Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Words and Phrases
| Search for | Example | Results |
|---|---|---|
| A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
|
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Using Boolean Operators
| Search for | Operator | Example |
|---|---|---|
|
Two or more words in the same topic |
|
|
| Either word in a topic |
|
|
| Topics that do not contain a specific word or phrase |
|
|
| Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
| A combination of search types | ( ) parentheses |
|
Server configurations
The following best practices and examples illustrate ways that SA helps you manage server configurations in your facility:
Enforce security standards
Your IT organization typically has security policies that you must enforce. These policies verify whether your servers are correctly configured and are protected from security attacks. Your policy setter can create an audit policy to enforce these security standards. A pre-defined audit policy can be linked to multiple audits or snapshot specifications. Administrators who manage live servers can reference the correct audit policy to ensure their servers are being audited correctly.
Example: Your company has Solaris 10 servers that must be kept up to date with the most recent commonly known security vulnerabilities that are specified by Common Vulnerabilities and Exposures (CVE). Your company wants to make sure your servers are not vulnerable to a known threat to Solaris 10, such as CVE-2009-0168 (CVSS 4.9), which checks for an unspecified vulnerability in PPD File Manager (ppdmgr) in Sun Solaris 10 and OpenSolaris snv_61 through snv_106. By subscribing to the BSA Essentials Subscription Services, you have access to an online collection of compliances checks. You can use these checks to audit your Solaris 10 servers and verify whether they are not at risk to this security vulnerability. Your system administrator, who is responsible for defining compliance standards in your organization, can create an audit policy that contains the CVE-2009-0168 compliance check.
Best Practice: System administrators who are responsible for managing Solaris servers can create audits for their servers and then link their audit’s rules to this audit policy. When an audit links to an audit policy, any changes made to the policy are immediately reflected in the audit. Therefore, the person who runs the audits on the servers knows that the audit rules are always up to date. For example, if a new CVE update came out for Solaris 10 servers, the policy setter would update the policy and all audits that link to that policy will have the latest compliance checks. Knowing that her audit will always contain the latest vulnerabilities checks, the policy setter can schedule the audit to run regularly to check all of the Solaris 10 servers that she manages. If the audit results show that any of the target servers do not contain the new CVE security check, those servers can be remediated to fix the problem.
Capture and replicate golden servers
Sometimes a server becomes configured in such a way that is represents the ideal state of server configuration for a certain purpose in your facility. For example, if you want to set up a collection of servers that handle Web traffic, you might configure a single server that represents an ideal configuration—a golden server configuration—for a group of Web servers. After you configure this golden server, you can duplicate its configuration across a group of SA managed servers.
Example: You have a Red Hat Linux server that has a unique configuration of Apache Web Servers, and you want to duplicate this exact configuration across several other managed servers. Using Audit and Remediation, you can create an audit that uses the golden server as the source configuration. In the audit, you select those configurations to use to audit other servers, such as an application policy and specific application configuration rules. Select those servers as the target of the audit to be configured like the golden server. After you run the audit, you can remediate any target server's configurations that do not match the golden server. You can schedule the audit to run on a regular basis. If any server becomes non-compliant, you remediate it when it deviates from the golden server.
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to hpe_sa_docs@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: