...
You must configure Sophos Enterprise Console to work with the event collector by following the steps below.
Anchor readonly readonly Create a read-only database user account for Microsoft SQL Server.Anchor mixedauth mixedauthSet the Microsoft SQL server security mode to mixed authentication.
readonlywinAnchor readonlywin Create a read-only database user with Windows Account for Microsoft SQL Server.
Anchor nondynamic nondynamic Configure the SQL Server instance to listen on a non-dynamic port.anchorssl ssl Configure an SSL connection for the Microsoft SQL Server JDBC driver.Anchor sensor sensor Configure the sensor properties for Windows user accounts.
I.
Anchor | ||||
---|---|---|---|---|
|
...
GRANT SELECT ON vThreatEventData to 'account_name';
go
quit
II. Set the Microsoft SQL server security mode to mixed authentication.
To set the Microsoft SQL server security mode to mixed authentication, follow the steps below.
...
On the left pane, right-click the appropriate server, and then click Properties.
In the Server Properties window, select Security.
In the Server Authentication section, select SQL Server and Windows Authentication mode.
Click OK and then click Close.
III. Create a read-only database user with Windows Account for Microsoft SQL Server.
To create a read-only database user with Windows Account for Microsoft SQL Server, follow the steps below.
...
Open SQL Server Management Studio.
Login to the SQL Database with Admin privileges.
In Object Explorer, expand the Databases folder. Expand the database in which you want to create the new database user.
Right-click the Security folder, point to New, and select Logins….
In the Database User – New dialog box, on the General page, select Windows Authentication.
In the User name box, from the User type list, select Windows user. You can also click Search (…) to open the Select User or Group dialog box.
In the Default Database box, specify the database that will own objects created by this user.
On the User Mapping page, select the databases that this login can access. When you select a database, check the Map check box.
Specify a database user to map to the login. Provide the username you created in the above steps.
Specify the default schema of the user. When a user is first created, its default schema is dbo.
From the Database role membership for Database drop-down list, select db_datareader.
Click Ok.
IV. Configure the SQL Server instance to listen on a non-dynamic port.
To configure the SQL Server instance to listen to network requests on a non-dynamic port, follow the steps below.
...
In TCP/IP Properties, on the IP Address tab, make sure that Active and Enabled are both set to Yes.
Make sure that TCP Dynamic Ports is blank for the IP address that the collector connects to.
Make sure that TCP Port contains the value 1433 for the IP address that the collector connects to.
V. Configure an SSL connection for the Microsoft SQL Server JDBC driver.
Note: This step is needed only if Secure Sockets Layer (SSL) connection is a requirement.
...
6. Restart the SQL Server. Click SQL Server Services and then right-click SQL-SERVER and Restart.
VI. Configure the sensor properties for Windows user accounts.
Note: To set up Windows Authentication with Accenture security database event collectors, you must use off-box collection. You cannot use this setup with on-box collection.
...