It describes how to set the auditing indicator to be used in security auditing.

In addition, it is not required to set auditing indicator when the recommended auditing indicator provided by Systemwalker Desktop Patrol is not to be modified.

The procedure is as follow.

1. Log on to the AC menu.

2. Click Setup of Report.

   The following window will be displayed.

   

3. Click the Security Auditing button, and the Security Audit Set window will be displayed.

   

4. Select the Audit Pointer to be modified, and click the Set button of Audit Pointer.

   To newly define the auditing indicator, select For User Definition. To edit the recommended indicator, select Information Disclosure or Vulnerability Countermeasure.

   In addition, the setting of each auditing item is selected by combination of operation method and environment.

   The Audit Pointer Setting window will be displayed.

   

   Set the following information, and click the OK button.

   Item		Description
   Audit Pointer Name		Set the name of auditing indicator. Up to 16 fullwidth characters or 32 halfwidth alphanumeric characters and symbols can be set.
   Not as Output Object of Security Auditing Report		Select when not to output security auditing report.
   As Output Object of Security Auditing Report		Select to output security auditing report.
   Level of Section as Aggregation (Note 1)		Not specify or select from level 1 to level 9.
   Audit Item	HW	Select it when BIOS status is included in the output item of security auditing report.
   	OS (System)	Select it when status of OS settings related to the system such as logon status and settings of automatic update are included in the output item of security auditing report.
   	OS (User)	Select it when status of OS settings related to use such as screen saver is included in the output item of security auditing report.
   	Internet Explorer	Select it when the setting status of security zone status of Internet Explorer is included in the output item of security auditing report.
   	Windows Update Program (Note 2)	Select it when the setting status of patch installation such as OS is included in the output item of security auditing report.
   	Anti-Virus Software	Select it when the setting status of installation status of anti-virus software and real-time search .etc is included in the output item of security auditing report.
   	Status of Anti-Virus Software Virus Pattern	Select it when the application status of virus patter is included in the output item of security auditing report.
   	Access Control	Select it when the application status of prohibition operation is included in the output item of security auditing report.
   	Introduction of Audit Software	Select it when the setting status of auditing software installation status is included in the output item of security auditing report.
   	Application	Select it when the setting status of application such as Google Desktop function and firewall settings are included in the output item of security auditing report.
   Detail		Display the window to set whether to output the auditing for each item. For setting items, refer to "Items of Auditing Indicator".

   Note 1) It is the section level when aggregating sections with high achievement rates and sections with low achievement rates.

   In the following example, when the second level is specified as the section level, the unit displayed as section is as follows.

   • Upper-level section

   • General section (including subordinate sections)

   In the "General Section" of the second level, the PC under the "Business Division", "Finance Division", "Administrative Affairs Division" and "General Affairs Division" will be aggregated and sections with high achievement rates and sections with low achievement rates will be judged in the aggregation content.

   In addition, for the "Software Unit", "Hardware Unit" and "Management Unit" in the higher level than the second level, it will be aggregated as one section of "Upper-level Section", and sections with high achievement rates and sections with low achievement rates will be judged in the "Upper-level Section".

   

   In addition, if no level has been set, all sections will be targets of sections with high achievement rates and sections with low achievement rates. In addition, for PC without configuration, no judgment of sections with high achievement rates and sections with low achievement rates will be included.

   Note 2) Select the patch installation status using the patch distribution information managed by Systemwalker Desktop Patrol. In addition, for the patch to be selected, it is required to select automatic patch installation Distribution > Security Patches Distribution window in the main menu. For the patch without selection of automatic patch installation, it will not be selected.

   If automatic patch installation is not executed, set Not as Auditing Target in the Details window.

   If all patches included in the patch distribution information are installed to PC, this PC will be processed as the PC whose patch installation is OK. Even if one patch is not installed, it will be processed as the PC of ERR. The patch is not installed can be confirmed from the window of Systemwalker Desktop Patrol.

   For information on how to confirm the patch not installed, refer to "3.2.1 View Inventory Information".

   To modify the output standard of each auditing item, select each auditing item and click the Details button. The following is the window when Hardware is selected.

   

   Set the following information, and click the OK button.

   Item		Description
   BIOS Startup Password		For the startup password of BIOS, select when setting the output to report.
   BIOS Setup Password		For the setting password of BIOS, select when setting the output to report.
   BIOS Hard Disk Password		For the hard disk password of BIOS, select when setting the output to report.
   Settings (Note)	No Output Target	Select when the selected items are not taken as output target.
   	Output Target	Select when the selected items are taken as output target.
   	Items Judged as OK	For Unable to Collect, Not Set and Has been Set, l select the items that are judged as OK.

   Note) Setting of judgment standard can be set for each auditing item of Access Control Status.

   Set the auditing items apart from Hardware in the same way.

   In addition, Item Name displayed in the setting window may vary depending on the item of auditing indicator. For other auditing items, refer to "Items of Auditing Indicator".

5. To modify the threshold value of auditing result, click the Modify button of Threshold for audit results.

   In the Threshold setting of audit results window, the output standard of icon can be modified.

   

   Set the following information, and click the OK button.

   Item	Description
   Threshold value of Sunny icon	Only single-byte number can be set. The initial value is over 90%.
   Threshold value of Overcast icon	Only single-byte number can be set. The initial value is over 70%. Set a value that is smaller than the threshold value of Sunny.
   Threshold value of Rainy icon	Only single-byte number can be set. The initial value is over 50%. Set a value that is smaller than the threshold value of Overcast

   Save the icon to the following folder and the icon can be modified.

   Registration folder of image file

   AC installation directory\images

   Image file/file name

   Image File	File Name
   	best.bmp
   	better.bmp
   	bad.bmp
   	worse.bmp

   Size/Format of image file

   	Size/Format
   Width	82 pixels (Note)
   Height	36 pixels (Note)
   Format	bmp format

   Note) when the image file of a different size is used, displayed as the above size.

   Point

   Modification of image file

   • The modification of image file is only effective in the modified AC terminal. To unify image files in all AC terminals, replace the image file of all AC terminals.

   • There are following methods to restore image file.

     • Before modification, when avoiding the icon of product, configure the avoided product icon to the registration folder again.

     • Before modification, when the icon of product is not avoided, delete the icon after modification and re-install the AC of this product. (it is not need to uninstall since it is overwriting installation)

   • When the image file is displayed as blank, reasons such as files being damaged or insufficient should be considered. When it is displayed as blank, check the saving target of icon and restore through preparing a new image or restoring the above image file.

It describes the items of monitoring indicator.

For content of each item, refer to "3.2.6 View Security Information".

For the following items, whether the auditing report will be output as output target of auditing report can be set in each item unit.

HW (Note)

Note) In case of virtual PC, since the hardware is Unable to Audit, the Hardware Type will be displayed as Virtual PC, and Hardware will be displayed as - in the report.

OS (System)

OS (User)

Internet Explorer

Introduction of Audit Software

Windows Update Program

Anti-virus Software

Status of Anti-virus Software Virus Pattern

Access Control

It can be used after Systemwalker Desktop KeeperV13.0.0 or later has been installed.

Application

For the settings of whether to perform auditing of each auditing items, refer to "4.2.2.1 Set the Auditing Items of Security Settings".

In addition, the auditing result output in the security auditing report is consistent with the auditing result in the diagnosis result of operation settings (security auditing). For judgment method, refer to "Diagnosis Result" of "4.3.1.2 Structure of Security Diagnosis Result Window".

For PC imported through linking with other products of Systemwalker Desktop Patrol, the auditing result is as follows.

• Auditing items that are judged as OK

  Import Auditing Software
  Windows Update Program

• Auditing items that are judged as ERR

  Anti-Virus Software
  Virus Pattern Status of Anti-virus Software

• Items except the above

  Judged as OK.