
DomainAgent table
Domains table
DomainTrend table
LatestAgentPolicyRuns table
Managers table
ManagerTrend table
MessageInstance table
Messages table
Modules table
Policies table
PolicyModule table
PolicyRuns table
PolicyTrend table
RegionManager table
Regions table
RegionTrend table
Managing the manager sumfinal database
Synchronizing and purging the local summary database
Querying the local summary database
Environment variables
About Symantec ESM communications security
Symantec ESM communication ports
About the directory and the file descriptions
About /esm/
About /esm/bin/
About /esm/bin/OStype/
About /esm/config/
About /esm/config/manager.dat & manager.org
About /esm/config/server.dat & server.org
About /esm/config/tcp_port.dat & tcp_port.org
About /esm/esm
About /esm/esmdeinstall
About /esm/esmrc
About /esm/esmsetup
About esm/format/
About /esm/output/
About /esm/platform
About /esm/register/
About /esm/system/hostname/
About /esm/system/hostname/db/
About /esm/system/hostname/reports/
About /esm/system/hostname/temp/
About /esm/template
About /esm/utility
About /esm/words


Article URL http://www.symantec.com/docs/DOC2540


Terms of use for this information are found in Legal Notices