The SSH server should be installed in the Linux machine (mandatory only for installation).
If not, manually update SACLs with the following permissions ( see how) These are automatically enabled by the product.
SACLs should be enabled for the monitored file/folders.
Then proceed to enable the following access policies.
In administrator command prompt enter the command,.
If there are overriding GPOs for audit policy in your domain, follow the below procedure to manually enable them
When you enable File Integrity Monitoring for Windows, certain access policies will be automatically enabled on the file server.
Prerequisites for File Integrity Monitoring Windows:
In Windows FIM module, both Windows server and Windows file server license are required for monitoring.
It is recommended that FIM be implemented for strictly necessary files and folders so as to avoid disk space issues that may rise due to the high volume of generated logs.
Converting standalone installation to Managed Server.
Converting standalone installation to Admin Server.
Move Installation to Different Directory in the Same Server.
Move Database to Different Directory in the Same Server.
Migrate data from MySQL to MS SQL database.
Migrate data from PostgreSQL to MS SQL database.
MITRE ATT&CK TTP(S) Framework Integration.
Configuring, editing, and scheduling compliance reports.
On Symantec Endpoint Protection devices.
Configuring McAfee solutions for analysis.
Enabling Microsoft Windows Firewall logging.
Configuring, and enabling logging/auditing in sources.
0 kommentar(er)
