Manuals / SonicWALL / Kitchen Appliance / Frozen Dessert Maker

SonicWALL 4.5 manual Open a service port

Models: 4.5

1 212

Page 118

Enforced Client Product Guide	Using the Firewall Protection Service
	Configuring policies for firewall protection

Remote Assistance

You can add other service ports as needed. Standard service ports for typical system services are:

File Transfer Protocol (FTP) Ports 20-21

Mail Server (IMAP) Port 143

Mail Server (POP3) Port 110

Mail Server (SMTP) Port 25

Microsoft Directory Server (MSFT DS) Port 445

Microsoft SQL Server (MSFT SQL) Port 1433

Remote Assistance / Terminal Server (RDP) Port 3389 (same as Remote Assistance and Remote Desktop)

Remote Procedure Calls (RPC) Port 135

Secure Web Server (HTTPS) Port 443

Universal Plug and Play (UPNP) Port 5000

Web Server (HTTP) Port 80

Windows File Sharing (NETBIOS) Ports 137-139 (same as File and Print Sharing)

To ensure that a port is blocked, you must add it to this list and make sure it is deselected.

Figure 5-2 Firewall Custom Settings page

Open a service port

Opening a system service port on a client computer allows it to act as a server on the local network or the Internet.

118

Page 118

Image 118

SonicWALL 4.5 manual Open a service port

Contents

6ERSIONS 3ONIC7!,,C%NFORCED #LIENT !NTI6IRUS AND !NTI3PYWARE 0RODUCTDUIDE02/4%#4/. !444%/30%%$!/& 53.%33 LICENSE INFORMATION License Agreement Enforced Client Anti-Virus and Anti-Spyware 4.5COPYRIGHTTRADEMARK ATTRIBUTIONS AttributionsInstalling Enforced Client ContentsIntroduction Using Enforced Client Disabling on-access scanning Using the Virus and Spyware Protection ServiceUsing the Firewall Protection Service Managing your subscriptionsUsing the Browser Protection Service „ Managing with the online SecurityCenter „ Using this guide 1 Introduction„ What is Enforced Client? „ What is new in this release? „ How does the software work?„ Protect against many kinds of threats What is Enforced Client?„ Select the right version of Enforced Client „ Ensure continuous, automatic protectionSelect the right version of Enforced Client Protect against many kinds of threatsEnsure continuous, automatic protection users when support ends on page What is new in this release?New feature Chapter 2, Installing Enforced Client„ The updating process „ Outbreak response „ Rumor technology How does the software work?The updating process „ Internet Independent Updating IIURetrieving updates Figure 1-2 Methods for updating client computersRumor technology Outbreak responseUploading security information Internet Independent Updating IIU Managing with the online SecurityCenter Figure 1-3 The online SecurityCenterSee Using the SecurityCenter on page 55 for more information User groups Customized policies Figure 1-4 Example Sales Team group and Sales policyWho should read this guide? Using this guide„ Who should read this guide? „ Conventions Condensed ConventionsBold ExampleGetting product information Product Upgrades Valid grant number required Contact informationAvert Labs DAT Notification Service Security Updates DATs, engine HotFix and Patch ReleasesIntroduction Enforced Client Product GuideGetting product information „ Completing the installation „ What should I do after installing? Installing Enforced Client„ Before you install „ Installing Enforced Client „ After you place your order „ System requirementsAfter you place your order „ Operating systems „ RAM „ Email security service System requirementsOperating systems Protection servicesNotifying users when support ends Operating system support endingEmail security service Email server security applicationTerminal servers „ Uninstall existing virus protection software Before you installUninstall existing virus protection software „ Uninstall existing firewall software „ Configure your browserComputer Associates SonicWALL EnterpriseSonicWALL Retail FinjanInternet Explorer Uninstall existing firewall softwareConfigure your browser Non-Microsoft browsersInstall the standalone installation agent Requirements Installing Enforced ClientStandard URL installation Standard URL installationSending an installation URL to users Installing on client computersWhat is the email address used for? 3 When you are prompted to do so, click InstallAdvanced installation method Advanced installation methodsFigure 2-2 Advanced installation methods The administratorRequirements Silent installation„ Requirements „ Installation Installation What is my company key?VSSETUP parameters Push installation 1 Download the Push Install utility from the SecurityCenter Considerations for scheduling push installations„ Requirements „ Installation RequirementsInstallation To install Enforced Client using the Push Install utilityEnabling relay servers If you use a corporate firewall or proxy serverFigure 2-6 Status for target computers Using VSSETUP Completing the installationUsing the Push Install utility „ Using the Push Install utility „ Using VSSETUPTest virus protection Scan the client computerSet up the default firewall Scan the email Inbox„ Viewing your security services at-a-glance on page What should I do after installing?„ Setting up your account on page „ Setting up policies on page „ Viewing reports on pageWhat should I do after installing? Installing Enforced ClientEnforced Client Product Guide „ Using the SecurityCenter „ Getting started Using Enforced Client„ Using the client software „ Updating client computers „ Setting up your accountRemoving and displaying the icon Using the client softwareEnforced Client system tray icon „ Administrative menu and tasksUpdating client computers Administrative menu and tasksClient menu Update during an outbreak Update automaticallyUpdate manually „ Update automatically „ Update manually „ Update during an outbreakUsing the SecurityCenter Update computers where no user is logged onSetting up policies Viewing reports Managing your correspondence When you areSetting up your account „ Set up your profile „ Change your SecurityCenter passwordLog on to the SecurityCenter Access online features and functionsGetting started „ Log on to the SecurityCenter „ Access online features and functionsEnforced Client Product Guide Using Enforced ClientFigure 3-1 SecurityCenter tabs Getting startedFigure 3-2 Page controls for listings and reports Make the most of your online dataWhen you want to Do thisCustomize listings and reports Show Navigation Using the online helpDo this Previous and NextChange your SecurityCenter password Setting up your accountSet up your profile Sign up for email notificationsViewing your security services at-a-glance „ Install protection services „ View and resolve action items Install protection servicesView and resolve action items „ Purchase, add, and renew services „ Request a trial subscriptionManaging your computers View security coverage for your account„ Display details for a computer „ View detections for a computer „ Search for computers „ Install protection services„ Send email to computers „ Block computers from receiving updates „ View user-approved applications for a computerInstall protection services Search for computersDisplay details for a computer See Chapter 2, Installing Enforced Client for more informationDo this When you want toFigure 3-5 Computer Details page For System email address, type a new email address, then click SaveView user-approved applications for a computer View detections for a computerSend email to computers Delete computers from your reports Block computers from receiving updatesCreating groups to manage your site Move computers into a groupThe Default group „ Create or edit a group „ Delete a groupCreate or edit a group Designating group administratorsDelete a group Figure 3-7 Site and group administrators Create or edit a group administrator „ Create or edit a group administrator „ Delete a group administrator„ Restore default policy settings „ Delete a policy Setting up policiesDelete a group administrator „ Create or edit a policy „ Assign a policy to a groupAll programs types are enabled The SonicWALL Default policyDefault setting Virus protectionCreate or edit a policy Restore default policy settingsAssign a policy to a group Viewing reports Delete a policyDetections Use this reportTo view UnrecognizedView duplicate computers Figure 3-9 Duplicate Computers report„ Send email to users „ Update user email addresses Managing your correspondenceView computer profiles „ Update your account’s email address „ Add your logo to reportsSend email to users Update user email addressesUpdate your account’s email address Add your logo to reports„ View your service subscriptions „ Update subscription information View your service subscriptionsManaging your subscriptions „ Purchase, add, and renew services „ Request a trial subscriptionUpdate subscription information Purchase, add, and renew servicesReceive subscription notifications Getting assistanceRequest a trial subscription View printed and online documentsVSSetup Download utilitiesContact product support Run the Push Install UtilityAccessing client features Scan Tasks menu Using the Virus and Spyware ProtectionService „ Accessing client features Scan Tasks menuScanner see Disabling on-access scanning on page Select this commandDisable On-Access Scanner Figure 4-1 Scan Tasks menu„ Scan automatically on-access scans „ Scan manually on-demand scans Scan automatically on-access scansScanning client computers „ Schedule on-demand scans „ Scan email „ Scan for spywareView scan results Scan manually on-demand scans„ View scan results „ How detections are handled How detections are handled Scan email Schedule on-demand scansScan for spyware Approve CleanCleaned CloseSchedule on-demand scans Configuring policies for virus and spyware protectionSet basic virus protection options „ Schedule on-demand scansExclude files and folders from virus scans Set advanced virus protection options Select your update frequencyEnable optional protection „ Select your update frequency „ Enable optional protectionScan email before delivering to the Outlook Inbox Enable script scanningEnable outbreak response Enable buffer overflow protection rar, .tat, .tgz„ Enable spyware protection „ Select a spyware protection mode Enable spyware protectionSet basic spyware protection options „ Specify approved programsMode Select a spyware protection modeBehavior of protection service ReportSet advanced spyware protection options Learn modeSpecify approved programs Threat type Password crackers2 Click the Advanced Settings tab Description„ Detections see View detections Viewing reports for virus and spyware detectionsView detections „ Unrecognized Programs see View unrecognized programs on pageBuffer Overflow Processes When you want toadvanced spyware protection options on page Details pageView unrecognized programs Figure 4-7 Unrecognized Programs reportthe Computer Details page Using the Unrecognized Programs reportWhen you want to on pageView your detection history Figure 4-8 Detection History report„ Manage your protection strategy with best practices Managing detectionsManage your protection strategy with best practices „ Manage quarantined filesthe Quarantine Viewer Manage quarantined filesRestore 2 Select Scan Tasks Quarantine ViewerClean failed Disabling on-access scanningCleaned 2 Select Disable On-Access Scanner or Enable On-Access ScannerDisabling on-access scanning Using the Virus and Spyware Protection ServiceEnforced Client Product Guide „ Accessing client features Firewall Settings command Using the Firewall Protection ServiceAccessing client features Firewall Settings command „ Configuring policies for firewall protection„ Install the firewall protection service via policy Configuring policies for firewall protection„ Specify who configures firewall protection settings „ Enable firewall protection „ Select a firewall protection modeSpecify who configures firewall protection settings Figure 5-1 Desktop Firewall policy tabInstall the firewall protection service via policy Enable firewall protectionSelect a firewall protection mode Learn modeSpecify a connection type Configure a custom connection„ Configure system services for a custom connection „ Configure IP addresses for a custom connection Configure system services for a custom connectionStandard system service ports „ Standard system service ports „ Open a service portOpen a service port Add and edit service ports Close a service portSet up allowed Internet applications Configure IP addresses for a custom connectionSpecify Internet applications in a policy Specify whether to use SonicWALL recommendationsView unrecognized Internet applications Viewing reports for firewall protection„ Unrecognized Programs see View unrecognized Internet applications View inbound events blocked by the firewall Managing suspicious activity with best practices Events to display the Inbound Event List„ When running the firewall protection service on a server, ensure that service ports are configured correctly to prevent disruption of system services see Configure system services for a custom connection on page 117. Ensure that no unnecessary ports are open Enforced Client Product Guide Using the Firewall Protection ServiceManaging suspicious activity with best practices „ Accessing site safety information Using the Browser Protection ServiceAccessing site safety information „ Configuring browser protection settings „ Submitting feedbackHow safety ratings are compiled Staying safe during searchesSettings Staying safe while browsingSettings Configuring browser protection on the clientConfiguring browser protection from the SecurityCenter Configuring browser protection settingsViewing safety reports Installing via policyEncrypt the data sent to the server using the Configuring browser protection on the client computerEnable or disable the display of safety icons next Enable or disable the color coding for theSubmitting feedback „ Setting up your account „ Viewing your email protection status Using the Email Security Service„ Activating the email security service „ Using the portal „ Configuring a policy for email securityUsing the portal Activating the email security service2 Click Install Protection 3 Select Install email security service Setting up your account Update your MX recordsCustomize your account settings „ Update your MX records „ Customize your account settingsRecommended first steps Default settings1 Add your other domains Optional customization Configure general administration settings Figure 7-2 Administration pageUse this feature Viewing your email protection statusAccess basic administration features on the Administration page General SettingsTo view the status of your service Configuring a policy for email security Viewing reports for the email security serviceCheck the Quarantine Summary Managing quarantined emailView and manage quarantined user messages „ View and manage quarantined user messagesGetting more information View quarantined mail deliveriesEnforced Client Product Guide Using the Email Security ServiceGetting more information „ Uninstalling protection services „ Frequently asked questions FAQ 8 TroubleshootingUninstalling protection services „ Error messages „ Contacting product support„ Installing „ Adding, renewing, and moving licenses Frequently asked questions FAQInstalling „ Configuring and managing policies „ Scanning „ Reporting „ UpdatingConfiguring and managing policies Adding, renewing, and moving licensesScanning ReportingUpdating Firewall protection Email Browser protectionGeneral „ Invalid Entitlement Error Error messages„ Installation Declined „ Installation Denied „ Cannot find remote shared directory „ File does not exist„ Unable to create Cab Installer Object „ MyASUtil.SecureObjectFactory error message „ MyINX Error„ Unable to connect to the Enforced Client update server Cannot find remote shared directoryInternet Explorer is blocking ActiveX controls The user doesn’t have administrator rightsThe security level of the browser is too high A registry file is missingInstallation Denied Common causes and solutions 1 From the Windows Control Panel, open Add/Remove Programs If you do not see a Status column, set your view options to Details1 Select Start Run You might need to adjust your corporate firewall or proxy settings See If you use a corporate firewall or proxy server on pageContacting product support protection service GlossaryCompare to group administrator and user See reportsSee policy Compare to URL installationCompare to SecurityCenter website Compare to trusted connection and untrusted connectionCompare to administrator and user protection serviceprotection service See also push installation, silent installation, and URL installationCompare to silent installation and URL installation Compare to protect mode and report modeCompare to prompt mode and report mode Compare to prompt mode and protect modeCustomer Home site See on-access scanning and on-demand scanningCompare to push installation and URL installation Compare to client softwareservice Compare to push installation and silent installationCompare to administrator and group administrator Compare to trusted connection„ Log on to the SecurityCenter „ Change your SecurityCenter password Login pageSecurityCenter tab „ Viewing your security services at-a-glance„ Send email to computers „ Block computers from receiving updates Computers tab„ Managing your computers „ Install protection services „ Specify approved programs „ Set up allowed Internet applicationsAdd Computer DescriptionFind computers Groups„ Viewing reports „ View detections „ View unrecognized programs Reports tab„ Viewing reports for the email security service „ View unrecognized Internet applications„ Configuring policies for virus and spyware protection Groups + Policies tab„ Creating groups to manage your site „ Setting up policies „ Configuring policies for firewall protection„ Managing your subscriptions „ Designating group administrators My Account tab„ Setting up your account „ Change your SecurityCenter password Service Summary sectionNotification Preferences section My Logo sectionEmail Page Install ProtectionHelp tab „ View printed and online documents „ Download utilities„ Installing Enforced Client „ Standard URL installation Install Protection New ComputersInstall Protection New Computers Email Text „ Using the portal„ Standard URL installation Install Protection Existing ComputersInstall Protection Existing Computers Email Text „ Standard URL installation „ Advanced installation methods„ Using the portal „ Update your MX records Install Email Security ServiceAdvanced Installation Methods „ Viewing reports for the email security service„ Managing your subscriptions „ Purchase, add, and renew services Product PurchaseProduct Coverage „ Request a trial subscription„ Managing your computers „ Make the most of your online data Computer Details„ Set up allowed Internet applications „ Customize listings and reports „ Specify approved programsUser-Approved Application List Detection List„ View detections for a computer „ View user-approved applications for a computer Search Results„ Specify approved programs „ Set up allowed Internet applications „ Managing your computers „ Search for computers„ Customize listings and reports Detections report by computer„ View detections „ Make the most of your online data „ Manage your protection strategy with best practices„ Customize listings and reports Detections report by detection„ View detections „ Make the most of your online data „ Manage your protection strategy with best practices„ View unrecognized programs „ Make the most of your online data Unrecognized Programs report by computer„ Set up allowed Internet applications „ Customize listings and reports„ View unrecognized programs Unrecognized Programs report by program„ Specify approved programs „ Set up allowed Internet applications „ View user-approved applications for a computerLists the IP address of the computer where the event originated Inbound Events Blocked by Firewall report by originating computerInbound Events Blocked by Firewall report by destination computer „ View inbound events blocked by the firewall„ View inbound events blocked by the firewall Inbound Event ListDuplicate Computers report „ View duplicate computers „ Display details for a computerComputer Profiles report „ View computer profiles„ Manage your protection strategy with best practices Detection History report„ View your detection history Description„ Creating groups to manage your site „ Setting up policies Edit Default GroupEdit Group „ Creating groups to manage your site „ Setting up policies„ Setting up policies „ Assign a policy to a group View Default PolicyAdd Group „ Setting up policies „ Set basic virus protection options„ The SonicWALL Default policy „ Configuring policies for firewall protection„ Configuring browser protection from the SecurityCenter Firewall ConfigurationEnable script scanning Enable outbreak responseEnable buffer overflow on-access scansEdit Policy Virus Protection Settings „ Set basic virus protection options „ Assign a policy to a groupEdit Policy Spyware Protection Settings „ Set basic spyware protection options „ Assign a policy to a group„ Configuring policies for firewall protection „ Learn mode Edit Policy Desktop Firewall Settings„ Assign a policy to a group Firewall Protection Mode update the policy to User configures firewallAutomatically install the DescriptionFirewall Custom Settings „ Configure system services for a custom connection„ Configure system services for a custom connection Add or Edit Incoming Connection„ Configure IP addresses for a custom connection Cancel„ Configuring browser protection from the SecurityCenter Edit Policy Browser Protection SettingsEdit Policy Advanced Settings „ Update computers where no user is logged on„ Enable buffer overflow protection Detect code starting to run SettingsCheck for updates every „ Scan all file types during on-access scans Inspect all types ofAdd Policy Virus Protection Settings „ Set basic virus protection options „ Assign a policy to a groupAdd Policy Spyware Protection Settings „ Set basic spyware protection options „ Assign a policy to a group„ Configuring policies for firewall protection „ Learn mode Add Policy Desktop Firewall Settings„ Assign a policy to a group Automatically install the Firewall Configurationupdate the policy to User configures firewall Firewall Protection Mode„ Configuring browser protection from the SecurityCenter Add Policy Browser Protection Settings„ Assign a policy to a group „ Notifying users when support ends „ Assign a policy to a group Add Policy Advanced Settings„ Update computers where no user is logged on „ Set advanced virus protection optionsCheck for updates every SettingsDescription Subscription History „ Managing your subscriptionsView Cancelled Services Edit Subscription Information„ Update subscription information Managed Services„ Designating group administrators Manage Group AdministratorsManage All Group Administrators „ Designating group administratorsNotification Preferences „ Sign up for email notificationsUtilities Edit ProfileManage Logo „ Set up your profile „ Change your SecurityCenter passwordInstall protection services „ Install the standalone installation agentSilently install protection previous installation