The &aposdatabase&apos account is used by the Sophos Management Service (the process name is &aposmgntsvc.exe&apos) to connect to the database. During installation the account is written to the key shown below for the Sophos Management Service to use when connecting to the database. Console 5.2.2Enterprise Console 5.3.0Enterprise Console 5.3.1Enterprise Console 5.5.0Enterprise Console 5.4.0Enterprise Console 5.4.1
Account D is used by a service running on Server 4 and Server 5. If Account D is compromised, an attacker will have access to all servers where D has privileges. If those servers do not include services that use accounts with a higher set or scope of privileges, this scenario will present a medium priority risk because the transitive vulnerability of Scenario 2 does not exist.Provides automatic distribution of events to subscribing COM components.
. Monitoring and managing the security of service accounts requires more diligence than ordinary user accounts, and each additional domain account in use by services only complicates administration of those accounts. Given that administrators and security administrators need to where each service account is used to detect suspicious activity highlights the need to minimize the number of those accounts.
If you are installing just the &aposManagement Console&apos component to a computer, i.e. a remote Enterprise Console, the account requested during the installation be the same as the account the &aposSophos Management Host&apos service is running as on the Sophos management server. This is referenced as &aposSophosManagement&apos in this article.