ESET REMOTE ADMINISTRATOR 4 Manual de instalación descargar pdf (Pagina 51)

Administrator > ERA Server > Setup > Groups > Active Directory Synchronization options). By default, only

Computer security groups and Computer organization units are synchronized. However, you can add other Active

Directory objects by checking the desired option.

NOTE: For ERAS to synchronize with Active Directory, ERAS does not need to be installed on your Domain Controller. The

Domain Controller only needs to be accessible from the computer where your ERAS is located. To configure

authentication to your Domain Controller, go to Tools > Server Options > Advanced > Edit Advanced Settings > ESET

Remote Administrator > ERA Server > Setup > Active directory. The format of the server name is LDAP://servername or

GC://servername. When empty, global catalog (GC) is used.

5.3 Policies

Policies are in many ways similar to Configuration tasks, except they are not one-shot tasks sent to one or more

workstations. Rather, they provide continuous maintenance of certain configuration settings for ESET security products.

In other words, a Policy is a configuration that is forced to a client.

5.3.1 Basic principles and operation

Access the Policy Manager by selecting Tools > Policy Manager... The Policy Tree on the left lists the policies that are

present on individual servers. The right side is divided into four sections – Policy settings, Policy configuration, Policy

action and Global policy settings – the options in these sections enable an administrator to manage and configure

policies.

The primary functions of the Policy Manager include creating, editing and removing policies. Clients receive policies from

ERAS. ERAS can use multiple policies which can inherit settings from each other or from policies from an upper server.

The system of adopting policies from an upper server is called inheritance; policies that are created as a result of inheritance

are referred to as merged policies. Inheritance is based on the Parent – Child principle, i.e. a child policy inherits settings

from a parent policy.

5.3.2 How to create policies

The default installation only implements one policy labeled ”Server Policy”. This name can be changed in the Policy

settings > Policy name field. The policy itself is configurable from the ESET Configuration Editor – click Edit and define

parameters for the selected ESET security product (or client). All parameters are organized into a comprehensive structure

and all items in the Editor are assigned an icon. Clients will only adopt active parameters (marked by a blue icon). All

inactive (greyed out) parameters will remain unchanged on target computers. The same principle applies to inherited and

merged policies – a child policy will adopt only active parameters from a parent policy.

ERA Servers allow for multiple policies (Add New Child Policy). The following options are available for new policies: policy

name, linking to a Parent policy and configuration (configuration can be empty, copied from an existing policy, or copied

from an .xml configuration file). Policies can only be created on the server you are currently connected to via ERAC. To

create a policy on a lower server you need to connect directly to that server.

Each policy has two basic attributes – Override any child policy and Down replicable policy. These attributes define

how active configuration parameters are adopted by child policies.

Override any child policy – Forces all active parameters to inherited policies. If the child policy differs, the merged policy

will contain all active parameters from the parent policy (even though the Override… is active for the child policy). All

inactive parameters from the parent policy will adjust to the child policy. If the attribute Override any child policy is not

enabled, settings in the child policy have priority over those in the parent policy for the resulting merged policy. Such

merged policies will be applied to other policies, if they are linked to it as their parent policy.

Down replicable policy – Activates replication to child policies – i.e., it can serve as a default policy for lower servers and

can also be assigned to clients connected to lower servers.

Policies can also be imported/exported from/to an .xml file or imported from Groups. For more information see chapter

titled Importing/Exporting policies .

1 2 ... 46 47 48 49 50 51 52 53 54 55 56 ... 91 92

Comentarios a estos manuales

Sin comentarios

ESET REMOTE ADMINISTRATOR 4 Manual de instalación Pagina 51

Comentarios a estos manuales

Relacionado con productos y manuales para Software ESET REMOTE ADMINISTRATOR 4