Default Configuration of NAAS

NAAS is configured on a per-partition basis.

To automatically configure NAAS:

  1. In ConsoleOneTM, select a partition root object for configuration.

    2.

  2. Click Tools > Configure NAAS. A new dialog box to select a configuration task is displayed.

    NOTE:  The configuration utility can also be run by right-clicking the selected partition root object and selecting Configure NAAS.

    3.

  3. In the Select Configuration Task dialog box, select one of the following tasks > click OK.

    NOTE:  The following tasks should be performed in the same sequence as they are listed below.

    4.

Setting Up the NAAS Database

This utility should be run separately for configuring every database. Typically, one database should be configured for each partition.

NOTE:  Make sure you have completed the post-installation tasks (see Post-Installation Steps If You Are Using the Pervasive Database for details) before you set up the NAAS database.

  1. In the Select Configuration Task dialog box, select Set Up NAAS Database > click OK to display a dialog box to enter details about the database.

    2.

  2. Select the database type. NAAS supports both Oracle and Pervasive.SQL 2000.

    3.

  3. Specify the database (server) IP address.

    4.

  4. Specify a new password for the NAAS Super User.

    5.

  5. Re-enter the password.

    6.

  6. If the selected database type is Oracle, enter the database administrator name (DBA name) and the password (DBA password).

    Any Oracle* database will have the valid DBA name system and the password manager that is created during the database installation. You can use these values if necessary.

  7. Click OK to activate automatic configuration of the NAAS database.

    8.

  8. Continue with Setting Up the NAAS Agent.

    9.

Setting Up the NAAS Agent

This utility should be run separately for configuring every Audit agent.

  1. In the Select Configuration Task dialog box, select Set Up NAAS Agent > click OK to display a dialog box where you can select the host server.

    2.

  2. Click Browse > select the host server where you are setting up the agent.

    3.

  3. Click OK to activate automatic configuration of the NAAS Agent on the server you selected.

    4.

  4. Continue with Setting Up the NAAS Server.


Setting Up the NAAS Server

This utility should be run separately for configuring every Audit server. Typically, one or two servers should be configured for each partition.

  1. In the Select Configuration Task dialog box, select Set Up NAAS Server > click OK to display a dialog box where you can select the host server.

    2.

  2. Click Browse > select the host server where you are setting up the NAAS server.

    3.

  3. Click OK to activate automatic configuration of the NAAS server on the server you selected.

    4.

  4. Continue with Configuring the NAAS Framework.

    5.

Configuring the NAAS Framework

This procedure creates all policies, objects, and related templates with default values. These values should be modified based on the auditing requirements.

  1. In the Select Configuration Task dialog box, select Configure NAAS Framework > click OK to display the Select Auditor dialog box.

    2.

  2. Click Browse to select the user who will have Audit rights > click OK to configure the NAAS framework.

    The configuration is completed and you can modify the default values for the various components, if required (see Modifying Default Values).


    Default Configuration Performed by the Utility

    The Agent policy governs the functioning of the Audit agent. It contains various parameters that are used by the Audit agent to configure itself.

    A single Agent policy is configured for all the NAAS agents in the partition.

    The default values for the parameters of the Agent policy are given in the following table.

    Parameters Default Values

    Commit Period - Sets the time interval (in seconds) for periodic commits of the Audit agent's cache to the database.

    3600

    Commit Fragment Size - Specifies the fragment size (in bytes) of the commit. The commit data is divided into manageable blocks called fragments to send to the Audit server.

    2 KB

    Commit Compression - Select ON to compress the commit data before it is sent to the Audit server.

    ON

    Cache Size - Specifies the maximum size (in bytes) of the Audit agent cache. If the cache cannot be committed and reaches the cache size, no more data will be stored in the cache, and auditing will be suspended until data in the cache is committed.

    10 KB

    Cache Threshold - Specifies the threshold cache size (percentage of the cache size). If the Audit agent cache is utilized up to this threshold before the specified commit period, the Audit data will be committed automatically.

    90%

    These default values can be modified later using the modification procedure provided for Audit Agent Policy.

    After the automatic configuration of the Audit agent, the default configuration utility proceeds with the configuration of Audit server.

    The Server policy governs the functioning of the Audit server. It contains various parameters that are used by the Audit server to configure itself.

    A single Server policy is configured for all the NAAS servers in the partition.

    The default values for the parameters in the Server policy are given in the following table.

    Parameters Default Values

    Auditor Rights Recalculation Period - Specifies the time interval (in seconds) for recalculating audit trail rights of the Auditors connected to the Audit server.

    The Audit trail rights are calculated by the Audit server based on the eDirectory rights of the Auditor.

    The rights are recalculated periodically when the auditor is connected to the server for a long period of time.

    3600

    Database polling Period - Specifies the time interval (in seconds) for polling the database.

    If the database is down, the audit data is stored locally on the Audit server.

    Periodic polling of the database ensures that the data on the local machine is transferred to the database, once the database is up.

    900

    These default values can be modified later using the modification procedure provided for Audit Server Policy.

    After the configuration of the Audit server, the default configuration utility proceeds with the configuration of audited services.

    A default configuration is done for three audited services: eDirectory, NWFS (NetWare legacy file system), and NSS (Novell Storage ServicesTM).

    NAAS Event Policy Template objects are created for each of these services in the NAAS Container. This container will be present just below the partition root object. The names of the template objects are DSEventPolicyTemplate, FSEventPolicyTemplate, and NSSEventPolicyTemplate.

    IMPORTANT:  These objects should not be modified manually.

    An Event Policy object is also created in the NAAS container for each audited service. The names of these policies are DSEventPolicy, FSEventPolicy, and NSSEventPolicy. In these policies, the action flag for all the events is set to IGNORE by default, which implies that no event is being audited. These policies are made applicable to all the objects in the partition.

    Auditing for some events can be activated using the modification procedure provided for Audited Services.

    For more details about the various event policies and event policy templates, refer to Using Novell Advanced Audit Service.

    After the configuration of the audited services, the default configuration utility proceeds with the configuration of the Auditor.

    The NAAS Auditor is an entity that views the audit trail.

    The selected user is given the necessary rights for connecting to an Audit server and viewing the audit data for all the audited objects in the partition.

    These rights provided to the Auditor can be modified later using the procedure provided for the Auditor Rights.



Previous | Next