Security probes

Create a security probe to assess the overall security of servers and databases in a domain. When a security probe finds a problematic database or server configuration, it generates an event.

Do not set the severity levels for the Security -- Configuration probe; severity is assigned during runtime. The severity level is calculated during runtime based on the number of potential problems found. Severity level is a percentage-based score that is calculated for each Server document and Server Configuration document that is probed. The percentage breakdown and matching severity level is as follows:

Table 1. Percentage and security level

Percentage

Severity level

0.00

Normal

< = 50%

Warning (low)

> 50%

Warning (high)

The Best Practices probe reports on the first 25 Person documents that do not comply with the probe configuration settings. You can use the NOTES.INI setting DDM_SECPROBE_PERSONDOC_LIMIT=NumberOfPersonDocsReported to report on a maximum of 250 Person documents, or you can set it to report on less than the default 25 Person documents. The minimum setting is 0 (zero), in which case, no Person documents are reported but a summary report is generated indicating the number of Person documents that do not comply with the probe specification. The probe stops reporting at 25, or at a number of Person documents that you specify, but the probe continues to review the remaining Person documents.

Table 2. Security probes you can define

Security probe name

Description

Security -- Best Practices

Compares a set of baseline security configuration settings to the same settings in a domain. This probe is a "Best Practices" security audit of the domain.

Note: To create your own Best Practices probe, modify the security configuration settings on the Specifics tab.

Security -- Configuration

Compares settings in a specific Server document to settings in a specified "good" Server document. Any discrepancy generates an event.

Security -- Database ACL

Monitors the access control privileges that groups and individuals have in specified databases on the server running the probe. You designate the acceptable access levels on the Specifics tab.

Security -- Database Review

Reviews the security properties for a specified database and generates a report on the probe findings.

Security -- Review

Generates a report on the security settings specified in the Specifics tab of the Probe document. You have the option of selecting the Directory Profile Note and the Security settings in my configuration document options if you want the settings in those documents reviewed by the probe.