Symantec Security Expressions Server User Manual

SecurityExpressions Server User Guide

36

• notifications

• Windows Group access

Credential Precedence: If your organization uses the console application and

someone delegated one or more database machine lists to the server application,

and

if one of the systems identified in this scope is also listed in one of those database

machine lists, the server uses the database machine list's credentials to access the
system rather than the scope credentials you enter here.

3.

Click Update to store the new Scope configuration in the database.

Scopes Table

The Scopes table identifies each scope. The columns include:

Column Description

Edit

Make changes to this policy entry in the table.

Delete

Remove this entry from the table.

Order

Numeric order in which the scopes should be checked

when a computer connects to the network.

Name

Name of the scope.

Type

You may define scopes of the following types:
IP Range

Windows Domain This scope only works if you are using

the Active Directory connection monitor.

Org Unit

DNS Domain Name

Device Type
Machine List

Expression

Detection Method

Value

The values that determine which target systems belong to
the scope. The values entered are determined valid or

invalid depending on the scope type selected.

All scope types except Expression can accept as many

values as you want to enter, listing one value per line.

Scope type Expression only accepts one expression.

Link Speed

Indicate whether the network-connection speed of the

systems in this scope is Unspecified, Slow or Fast. If all

systems in the scope use a fast connection, for example,

indicating this in the scope's definition prevents the need

to check each system's speed during audits. Select
Unspecified if you are unsure of network-connection

speed or the scope contains a mix of slow and fast

connections.

Username

User name of the credentials to use when auditing

computers in this scope.

Policies

Names of the policies to use when auditing computers in

this scope.

Device Connect Notifications

Notifications to run when a computer in this scope is

detected, regardless of audit posture. This value may be