Symantec 10521146 Administration Guide - Page 286
Launching from a new location, Start, Decoy Console, Decoy Console Not Found
UPC - 037648268134
View all Symantec 10521146 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 286 highlights
286 Advanced configuration Integrating third-party events To download instructions for configuring Symantec Decoy Server to send events to Symantec Network Security, see the following web site: http://www.symantec.com/techsupp/enterprise/products/mantrap/files.html To integrate Symantec Decoy Server events into Symantec Network Security 1 Configure the alerting response policies for the Symantec Decoy Server cages. Based on these alerting response policies, Symantec Decoy Server sends events to Symantec Network Security, and these events appear in the Network Security console. For example, configure a cage to send all Root User Exec and File Opened for Writing events to the Network Security console. 2 In the Network Security console, create an external sensor node for each IP address that will send event data to Symantec Network Security; that is, a separate node for each cage and host. See "Adding or editing Smart Agent objects" on page 105. 3 Apply Symantec Network Security response policy rules to the Symantec Decoy Server events. See "Setting response actions" on page 141. Note: SuperUsers can integrate Symantec Decoy Server events; Administrators, StandardUsers, and RestrictedUsers cannot. See "User groups reference" on page 319 for more about permissions. Launching from a new location This section describes how to launch the Symantec Decoy Server console from a new location on the network. To launch the Symantec Decoy Server console from a new location 1 Right-click any external sensor object in the topology tree, and click Start Decoy Console. 2 The first time, a Decoy Console Not Found message appears. Click OK. 3 In Select the Symantec Decoy Server Console Directory, navigate to the directory containing mtadmin.jar, and click Open. This file is typically located in Program Files\Symantec\Mantrap. 4 In Start Decoy Console, click Yes to confirm the path to the jar file. After launching the Symantec Decoy Server console from this new location, the location of the mtadmin.jar file is stored in memory.