Symantec Security Expressions Server User Manual

SecurityExpressions Server User Guide

46

Password = AES: cb789817f8d99c7e5a1e5beb8510bf71

Once you enable the connection monitor, it can be processed at any time.

Connection Monitor Configuration File

Connection Monitors use a text file named dmconfig.txt that resides in the same directory as the

Connection Monitor (\Program Files\Altiris\Security Management\SecurityExpressions Connection
Monitors). The file contains four sections. You must complete the IP Range and Options sections.

The Default and Active Directory sections are optional.

Tip: If you are using more than one connection monitor on the same computer, use the same

configuration file to configure them.

After editing and saving the configuration file, you must stop and restart the DHCP or Active

Directory monitor service through the Service Management Console, which is accessible through
Administrative Tools.

Tip: Use the # character at the beginning of all comment lines to ensure they get ignored when

the file processes.

Click here to review the configuration file's syntax.

IP Range Section

Create one section per IP range. The IP range section consists of:

IP and default IP range of the target devices

Distribution methods

Comma-separated list of audit server names

IP Ranges

The IP Ranges section of the configuration file identifies the IP ranges of the device groups.

• Zero or more IP ranges – IP ranges divide newly detected devices into different groups.

If an IP range does not exist, no devices are audited.

• Default IP range – All IP addresses not previously placed in one of the IP range groups.

Distribution Methods

Two distribution methods, Round Robin and First Available, comprise the Connection Monitor

sequencing. To indicate which method you want to use, type either Round Robin or First

Available.

Round Robin – Each SecurityExpressions Audit & Compliance Server in the list is contacted in

sequence as new devices are detected, wrapping around to the beginning of the list after
contacting every listed audit server. If a connection times out, the Connection Monitor tries the

next audit server in the list until it attempts contact with every audit server on the list.

First Available – To begin, the Connection Monitor always contacts the first Audit & Compliance

Server. If the connection fails, it tries to contact the second audit server, and so forth, until

connection is successful after trying to contact one or every audit server on the list. The First

Available method is important if the first server goes down.