RSA envision Windows Eventing Collector Service Deployment Overview Guide

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "RSA envision Windows Eventing Collector Service Deployment Overview Guide"

Transcription

1 RSA envision Windows Eventing Collector Service Deployment Overview Guide

2 Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: Trademarks RSA, the RSA Logo, RSA envision, RSA Event Explorer and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other trademarks used herein are the property of their respective owners. For a list of EMC trademarks, go to License agreement This software and the associated documentation are proprietary and confidential to EMC, are furnished under license, and may be used and copied only in accordance with the terms of such license and with the inclusion of the copyright notice below. This software and the documentation, and any copies thereof, may not be provided or otherwise made available to any other person. No title to or ownership of the software or documentation or any intellectual property rights thereto is hereby transferred. Any unauthorized use or reproduction of this software and the documentation may be subject to civil and/or criminal liability. This software is subject to change without notice and should not be construed as a commitment by EMC. Third-party licenses This product may include software developed by parties other than RSA. The text of the license agreements applicable to third-party software in this product may be viewed in the thirdpartylicenses.pdf file. Portions of this application include technology used under license from Visual Mining, Inc Portions of this application include ianywhere technology, Note on encryption technologies This product may contain encryption technology. Many countries prohibit or restrict the use, import, or export of encryption technologies, and current use, import, and export regulations should be followed when using, importing or exporting this product. Distribution Use, copying, and distribution of any EMC software described in this publication requires an applicable software license. EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice. THE INFORMATION IN THIS PUBLICATION IS PROVIDED "AS IS." EMC CORPORATION MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Copyright 2011 EMC Corporation. All Rights Reserved. Published in the USA. September 2011

3 Contents Preface... 5 About This Guide...5 Documentation... 5 Getting Support and Service... 6 Before You Call Customer Support... 6 Chapter 1: RSA envision Windows Eventing Collector Service and Windows Event Sources... 7 Windows Eventing Mechanism... 7 RSA envision Windows Eventing Collector Service... 8 Windows Remote Management Service... 9 Chapter 2: System Requirements...11 Supported RSA envision Platforms and Event Sources...11 Firewall Guidelines...11 Firewall Ports Chapter 3: Deployment of RSA envision Windows Eventing Collector Service on the RSA envision Platform Single Appliance Site Multiple Appliance Site Enhanced Availability Site Multiple Site Deployment Chapter 4: Deployment Checklist Chapter 5: Configuration of the WinRM Service Configuration Using Group Policy Objects Configuration Using Scripts Manual Configuration of WinRM over HTTP Manual Configuration of WinRM over HTTPS Chapter 6: Configuration of Collection from the Security Channel.. 21 Chapter 7: SSL Connection to Windows Event Sources SSL Connection for WinRM over HTTPS SSL Certificates for Windows Event Sources Microsoft CA Auto-Enrollment for SSL Certificates Third-Party CA Self-Signed Certificates SSL Connection

4 Chapter 8: User Account With Least Privileges Chapter 9: Configuration of Hosted Event Sources Appendix A: Example of Provisioning SSL Certificates with Microsoft CA Install an Enterprise Root Certificate Authority on the Domain Controller Enable Auto-Enrollment for SSL Certificates Import the Root CA Certificate into the RSA envision Appliance Appendix B: Example of Provisioning SSL Certificates with a Third- Party CA Generate a Certificate Signing Request Submit the Certificate Request to a Third-Party CA Install the Certificate on the Event Source Appendix C: Example of Provisioning Self-Signed Certificates Generate a Self-Signed Certificate Import the Certificate to the RSA envision Appliance

5 Preface About This Guide This guide describes the configuration required on RSA envision and the Windows event sources to enable event collection in your network using the RSA envision Windows Eventing Collector Service. The guide also briefly explains the need for and scope of each configuration. This guide is intended for RSA envision administrators and Windows administrators using the Windows Eventing Collector Service. This guide contains instructions for configuring a third-party system, in this case Microsoft Windows event sources, certificate services, and domain services. While the instructions provided have been validated in RSA test labs, any Windows system setup may require additional or different configuration steps. For complete information, you can also refer to the Microsoft Windows documentation. Documentation For more information about the RSA envision Windows Eventing Collector Service, see the following documentation: RSA envision Windows Eventing Collector Service Deployment Overview Guide. Provides an overview of the Windows event source configurations and a high-level task map for setting up the RSA envision Windows Eventing Collector Service. Microsoft Windows Eventing 6.0 Web Services API Configuration Instructions and Release Notes. Provides instructions for event source configuration and information about what is new in this release, supported Windows event sources, and known issues for RSA envision Windows Eventing Collector Service. RSA envision Help. Comprehensive instructions on setting up RSA envision processing options and using RSA envision analysis tools. Preface 5

6 Getting Support and Service RSA SecurCare Online Customer Support Information RSA Secured Partner Solutions Directory https://knowledge.rsasecurity.com RSA SecurCare Online offers a knowledgebase that contains answers to common questions and solutions to known problems. SecurCare Online also offers information on new releases, important technical news, and software downloads. The RSA Secured Partner Solutions Directory provides information about third-party hardware and software products that have been certified to work with RSA products. The directory includes Implementation Guides with step-by-step instructions and other information about interoperation of RSA products with these third-party products. Before You Call Customer Support Make sure that you have direct access to the computer running the RSA envision software. Please have the following information available when you call: The serial number of the appliance. On a 60-series appliance, you can find the seven-character serial number on the chassis tag on the back of the appliance, or open a Dell Openmanage Server Administrator session, and click System > Properties > Summary to find the serial number in the chassis service tag field. RSA envision software version number. The name and version of the operating system under which the problem occurs. 6 Preface

7 1 RSA envision Windows Eventing Collector Service and Windows Event Sources Windows Eventing Mechanism RSA envision Windows Eventing Collector Service Windows Remote Management Service Windows Eventing Mechanism The RSA envision Windows Eventing Collector Service is a new collection mechanism that enables collection of events from Windows machines that support the Microsoft Windows Eventing model. Windows Eventing 6.0 is a new event logging and tracing framework included in the operating system beginning with Microsoft Windows Vista and Windows Server 2008 that enables better organization of event data, allowing smarter searches for events of interest. Prior to the release of Windows Vista, events were logged using eventing models such as Event Tracing for Windows (ETW) and Event Logging. For more information, go to and Windows Server 2008 and Windows Vista introduced an eventing model that unifies ETW and Windows Event Log API. For more information, go to The components of the Windows Eventing model include: Event providers. Event providers are applications running on Windows that write events into event logs, called channels. Event providers include an instrumentation manifest that clearly defines the nature and structure of events that are generated in an XML format. Event channels. Events are stored in channels, which can be defined based on the event providers. Event providers can write events into the Classic Windows event channels Application, System, and Security for consumption by Windows diagnostic tools such as Windows Event Viewer. For Windows Vista and Windows Server 2008, event providers can also write events to Windows Eventing channels, which can be one of four types: Administration, Operational, Analytic, and Debug. For more information on channels, go to Instrumentation manifest. An instrumentation manifest is an XML file that clearly defines the nature and structure of events. This manifest contains the following information about events: Identity of the event provider Channel into which events are written, such as Security, Application, and Information 1: RSA envision Windows Eventing Collector Service and Windows Event Sources 7

8 Event definition, broken into tasks and opcodes Other metadata for the events Event definition template For more information, go to RSA envision Windows Eventing Collector Service You can use the RSA envision Windows Eventing Collector Service to collect events from Windows machines, called Windows event sources, that use the Windows Eventing mechanism. The existing NIC Windows Service can collect events only from the Classic Windows channels: Application, System, and Security. The Windows Eventing Collector Service can collect events from the Classic Windows channels and from the Windows Eventing channels, Administration, Operational, Analytic, and Debug. For more information, see the RSA envision Help topic Windows Eventing Collector Service. The Windows Eventing Collector Service uses the Microsoft Windows Remote Management (WinRM) service to access and retrieve events from event sources that support the Windows Eventing mechanism. The Windows Eventing Collector Service communicates with event sources over HTTP or HTTPS. The following figure shows how RSA envision connects to Windows event sources using the WinRM service. WinRM WinRM HTTP or HTTPS RSA envision WinRM WinRM Intranet Windows event sources 8 1: RSA envision Windows Eventing Collector Service and Windows Event Sources

9 Windows Remote Management Service The WinRM service is the Microsoft implementation of the WS-Management (WSMAN) protocol. WSMAN is a standard Simple Object Access Protocol (SOAP) that allows hardware and operating systems from different vendors to interoperate. For more information, go to The WinRM service is part of the operating system. You must configure the WinRM listener to enable event collection. 1: RSA envision Windows Eventing Collector Service and Windows Event Sources 9

10

11 2 System Requirements Supported RSA envision Platforms and Event Sources Firewall Guidelines Supported RSA envision Platforms and Event Sources The Microsoft Windows Eventing 6.0 Web Services API Configuration Instructions and Release Notes lists the supported RSA envision platforms and Windows event sources. For the latest version of this document, go to the RSA envision Device Configurations page on RSA SecurCare Online at https://knowledge.rsasecurity.com. Firewall Guidelines Whether you have Windows Firewall, Cisco ACS, or a firewall from any other vendor, you must create firewall rules to enable the Windows Eventing Collector Service to collect events from the Windows event sources. When you enable the WinRM service, the firewall rules open specific ports to allow the RSA envision Windows Eventing Collector Service to collect events from the Windows event sources. You can enable the WinRM service to enable firewall ports using one of the following: Group Policy objects Scripts Windows built-in commands For more information, see Configuration of the WinRM Service on page 19. For detailed instructions, see the Microsoft Windows Eventing 6.0 Web Services API Configuration Instructions and Release Notes on the RSA envision Device Configurations page on RSA SecurCare Online at https://knowledge.rsasecurity.com. If you are using a firewall other than Windows, such as Cisco ACS, contact the system administrator to open the firewall ports. 2: System Requirements 11

12 Firewall Ports By default, depending on the event source, the WinRM service uses the following ports to enable collection using the RSA envision Windows Eventing Collector Service: Windows Server 2008 over HTTP at port number 80 Windows Server 2008 over HTTPS at port number 443 Windows Server 2008 R2 over HTTP at port number 5985 Windows Server 2008 R2 over HTTPS at port number 5986 Note: If you have configured the WinRM service on any other port, ensure that you enable the firewall rules accordingly. 12 2: System Requirements

13 RSA envision VMware Collector Service Installation and Configuration Guide 3 Deployment of RSA envision Windows Eventing Collector Service on the RSA envision Platform Single Appliance Site Multiple Appliance Site Enhanced Availability Site Multiple Site Deployment The RSA envision Windows Eventing Collector Service is supported on single appliance sites, multiple appliance sites, enhanced availability sites, and multiple site deployments. All of these deployments support connection to one or more Windows event sources. Single Appliance Site In a single appliance site, you install the RSA envision Windows Eventing Collector Service on the RSA envision appliance. You can configure the Windows Eventing Collector Service to connect to one or more Windows event sources. Multiple Appliance Site A multiple appliance site can have up to three Local Collectors (LCs). You can install the RSA envision Windows Eventing Collector Service on one or more LCs. You can configure each instance of the Windows Eventing Collector Service to connect to one or more Windows event sources. If you install the Windows Eventing Collector Service in a multiple appliance site that has Network Attached Storage (NAS), the user account that the service uses to connect to the event sources must have write privileges to access the NAS. 3: Deployment of RSA envision Windows Eventing Collector Service on the RSA envision Platform13

14 RSA envision VMware Collector Service Installation and Configuration Guide The following figure shows an RSA envision multiple appliance site. RSA envision Site A-SRV D-SRV Local Collector 1 Windows Eventing Collector Service Local Collector 2 Windows Eventing Collector Service Local Collector 3 Windows Eventing Collector Service Windows event sources Windows event sources Windows event sources Enhanced Availability Site The RSA envision Windows Eventing Collector Service is supported on Enhanced Availability (EA) sites. When you install the Windows Eventing Collector Service on EA deployments, you must ensure that the service is installed on all of the Clustered Appliances in the site even if you do not plan to activate the Windows Eventing Collector Service on all of the Clustered Appliances. If you do not install the Windows Collector Service on all of the Clustered Appliances, unforeseen errors can occur. (If you do not want a Clustered Appliance to collect events, do not configure event sources on the Clustered Appliance.) If you uninstall the Windows Eventing Collector Service from an EA site, you must uninstall the service from all of the Clustered Appliances. 14 3: Deployment of RSA envision Windows Eventing Collector Service on the RSA envision

15 RSA envision VMware Collector Service Installation and Configuration Guide Multiple Site Deployment A multiple site deployment consists of more than one multiple appliance site. You can install the RSA envision Windows Eventing Collector Service on one or more Local Collectors and Remote Collectors (RCs). You can configure each instance of the Windows Eventing Collector Service to connect to one or more Windows event sources. Site 1 Site 2 Site 3 A-SRV A-SRV D-SRV D-SRV Local Collector 1 Local Collector 2 Local Collector Remote Collector Windows Eventing Collector Service Windows Eventing Collector Service Windows Eventing Collector Service Windows Eventing Collector Service Windows event sources Windows event sources Windows event sources Windows event sources 3: Deployment of RSA envision Windows Eventing Collector Service on the RSA envision Platform 15

16

17 4 Deployment Checklist The following table describes the high-level tasks required to set up event collection using the RSA envision Windows Eventing Collector Service. Task Description 1. Obtain the executable files Obtain the following executable files from RSA SecurCare Online at https://knowledge.rsasecurity.com: v4.0sp3_windowseventing_sharedmemory.exe Note: The v4.0sp3_windowseventing_sharedmemory.exe file is only required for RSA envision 4.0 SP3. If you have installed RSA envision 4.0 SP4 or later, do not download this file. RSA_enVision_Windows_Eventing_Collector_Service.exe RSA_enVision_winevent_config.vbs RSA_enVision_winevent_config.ps1 The latest Event Source Update package 2. Prepare the RSA envision appliance You must set up the RSA envision appliance by performing the following tasks: The Windows Eventing Collector Service is compatible only with RSA envision 4.0 SP3 or later. If you are using a prior verison of envision, ensure that you upgrade to RSA envision 4.0 SP3. Install the v4.0sp3_windowseventing_sharedmemory.exe file Note: You need to install v4.0sp3_windowseventing_sharedmemory.exe only for RSA envision 4.0 SP3. If you have installed RSA envision 4.0 SP4 or later, do not install this file. Install the latest Event Source Update For instructions, see the Help topic Preparing to Install Windows Eventing Collector Service. 3. Install the Windows Eventing Collector Service You must install the Windows Eventing Collector Service. For instructions, see the Help topic Install the Windows Eventing Collector Service. 4: Deployment Checklist 17

18 Task 4. Configure the Windows event sources 5. Obtain Windows event source information 6. Configure the Windows Eventing Collector Service 7. Start the Windows Eventing Collector Service Description You must configure the Windows event sources to allow event collection by performing the tasks described in the following sections in the order listed: Configuration of the WinRM Service SSL Connection to Windows Event Sources Configuration of Collection from the Security Channel (Optional) User Account With Least Privileges (Optional) Configuration of Hosted Event Sources For detailed instructions, see the Microsoft Windows Eventing 6.0 Web Services API Configuration Instructions and Release Notes on RSA SecurCare Online. You must obtain connection information for each event source from which you want to collect events. For instructions, see the Help topic Obtain the Windows Event Source Information. You must use the Configuration utility to configure the Windows Eventing Collector Service. For instructions, see the Help topic Configuring the Windows Eventing Collector Service. After configuring the Windows Eventing Collector Service for the first time, you must start the service. For instructions, see the Help topic Start the Windows Eventing Collector Service. 18 4: Deployment Checklist

19 5 Configuration of the WinRM Service Configuration Using Group Policy Objects Configuration Using Scripts Manual Configuration of WinRM over HTTP Manual Configuration of WinRM over HTTPS You can enable the WinRM service on the Windows event sources from a central location using Group Policy objects, by using scripts, or by using manual steps. Note: You must have Administrator privileges on the event sources to enable the WinRM service. Configuration Using Group Policy Objects If you want to configure multiple event sources that are a part of a Windows domain managed by a domain controller, you can use Group Policy objects (GPOs). A Group Policy is a set of rules that controls user accounts, the configuration of applications, and user settings in an Active Directory environment. Microsoft provides a program that allows you to use the Group Policy Snap-in of the Microsoft Management Console (MMC). You can use the graphical user interface (GUI) of the Group Policy Snap-in to configure the WinRM service for HTTP transport mode and enable read access to the Security log channel. If you configure the domain controller using a GPO, all the event sources in the domain are also configured. Configuration Using Scripts You can use the following types of scripts to enable WinRM over HTTP and HTTPS for an event source: Visual Basic (VB) script. You can use a VB script to automatically configure the WinRM service over HTTP or HTTPS on Windows Server 2008 SP 2 and Windows Server 2008 R2. Windows PowerShell (PS) script. You can use a PS script to automatically configure the WinRM service over HTTP or HTTPS on Windows Server 2008 SP2 and Windows Server 2008 R2. On Windows Server 2008 SP 2, you must first install Windows PowerShell 2.0 before executing the script. Note: You must run these scripts on each of the event sources that you need to configure. 5: Configuration of the WinRM Service 19

20 For instructions, see the Microsoft Windows Eventing 6.0 Web Services API Configuration Instructions and Release Notes on the RSA envision Device Configurations page on RSA SecurCare Online at https://knowledge.rsasecurity.com. Manual Configuration of WinRM over HTTP The default transport mode for the WinRM service configuration is HTTP. In HTTP mode, the information is transferred over the network in an unencrypted or plain text format. For detailed instructions, see the Microsoft Windows Eventing 6.0 Web Services API Configuration Instructions and Release Notes on the RSA envision Device Configurations page on RSA SecurCare Online at https://knowledge.rsasecurity.com. Note: You must perform the manual configuration steps on each of the event sources that you want to configure. Manual Configuration of WinRM over HTTPS Configuration of WinRM over the HTTPS transport mode uses the Secure Socket Layer (SSL) protocol, which ensures that all messages exchanged are confidential. Before you can configure a WinRM listener to establish communication over HTTPS, you must provision an SSL certificate to the Windows event source from which you want to collect events. For more information, see SSL Connection to Windows Event Sources. Note: You must perform the manual configuration steps on each of the event sources that you want to configure. 20 5: Configuration of the WinRM Service

21 6 Configuration of Collection from the Security Channel The RSA envision Windows Eventing Collector Service cannot collect events from the Security event log channel by default. You must configure the event source to enable event collection from the Security channel. To access Security channel events, the user account that the Windows Eventing Collector Service uses to connect to the event source must be added to the Windows built-in Event Log Reader user group. The creation of a user account with least privileges does not automatically enable collection from the Security channel. You must explicitly configure the event source to enable event collection from Security channel. For instructions, see the Microsoft Windows Eventing 6.0 Web Services API Configuration Instructions and Release Notes on the RSA envision Device Configurations page on RSA SecurCare Online at https://knowledge.rsasecurity.com. 6: Configuration of Collection from the Security Channel 21

22

23 7 SSL Connection to Windows Event Sources SSL Connection for WinRM over HTTPS SSL Certificates for Windows Event Sources SSL Connection SSL Connection for WinRM over HTTPS If you want to configure a Windows event source to use WinRM over HTTPS, you must establish a Secure Socket Layer (SSL) connection between the Windows event source and RSA envision Windows Eventing Collector Service. SSL creates a secure connection over which you can send data securely. For more information, go to Most organizations use certificates to prove the identity of users or computers, as well as to encrypt data during transmission across unsecured network connections. To establish an SSL connection between the RSA envision platform and a Windows event source, you must perform the tasks described in the following sections: SSL Connection to Windows Event Sources SSL Connection SSL Certificates for Windows Event Sources Most organizations use directory services to manage the identities and relationships of their corporate network and rely on a certificate authority (CA) to issue and manage certificates used in software security systems. A CA is a trusted agency that confirms the identity of users, organizations, and their servers, and then issues certificates that confirm these identities. You can create server certificates by using one of the following: Microsoft CA Third-Party CA Self-Signed Certificates Regardless of your choice of CA, you must manage the server certificates using Certificate Services. Server certificates can expire or be revoked, if necessary. For example, corporate policy may dictate that server certificates expire on an annual basis to ensure that the certificate information is current. You may also want to revoke a certificate when a Windows event source is taken offline. 7: SSL Connection to Windows Event Sources 23

24 Microsoft CA If you use Active Directory Certificate Services (ADCS), your organization can act as its own CA. Microsoft Windows uses Active Directory to provide identity and access management. The following figure shows an example of how Active Directory Domain Services (ADDS) on host DC1 and ADCS on host CA1 reside on the corporate network along with RSA envision and Windows event sources. DC1 CA1 RSA envision Corpnet Windows event source 1 Windows event source N You can enable SSL on your Windows event sources as follows: 1. Install Certificate Services on a server in the domain, and then generate the root CA certificate. 2. Issue an SSL certificate for each event source in one of the following ways: To issue an SSL certificate manually, you must generate a certificate request file for each event source that has a unique computer name and use the certificate request files to create server certificates for your servers. You must then install the respective certificate and enable SSL on each applicable server. To use auto-enrollment for SSL certificates, see the following section Auto-Enrollment for SSL Certificates. 3. Install the root CA certificate in the Trusted Root Certification Authorities store on the envision appliance, so that the Windows Eventing Collector Service trusts the root CA and all event sources that have server certificates issued by the CA. 24 7: SSL Connection to Windows Event Sources

25 For a sample procedure to provision SSL certificates using Microsoft CA, see Appendix A, Example of Provisioning SSL Certificates with Microsoft CA. Auto-Enrollment for SSL Certificates You can use Active Directory Domain Services to configure your Windows event sources for auto-enrollment for SSL certificates. For detailed instructions, see Appendix A, Example of Provisioning SSL Certificates with Microsoft CA. The following figure shows how you can use the ADDS to configure Windows event sources for auto-enrollment for SSL certificates. RSA envision CA1 5 Active Directory Certificate Services 4 DC1 3 2 Windows Event Sources Active Directory Domain Services 1 1. Windows event source retrieves the certificate policy contained in a Group Policy from ADDS. 2. Windows event source submits the certificate request to ADCS based on policy. 3. ADCS retrieves the user information from ADDS. 7: SSL Connection to Windows Event Sources 25

26 Third-Party CA 4. ADCS returns the signed digital certificate to the Windows event source. 5. You must manually install the root CA certificate in the Trusted Root Certification Authorities store on the envision appliance so that the Windows Eventing Collector Service will trust the root CA. You need to import only the public key portion of the certificates. You can use a third-party CA, such as VeriSign, Entrust, Valicert, or Equifax to generate server certificates. When you use a trusted third-party CA, you enable SSL on your Windows event sources as follows: 1. Generate a Certificate Signing Request (CSR) for each Windows event source that has a unique computer name. A CSR is an encrypted text that contains information such as organization name, common name (domain name), locality, country, and the public key that will be included in the certificate.the CSR is generated on the server on which the certificate will be used. A private key is created at the same time that you create the CSR. 2. Submit the certificate request files to the trusted third-party CA. The CA uses the CSR to create your SSL certificate. The certificate created with a particular CSR only works with the private key that was generated with the CSR. If you lose the private key, the certificate is invalid. 3. On each Windows event source, install the respective certificate, and then enable SSL. 4. Install the third-party root CA certificate in the Trusted Root Certification Authorities store on the RSA envision appliance, so that the RSA envision Windows Eventing Collector Service will trust the root CA. For a sample procedure to provision SSL certificates using third-party CA, see Appendix B, Example of Provisioning SSL Certificates with a Third-Party CA. Note: You must be able to use the SSL certificate for Server Authentication. Ensure that the certificate template selected for the Certificate Signing Request includes the Enhanced Key Usage setting where this usage is defined. Self-Signed Certificates A self-signed certificate is an identity certificate that is signed by its creator. That is, the entity that created the certificate also signed off on its legitimacy. If you do not have a CA, you can establish an SSL connection using self-signed certificates. For a sample procedure to provision SSL certificates using self-signed certificates, see Appendix C, Example of Provisioning Self-Signed Certificates. 26 7: SSL Connection to Windows Event Sources

27 SSL Connection You enable SSL connections by enabling WinRM over HTTPS. You can enable WinRM manually or by using scripts that are invoked on all Windows event sources. For instructions, see the Microsoft Windows Eventing 6.0 Web Services API Configuration Instructions and Release Notes on the RSA envision Device Configurations page on RSA SecurCare Online at https://knowledge.rsasecurity.com. 7: SSL Connection to Windows Event Sources 27

28

29 RSA envision VMware Collector Service Installation and Configuration Guide 8 User Account With Least Privileges To collect events from Windows event sources, RSA recommends that you create a user account for the RSA envision platform such that the account has minimum privileges and can authenticate to the event sources only for event collection. You can use administrator accounts to collect events if sharing such privileges is not a concern in your deployment. The least-privileged account limits access to the Windows event sources and does not allow remote access of critical resources. To collect events from the Windows event sources, the user account requires permission to do the following: Connect to the WinRM service remotely with read privileges Read the events generated by Windows event source Access to the WMI resource Win32_UTCTime remotely to define a time window for the events that are to be collected in a given time interval Access to the WMI resource Win32_AccountSID remotely to translate the cryptic SID strings in the events to their corresponding human-readable user names You can create a user account with least privileges for a standalone event source or for multiple event sources in a domain using a domain controller. For instructions, see the Microsoft Windows Eventing 6.0 Web Services API Configuration Instructions and Release Notes on the RSA envision Device Configurations page on RSA SecurCare Online at https://knowledge.rsasecurity.com. 8: User Account With Least Privileges 29

30

31 RSA envision VMware Collector Service Installation and Configuration Guide 9 Configuration of Hosted Event Sources Hosted event sources are applications running on Windows platforms that use the Windows event framework to record their operational events. You can identify hosted event sources as separate event sources on the RSA envision platform with the same IP address as the Windows server that hosts the application. For the list of supported event sources, see the Microsoft Windows Eventing 6.0 Web Services API Configuration Instructions and Release Notes in the RSA envision Device Configurations page on RSA SecurCare Online at https://knowledge.rsasecurity.com. To discover hosted event sources, you must choose the Windows event source as a Multi Device in the administrator user interface in RSA envision. For instructions, see the event source update document for the corresponding hosted event source on the RSA envision Device Configurations page on RSA SecurCare Online at https://knowledge.rsasecurity.com.. 9: Configuration of Hosted Event Sources 31

32

33 A Example of Provisioning SSL Certificates with Microsoft CA Install an Enterprise Root Certificate Authority on the Domain Controller Enable Auto-Enrollment for SSL Certificates Import the Root CA Certificate into the RSA envision Appliance Import the Root CA Certificate into the RSA envision Appliance Install an Enterprise Root Certificate Authority on the Domain Controller For domain computers to automatically enroll for certificates through a Group Policy, install a Microsoft Certificate Authority on the domain controller. Note: The following procedure assumes that ADDS and ADCS are installed on the same host. To install a certificate authority on the domain controller: 1. Click Start > Administrative Tools > Server Manager. 2. In the console tree of Server Manager, click Roles. 3. Under Roles Summary, click Add roles, and then click Next. 4. On the Server Roles page, select Active Directory Certificate Services. 5. Click Next twice. 6. On the Role Services page, click Next. 7. On the Setup Type page, select Enterprise, and then click Next. 8. On the CA Type page, select Root CA, and then click Next. 9. On the Private Key page, select Create a New Private Key, and then click Next. 10. On the Cryptography page, click Next. 11. On the CA Name page, click Next. 12. On the Validity Period page, click Next. 13. On the Certificate Database page, click Next. 14. On the Confirmation page, click Install. A: Example of Provisioning SSL Certificates with Microsoft CA 33

34 Enable Auto-Enrollment for SSL Certificates Configure the root CA so that computer certificates are issued automatically through Group Policy to all the domain member computers and to the domain controller. To configure auto-enrollment for SSL certificates: 1. Click Start > Administrative Tools > Group Policy Management. 2. In the console tree, open the domain containing the computers to be configured for auto-enrollment of certificates. 3. In the console tree, right-click Default Domain Policy, and then click Edit. Note: You may choose to edit an existing Group Policy or create a new one for auto-enrollment for certificates. 4. In the console tree of the Group Policy Management Editor, expand Computer Configuration > Policies > Windows Settings > Security Settings > Public Key Policies. 5. To enable auto-enrollment for SSL certificates for the domain members, follow these steps: a. In the details pane, right-click Automatic Certificate Request Settings, select New, and then click Automatic Certificate Request. b. In the Automatic Certificate Request Wizard, click Next. c. On the Certificate Template page, click Computer, click Next, and then click Finish. 6. To enable auto-enrollment for an SSL certificate for the domain controller, follow these steps: a. In the details pane, right-click Automatic Certificate Request Settings, select New, and then click Automatic Certificate Request. b. In the Automatic Certificate Request Wizard, click Next. c. On the Certificate Template page, click Domain Controller, click Next, and then click Finish. 7. Close the Group Policy Management Editor and Group Policy Management consoles. 8. To enable and update the policy for the domain members and the domain controller, do one of the following: Run the gpupdate command on the individual domain members. Wait for the Group Policy update to happen automatically. Note: If you installed a new CA on your Active Directory domain controller, you might need to restart the existing domain members to enable auto-enrollment for certificates. 34 A: Example of Provisioning SSL Certificates with Microsoft CA

35 Import the Root CA Certificate into the RSA envision Appliance You must install the root CA certificate in the Trusted Root Certification Authorities store on the RSA envision Collector so that the RSA envision Windows Eventing Collector Service trusts the root CA. You export the certificate from the domain controller and then import the certificate to the envision Collector where the Windows Eventing Collector Service is installed. If you have an envision deployment with Enhanced Availability, you must import the root certificate to each of the Cluster Appliances, so that collection can resume on any appliance after a failover. To export the root CA certificate from the domain controller: 1. On the domain controller on which the certificate is provisioned, open Internet Explorer. 2. Click Tools > Internet Options. 3. On the Content tab, select Certificates. 4. On the Trusted Root Certification Authorities tab, select the certificate that has just been provisioned. The Issued To and Issued By fields must have the same name, which ends with -CA. 5. Click Export to open the Certificate Export Wizard. 6. Click All Tasks > Next twice. 7. Browse to the location where you want to store the exported certificate. 8. Click Next. 9. Click Finish. To import the root certificate of the CA: 1. On the Collector, follow these steps to add the Certificates Snap-in to the Microsoft Management Console: a. Click Start > Run, type mmc, and click OK. b. Click File > Add/Remove Snap-in. c. On the Standalone tab, click Add. d. Select Certificates, and click Add. e. Select Computer Account, and click Next. f. Select Local Computer, and click Finish. g. Click Close, and then click OK to return to the Console Root dialog box. 2. Follow these steps to import the root certificate: a. In the Console Root dialog box, select Certificates > Trusted Root Certificates > Certificates. b. Right-click and select All Tasks > Import to open the Certificate Import Wizard. A: Example of Provisioning SSL Certificates with Microsoft CA 35

36 c. Click Next, and browse to the location of the certificate. d. Click Next, and accept all the defaults for the remainder of the wizard. 3. In an Enhanced Availability deployment, repeat steps 1 and 2 on each of the Cluster Appliances. 36 A: Example of Provisioning SSL Certificates with Microsoft CA

37 B Example of Provisioning SSL Certificates with a Third-Party CA Generate a Certificate Signing Request Submit the Certificate Request to a Third-Party CA Install the Certificate on the Event Source Generate a Certificate Signing Request Each event source that has a unique computer name must have a separate certificate. The first step in the certificate creation process is to generate a certificate request. The following instructions describe how to use the Windows certreq command to generate a Certificate Signing Request. If you want to use a different method for creating CSRs, contact your security administrator. To generate a certificate request: 1. Follow these steps to create a file with the.inf extension: a. On the event source, open a text editor, such as Notepad. b. Copy and paste the following text into your text editor: [NewRequest] Subject = "CN = machine-code" MachineKeySet = True [RequestAttributes] CertificateTemplate = MyTemplate where: machine-code is the hostname or FQDN of the event source. MyTemplate is the certificate template that must be created at the CA. Note: You must be able to use the SSL certificate for Server Authentication. Ensure that the certificate template selected for the Certificate Signing Request includes the Enhanced Key Usage setting where this usage is defined. c. Save this file with the.inf extension, for example, request.inf. 2. Open a command window, and change directories to the directory to which you saved the.inf file. B: Example of Provisioning SSL Certificates with a Third-Party CA 37

38 3. To generate a certificate request file using the information in the.inf file, type: certreq.exe -new request.inf mycert.req where: request.inf is the.inf file that you created in step 1. mycert.req is the CSR generated from the information in request.inf. For detailed information on the certreq.exe command syntax and options, go to Submit the Certificate Request to a Third-Party CA After you create a CSR, submit the CSR to a third-party certificate authority, such as Entrust, Equifax, Valicert, or VeriSign. For more information, go to Install the Certificate on the Event Source After you receive the certificate from the certificate authority, you must install the certificate on the event source. To install the certificate: 1. To add the Certificates Snap-in to the Microsoft Management Console, follow these steps: a. Click Start > Run, type mmc, and click OK. b. Click File > Add/Remove Snap-in. c. Select Certificates, and click Add. d. Select Computer Account, and click Next. e. Select Local Computer, and click Finish. f. Click Close, and then click OK to return to the Console Root dialog box. 2. To import the SSL certificate, follow these steps: a. In the Console Root dialog box, select Certificates > Personal > Certificates. b. Right-click and select All Tasks > Import to open the Certificate Import Wizard. c. Click Next, and browse to the location of the certificate that you received from the third-party CA. d. Click Next, and accept all the defaults for the remainder of the wizard. Note: You must install the SSL certificate on the same server on which you generated the CSR or with the same private key. 38 B: Example of Provisioning SSL Certificates with a Third-Party CA

39 C Example of Provisioning Self-Signed Certificates Generate a Self-Signed Certificate Import the Certificate to the RSA envision Appliance Generate a Self-Signed Certificate You can create a self-signed certificate using tools such as RSA BSAFE SSL-C or SelfSSL. The following instructions describe creating a self-signed certificate using SelfSSL, which is included in the Internet Information Services Resource Tool Kit. To install SelfSSL: 1. Download the IIS Resource Kit from 4c73-b628-ade629c89499&displaylang=en. 2. Run iis60rkt.exe to open the InstallShield Wizard. 3. On the Welcome page, click Next. 4. Accept the license agreement, and click Next. 5. On the Setup Type page, select Custom, and click Next. 6. Specify the location to install the IIS 6.0 Resource Kit Tools, and click Next. 7. On the Select Features page, select SelfSSL, and click Next. 8. Review the settings on the Start Copying Files page, and click Next. 9. Click Finish on the InstallShield Wizard Complete page. To create a self-signed certificate: To create a self-signed certificate with the CN matching the FQDN of the system, open a command prompt, and type: selfssl.exe /N:CN=hostname /T /V:days where: hostname is the FQDN of the event source for which you are generating the certificate. /T adds the self-signed certificate to the Personal and the Trusted Root certificate stores on the event source. /V specifies the validity of the certificate in days. days specifies the number of days, for example, 365. C: Example of Provisioning Self-Signed Certificates 39

40 Import the Certificate to the RSA envision Appliance You must import the self-signed certificate to the trusted certificate store on the RSA envision Collector so that the RSA envision Windows Eventing Collector Service can trust the certificate. You export the certificate from the event source and then import the certificate to the Trusted Root Certification Authorities store on the envision appliance. To export the self-signed certificate from the event source: 1. On the event source, follow these steps to add the Certificates Snap-in to the Microsoft Management Console: a. Click Start > Run, type mmc, and click OK. b. Click File > Add/Remove Snap-in. c. Select Certificates, and click Add. d. Select Computer Account, and click Next. e. Select Local Computer, and click Finish. f. Click OK to return to the Console Root dialog box. 2. To export the self-signed certificate, follow these steps: a. In the Console Root dialog box, select Certificates > Personal > Certificates. b. Right-click the self-signed certificate, and select All Tasks > Export to open the Certificate Export Wizard. c. Click Next three times. d. Enter a suitable filename for the certificate file, and click Next. e. Click Next, and click Finish. f. In the certificate export successful dialog box, click Ok. To import the self-signed certificate on to the RSA envision platform: 1. To install the Certificate Snap-in, follow these steps: a. Click Start > Run, type mmc, and click OK. b. Click File > Add/Remove Snap-in. c. On the Standalone tab, click Add. d. Select Certificates, and click Add. e. Select Computer Account, and click Next. f. Select Local Computer, and click Finish. g. Click Close, and then click OK to return to the Console Root dialog box. 40 C: Example of Provisioning Self-Signed Certificates

41 2. To import the self-signed certificate, follow these steps: a. In the Console Root dialog box, select Certificates > Trusted Root Certificates > Certificates. b. Right-click and select All Tasks > Import to open the Certificate Import Wizard. c. Click Next, and browse to the location of the certificate that you exported. d. Click Next, and accept all the defaults for the remainder of the wizard. C: Example of Provisioning Self-Signed Certificates 41

42

RSA Security Analytics

RSA Security Analytics RSA Security Analytics Event Source Log Configuration Guide Microsoft Windows using Eventing Collection Last Modified: Thursday, July 30, 2015 Event Source Product Information: Vendor: Microsoft Event

More information

Installing and Configuring vcenter Multi-Hypervisor Manager

Installing and Configuring vcenter Multi-Hypervisor Manager Installing and Configuring vcenter Multi-Hypervisor Manager vcenter Server 5.1 vcenter Multi-Hypervisor Manager 1.1 This document supports the version of each product listed and supports all subsequent

More information

RSA Authentication Manager 7.1 to 8.1 Migration Guide: Upgrading RSA SecurID Appliance 3.0 On Existing Hardware

RSA Authentication Manager 7.1 to 8.1 Migration Guide: Upgrading RSA SecurID Appliance 3.0 On Existing Hardware RSA Authentication Manager 7.1 to 8.1 Migration Guide: Upgrading RSA SecurID Appliance 3.0 On Existing Hardware Contact Information Go to the RSA corporate website for regional Customer Support telephone

More information

RSA Authentication Manager 7.1 Basic Exercises

RSA Authentication Manager 7.1 Basic Exercises RSA Authentication Manager 7.1 Basic Exercises Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks RSA and the RSA logo

More information

RSA Security Analytics Netflow Collection Configuration Guide

RSA Security Analytics Netflow Collection Configuration Guide RSA Security Analytics Netflow Collection Configuration Guide Copyright 2010-2015 RSA, the Security Division of EMC. All rights reserved. Trademarks RSA, the RSA Logo and EMC are either registered trademarks

More information

RSA Authentication Manager 7.1 Microsoft Active Directory Integration Guide

RSA Authentication Manager 7.1 Microsoft Active Directory Integration Guide RSA Authentication Manager 7.1 Microsoft Active Directory Integration Guide Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks

More information

RSA Security Analytics Netflow Collection Configuration Guide

RSA Security Analytics Netflow Collection Configuration Guide RSA Security Analytics Netflow Collection Configuration Guide Copyright 2010-2015 RSA, the Security Division of EMC. All rights reserved. Trademarks RSA, the RSA Logo and EMC are either registered trademarks

More information

Secure IIS Web Server with SSL

Secure IIS Web Server with SSL Secure IIS Web Server with SSL EventTracker v7.x Publication Date: Sep 30, 2014 EventTracker 8815 Centre Park Drive Columbia MD 21045 www.eventtracker.com Abstract The purpose of this document is to help

More information

Setting Up SSL on IIS6 for MEGA Advisor

Setting Up SSL on IIS6 for MEGA Advisor Setting Up SSL on IIS6 for MEGA Advisor Revised: July 5, 2012 Created: February 1, 2008 Author: Melinda BODROGI CONTENTS Contents... 2 Principle... 3 Requirements... 4 Install the certification authority

More information

Step By Step Guide: Demonstrate DirectAccess in a Test Lab

Step By Step Guide: Demonstrate DirectAccess in a Test Lab Step By Step Guide: Demonstrate DirectAccess in a Test Lab Microsoft Corporation Published: May 2009 Updated: October 2009 Abstract DirectAccess is a new feature in the Windows 7 and Windows Server 2008

More information

TS Gateway Step-By-Step Guide

TS Gateway Step-By-Step Guide TS Gateway Step-By-Step Guide Microsoft Corporation Published: December 2007 Modified: July 2008 Abstract Terminal Services Gateway (TS Gateway) is a new role service available to users of the Microsoft

More information

Dell Recovery Manager for Active Directory 8.6. Quick Start Guide

Dell Recovery Manager for Active Directory 8.6. Quick Start Guide Dell Recovery Manager for Active Directory 8.6 2014 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished

More information

RSA SecurID Software Token 1.0 for Android Administrator s Guide

RSA SecurID Software Token 1.0 for Android Administrator s Guide RSA SecurID Software Token 1.0 for Android Administrator s Guide Contact Information See the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks RSA,

More information

RSA Authentication Agent 7.2 for Microsoft Windows Installation and Administration Guide

RSA Authentication Agent 7.2 for Microsoft Windows Installation and Administration Guide RSA Authentication Agent 7.2 for Microsoft Windows Installation and Administration Guide Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com

More information

RSA Authentication Agent 7.1 for Microsoft Windows Installation and Administration Guide

RSA Authentication Agent 7.1 for Microsoft Windows Installation and Administration Guide RSA Authentication Agent 7.1 for Microsoft Windows Installation and Administration Guide Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com

More information

Use 802.1x EAP-TLS or PEAP-MS-CHAP v2 with Microsoft Windows Server 2003 to Make a Secure Network

Use 802.1x EAP-TLS or PEAP-MS-CHAP v2 with Microsoft Windows Server 2003 to Make a Secure Network How To Use 802.1x EAP-TLS or PEAP-MS-CHAP v2 with Microsoft Windows Server 2003 to Make a Secure Network Introduction This document describes how to create a secure LAN, using two servers and an 802.1xcompatible

More information

Centralizing Windows Events with Event Forwarding

Centralizing Windows Events with Event Forwarding 1 Centralizing Windows Events with Event Forwarding 2 Copyright Notice The information contained in this document ( the Material ) is believed to be accurate at the time of printing, but no representation

More information

Avaya one X Portal 1.1.3 Lightweight Directory Access Protocol (LDAP) over Secure Socket Layer (SSL) Configuration

Avaya one X Portal 1.1.3 Lightweight Directory Access Protocol (LDAP) over Secure Socket Layer (SSL) Configuration Avaya one X Portal 1.1.3 Lightweight Directory Access Protocol (LDAP) over Secure Socket Layer (SSL) Configuration This document provides configuration steps for Avaya one X Portal s 1.1.3 communication

More information

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your computer.

More information

Windows Server Update Services 3.0 SP2 Step By Step Guide

Windows Server Update Services 3.0 SP2 Step By Step Guide Windows Server Update Services 3.0 SP2 Step By Step Guide Microsoft Corporation Author: Anita Taylor Editor: Theresa Haynie Abstract This guide provides detailed instructions for installing Windows Server

More information

Step-by-Step Guide for Setting Up VPN-based Remote Access in a

Step-by-Step Guide for Setting Up VPN-based Remote Access in a Page 1 of 41 TechNet Home > Products & Technologies > Server Operating Systems > Windows Server 2003 > Networking and Communications Step-by-Step Guide for Setting Up VPN-based Remote Access in a Test

More information

Deploying Personal Virtual Desktops by Using RemoteApp and Desktop Connection Step-by-Step Guide

Deploying Personal Virtual Desktops by Using RemoteApp and Desktop Connection Step-by-Step Guide c623242f-20f0-40fe-b5c1-8412a094fdc7 Deploying Personal Virtual Desktops by Using RemoteApp and Desktop Connection Step-by-Step Guide Microsoft Corporation Published: June 2009 Updated: April 2010 Abstract

More information

RSA Authentication Manager 8.1 Setup and Configuration Guide. Revision 2

RSA Authentication Manager 8.1 Setup and Configuration Guide. Revision 2 RSA Authentication Manager 8.1 Setup and Configuration Guide Revision 2 Contact Information Go to the RSA corporate website for regional Customer Support telephone and fax numbers: www.emc.com/domains/rsa/index.htm

More information

Enterprise Manager. Version 6.2. Installation Guide

Enterprise Manager. Version 6.2. Installation Guide Enterprise Manager Version 6.2 Installation Guide Enterprise Manager 6.2 Installation Guide Document Number 680-028-014 Revision Date Description A August 2012 Initial release to support version 6.2.1

More information

CA NetQoS Performance Center

CA NetQoS Performance Center CA NetQoS Performance Center Install and Configure SSL for Windows Server 2008 Release 6.1 (and service packs) This Documentation, which includes embedded help systems and electronically distributed materials,

More information

Managing Multi-Hypervisor Environments with vcenter Server

Managing Multi-Hypervisor Environments with vcenter Server Managing Multi-Hypervisor Environments with vcenter Server vcenter Server 5.1 vcenter Multi-Hypervisor Manager 1.0 This document supports the version of each product listed and supports all subsequent

More information

AD RMS Microsoft Federation Gateway Support Installation and Configuration Guide... 3 About this guide... 3

AD RMS Microsoft Federation Gateway Support Installation and Configuration Guide... 3 About this guide... 3 Contents AD RMS Microsoft Federation Gateway Support Installation and Configuration Guide... 3 About this guide... 3 Microsoft Federation Gateway Support Overview... 4 Deploying and Configuring Microsoft

More information

Step-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab

Step-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab Step-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab Microsoft Corporation Published: May, 2005 Author: Microsoft Corporation Abstract This guide describes how to create

More information

Managing Web Server Certificates on idrac

Managing Web Server Certificates on idrac Managing Web Server Certificates on idrac This Dell technical white paper explains how to configure the web server certificates on idrac to establish secure remote connections. Dell Engineering November

More information

HOTPin Integration Guide: DirectAccess

HOTPin Integration Guide: DirectAccess 1 HOTPin Integration Guide: DirectAccess Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; Celestix assumes no responsibility

More information

Installing Windows Rights Management Services with Service Pack 2 Step-by- Step Guide

Installing Windows Rights Management Services with Service Pack 2 Step-by- Step Guide Installing Windows Rights Management Services with Service Pack 2 Step-by- Step Guide Microsoft Corporation Published: October 2006 Author: Brian Lich Editor: Carolyn Eller Abstract This step-by-step guide

More information

Installing Management Applications on VNX for File

Installing Management Applications on VNX for File EMC VNX Series Release 8.1 Installing Management Applications on VNX for File P/N 300-015-111 Rev 01 EMC Corporation Corporate Headquarters: Hopkinton, MA 01748-9103 1-508-435-1000 www.emc.com Copyright

More information

Configuration (X87) SAP Mobile Secure: SAP Afaria 7 SP5 September 2014 English. Building Block Configuration Guide

Configuration (X87) SAP Mobile Secure: SAP Afaria 7 SP5 September 2014 English. Building Block Configuration Guide SAP Mobile Secure: SAP Afaria 7 SP5 September 2014 English Afaria Network Configuration (X87) Building Block Configuration Guide SAP SE Dietmar-Hopp-Allee 16 69190 Walldorf Germany Copyright 2014 SAP SE

More information

RSA Authentication Agents Security Best Practices Guide. Version 3

RSA Authentication Agents Security Best Practices Guide. Version 3 RSA Authentication Agents Security Best Practices Guide Version 3 Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com. Trademarks RSA,

More information

DriveLock Quick Start Guide

DriveLock Quick Start Guide Be secure in less than 4 hours CenterTools Software GmbH 2012 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise

More information

Mobility Manager 9.0. Installation Guide

Mobility Manager 9.0. Installation Guide Mobility Manager 9.0 Installation Guide LANDESK MOBILITY MANAGER Copyright 2002-2012, LANDesk Software, Inc. and its affiliates. All rights reserved. LANDesk and its logos are registered trademarks or

More information

WHITE PAPER Citrix Secure Gateway Startup Guide

WHITE PAPER Citrix Secure Gateway Startup Guide WHITE PAPER Citrix Secure Gateway Startup Guide www.citrix.com Contents Introduction... 2 What you will need... 2 Preparing the environment for Secure Gateway... 2 Installing a CA using Windows Server

More information

Microsoft IIS Integration Guide

Microsoft IIS Integration Guide Microsoft IIS Integration Guide Preface Preface 2015 SafeNet, Inc. All rights reserved. Part Number: 007-011955-001 (Rev E, 12/2015) All intellectual property is protected by copyright. All trademarks

More information

NetIQ Sentinel 7.0.1 Quick Start Guide

NetIQ Sentinel 7.0.1 Quick Start Guide NetIQ Sentinel 7.0.1 Quick Start Guide April 2012 Getting Started Use the following information to get Sentinel installed and running quickly. Meeting System Requirements on page 1 Installing Sentinel

More information

Deploying Remote Desktop IP Virtualization Step-by-Step Guide

Deploying Remote Desktop IP Virtualization Step-by-Step Guide Deploying Remote Desktop IP Virtualization Step-by-Step Guide Microsoft Corporation Updated: April 2010 Published: July 2009 Abstract Remote Desktop IP Virtualization provides administrators the ability

More information

Shavlik Patch for Microsoft System Center

Shavlik Patch for Microsoft System Center Shavlik Patch for Microsoft System Center User s Guide For use with Microsoft System Center Configuration Manager 2012 Copyright and Trademarks Copyright Copyright 2014 Shavlik. All rights reserved. This

More information

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream User Manual Onsight Management Suite Version 5.1 Another Innovation by Librestream Doc #: 400075-06 May 2012 Information in this document is subject to change without notice. Reproduction in any manner

More information

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and 2012. October 2013

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and 2012. October 2013 Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and 2012 October 2013 This is a publication of Sage Software, Inc. Document version: October 17, 2013 Copyright

More information

RSA Authentication Manager 8.1 Help Desk Administrator s Guide

RSA Authentication Manager 8.1 Help Desk Administrator s Guide RSA Authentication Manager 8.1 Help Desk Administrator s Guide Contact Information Go to the RSA corporate website for regional Customer Support telephone and fax numbers: www.emc.com/domains/rsa/index.htm

More information

6421B: How to Install and Configure DirectAccess

6421B: How to Install and Configure DirectAccess Demonstration Overview Introduction In preparation for this demonstration, the following computers have been configured: NYC-DC1 is an Active Directory Domain Services (AD DS) domain controller and DNS

More information

NSi Mobile Installation Guide. Version 6.2

NSi Mobile Installation Guide. Version 6.2 NSi Mobile Installation Guide Version 6.2 Revision History Version Date 1.0 October 2, 2012 2.0 September 18, 2013 2 CONTENTS TABLE OF CONTENTS PREFACE... 5 Purpose of this Document... 5 Version Compatibility...

More information

BlackShield ID Agent for Terminal Services Web and Remote Desktop Web

BlackShield ID Agent for Terminal Services Web and Remote Desktop Web Agent for Terminal Services Web and Remote Desktop Web 2010 CRYPTOCard Corp. All rights reserved. http:// www.cryptocard.com Copyright Copyright 2010, CRYPTOCard All Rights Reserved. No part of this publication

More information

BlackShield ID Agent for Remote Web Workplace

BlackShield ID Agent for Remote Web Workplace Agent for Remote Web Workplace 2010 CRYPTOCard Corp. All rights reserved. http:// www.cryptocard.com Copyright Copyright 2010, CRYPTOCard All Rights Reserved. No part of this publication may be reproduced,

More information

Installation Guide. SafeNet Authentication Service

Installation Guide. SafeNet Authentication Service SafeNet Authentication Service Installation Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information

More information

Creating and Issuing the Workstation Authentication Certificate Template on the Certification Authority

Creating and Issuing the Workstation Authentication Certificate Template on the Certification Authority In this post we will see the steps for deploying the client certificate for windows computers. This post is a part of Deploy PKI Certificates for SCCM 2012 R2 Step by Step Guide. In the previous post we

More information

Configuring Security Features of Session Recording

Configuring Security Features of Session Recording Configuring Security Features of Session Recording Summary This article provides information about the security features of Citrix Session Recording and outlines the process of configuring Session Recording

More information

RSA Authentication Manager 8.1 Virtual Appliance Getting Started

RSA Authentication Manager 8.1 Virtual Appliance Getting Started RSA Authentication Manager 8.1 Virtual Appliance Getting Started Thank you for purchasing RSA Authentication Manager 8.1, the world s leading two-factor authentication solution. This document provides

More information

User Document. Adobe Acrobat 7.0 for Microsoft Windows Group Policy Objects and Active Directory

User Document. Adobe Acrobat 7.0 for Microsoft Windows Group Policy Objects and Active Directory Adobe Acrobat 7.0 for Microsoft Windows Group Policy Objects and Active Directory Copyright 2005 Adobe Systems Incorporated. All rights reserved. NOTICE: All information contained herein is the property

More information

Installing and Configuring vcloud Connector

Installing and Configuring vcloud Connector Installing and Configuring vcloud Connector vcloud Connector 2.7.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new

More information

Managing the SSL Certificate for the ESRS HTTPS Listener Service Technical Notes P/N 300-011-843 REV A01 January 14, 2011

Managing the SSL Certificate for the ESRS HTTPS Listener Service Technical Notes P/N 300-011-843 REV A01 January 14, 2011 Managing the SSL Certificate for the ESRS HTTPS Listener Service Technical Notes P/N 300-011-843 REV A01 January 14, 2011 This document contains information on these topics: Introduction... 2 Terminology...

More information

Integrating idrac7 With Microsoft Active Directory

Integrating idrac7 With Microsoft Active Directory Integrating idrac7 With Microsoft Active Directory Whitepaper Author: Jim Slaughter This document is for informational purposes only and may contain typographical errors and technical inaccuracies. The

More information

Browser-based Support Console

Browser-based Support Console TECHNICAL PAPER Browser-based Support Console Mass deployment of certificate Netop develops and sells software solutions that enable swift, secure and seamless transfer of video, screens, sounds and data

More information

Scenarios for Setting Up SSL Certificates for View

Scenarios for Setting Up SSL Certificates for View Scenarios for Setting Up SSL Certificates for View VMware Horizon 6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a

More information

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE Copyright 1998-2013 Tools4ever B.V. All rights reserved. No part of the contents of this user guide may be reproduced or transmitted in any form or by any means

More information

RSA Security Analytics Virtual Appliance Setup Guide

RSA Security Analytics Virtual Appliance Setup Guide RSA Security Analytics Virtual Appliance Setup Guide Copyright 2010-2015 RSA, the Security Division of EMC. All rights reserved. Trademarks RSA, the RSA Logo and EMC are either registered trademarks or

More information

For Active Directory Installation Guide

For Active Directory Installation Guide For Active Directory Installation Guide Version 2.5.2 April 2010 Copyright 2010 Legal Notices makes no representations or warranties with respect to the contents or use of this documentation, and specifically

More information

Parallels Mac Management for Microsoft SCCM 2012

Parallels Mac Management for Microsoft SCCM 2012 Parallels Mac Management for Microsoft SCCM 2012 Administrator's Guide v3.0 Copyright 1999-2014 Parallels IP Holdings GmbH and its affiliates. All rights reserved. Parallels IP Holdings GmbH Vordergasse

More information

SQL Server 2008 and SSL Secure Connection

SQL Server 2008 and SSL Secure Connection Ivan Mackintosh 9 January 2013 - v1.0 SQL Server 2008 and SSL Secure Connection This document describes the steps involved for converting an existing SQL Connection to a secure SSL Connection suitable

More information

Sharp Remote Device Manager (SRDM) Server Software Setup Guide

Sharp Remote Device Manager (SRDM) Server Software Setup Guide Sharp Remote Device Manager (SRDM) Server Software Setup Guide This Guide explains how to install the software which is required in order to use Sharp Remote Device Manager (SRDM). SRDM is a web-based

More information

Digipass Plug-In for IAS. IAS Plug-In IAS. Microsoft's Internet Authentication Service. Installation Guide

Digipass Plug-In for IAS. IAS Plug-In IAS. Microsoft's Internet Authentication Service. Installation Guide Digipass Plug-In for IAS IAS Plug-In IAS Microsoft's Internet Authentication Service Installation Guide Disclaimer of Warranties and Limitations of Liabilities Disclaimer of Warranties and Limitations

More information

AD RMS Step-by-Step Guide

AD RMS Step-by-Step Guide AD RMS Step-by-Step Guide Microsoft Corporation Published: March 2008 Author: Brian Lich Editor: Carolyn Eller Abstract This step-by-step guide provides instructions for setting up a test environment to

More information

Sophos Anti-Virus for NetApp Storage Systems startup guide

Sophos Anti-Virus for NetApp Storage Systems startup guide Sophos Anti-Virus for NetApp Storage Systems startup guide Runs on Windows 2000 and later Product version: 1 Document date: April 2012 Contents 1 About this guide...3 2 About Sophos Anti-Virus for NetApp

More information

RSA Authentication Manager 8.1 Help Desk Administrator s Guide. Revision 1

RSA Authentication Manager 8.1 Help Desk Administrator s Guide. Revision 1 RSA Authentication Manager 8.1 Help Desk Administrator s Guide Revision 1 Contact Information Go to the RSA corporate website for regional Customer Support telephone and fax numbers: www.emc.com/domains/rsa/index.htm

More information

Application Note Gemalto.NET 2.0 Smart Card Certificate Enrollment using Microsoft Certificate Services on Windows 2008

Application Note Gemalto.NET 2.0 Smart Card Certificate Enrollment using Microsoft Certificate Services on Windows 2008 7 Application Note Gemalto.NET 2.0 Smart Card Certificate Enrollment using Microsoft Certificate Services on Windows 2008 All information herein is either public information or is the property of and owned

More information

Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0

Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0 Step-by-Step Guide for Microsoft Advanced Group Policy Management 4.0 Microsoft Corporation Published: September 2009 Abstract This step-by-step guide describes a sample scenario for installing Microsoft

More information

Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010

Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010 Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010 This document describes the different types of Unisphere management stations and tells how to install

More information

ms-help://ms.technet.2005mar.1033/security/tnoffline/security/smbiz/winxp/fwgrppol...

ms-help://ms.technet.2005mar.1033/security/tnoffline/security/smbiz/winxp/fwgrppol... Page 1 of 16 Security How to Configure Windows Firewall in a Small Business Environment using Group Policy Introduction This document explains how to configure the features of Windows Firewall on computers

More information

Preparing Your Server for an MDsuite Installation

Preparing Your Server for an MDsuite Installation Preparing Your Server for an MDsuite Installation Introduction This document is intended for those clients who have purchased the MDsuite Application Server software and will be scheduled for an MDsuite

More information

Quick Start Guide. for Installing vnios Software on. VMware Platforms

Quick Start Guide. for Installing vnios Software on. VMware Platforms Quick Start Guide for Installing vnios Software on VMware Platforms Copyright Statements 2010, Infoblox Inc. All rights reserved. The contents of this document may not be copied or duplicated in any form,

More information

Management Center. Installation and Upgrade Guide. Version 8 FR4

Management Center. Installation and Upgrade Guide. Version 8 FR4 Management Center Installation and Upgrade Guide Version 8 FR4 APPSENSE MANAGEMENT CENTER INSTALLATION AND UPGRADE GUIDE ii AppSense Limited, 2012 All rights reserved. part of this document may be produced

More information

HTTP communication between Symantec Enterprise Vault and Clearwell E- Discovery

HTTP communication between Symantec Enterprise Vault and Clearwell E- Discovery Securing HTTP communication between Symantec Enterprise Vault and Clearwell E- Discovery Requesting and Applying an SSL Certificate to secure communication ion from Clearwell E-Discovery to Enterprise

More information

X.509 Certificate Generator User Manual

X.509 Certificate Generator User Manual X.509 Certificate Generator User Manual Introduction X.509 Certificate Generator is a tool that allows you to generate digital certificates in PFX format, on Microsoft Certificate Store or directly on

More information

Step-by-Step Guide for Setting Up Network Quarantine and Remote Access Certificate Provisioning in a Test Lab

Step-by-Step Guide for Setting Up Network Quarantine and Remote Access Certificate Provisioning in a Test Lab Step-by-Step Guide for Setting Up Network Quarantine and Remote Access Certificate Provisioning in a Test Lab Microsoft Corporation Published: May, 2005 Author: Microsoft Corporation Abstract This guide

More information

Dell Statistica Document Management System (SDMS) Installation Instructions

Dell Statistica Document Management System (SDMS) Installation Instructions Dell Statistica Document Management System (SDMS) Installation Instructions 2015 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described

More information

Using Group Policy to Manage and Enforce ACL on VNX for File P/N 300-011-877 REV A01 February 2011

Using Group Policy to Manage and Enforce ACL on VNX for File P/N 300-011-877 REV A01 February 2011 EMC VNX Series Release 7.0 Using Group Policy to Manage and Enforce ACL on VNX for File P/N 300-011-877 REV A01 February 2011 This technical note contains information on these topics: Business problem...

More information

Step-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3)

Step-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3) Step-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3) Manual installation of agents and importing the SCOM certificate to the servers to be monitored:

More information

SELF SERVICE RESET PASSWORD MANAGEMENT GPO DISTRIBUTION GUIDE

SELF SERVICE RESET PASSWORD MANAGEMENT GPO DISTRIBUTION GUIDE SELF SERVICE RESET PASSWORD MANAGEMENT GPO DISTRIBUTION GUIDE Copyright 1998-2015 Tools4ever B.V. All rights reserved. No part of the contents of this user guide may be reproduced or transmitted in any

More information

Lab 05: Deploying Microsoft Office Web Apps Server

Lab 05: Deploying Microsoft Office Web Apps Server Lab 05: Deploying Microsoft Office Web Apps Server DISCLAIMER 2013 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, Hyper-V, Internet Explorer, Lync, PowerPoint, Silverlight, SQL

More information

Oracle Virtual Desktop Infrastructure. VDI Demo (Microsoft Remote Desktop Services) for Version 3.2

Oracle Virtual Desktop Infrastructure. VDI Demo (Microsoft Remote Desktop Services) for Version 3.2 Oracle Virtual Desktop Infrastructure VDI Demo (Microsoft Remote Desktop Services) for Version 2 April 2011 Copyright 2011, Oracle and/or its affiliates. All rights reserved. This software and related

More information

Using Self Certified SSL Certificates. Paul Fisher. Quest Software. Systems Consultant. Desktop Virtualisation Group

Using Self Certified SSL Certificates. Paul Fisher. Quest Software. Systems Consultant. Desktop Virtualisation Group Using Self Certified SSL Certificates Paul Fisher Systems Consultant paul.fisher@quest.com Quest Software Desktop Virtualisation Group Quest Software (UK) Limited Ascot House Maidenhead Office Park Westacott

More information

EMC Data Domain Management Center

EMC Data Domain Management Center EMC Data Domain Management Center Version 1.1 Initial Configuration Guide 302-000-071 REV 04 Copyright 2012-2015 EMC Corporation. All rights reserved. Published in USA. Published June, 2015 EMC believes

More information

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access With IDENTIKEY Server / Axsguard IDENTIFIER Integration Guidelines Disclaimer Disclaimer of Warranties and Limitations

More information

Step-by-Step Guide for Setting Up VPN-based Remote Access in a Test Lab

Step-by-Step Guide for Setting Up VPN-based Remote Access in a Test Lab Página 1 de 54 Step-by-Step Guide for Setting Up VPN-based Remote Access in a Test Lab This guide provides detailed information about how you can use five computers to create a test lab with which to configure

More information

Step-By-Step Guide to Deploying Lync Server 2010 Enterprise Edition

Step-By-Step Guide to Deploying Lync Server 2010 Enterprise Edition Step-By-Step Guide to Deploying Lync Server 2010 Enterprise Edition The installation of Lync Server 2010 is a fairly task-intensive process. In this article, I will walk you through each of the tasks,

More information

MicrosoftDynam ics GP 2015. TenantServices Installation and Adm inistration Guide

MicrosoftDynam ics GP 2015. TenantServices Installation and Adm inistration Guide MicrosoftDynam ics GP 2015 TenantServices Installation and Adm inistration Guide Copyright Copyright 2014 Microsoft Corporation. All rights reserved. Limitation of liability This document is provided as-is.

More information

WhatsUp Gold v16.3 Installation and Configuration Guide

WhatsUp Gold v16.3 Installation and Configuration Guide WhatsUp Gold v16.3 Installation and Configuration Guide Contents Installing and Configuring WhatsUp Gold using WhatsUp Setup Installation Overview... 1 Overview... 1 Security considerations... 2 Standard

More information

Windows Mobile SSL Certificates

Windows Mobile SSL Certificates Windows Mobile SSL Certificates Configuring Security Enhanced Communication on Exchange Server 2003 SP2 or 2007 with Windows Mobile Powered Devices White Paper Published: May 2007 For the latest information,

More information

SOLARWINDS ORION. Patch Manager Evaluation Guide

SOLARWINDS ORION. Patch Manager Evaluation Guide SOLARWINDS ORION Patch Manager Evaluation Guide About SolarWinds SolarWinds, Inc. develops and markets an array of network management, monitoring, and discovery tools to meet the diverse requirements of

More information

RSA SecurID Software Token 1.3 for iphone and ipad Administrator s Guide

RSA SecurID Software Token 1.3 for iphone and ipad Administrator s Guide RSA SecurID Software Token 1.3 for iphone and ipad Administrator s Guide Contact Information See the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks

More information

Using Windows Administrative Tools on VNX

Using Windows Administrative Tools on VNX EMC VNX Series Release 7.0 Using Windows Administrative Tools on VNX P/N 300-011-833 REV A01 EMC Corporation Corporate Headquarters: Hopkinton, MA 01748-9103 1-508-435-1000 www.emc.com Copyright 2011 -

More information

Citrix XenServer Workload Balancing 6.5.0 Quick Start. Published February 2015 1.0 Edition

Citrix XenServer Workload Balancing 6.5.0 Quick Start. Published February 2015 1.0 Edition Citrix XenServer Workload Balancing 6.5.0 Quick Start Published February 2015 1.0 Edition Citrix XenServer Workload Balancing 6.5.0 Quick Start Copyright 2015 Citrix Systems. Inc. All Rights Reserved.

More information

Create, Link, or Edit a GPO with Active Directory Users and Computers

Create, Link, or Edit a GPO with Active Directory Users and Computers How to Edit Local Computer Policy Settings To edit the local computer policy settings, you must be a local computer administrator or a member of the Domain Admins or Enterprise Admins groups. 1. Add the

More information

Integrating idrac 7 with Microsoft Active Directory

Integrating idrac 7 with Microsoft Active Directory Integrating idrac 7 with Microsoft Active Directory Whitepaper Author: Jim Slaughter This document is for informational purposes only and may contain typographical errors and technical inaccuracies. The

More information

Secure Web Appliance. SSL Intercept

Secure Web Appliance. SSL Intercept Secure Web Appliance SSL Intercept Table of Contents 1. Introduction... 1 1.1. About CYAN Secure Web Appliance... 1 1.2. About SSL Intercept... 1 1.3. About this Manual... 1 1.3.1. Document Conventions...

More information

/ Preparing to Manage a VMware Environment Page 1

/ Preparing to Manage a VMware Environment Page 1 Configuring Security for a Managed VMWare Enviroment in VMM Preparing to Manage a VMware Environment... 2 Decide Whether to Manage Your VMware Environment in Secure Mode... 2 Create a Dedicated Account

More information