SecurityExpressions Audit and Compliance Server
If you've any experience with SecurityExpressions Audit and Compliance Server, you've probably noticed that after the install you have a sweet website with some great options.
In this article I'm going to explain a great enhancement in this website that can be a good tool and a useful service for your employees.
Altiris now brings you the new Security Expressions 3.4. But now you want to use it and get a inventory for your company and/or for your users. In this article I use SOX's compliance rules to show you what it does and what you get.
First you install a Windows 2003 server in your domain. Configure it to be a Internet Information Server.
After the IIS is running, install SQL 2005 server, or the free SQL 2005 from Microsoft.
Be sure you give the SA a password that exists of at least 8 characters with minimum of 1 capital letter.
Then install SESERVER.exe.
After the install, you have to do three things.
Now you're ready to rumble.
Start Internet Explorer on a client, and enter the URL:servername\seserver
The following screen will appear:
Figure 7. Select the rule you wish to scan to.
The first time you go to this screen a small active X component is installed. If you get the question to install it, click yes, because you need it to run the scans.
Now, click on Audit, and your client will be scanned against the rules that you have set in Figure 4.
You can see that my machine is not SOX compliant. You can also check if your clients are well patched, have the latest virus patterns, or whatever you want.
The website self audit is a great enhancement in these kind of tools, and I really love it.
In the Expressions auditing tool you have the option to fix the "Not OK" tasks. In the webcomponent you will not be able to, so you have to fix these manually.
If you have any questions, I'm happy to support you.
Regards
erik