Scribd
Upload
27 views18 pages

Enforce Server Configuration

This document provides configuration instructions for the Symantec Enforce server to enable the Symantec endpoint plugin for file protection. It includes detailed steps for defining stored credentials, response rules, policies, discover scan targets, and initiating scans. Additionally, it outlines how to view scan history and incident details within the Enforce Console.

Uploaded by

jonjaballe
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
27 views18 pages

Enforce Server Configuration

This document provides configuration instructions for the Symantec Enforce server to enable the Symantec endpoint plugin for file protection. It includes detailed steps for defining stored credentials, response rules, policies, discover scan targets, and initiating scans. Additionally, it outlines how to view scan history and incident details within the Enforce Console.

Uploaded by

jonjaballe
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

SYMANTEC SERVER

CONFIGURATION

Abstract
This document contains the Symantec Enforce server side setting to enable Symantec endpoint
plugin for protection of files.

Seclore Technology Pvt. Ltd.


Table of Contents
1 To define a stored credential. .......................................................................................................... 4
1.1 Go to System > Settings > Credentials ...................................................................................... 4
1.2 Click on “Add Credential” ......................................................................................................... 4
1.3 Provide appropriate credential name, username and password. .............................................. 4
1.4 In our case, add the following StoredCredentials ...................................................................... 5
1.4.1 CabinetDetails .................................................................................................................. 5
1.4.2 PolicyServerDetails ........................................................................................................... 6
2 To define a Response rule. ............................................................................................................... 7
2.1 Go to Manage > Response Rules. ............................................................................................. 7
2.2 Click on Add Response rule. ..................................................................................................... 7
2.3 Select Automated Response and click on next. ......................................................................... 7
2.4 Provide an appropriate rule name and description. .................................................................. 7
2.5 To add a condition, .................................................................................................................. 7
3 To define a Policy ............................................................................................................................. 9
3.1 Go to Manage > Policy List ....................................................................................................... 9
3.2 Click on “Add Policy”. ............................................................................................................... 9
3.3 Select “Add a Blank Policy” from the provided options. ............................................................ 9
3.4 Provide Relevant details in Name and Description. ................................................................. 10
3.5 In “Detection” tab, ................................................................................................................. 10
3.6 In the “Response” tab, ........................................................................................................... 11
3.7 Click on “Save” to save the policy. .......................................................................................... 11
4 To set discover scan targets ........................................................................................................... 12
4.1 Go to Manage > Discover Targets. .......................................................................................... 12
4.2 Add a new “Endpoint File System” target. .............................................................................. 12
4.3 Provide appropriate name...................................................................................................... 12
4.4 Select the relevant server....................................................................................................... 12
4.5 In the “Filters” tab,................................................................................................................. 13
4.6 Click on save to add the discover target. ................................................................................ 13
5 To start Discover scanning ............................................................................................................. 14
5.1 Go to Manage > Discover Scanning......................................................................................... 14
5.2 Select the appropriate target from the list. ............................................................................ 14
5.3 Click on “Start Scan” button. .................................................................................................. 14
6 To view scan history....................................................................................................................... 15
6.1 Go to Manage > Scan History ................................................................................................. 15
7 To view incident details ................................................................................................................. 15
7.1 Go to Incident > Discover. ...................................................................................................... 15
DOCUMENT CONTENTS

The contents of the document include:

 Implementation details on Enforce Console


ASSUMPTIONS

Following are the implementation (configuration) steps that need to be carried out on the
Enforce Server console.

1 To define a stored credential.


1.1 Go to System > Settings > Credentials

1.2 Click on “Add Credential”

1.3 Provide appropriate credential name, username and password.


1.4 In our case, add the following StoredCredentials
1.4.1 CabinetDetails
Credential name: CabinetDetails

Access Username:

<login-details><user-type>1</user-type><hotfolder-
cabinet><id>6</id><passphrase>seclore10</passphrase></hotfolder-cabinet></login-details>

Password: Irrelevant
1.4.2 PolicyServerDetails
Credential name: PolicyServerDetails

Access Username:

<ps-details><urls><url><server>seclore</server><port>443</port><app-
name>policyserver</app-name></url></urls></ps-details>

Password: Irrelevant
2 To define a Response rule.
2.1 Go to Manage > Response Rules.

2.2 Click on Add Response rule.


2.3 Select Automated Response and click on next.

2.4 Provide an appropriate rule name and description.


2.5 To add a condition,

1. Click on add condition.


2. Select appropriate option. For example for discover scanning, select Incident type in the
first drop down and select Discover in the next list.
3. In Actions, select Endpoint > FlexResponse.
4. For the FlexResponse,
1 Give the name of the python '.py' script.
2 As parameters, provide,
1. PolicyId as a parameter with appropriate hot folder id as its value.
3 For Credentials, add
1. CabinetDetails as the key name and select “CabinetDetails … “as the
saved credential for it.
2. PolicyServerDetails as the key name and select “PolicyServerDetails …
“as the saved credential for it.
5. Click on save.
3 To define a Policy
3.1 Go to Manage > Policy List

3.2 Click on “Add Policy”.


3.3 Select “Add a Blank Policy” from the provided options.
3.4 Provide Relevant details in Name and Description.

3.5 In “Detection” tab,

1. Click on “Add Rule”.


2. Provide appropriate rule name for the detection rule.
3. Select the correct severity.
4. Provide the relevant conditions.
5 Click “Ok” to add the Detection rule.
3.6 In the “Response” tab,

1. Select the added response rule from the drop down.

3.7 Click on “Save” to save the policy.


4 To set discover scan targets
4.1 Go to Manage > Discover Targets.

4.2 Add a new “Endpoint File System” target.


4.3 Provide appropriate name.
4.4 Select the relevant server.
4.5 In the “Filters” tab,

Provide the correct filter regular expression. Generally this is a folder name or a location on the
discover target.

4.6 Click on save to add the discover target.


5 To start Discover scanning
5.1 Go to Manage > Discover Scanning.

5.2 Select the appropriate target from the list.


Check the checkbox on the left hand side of the row.

5.3 Click on “Start Scan” button.


6 To view scan history
6.1 Go to Manage > Scan History

You will be able to view the scans performed and other audit details for all the discover targets.

7 To view incident details


7.1 Go to Incident > Discover.
This screen will show a list of all discover related incidents.
Click on any incident.

This page will show all the incident related details.


The “History” tab will show all the FlexResponse relevant status.

You might also like