Surf Control v5.5 Configuring a logon and logoff script, Add an Exception to the Windows Firewall

Page 25

2

INSTALLATION DECISIONS

User Name Resolution

Configuring a logon and logoff script

You need to create a new logon and logoff script, or modify an existing one, to call the EUM Login agent (ScEumLoginAgent.exe). The EUM Login Agent file should be placed in an area on the network which is accessible to all users. The following parameters can be used in the logon script:

Note: A logoff script is not required for NT domains.

/LOGOUT - This is used if the agent is called by a log off script. If this parameter is not used, the agent will assume it is a logon script.

/NETWARE - This command line parameter is used in a Netware environment. Use this in the login script to return the Netware user name to the EUM Login Agent. This will ensure that the default Netware port (61696) is loaded from the EumLogin.ini file. If this parameter is not specified, the Windows username will be returned by default to the EUM Logon Agent.

/NOCONT - This is used to run the agent in non-continuous mode. The agent will send the user name details once to the server(s) and then terminate. If this parameter is not used, the agent will run in continuous mode.

/TRACEMODE - Use this command line parameter if you are experiencing problems with the agent. Trace messages will be stored in a log file called EumLoginTrace.log. This file will be stored in the logged on user’s temporary folder. The location of this folder is determined by the following:

The path specified by the TMP environment variable.

The path specified by the TEMP environment variable.

The path specified by the %USERPROFILE% environment variable.

The Windows directory.

Add an Exception to the Windows Firewall

The Windows Firewall will prevent the ScEumLoginAgent application from sending traffic to the network. To allow the EUM Login Agent to function requires an Active Directory group policy to be created or updated to add the traffic from the application as an exception to the firewall. For more details on these options consult our Knowledge Base article 1775.

The Knowledge Base can be found at: http://kb.surfcontrol.com

20 Starter Guide

SurfControl Web Filter for ISA v5.5

Page 24 Page 26
Image 25
Page 24 Page 26
Contents SurfControl Web Filter Trademarks SurfControl Web Filter Table of Contents Appendix Chapter ISA Server Microsoft ISA Server EditionHOW WEB Filter and ISA Server Interact Hardware Requirements System RequirementsGeneral System Requirements SQL Server Licensing System Requirements Installation Decisions Introduction User Name ResolutionNetwork Considerations Database OptionsDeployment Recommendations Network ConsiderationsDMZ Recommendations Network Considerations Web Filter communication ports Firewall Port ConfigurationISA Server ISA Server AuthenticationISA Server 2004/2006 EUM User Name ResolutionEUM Agent on Domain Controllers Methods of Installing EUMEUM on Windows 2000 and 2003 domain controllers EUM on Windows NT domain controllersBefore installation Ignoring Users in NetWare EUM NetwareeumLogging Levels Installing the Login Agent on NT Domains EUM Login Agent Installing the Login Agent on Windows 2000 Login Agent LocationBelow is a copy of the supplied .ini file EumLogin.ini fileEumLogin.ini file sections How to configure the fileAdd an Exception to the Windows Firewall Configuring a logon and logoff scriptDatabase Platforms Database ConsiderationsSQL Server Express SQL Server minimum requirements on Web Filter server SQL ServerReasons to Install SQL Server on a Dedicated Server Database AuthenticationWindows Authentication SQL AuthenticationInternet Threat Database Other ConsiderationsCategorization Options Internet Threat Database Improvement ProgramMail Notifications Remote Administration ClientPrivacy Edition Considerations Remote Administration Client minimum requirementsInstalling Web Filter NetWare client on to the Web Filter server Installation ProcessInstalling SQL Server Express Optional Select I accept the terms of the license agreement Installing Surfcontrol WEB FilterInstalling SurfControl Web Filter Select SurfControl Web Filter Installing SurfControl Web Filter Installing SurfControl Web Filter Changes to the Server Configuring WEB Filter Configuring Web Filter Configuring Web Filter Configuring Web Filter Configuring Web Filter Configuring Web Filter Automatic Database Management screen is displayed Internet Threat Database Update screen is displayedThreat Database Configuring Web Filter Click Add to list Enterprise User Monitoring recommended NetBIOS Configuring Web Filter Configuring Web Filter Installing Service Pack Installing Service Pack Installing Service Pack Further Configuration ALL Installations Post Installation TasksFirewall Policy Rules for ISA Server 2004 Network DependentInstalling the EUM Agent on Your Domain Controllers User Name Resolution Select Domain Controllers screen is displayed Making changes to the EUM Agent configurationUser Name Resolution Installing Netwareeum Installing the EUM Login Agent on Your NetworkUnloading the NetWare EUM Automatically loading the NetWare EUMAdd Web Filter Servers to NetWare EUM Ignored users in NetWare EUMInstall Surfcontrol Report Central Installing the Remote Administration Client Select I accept the terms of the license agreement Select Remote Administration Installing the Remote Administration Client InstallShield Wizard Complete screen is displayed Remote Administration Client and Windows VistaConfigure IE and the VCA Allow Internet Threat Database UpdatesFirewall Policy Rules Allow VCA Spider FunctionalityConfigure a Firewall Policy Rule for the VCA Allow the Remote Administration Client AccessFrom Access Rule Destinations, click Add From the Primary Connection Information screen, click NewSRC Allow Remote Access to Surfcontrol Report CentralEnter 8888 in the Port Range From field Click Apply in the Firewall Policy window Appendix Contact Technical Support Location Contact information Sales and Feedback
Top Page Image Contents