Installing the windows nt policy – Symantec Critical System User Manual

64 Installing Symantec Critical System Protection on Windows

Installing the Windows NT policy

Installing the Windows NT policy

The Windows NT prevention policy is not part of the Symantec Critical System
Protection installation; the policy must be installed separately. You can obtain
the policy from the Symantec Critical System Protection installation CD, and
then manually import the policy into the policy library.

Before installing the Windows NT prevention policy, you should note the
following:

■

The Windows NT prevention policy is only for use with Windows NT agents.

■

The Windows NT policy is stored on the installation CD, in the file
sym_winnt_protection_sbp.zip.

IDS_POLICY_GROUP=<val>

Windows

The name of an existing detection policy group for
this agent to join. You can specify multiple groups
by using commas between the group names.

You can optionally include the name of an existing
detection policy domain in the group path/name.
You can include the domain name with or without
the group name.

An agent is placed in the default Windows
detection policy group in the default Policy domain,
unless you specify another domain/policy group
that already exists in the management console.

After installation, you can change the group
assignment using the management console.

Optional

SERVICE_USER=<val>

SERVICE_PW=<val>

SERVICE_CONFPW=<val>

LocalSystem

none

none

SERVICE_USER is the account that registers
services for the agent. If you change the default of
LocalSystem, use the format <domain>\<user
name>.

SERVICE_PW is the password for SERVICE_USER.

SERVICE_CONFPW is the confirmation of the
password for SERVICE_USER.

Note: If you use any of these properties, you must
use all three properties.

Table 3-6

Windows agent installation settings

Setting

Default

Description