CSA 5,2.0.238 installed on a Win 2k3 Server

Answered Question
Dec 7th, 2007
User Badges:

The server that I will be deploying with the CSA Agent, should it only be attached to the Group "Servers - Internally Deployed" or should it be joined to other groups as well? This server is not a file or print server but a will maintain logs so i do want the necessary protection.


Thanks,

Adam

Correct Answer by tsteger1 about 9 years 4 months ago

Yes, I don't clone everything like I did with 4.X.


It makes upgrades and management a lot easier IMHO.


Tom



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
tsteger1 Fri, 12/07/2007 - 09:50
User Badges:
  • Red, 2250 points or more

That and "Servers - All types" sounds like a good start.


If you want to protect or audit the logs, you would need to add a few more rules.


Tom

kerraj2004 Fri, 12/07/2007 - 10:46
User Badges:

Also, instead of nesting groups and such should I just copy the rules from the "Servers - Internally Deployed" and apply them in the copied Group of "Servers - All Types" ?


Thanks Tom,

Adam

tsteger1 Fri, 12/07/2007 - 11:23
User Badges:
  • Red, 2250 points or more

Hi Adam, I think that's a matter of personal preference.


In 5.2, I left pretty much everything at the defaults (unlike what I did with 4.X).


My servers are all in the default servers group and in other groups based on their function.


I move all exceptions into custom exception modules in custom policies and associate them with default groups.


Again, that is my personal preference but there are others that do it differently.


HTH


Tom

kerraj2004 Fri, 12/07/2007 - 13:48
User Badges:

so you are pretty much using the default groups and creating your exceptions as needed?


Thanks,

Adam

Correct Answer
tsteger1 Fri, 12/07/2007 - 14:14
User Badges:
  • Red, 2250 points or more

Yes, I don't clone everything like I did with 4.X.


It makes upgrades and management a lot easier IMHO.


Tom



Actions

This Discussion