Symantec Security Expressions Server User Manual

SecurityExpressions Server User Guide

14

If the system on which you installed the server software is not running Windows 2000 Server,

skip this procedure.

1. On the Windows 2000 server, open Control Panel and double-click Administrative

Tools and then Internet Information Services to open the IIS Administrative Panel.

2. In the Web Site folder, right-click Default Web Site and choose Properties.
3. On the Directory Security tab, in the Secure communications section, click Server

Certificate.

4. Click Next in the Wizard. On the second page of the Wizard, select Assign an existing

certificate.

5. In Available Certificates, select the SecurityExpressions Audit & Compliance Server

Certificate.

6. Finish the Wizard.
7. Click OK on the Default Web Site Properties window.

Now you are ready to access the site using SSL.

Credential Store User

The Credential Store User settings on the Application Setup page let you create and log in to

credential stores. Stored credentials are a way for a user with the proper credentials to give a
user without them the access needed to audit the target systems without actually revealing the

credentials. A credential store is a place in the database where you can save the credentials in

encrypted form. Auditors can use the credentials without seeing what they are. Security is not

compromised and the organization has the flexibility to assign auditing duties to someone without

top security credentials.

When an audit begins, it obtains the credentials of each target computer from the credential
store selected in the Credential Store User section of the Application Setup page. If it does not

find these credentials, it looks for credentials delegated from the console application.

You must configure a credential store for the application to log in to every time someone uses

the application. On the SecurityExpressions Audit & Compliance Server, you can create new

Credential Stores on the Application Setup page or use Credential Stores previously created from

the SecurityExpressions Console.

If you haven’t created any credential stores in the console application that you can log in to,

you need to create a credential store first.

To log in to a credential store:

1. In the Credential Store Name box, select the credential store's user name.
2. In the Credential Store Password box, type the credential store's password.

3. Click Apply.

All servers connected to the same database must use the same credential store.

Creating Credential Stores

You must configure a credential store for the application to log in to every time someone uses
the application. You can either create a credential store in the server application or use a

credential store created in SecurityExpressions Console. Each group of SecurityExpressions Audit

& Compliance Servers will have its own Credential Store.