IBM Domino Administrator 9.0.1 Social Edition Help

ADMINISTERING

Security probes
Create a security probe to assess the overall security of servers and databases in a domain. When a security probe finds a problematic database or server configuration, it generates an event.

Do not set the severity levels for the Security -- Configuration probe; severity is assigned during runtime. The severity level is calculated during runtime based on the number of potential problems found. Severity level is a percentage-based score that is calculated for each Server document and Server Configuration document that is probed. The percentage breakdown and matching severity level is as follows:

Table 1. Percentage and security level

Percentage Severity level

0.00 Normal

< = 50% Warning (low)

> 50% Warning (high)

The Best Practices probe reports on the first 25 Person documents that do not comply with the probe configuration settings. You can use the NOTES.INI setting DDM_SECPROBE_PERSONDOC_LIMIT=NumberOfPersonDocsReported to report on a maximum of 250 Person documents, or you can set it to report on less than the default 25 Person documents. The minimum setting is 0 (zero), in which case, no Person documents are reported but a summary report is generated indicating the number of Person documents that do not comply with the probe specification. The probe stops reporting at 25, or at a number of Person documents that you specify, but the probe continues to review the remaining Person documents.

Table 2. Security probes you can define

Security probe name Description

Security -- Best Practices Compares a set of baseline security configuration settings to the same settings in a domain. This probe is a "Best Practices" security audit of the domain.
Note: To create your own Best Practices probe, modify the security configuration settings on the Specifics tab.

Security -- Configuration Compares settings in a specific Server document to settings in a specified "good" Server document. Any discrepancy generates an event.

Security -- Database ACL Monitors the access control privileges that groups and individuals have in specified databases on the server running the probe. You designate the acceptable access levels on the Specifics tab.

Security -- Database Review Reviews the security properties for a specified database and generates a report on the probe findings.

Security -- Review Generates a report on the security settings specified in the Specifics tab of the Probe document. You have the option of selecting the Directory Profile Note and the Security settings in my configuration document options if you want the settings in those documents reviewed by the probe.

Related concepts
Maintaining DDM Probes
DDM probes

Related reference
Show Schedule

Feedback on Help or Product Usability?

Help on Help

All Help Contents

Feedback on Help or Usability?

Help on Help

All Help Contents

Percentage	Severity level
0.00	Normal
< = 50%	Warning (low)
> 50%	Warning (high)

Security probe name	Description
Security -- Best Practices	Compares a set of baseline security configuration settings to the same settings in a domain. This probe is a "Best Practices" security audit of the domain. Note: To create your own Best Practices probe, modify the security configuration settings on the Specifics tab.
Security -- Configuration	Compares settings in a specific Server document to settings in a specified "good" Server document. Any discrepancy generates an event.
Security -- Database ACL	Monitors the access control privileges that groups and individuals have in specified databases on the server running the probe. You designate the acceptable access levels on the Specifics tab.
Security -- Database Review	Reviews the security properties for a specified database and generates a report on the probe findings.
Security -- Review	Generates a report on the security settings specified in the Specifics tab of the Probe document. You have the option of selecting the Directory Profile Note and the Security settings in my configuration document options if you want the settings in those documents reviewed by the probe.