Baseline Level; Audit Policy - HP StorageWorks X5000 Technical Manual

Nas security: technical guide to nsa, c2, e3-fc2, and cc security compliancy

Hide thumbs Also See for StorageWorks X5000:

Release note (39 pages)

Limited warranty (76 pages)

Support manual (17 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

page of 156

/ 156
Contents
Table of Contents
Bookmarks

Table of Contents

2.8 Baseline Level

The settings at the Member Server OU level define the common settings for all member servers in the

domain. This is done by creating a GPO that is linked to the Member Server OU, known as a

baseline policy. The GPO automates the process of configuring specific security settings on each

server. Administrators should use the member server baseline policy (MSBP) security template

supplied within the Microsoft "Windows Server 2003 Security Guide" that is most appropriate to their

corresponding network environment. The following table displays the security template used within

each appropriate network environment.

Member Server

Default

None

The following settings are described as they appear in the user interface (UI) of the Security

Configuration Editor (SCE) snap-in.

2.8.1

Audit Policy

Administrators should set up an audit policy. An audit policy determines the security events to report

to the network administrators so that user or system activity in specified event categories is recorded.

The administrator can monitor security-related activity, such as who accesses an object, if a user logs

on to or off from a computer, or if changes are made to an auditing policy setting. Before

implementing audit policies, one must decide which event categories need to be audited for the

corporate environment. The auditing settings that an administrator chooses for the event categories

define the corporate auditing policy. By defining audit settings for specific event categories,

administrators can create an audit policy that suits the security needs of the organization. Audit

policy values can be configured in the Domain Group Policy section of Windows Server 2003 at the

following location:

Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy

Member Server Default

Success

The Audit account logon events setting determines whether to audit each instance of a user logging

on to or off another computer that validates the account. Authenticating a domain user account on a

domain controller generates an account logon event. The event is logged in the domain controller's

security log. Authenticating a local user on a local computer generates a logon event. The event is

logged in the local security log. There are no Account logoff events logged. The following table

includes some of the important security events that this setting logs in the Security Event Log.

Baseline Security Template

Legacy Client

Legacy client-

member server

baseline.inf

Audit Account Logon Events

Legacy Client

Success Failure

Enterprise Client

Enterprise client-

member server

baseline.inf

Enterprise Client

Success Failure

High Security Client

High Security-

Member server

baseline.inf

High Security Client

Success Failure

Table of Contents

This manual is also suitable for:

Nsa security compliancy C2 security compliancy E3-fc2 security compliancy Cc security compliancy

Baseline Level; Audit Policy - HP StorageWorks X5000 Technical Manual

2.8 Baseline Level

Audit Policy

Related Manuals for HP StorageWorks X5000

Related Content for HP StorageWorks X5000

This manual is also suitable for:

Table of Contents