SecurTrac Administration Guide

Configure SecurTrac Database ACL Settings

When SecurTrac^TM starts up for the first time, SecurTrac^TM will create two databases, the SecurTrac^TM Configuration database (SCTCFG.NSF) and the SecurTrac^TM Log database (SCTLOG.NSF). The SecurTrac^TM Web Services Database (SCTWsif.NSF) will also be created.

Refer to the document titled "ACL Settings for the SecurTrac databases>> for more information relating to the default ACL settings of these databases.

Configure ACL settings for the SecurTrac^TM Configuration database (SCTCFG.NSF)

Add any additional administrator(s) or security officer(s) to the ACL and grant them Editor access.
Review other existing ACL entries and remove those that are not required.

Note: In some organizations, Lotus Notes administrators do not participate in security auditing. The security auditing is sometimes maintained by the Security Officer.

Configure ACL settings for the current SecurTrac^TM Log database (SCTLOG.NSF)

Add any additional administrator(s) or security officer(s) to the ACL and grant them Reader access.
Review other existing ACL entries and remove those that are not required.

Note:

Normally nobody should have rights to modify the SecurTrac^TM log database content.

When the SecurTrac^TM log database grows to a certain size (default is 2GB), SecurTrac^TM will create a new log database automatically. (Refer to Appendix - Advanced Notes.ini settings

Database 'SecurTrac Admin Guide', View 'd. Printed Book', Document 'Advanced Notes.ini Settings'

for information about changing the database size parameters). A new SecurTrac^TM log database will be created based on the SecurTrac^TM log template(sctlog.ntf).

Configure ACL settings for the current SecurTrac^TM Web Services Database (SCTWsif.NSF)

This database is required for users to access SecurTrac logs via the SecurTrac Plug-in for Lotus Notes 8. Users who will be using the SecurTrac Plug-in should have Reader access to the database.
Review other existing ACL entries and remove those that are not required.

Configure ACL settings for the current SecurTrac^TM Mail Policy Log Database (SCTPOLICYLOG.NSF)

Add any additional administrator(s) or security officer(s) to the ACL and grant them Reader access (view only).
Add any additional administrator(s) or security officer(s) to the ACL and grant them Editor access (view and release e-mail).
Review other existing ACL entries and remove those that are not required.

Configure ACL settings for the current SecurTrac^TM SecurTrac Quarantine Database (SCTQUAR.NSF)

Add any additional administrator(s) or security officer(s) to the ACL and grant them Reader access.
Review other existing ACL entries and remove those that are not required.

Configure ACL settings of SecurTrac^TM Log database template (SCTLOG.NTF)

Add any additional administrator(s) or security officer(s) to the ACL and grant them Reader access.
Review other existing ACL entries and remove those that are not required.

Note:

Normally nobody should have rights to modify the log database template.
In the SecurTrac^TM log template database(sctlog.ntf) Please note that the default ACL entries should have a pair of square brackets around them. Those entries will be copied over to the ACL of the newly created SecurTrac^TM log database.

-------------------------------------------------------------------------------------------------------------------------------------------