Sourcefire access control policy and intrusion policy
hi.
i have a question.
what is the diffrerence between access control policy and intrusion policy.
The access control policy is where you'll apply your different intrusion policies to different pieces of your traffic flow. You can also apply "content" filtering, access restrictions, monitoring, and file inspection.
The intrusion policy is where you configure rules that you will apply to traffic in your access control policy.
Similar Messages
-
Windows server 2008 can't access control panel and can't choose "properties" under "my computer"
Hello everyone!
Today after a schedule restart on the night I thought everything was normal with my server. But When i go to "start -> control panel" it show me "empty". And if I try to lunch "change/remove software" via search window in
"start" then nothing happen.
I know also that I can't right click on "computer" and choose "properties" in the start-menu.
Also another problem. I did install Fbackup to make schedule file backups on the night. The software worked well to launch when I had installed it, but after the night, this morning it just crash on launch.
I can also tell that I did add from 4 CPU core to 6 CPU cores.Hi,
Have you tried to see if the issue persists when you boot into Safe Mode? Since you it shows blank when accessing Control Panel, please check if the policy setting below has been
configured.
Please choose Start – Run - type (gpedit.msc) - click on (Administrative Templates) - (control Panel) -
Prohibit access to Control Panel and Show only specified Control Panel applets. If they were configured, please disable them to see if it could resolve the issue.
In addition, the issue may also be caused by the virus, please run a system scan to see if there is any virus. At this time, you can also launch Control Panel apps from the command
line, and here's a list of .cpl files for your reference that you can print out:
Accessibility Options
access.cpl
Add/Remove Programs
appwiz.cpl
Add Hardware Wizard
hdwwiz.cpl
Automatic Updates
wuaucpl.cpl
Bluetooth Properties
bthprops.cpl
Display Properties
desk.cpl
Firewall Properties
firewall.cpl
Game Controllers
joy.cpl
Internet Options
inetcpl.cpl
iSCSI Initiator
iscsicpl.cpl
Java Control Panel
jpicpl32.cpl
Licensing Mode
liccpa.cpl
Mouse Properties
main.cpl
Network Connections
ncpa.cpl
Network Setup Wizard
netsetup.cpl
ODBC Properties
odbccp32.cpl
Power Options
powercfg.cpl
Regional and Language Options
intl.cpl
Sound and Audio Devices
mmsys.cpl
Stored Passwords
keymgr.cpl
System Properties
sysdm.cpl
Telephone and Modem Properties
telephon.cpl
Time and Date Settings
timedate.cpl
User Accounts
nusrmgr.cpl
Windows Security Center
wscui.cpl
Wireless Link
irprops.cpl
Hope this helps.
Regards,
Andy Qi
Andy Qi
TechNet Community Support -
GRC Access Control licensing and Sizing
Dear All,
I am putting up a proposal for GRC Access Control. Could someone please help me with the calculation of licensing cost and the hardware requirements?
1. Is the license cost totally driven by revenue ?
2. Is there a flat base price plus number of user accounts?
3. What sort of hardware config is required?
Thanks,
AjPlease ask your SAP account contact for pricing information.
Frank. -
Access controll Logs and DNS entries
Hello there,
We have upgraded from Border Manager 3.5 to Border Manager 3.8 SP4 on
new hardware. Everything runs fine except a little niggle. When we
view the Access Control logs now all we see is IP addresses there are
no host names. In real time monitoring we can click on DNS Host Name
and get some of the names but most come back Unknown. Under the logs
themselves the DNS host Name option is grayed out. Have I messed up
the configuration in some manner?
DanThanks Craig, We are indeed runing the transparent proxy. Is this a
change between 3.5 and 3.8? When we ran the transparent Proxy under
3.5 we were able to see the URL's.
On Tue, 17 Jul 2007 21:36:53 GMT, Craig Johnson
<[email protected]> wrote:
>In article <[email protected]>, Dan Larson
>wrote:
>> When we
>> view the Access Control logs now all we see is IP addresses there are
>> no host names. In real time monitoring we can click on DNS Host Name
>> and get some of the names but most come back Unknown. Under the logs
>> themselves the DNS host Name option is grayed out. Have I messed up
>> the configuration in some manner?
>>
>If you have transparent proxy working, you will get IP addresses of
>hosts instead of URL's.
>
>If you are not using proxy authentication, you will get IP addresses of
>user PC's instead of user names.
>
>Craig Johnson
>Novell Support Connection SysOp
>*** For a current patch list, tips, handy files and books on
>BorderManager, go to http://www.craigjconsulting.com ***
> -
Timed Access controlling Main and Guest Network
I have a Time Capusle 4G running software v7.5.2. I am running a Guest Network as well as a closed network.
In the Timed Access window i have default set to "no access". Then, all the computers that are allowed access to the main network are on the list. My guest network is broadcasting but when a user tries to connect to it, they get an "Unable to connect" message. If I change the default access in Timed Access to "Everyday", users are then able to connect to the Guest network again.
Obviously, this is a bug/missing feature and has been for several software revisions. I don't want people accessing the main network that aren't on the timed access list. However, I still want guest users to access the Guest Network, without using MAC address filtering on the Guest Network.
It looks to me that the Timed Access window is controlling the restriction of the Guest and Main network. Which renders the Guest Network feature pretty much useless.
Hopefully this will be addressed in the near future. If other people are experiencing this problem, Please let me know.
-GhostIt looks to me that the Timed Access window is controlling the restriction of the Guest and Main network.
Your observation is correct. Access control using Timed Access is an ALL or NOTHING feature for both the Main and Guest networks. The Guest network is basically a VLAN function. -
Hi,
On Lync server 2013 we are trying to disable the option to change the photo on lync client, the global policy has been set to display only AD photos, this didn't work so we create a client policy with the same setting and applied to users but is not working.
Is there something that we are missing?
Regards.So you mean to say the "Edit or Remove Picture" button is active on the Lync client and you want to disable it?
AFAIK, The button is active if you are on Exchange 2013. Is this true for you?
If Yes, maybe you can try this on your Exchange Shell.
Set-OwaVirtualDirectory -identity "owa (Default Web Site)" -SetPhotoEnabled $False
Note: If you find a post informative, please mark it so using the arrow to the left. If it answers a question you have asked, please mark the thread as answered to aid others when they are looking for solutions to similar problems or queries. <p>-------------------------------------------------------
</p> <p>The opinions expressed here are solely my own and do not express the views or opinions of my employer.</p> -
Custom User Groups in GRC Access Control Risk and Remediation 5.3
Hi all,
Does anyone know how I can mass upload assignments of users to custom user groups in R&R?
We have a requirement to group users in a different way to the SAP user groups so I wanted to create new 'custom' user groups in R&R and allocate specific users. We're talking about 3000 users so I can't do it manually.
Regards
AmirHi Amir,
I don't think there is direct way to do this. You might be able to pull this off by going through the back-door (database update). Talk to SAP support about this and they should be able to provide you with the tablenames which gets affected by users and user groups upload.
Regards,
Alpesh -
How to activate control center and notification center in ios 8.1.3
I have iPhone 5s whit iOS 8.1.3, sometimes I can't access control center and notification center by sliding up or down on screen till I turn my device off and then turn it on. What is the problem?
Is it a bug in this version of iOS??? :-OGo to Settings > General > Restrictions, make sure "Deleting Apps" did not get turned off.
If it is not a restrictions problem...
Try resetting:
Hold both the home and power buttons at the same time until the Apple boot logo appears. No data will be lost. -
What is better for security? WPA2 or Access control
I have a Airport express and 2 computers; a Mac and a PC.
When it come to securing your wi-fi connection so you don't get unauthorized clients on your network.
What is better
A- Just using encryption like WPA2 or some other password based system or
B- Just entering the "Airport ID" (MAC) of the computers I want to authorize in my network on the Access control panel.
Seems to me like the later is easier on the clients since they don't need a password or anything, It's completely transparent for the client. And I believe encryption slows down the connection a bit and create overhead for the computer. But maybe I don't have the full picture of the situation.
Is there anybody who can illuminated this subject for me?
thanks
PowerBookG4 Mac OS X (10.3.9)WPA2 is virtually uncrackable only really vulnerable if you use a real word as a password.
When using access control, MAC addresses are sent unecrypted can be read and spoofed and therefore do not add any security.
Unfortunately "Closed" networks, MAC access control lists, and reduction in transmission power are all more "feel good" security rather than real security. All these various approaches are dated and mistakenly lead to overconfidence.
WPA is your friend if you value wireless security. -
Integrating with external access control system
Hi,
I am new at the network but have read a lot recently about the above subject as much as I could. However, I am a bit mixed up at something. I understand in order to update SAP HR module with employees time and attendance logs I need to interface with a certified PDC interface => (SAP ECC - PLANT DATA COLLECTION - TIME & ATTENDANCE AND EMPLOYEE EXPENDITURES (HR-PDC)
I wish to develop a system that updates the the SAP HR with employee attendance logs. In addition I also wish enroll new employees into my access control system database by polling the SAP HR database.
Now my question is if I use .NET connector:
1. Does the connector it include functions that can help with the above requirements?
2. Is the use of PDC interface here still a must?
ThanksFor time management with the help of transaction pt80 you can download the information about employees with the help of idoc. And there are some programs a.k.a connectors that link access control systems and SAP so that you do not hire the same employee in the access control problem. You hire the employee in SAP and SAP sends the information (HR Minimaster DATA) to the related program.
It is also do the same thing for the employees who resign. I mean if an employee is fired or resigned from the company than it is sent to the related system.
These can be found under PDC integrated systems. You can find information about the systems from Ecohub. http://ecohub.sap.com/
I hope this answer will help. -
Access Control functionality in Oracle workflow
Hi everyone,
I am doing research into access control models and workflow systems (separation of duty policies in particular). As far as I could tell, Oracle Workflow does not provide much in terms of securing access to data in a workflow process (except from the normal login authentication of course).
One usually assigns a task's performer to a CONSTANT role from your database roles so that only certain users will have access to that task. This is not always enough though, especially when the role-hierarchy is not properly contructed and maintained. So, I've been working on a few scripts to dynamically prevent users from receiving tasks on their worklists based on their previous participation in the process (e.g. to prevent a manager from approving his own leave application).
I was just wondering if anyone else have been working on access control in Oracle Workflow. Is there any built-in functionality that I missed that controls task-user assignment?
Thanks,
CarmenThank you very much Sirish for your help.
We are facing huge performance issues while Risk Analysis with Oracle Application servers through Greenlight Adaptor - its taking around 10 hours for 3000 users. Can you please point out what can be the possibilities and how can we trace out exact root cause and then solve it.
This is happening on GRC AC 5.2 SP10 and GRC logs doesn't say much , it just gives output taken 12 secs for one user Risk Analysis.
Here is our understanding on how GRC does Risk Analysis and our observations on our systems -->
1. GRC asks for 1 user details at a time from Oracle Application Server - please confirm does GRC do Risk Analysis for one user at a time or a bunch of users?
2. Oralce App server get details of that user and sends back results to GRC.
3. Now there is a wait time for around 3 secs before Oracle Server gets request for the second user. 3 sec for one user means 2.5 hours of wait time for 3000 users. We are not able to understand why Oracle Server needs to wait for next user request from GRC?
Would highly appreciate if you can share your experience on GRC Risk Analysis with Oracle (Greenlight Adaptor) and with SAP systems.
Best Regards
Davinderpal Singh -
Access Control 5.3 RAR - BW Reporting 0GCC_UPV
Hi experts,
I have activated the SAP GRC Access Control content and everything works fine so far. However, I can't report risks by users properly, as mitigated controls are not taken into account in cube 0GCC_UPV. Mitigated users are stored in 0GCC_MTUS.
Has anyone experience with this ? Of course we want to report on users which are not mitigated and still have risks.
The query select * from virsa_cc_prmvl on Java Stack says that MITREFNO is always empty. However, there is the possibility on the java stack to report on users and select/deselect mitigation. I don't believe they join two tables during runtime !
Any help is appreciated !
Thanks,
MaxHi Annie,
For your first question check this thread -
GRC 5.3 Zero Violations & unable to exclude critical profiles
Question 2:
When I change the background job parameters for Batch Risk Analysis with specific usergroup and specific role range, why it doesnt reflect in the mgt view->risk violations? it still show me all the users in the systems and not the range of users that i specified.
As per my uderstanding mgt-risk violation will show you the results based upon the selected criteria in the view and not based upon the background job you selected. Once Full Batch Risk Analysis is done, the data is there in GRC database. After that it keeps syncing each time you run a new batch risk analysis and adds any new changes.
Showing in mgmt report is based upon what you select to see.
Regards,
Sabita -
Home Hub 3 Access Control not working
Not sure if anyone can help with this, but here goes!
I have access control enabled on my HomeHub 3 which should stop my daughter from using the Internet between 9:00pm and 3:00pm - it seems to be working in as much as she isn't able to access the internet from her laptop from the time she gets up until 3:00pm, but it doesn't stop her using the internet at 9:00pm, in fact she can still quite happily access the internet up until 10:30 or even later.
I have tried restarting the hub, switching access control off and back on and delting and re-instating the device block but none of these seem to work properly, so any advice would be gratefully received.
I'm also having problems with wireless connectivity, but I've put that in a different post as I think it probably needs different expertiseIt could be because the time on the hub is an hour slow because it has not updated to BST. This is a known problem which BT were going to sort out within a few days! See here and elsewhere in these forums: http://community.bt.com/t5/Other-BB-Queries/Clocks-Forward/td-p/448429.
Pending resolution of the problem, putting the Access Control times back an hour might do it. (It has been reported that the alternative of setting the time manually can result in the hub not keeping time very well.)
You can click the white star next to this message if you think it was helpful. -
Integrating SAP HCM with third party Access Control System
Hi Experts,
We have client using SAP HCM and intend procuring an Access Control Solution to manage her people.
What the client wants to avoid though is having to create a new employee in SAP HCM and manually creating same in the Access Control Software. Is there a way this can be automated such that upon recruitment of new staff, the data is updated in the Access Control DB which uses MS SQL? If this is possible, what is required to get this working well.
Thanks for your support in this regard.
Regards
JohnFor time management with the help of transaction pt80 you can download the information about employees with the help of idoc. And there are some programs a.k.a connectors that link access control systems and SAP so that you do not hire the same employee in the access control problem. You hire the employee in SAP and SAP sends the information (HR Minimaster DATA) to the related program.
It is also do the same thing for the employees who resign. I mean if an employee is fired or resigned from the company than it is sent to the related system.
These can be found under PDC integrated systems. You can find information about the systems from Ecohub. http://ecohub.sap.com/
I hope this answer will help. -
Access Control Context in Engineering Record screen
Hello Gurus,
I need to remove the Access Control Context and Owning Tet field from the PLM Engineering Record screen. Is it possible to do with configuration to hide these fields?
I removed from "Specify Object Types for PLM Authorization check".
Kindly advice.
Thanks & Regards
JoHi Jo ,
You cannot hide it via configuration as access control context is coming from component reuse . I created it while my team was developing PLM ECR in SAP Labs India.
One possible approach is to do a custom development to hide this field .
Thanks & Regards,
Abhishek.
Maybe you are looking for
-
Item Conversion Template Issue for Oracle Migration - Copy functionality
Hi, I am working on Migration project which is from Radius ERP to Oracle 11.5.10.2. Currently working on Item Conversion. This Item conversion having the fileds like (ORGANIZATION_ID,SEGMENT1,DESCRIPTION,ITEM_TYPE,COST_OF_SALES_ACCOUNT,SALES_ACCOUNT,
-
Incorrect and Un-Changeable 'Video Kind' for Videos Purchased From iTMS
Since I can't seem to find any other way to contact Apple except through paid support channels, their suggestion is to post something here. Hopefully this re-wording of other posts I've read will shed more light on the problem. To Apple: Some videos
-
How do I enter a data to B1 form via windows form?
I'm trying to add the data from a windows form, to the SAP B1 form (e.g. Sales order), now i'm just trying 1 component only which is the CustCode. I've been thinking about this but i can't figure it out like how's the structure of the class I should
-
Is there a way to increase the font size for the "songs" and "artists" lists in the "music" app for iPad 2 (iOS 5)? It is smaller than the previous version.
-
Hello I hav e abig problem because in the company I work for is located in Cameroon. I use the french localization. They have VAT but alos another tax. This tax is based on the fiscal level of the customer. As teh VAT this tax is base don Total witho