You configure the settings of the Zone Manager role from the Roles view of the System task in Security Center Config Tool.
Zone Manager - Properties tab
Click the Properties tab to configure the retention period of the zone events in the database.
- Keep events
- Specify how long to keep the zone events logged by the Zone Manager in the database, before they are deleted.
Zone Manager - Resources tab
Click the Resources tab to configure the servers and database assigned to this role.
- Servers hosting this role. All of them must have access to the role database.
- Database status
- Current status of the database.
- Database server
- Name of the SQL Server service. The value
(local)\SQLEXPRESScorresponds to Microsoft SQL Server 2014 Express Edition installed by default with Security Center Server.
- Name of the database instance.
- Maintenance functions you can perform on the role
- Create a database ()
- Create a new database with the option to overwrite the existing one.
- Delete the database ()
- Delete the database.
- Database info ()
- Show the database information.
- Notifications ()
- Set up notifications for when the database space is running low.
- Resolve conflicts ()
- Resolve conflicts caused by imported entities.
- Backup/Restore ()
- Back up or restore the database.
- Specifies which SQL Server authentication is to be used:
- (Default) Use Windows authentication when the role server and the database server are on the same domain.
- SQL Server
- Use SQL Server authentication when the role server and the database server are not on the same domain. Mandatory for Azure SQL Database. You must specify a username and password in this case.
- Database security
- Security options for communication between the role and its database server.
- Encrypt connections
- (Default) Uses Transport Layer Security (TLS) protocol for all transactions between the role and the database server. This option prevents eavesdropping and requires no setup on your part.
- Validate certificate
- Authenticates the database server before opening a connection. This is the most
secure communication method and prevents man-in-the-middle attacks. The
Encrypt connections option must first be enabled.NOTE: You must deploy a valid identity certificate on the database server. A valid certificate is one that is signed by a certificate authority (CA) that is trusted by all servers hosting the role and that is not expired.