Surf Control v5.5 manual Network Considerations

Page 15

2

INSTALLATION DECISIONS

Network Considerations

To resolve an authentication issue:

•Use a Local Admin account to log into the Web Filter server(s). This account should also be a member of the domain administrators group in the DMZ, and an account with the same name and password should exist in the corporate domain. Use this logon account for the Web Filter services also.

To resolve a firewall access issue:

•Set up a child domain with a trust relationship between the domain controllers with Web Filter for ISA a member of the child domain.

•Open up ports on the internal firewall where necessary.

10 Starter Guide

SurfControl Web Filter for ISA v5.5

Image 15

Contents SurfControl Web Filter Trademarks SurfControl Web Filter Table of Contents Appendix Chapter Microsoft ISA Server Edition ISA ServerHOW WEB Filter and ISA Server Interact Hardware Requirements System RequirementsGeneral System Requirements SQL Server Licensing System Requirements Installation Decisions Database Options User Name ResolutionIntroduction Network ConsiderationsNetwork Considerations Deployment RecommendationsDMZ Recommendations Network Considerations Web Filter communication ports Firewall Port ConfigurationISA Server Authentication ISA ServerISA Server 2004/2006 EUM User Name ResolutionEUM on Windows NT domain controllers Methods of Installing EUMEUM Agent on Domain Controllers EUM on Windows 2000 and 2003 domain controllersBefore installation Netwareeum Ignoring Users in NetWare EUMLogging Levels Login Agent Location EUM Login AgentInstalling the Login Agent on NT Domains Installing the Login Agent on Windows 2000Below is a copy of the supplied .ini file EumLogin.ini fileEumLogin.ini file sections How to configure the fileAdd an Exception to the Windows Firewall Configuring a logon and logoff scriptDatabase Considerations Database PlatformsSQL Server Express SQL Server minimum requirements on Web Filter server SQL ServerSQL Authentication Database AuthenticationReasons to Install SQL Server on a Dedicated Server Windows AuthenticationInternet Threat Database Improvement Program Other ConsiderationsInternet Threat Database Categorization OptionsMail Notifications Remote Administration ClientPrivacy Edition Considerations Remote Administration Client minimum requirementsInstalling Web Filter NetWare client on to the Web Filter server Installation ProcessInstalling SQL Server Express Optional Select I accept the terms of the license agreement Installing Surfcontrol WEB FilterInstalling SurfControl Web Filter Select SurfControl Web Filter Installing SurfControl Web Filter Installing SurfControl Web Filter Changes to the Server Configuring WEB Filter Configuring Web Filter Configuring Web Filter Configuring Web Filter Configuring Web Filter Configuring Web Filter Internet Threat Database Update screen is displayed Automatic Database Management screen is displayedThreat Database Configuring Web Filter Click Add to list Enterprise User Monitoring recommended NetBIOS Configuring Web Filter Configuring Web Filter Installing Service Pack Installing Service Pack Installing Service Pack Further Configuration Network Dependent Post Installation TasksALL Installations Firewall Policy Rules for ISA Server 2004Installing the EUM Agent on Your Domain Controllers User Name Resolution Select Domain Controllers screen is displayed Making changes to the EUM Agent configurationUser Name Resolution Installing Netwareeum Installing the EUM Login Agent on Your NetworkIgnored users in NetWare EUM Automatically loading the NetWare EUMUnloading the NetWare EUM Add Web Filter Servers to NetWare EUMInstall Surfcontrol Report Central Installing the Remote Administration Client Select I accept the terms of the license agreement Select Remote Administration Installing the Remote Administration Client InstallShield Wizard Complete screen is displayed Remote Administration Client and Windows VistaAllow VCA Spider Functionality Allow Internet Threat Database UpdatesConfigure IE and the VCA Firewall Policy RulesFrom the Primary Connection Information screen, click New Allow the Remote Administration Client AccessConfigure a Firewall Policy Rule for the VCA From Access Rule Destinations, click AddAllow Remote Access to Surfcontrol Report Central SRCEnter 8888 in the Port Range From field Click Apply in the Firewall Policy window Appendix Contact Technical Support Location Contact information Sales and Feedback