WelcomeEnterpriseSmall BusinessHome & Home OfficePartnersAbout Symantec
June 17, 2002
Intruder Alert 3.6 ITA Agent Status Policy Update

This is an enhanced version of an existing Intruder Alert 3.6 policy. This version is updated to work with Windows 2000 agents. It supersedes the original that shipped in Intruder Alert 3.6, located in the 'Generic' section of the 'Configure to Detect' policy category in the Intruder Alert Policy Library.

Download ITA Status Policy Update

Affected Platforms

All Agents

Description

The ITA Agent Status policy alerts administrators if Intruder Alert Agents are down. It does this by raising a global flag, which generates a response from all live agents.

Policy rules include:

  • Agent OK
    Each Agent that raises the global flag will trigger this rule and record it to ITA Event Viewer. For example, if 100 Agents are registered to the Manager and they are all online, 100 events will be displayed in ITA Event Viewer. Security administrators may wish to disable this rule if they are only interested in knowing which Agents are having problems.

  • Agent Could Be Down
    If an Agent fails to raise the flag, this rule will report it to ITA Event Viewer.

  • Start Timer on Mgr's Agent
    This rule automatically starts a timer on the Manager's Agent when this policy is either modified or applied, or when the Agent is restarted. The timer is set to start after five minutes (to give the Manager time to update the Agents). Afterwards, it is set to repeat every two hours. You may change the repeat time to accommodate your site's requirements.

    Note: If you rename the policy, you will also need to change the policy name in the 'Select\Auto Start' section of the rule.

  • Raise Flag on Mgr's Agent
    When the timer expires, this rule raises, then immediately lowers a global flag, which requires communication with all agents.

  • Agent Not Updated
    Detects Agents that cannot receive updates (policy applied, removed, or changed).

  • Agent Restarted
    Detects when Agents are restarted, due to either a system reboot or a service/daemon restart.

Configuration

To configure the policy, you must specify the name of Manager's Agent in the policy. To do this:

  1. Navigate to 'ITA Agent Status\Rules\1. Start Timer on Mgr's Agent\Select\Name of Mgr's Agent.'
  2. Click the 'Edit List' button in the right-hand pane.
  3. Change 'zeus' to the name of your Manager's Agent.
  4. Apply the policy to a domain containing all Agents, such as "Default - All Agents" domain.

    Note: If you want the policy to only generate a message if an Agent is down, disable the "Agent OK" rule.

Last modified on: Monday, 17-Jun-02 12:34:38
Site Map · Legal Notices · Privacy Policy · · Contact Us · Global Sites · License Agreements
©1995 - 2008 Symantec Corporation