Specific Module Requirements

From Wiki

Jump to: navigation, search

This section outlines the specific requirements needed to install each of the Ecora Auditor Professional modules. Please consult it carefully to ensure you have met all of the requirements prior to installing a specific module. This document also provides specific information on the supported and reported Operating Systems/Devices/etc. for each specific Auditor Professional module.

Contents

Active Directory Module

Auditor Console: Installation System

  • NetBIOS protocol support (unless the installation machine is a member of an Active Directory forest)
  • For initial domain controller discovery:
    • If NetBios is enabled - The computer with Auditor software installed may be a member of any domain (as long as the user has permissions to the Active Directory domain controller).
    • If NetBIOS is disabled on the domain controller or the computer with Auditor software installed:
      • The computer with Auditor software installed must be a member of the Active Directory Domain
      • The DNS settings on the computer with Auditor software installed must point to a DNS server within the Active Directory domain; otherwise a Domain Disabled message will result.
      • Domain Disabled - This message indicates that the Auditor software cannot find a domain controller in the Active Directory domain. Please verify that all system requirements above are met.


Target Systems

  • Remote Registry Service enabled
  • RPC Service
  • Server Service enabled
  • NetBIOS (over TCP/IP) protocol support or AD
  • Domain, Local, or Enterprise Administrator permissions for all the domains containing systems you want to collect
Note: To report on machines in WorkGroups, you must have an administrator account on all machines to be reported that matches the login/password of the domain administrator account of the domain in which the machine with the software is installed.

Supported/Reported

  • Active Directory 2000, 2003, 2008

Check Point Module

Target Systems

  • Read permissions for collection
  • Remote registration of OPSEC applications should be allowed on the SmartCenter server
  • Administrator permissions for registering OPSEC application
  • Requirements on the Smart Center Server
    • Add host name (Host Name or IP address of the computer where Auditor is installed) to GUI clients tab in the Check Point Configuration Utility
    • Allow remote registration of OPSEC products must be checked on the Policy\Global Settings\OPSEC node in Check Point SmartDashboard. (If Smart Dashboard is not used, then remote registration of OPSEC products should be manually registered in the config file).
    • Save changes and close SmartDashboard and Configuration utilities.
  • Instructions for adding Check Point Smart Center servers to Auditor software for collection.
From the Data collection dialog box:
  1. Click New;
  2. On the Server tab, specify the Smart Center server name, administrator name and password;
  3. Make sure SmartDashboard is closed; then, on the OPSEC Application tab, click the Initialize button. Then, in the Communication dialog box, specify the administrator name and password. (After successful registration, all boxes on OPSEC Application tab will be filled automatically.)


Supported/Reported

  • Check Point VPN-1/Firewall-1 NGX R60, R65

Cisco Module

Target Systems

  • RPC Service
  • Routers & Layer 3 Switching Devices/Modules (RSM, RSFC, MSFC) running Cisco IOS® version 12.2, 12.3, 12.4
  • Access to Privileged EXEC Mode or a security level with access to the following commands: show version, show running-config, and show startup-config on all devices to be documented


Supported/Reported

  • Cisco IOS® versions 12.x up to 12.4

Cisco PIX Module

Target Systems

  • RPC Service
  • PIX firewalls running Cisco PIX OS version 5.x, 6.x, ASA 7.x
  • Access to Privileged EXEC Mode or a security level with access to the following commands: show version, show running-config, and show startup-config on all devices to be documented


Supported/Reported

  • Cisco PIX OS version 5.x, 6.x, ASA 7.x

Citrix Module

Target Systems

  • Remote Registry Service must be enabled
  • RPC Service
  • Server Service
  • Citrix MetaFrame XP SP3 or higher
  • View-only administrator rights


Supported/Reported

  • Citrix MetaFrame XP SP3, Citrix Presentation Server 3.0, 4.0, 4.5

IBM DB2 Module

Auditor Console: Installation System

  • NetBIOS (over TCP/IP) protocol support
  • DB2 Administration Client v.8.1.7 (or higher) with OLE DB Client support

Target Systems

  • View-only administrator rights
  • DAS (DB2 Administration Server) service should be up and running
  • Following TCP ports should be open for both incoming and outbound requests:
    • 523 - utilized by DAS service
    • 50000, 50001, 50002, 50003 etc. (could differ, as it depends on the total number of DB2 instances being executed simultaneously and their settings) number of DB2 instances being executed simultaneously and their settings) if a TCP/IP connection is used
    • 137-139 - if a NETBIOS connection is used


Supported/Reported

  • IBM DB2 UDB v8.1 and higher

Domino Module

Auditor Console: Installation System

  • Lotus Notes 4.5 SP6.x client or higher (you will be prompted for a Notes client password)
  • Lotus Notes program directory in the path statement

Note: If you have to edit your path statement, restart the client machine before attempting to collect data.

  • Read Access to the Domino Directory (Address Book)

Target Systems

  • Read Access to the Domino Directory (Address Book)
  • Remote Registry Service enabled
  • RPC Service
  • Server Service enabled

Supported/Reported

  • IBM Lotus Domino Server 4.5 SP6.x, R5x, 6.x or 7.x

Exchange Module

Auditor Console: Installation System

  • NetBIOS (over TCP/IP) protocol support
  • Exchange Administrative permissions are required
  • Outlook 2000 or above is required for additional mailbox or public folder information
  • The Outlook profile must have local admin privileges and an Exchange mailbox with
  • Exchange administrative rights for additional mailbox or public folder information
  • Exchange 5.5 only:
    • Exchange Administrator 5.5 must be installed
    • If Outlook 2003 is installed, Exchange Administrator 5.5 must be installed from the Exchange 2000 or 2003 CD
  • Exchange 2000/2003/2007 only:
    • Exchange System Manager
    • If Outlook 2000 is installed, the public folder attributes Deleted Items and Size of Items are not collected
    • If Outlook 2003 is installed, the Exchange System Manager is required to collect additional mailbox information
    • Schema Admin, Enterprise Admin, Domain Admin membership required

Target Systems

  • Remote Registry Service enabled
  • RPC Service
  • Server Service enabled
  • NetBIOS (over TCP/IP) protocol support

Supported/Reported

  • 5,5 (Gold, All SPs)
  • 2000 (Gold, All SPs)
  • 2003 (Gold, All SPs)
  • 2007 (Gold, SP1)

MS IIS Module

Auditor Console: Installation System

  • IIS common files
  • NetBIOS (over TCP/IP) protocol support

Target Systems

  • Remote Registry Service enabled
  • RPC Service
  • Server Service enabled
  • NetBIOS (over TCP/IP) protocol support
  • Operator rights to the IIS servers reported
  • IIS Management Script and Tools installed (IIS 7.0 only)

Supported/Reported

  • IIS 4, 5, 5.1, 6, 7

MS SQL Module

Auditor Console: Installation System

  • Microsoft SQL Client with net libraries (Named Pipes, TCP/IP etc.)
  • SQL Database Administrator rights

Target Systems

  • Remote Registry Service enabled
  • RPC Service
  • Server Service enabled
  • Read rights on SQL servers

Supported/Reported

  • MS-SQL server 2000, 2005, 2008

Novell Module

Auditor Console: Installation System

  • Novell NetWare client version 5.1, 6.0, 6.5 or higher

Target Systems

  • Remote Registry Service enabled
  • RPC Service
  • Server Service enabled
  • Console Operator access
  • Supervisor rights to the portion of the NDS tree to report

Supported/Reported

  • Novell NetWare Server 5.1, 6.0, 6.5, Open Enterprise Server (V1, V2)

Oracle Module

Auditor Console: Installation System

  • Oracle client version 9i, 10g, 11g with Oracle Networking components installed
Note: Oracle client version 9i for reporting 9i databases, 10g for reporting 10g database, 11g for reporting.

Target Systems

  • Remote Registry Service enabled
  • RPC Service
  • Server Service enabled
  • Oracle instance
  • Database user account with the following:
CONNECT - role
OR
SELECT ANY DICTIONARY - system privilege

Supported/Reported

  • Oracle instances (9i, 10g, 11g) running on any operating system (i.e. Sun Solaris, IBM AIX, and HPUX)

SAN/NAS Collector

Auditor Console: Installation System

  • No specific pre-requisites
  • SMI-S credentials for target device(s)

Target Systems

  • SMI-S provider installed and configured

Supported/Reported

  • Supports any SMI-S compliant device (Netapp and EMC tested)
  • All "Block-Book" defined SMI-S Parameters

Unix Module

Auditor Console: Installation System

  • Microsoft .Net 3.0 to support Agent Manager

Target Systems

  • Shell-level access to each target system using a standard user account
    • The user account startup must be non-interactive. No user input is required to get to a standard shell command line.
    • When the user account on the target system is a member of group sys, more configuration data can be reported.
    • When the root password is provided, the user account is used to make the initial connection and the /bin/su command is issued to become root. If the root password is not provided, only the data available to the user account can be reported. You can set up and use SUDO for collecting the data available to root.
    • Each target system must support ssh (preferred) or telnet communications

Supported/Reported

  • Solaris 8, 9, 10
  • HPUX 11, 11i
  • AIX 4.3, 5.1, 5.3
  • Red Hat Enterprise Linux 2.1, 3.0, 4.0, 5.0 (AS/EW/WS)
  • Red Hat Linux 9
  • Novel SuSE Enterprise Linux 9.x, 10.x
  • openSUSE 10.2
  • CENT OS 5.1
  • Fedora 5, 6, 7, 8
  • Linux Oracle EL 5


VMware Module

Auditor Console: Installation System

  • VMware VmCOM Scripting API
  • Read access to the VMware ESX Server

Target Systems

  • VMware VmCOM Scripting API

Supported/Reported

  • VMware Servers ESX 2.5, ESX 3.0.x, ESX 3.5 , ESX 4.x , ESX 4.xi

Windows Module

Auditor Software: Installation System

  • NetBIOS (over TCP/IP) protocol support
  • Microsoft .Net 3.0 to support Agent Manager
  • To collect and report domain and system level information completely in one report:
    • Client for Microsoft Networks
    • RPC Service

Target Systems

  • Remote Registry Service enabled
  • RPC Service
  • WMI Service
  • Server Service enabled
  • File & Print sharing for Microsoft Networks protocol enabled
  • NetBIOS (over TCP/IP) protocol support or Active Directory
  • To collect and report domain and system level information completely in one report:
    • Client for Microsoft Networks
    • RPC Service
  • Domain, Local, or Enterprise Administrator permissions for all the domains containing systems you want to collect
Note: To report on machines in WorkGroups, you must have an administrator account on all machines to be reported that matches the login/password of the domain administrator account of the domain in which the machine with the software is installed.

Supported/Reported

  • Windows XP (SP1, SP2, SP3)
  • Windows 2000 (SP4)
  • Windows 2003 (Gold, SP1, SP2)
  • Windows Vista (Gold, SP1, 64bit SP1)
  • Windows 7
  • Windows Server 2008 (Standard, Standard 64 bit, Enterprise, Enterprise 64 bit, DataCenter, DataCenter 64 bit)
  • Windows Server 2008 R2
Retrieved from "http://www.ecora.com/wiki/index.php/Specific_Module_Requirements"
Personal tools