eTrust Audit Reference Guide - CA Technologies
eTrust Audit Reference Guide - CA Technologies
eTrust Audit Reference Guide - CA Technologies
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Mapping Examples .......................................................................... 13-17<br />
Mandatory Fields for Event Identification.................................................. 13-17<br />
Common Predefined Fields for Event Identification ......................................... 13-19<br />
Optional Predefined Fields for Event Identification ......................................... 13-19<br />
Common Predefined Fields for Event Description .......................................... 13-20<br />
Mapping Events to Predefined Categories ................................................. 13-22<br />
System Access........................................................................... 13-23<br />
Account Management.................................................................... 13-24<br />
Object Access ........................................................................... 13-25<br />
Policy Management...................................................................... 13-26<br />
Security Systems ........................................................................ 13-27<br />
Physical Security ........................................................................ 13-28<br />
Network ................................................................................ 13-28<br />
Detailed Tracking ....................................................................... 13-30<br />
System/Application, Administration and General Events ................................... 13-31<br />
Fields Internal to <strong>eTrust</strong> <strong>Audit</strong> ............................................................ 13-32<br />
Reserved Keywords ......................................................................... 13-32<br />
Chapter 14: Recorder for Check Point FireWall-1 <strong>Reference</strong><br />
Information Flow............................................................................. 14-1<br />
Preinstallation Considerations ................................................................. 14-3<br />
Configuring the Check Point FireWall-1 Servers ............................................. 14-3<br />
Information You Need to Collect ........................................................... 14-3<br />
Installing the Recorder for Check Point FireWall-1............................................... 14-4<br />
Installing in a Solaris Environment ............................................................. 14-4<br />
Installing the Recorder for Check Point FireWall-1 ........................................... 14-5<br />
Upgrading the Data Tools ................................................................. 14-6<br />
Configuration Values ......................................................................... 14-7<br />
Registry Keys and .ini File ................................................................. 14-7<br />
Windows Registry Entries ................................................................. 14-7<br />
Solaris e<strong>Audit</strong>.ini File Values ............................................................. 14-10<br />
Technical Information ....................................................................... 14-13<br />
OPSEC Connection Types ................................................................ 14-13<br />
Configuring Check Point FireWall-1 Servers ............................................... 14-14<br />
viii<br />
<strong>Reference</strong> <strong>Guide</strong>