Manuals / SonicWALL / Kitchen Appliance / Frozen Dessert Maker

SonicWALL 4.5 manual How does the software work?, The updating process

Models: 4.5

1 212

Download 212 pages 10.59 Kb

Page 12

How does the software work?

Enforced Client Product Guide	Introduction
	How does the software work?

1

How does the software work?

Enforced Client implements a three-prong approach to security by:

1Silently monitoring all file input and output, downloads, program executions, inbound and outbound communications, and other system-related activities on client computers.

Detected viruses are deleted or quarantined automatically.

Potentially unwanted programs, such as spyware or adware, are removed automatically unless you select a different response.

Suspicious activity is blocked unless you specify a different response.

2Regularly updating detection definition (DAT) files and software components to ensure that you are always protected against the latest threats.

3Uploading security information for each client computer to the SecurityCenter, then using this information to send emails and create reports that keep you informed about your account’s status.

In addition, it provides tools for managing client computers and customizing your security strategy.

The updating process

Outbreak response

Rumor technology

Internet Independent Updating (IIU)

The updating process

Regular updates are the cornerstone of Enforced Client.

Updates of its security components running on client computers. See Retrieving updates.

Updates to the security data maintained on the SecurityCenter website and used in administrative reports. See Uploading security information.

12

Image 12

SonicWALL 4.5 manual How does the software work?, The updating process, „ Internet Independent Updating IIU

Contents

3ONIC7!,,C%NFORCED #LIENT !NTI6IRUS AND !NTI3PYWARE 0RODUCTDUIDE 6ERSIONS02/4%#4/. !444%/30%%$!/& 53.%33 Enforced Client Anti-Virus and Anti-Spyware 4.5COPYRIGHT TRADEMARK ATTRIBUTIONSLICENSE INFORMATION License Agreement AttributionsContents Installing Enforced ClientIntroduction Using Enforced Client Using the Virus and Spyware Protection Service Using the Firewall Protection ServiceDisabling on-access scanning Managing your subscriptionsUsing the Browser Protection Service 1 Introduction „ What is Enforced Client? „ What is new in this release?„ Managing with the online SecurityCenter „ Using this guide „ How does the software work?What is Enforced Client? „ Select the right version of Enforced Client„ Protect against many kinds of threats „ Ensure continuous, automatic protectionSelect the right version of Enforced Client Protect against many kinds of threatsEnsure continuous, automatic protection What is new in this release? New featureusers when support ends on page Chapter 2, Installing Enforced ClientHow does the software work? The updating process„ The updating process „ Outbreak response „ Rumor technology „ Internet Independent Updating IIURetrieving updates Figure 1-2 Methods for updating client computersOutbreak response Rumor technologyUploading security information Internet Independent Updating IIU Managing with the online SecurityCenter Figure 1-3 The online SecurityCenterSee Using the SecurityCenter on page 55 for more information User groups Customized policies Figure 1-4 Example Sales Team group and Sales policyUsing this guide Who should read this guide?„ Who should read this guide? „ Conventions Conventions BoldCondensed ExampleGetting product information Contact information Avert Labs DAT Notification ServiceProduct Upgrades Valid grant number required Security Updates DATs, engine HotFix and Patch ReleasesEnforced Client Product Guide IntroductionGetting product information Installing Enforced Client „ Before you install „ Installing Enforced Client„ Completing the installation „ What should I do after installing? „ After you place your order „ System requirementsAfter you place your order System requirements Operating systems„ Operating systems „ RAM „ Email security service Protection servicesNotifying users when support ends Operating system support endingEmail security service Email server security applicationTerminal servers Before you install Uninstall existing virus protection software„ Uninstall existing virus protection software „ Uninstall existing firewall software „ Configure your browserSonicWALL Enterprise SonicWALL RetailComputer Associates FinjanUninstall existing firewall software Configure your browserInternet Explorer Non-Microsoft browsersInstall the standalone installation agent Installing Enforced Client Standard URL installationRequirements Standard URL installationSending an installation URL to users Installing on client computersWhat is the email address used for? 3 When you are prompted to do so, click InstallAdvanced installation methods Figure 2-2 Advanced installation methodsAdvanced installation method The administratorSilent installation Requirements„ Requirements „ Installation Installation What is my company key?VSSETUP parameters Push installation Considerations for scheduling push installations „ Requirements „ Installation1 Download the Push Install utility from the SecurityCenter RequirementsInstallation To install Enforced Client using the Push Install utilityIf you use a corporate firewall or proxy server Enabling relay serversFigure 2-6 Status for target computers Completing the installation Using the Push Install utilityUsing VSSETUP „ Using the Push Install utility „ Using VSSETUPTest virus protection Scan the client computerSet up the default firewall Scan the email InboxWhat should I do after installing? „ Setting up your account on page„ Viewing your security services at-a-glance on page „ Setting up policies on page „ Viewing reports on pageInstalling Enforced Client What should I do after installing?Enforced Client Product Guide Using Enforced Client „ Using the client software „ Updating client computers„ Using the SecurityCenter „ Getting started „ Setting up your accountUsing the client software Enforced Client system tray iconRemoving and displaying the icon „ Administrative menu and tasksAdministrative menu and tasks Updating client computersClient menu Update automatically Update manuallyUpdate during an outbreak „ Update automatically „ Update manually „ Update during an outbreakUsing the SecurityCenter Update computers where no user is logged onWhen you are Setting up your accountSetting up policies Viewing reports Managing your correspondence „ Set up your profile „ Change your SecurityCenter passwordAccess online features and functions Getting startedLog on to the SecurityCenter „ Log on to the SecurityCenter „ Access online features and functionsUsing Enforced Client Figure 3-1 SecurityCenter tabsEnforced Client Product Guide Getting startedMake the most of your online data When you want toFigure 3-2 Page controls for listings and reports Do thisCustomize listings and reports Using the online help Do thisShow Navigation Previous and NextSetting up your account Set up your profileChange your SecurityCenter password Sign up for email notificationsViewing your security services at-a-glance Install protection services View and resolve action items„ Install protection services „ View and resolve action items „ Purchase, add, and renew services „ Request a trial subscriptionManaging your computers View security coverage for your account„ Search for computers „ Install protection services „ Send email to computers „ Block computers from receiving updates„ Display details for a computer „ View detections for a computer „ View user-approved applications for a computerSearch for computers Display details for a computerInstall protection services See Chapter 2, Installing Enforced Client for more informationWhen you want to Figure 3-5 Computer Details pageDo this For System email address, type a new email address, then click SaveView detections for a computer View user-approved applications for a computerSend email to computers Block computers from receiving updates Creating groups to manage your siteDelete computers from your reports Move computers into a groupThe Default group „ Create or edit a group „ Delete a groupDesignating group administrators Create or edit a groupDelete a group Figure 3-7 Site and group administrators Create or edit a group administrator „ Create or edit a group administrator „ Delete a group administratorSetting up policies Delete a group administrator„ Restore default policy settings „ Delete a policy „ Create or edit a policy „ Assign a policy to a groupThe SonicWALL Default policy Default settingAll programs types are enabled Virus protectionRestore default policy settings Create or edit a policyAssign a policy to a group Viewing reports Delete a policyUse this report To viewDetections UnrecognizedView duplicate computers Figure 3-9 Duplicate Computers reportManaging your correspondence View computer profiles„ Send email to users „ Update user email addresses „ Update your account’s email address „ Add your logo to reportsUpdate user email addresses Update your account’s email addressSend email to users Add your logo to reportsView your service subscriptions Managing your subscriptions„ View your service subscriptions „ Update subscription information „ Purchase, add, and renew services „ Request a trial subscriptionUpdate subscription information Purchase, add, and renew servicesGetting assistance Request a trial subscriptionReceive subscription notifications View printed and online documentsDownload utilities Contact product supportVSSetup Run the Push Install UtilityUsing the Virus and Spyware Protection ServiceAccessing client features Scan Tasks menu „ Accessing client features Scan Tasks menuSelect this command Disable On-Access ScannerScanner see Disabling on-access scanning on page Figure 4-1 Scan Tasks menuScan automatically on-access scans Scanning client computers„ Scan automatically on-access scans „ Scan manually on-demand scans „ Schedule on-demand scans „ Scan email „ Scan for spywareScan manually on-demand scans View scan results„ View scan results „ How detections are handled How detections are handled Schedule on-demand scans Scan emailScan for spyware Clean CleanedApprove CloseConfiguring policies for virus and spyware protection Set basic virus protection optionsSchedule on-demand scans „ Schedule on-demand scansExclude files and folders from virus scans Select your update frequency Enable optional protectionSet advanced virus protection options „ Select your update frequency „ Enable optional protectionEnable script scanning Enable outbreak response Enable buffer overflow protectionScan email before delivering to the Outlook Inbox rar, .tat, .tgzEnable spyware protection Set basic spyware protection options„ Enable spyware protection „ Select a spyware protection mode „ Specify approved programsSelect a spyware protection mode Behavior of protection serviceMode ReportLearn mode Set advanced spyware protection optionsSpecify approved programs Password crackers 2 Click the Advanced Settings tabThreat type DescriptionViewing reports for virus and spyware detections View detections„ Detections see View detections „ Unrecognized Programs see View unrecognized programs on pageWhen you want to advanced spyware protection options on pageBuffer Overflow Processes Details pageView unrecognized programs Figure 4-7 Unrecognized Programs reportUsing the Unrecognized Programs report When you want tothe Computer Details page on pageView your detection history Figure 4-8 Detection History reportManaging detections Manage your protection strategy with best practices„ Manage your protection strategy with best practices „ Manage quarantined filesManage quarantined files Restorethe Quarantine Viewer 2 Select Scan Tasks Quarantine ViewerDisabling on-access scanning CleanedClean failed 2 Select Disable On-Access Scanner or Enable On-Access ScannerUsing the Virus and Spyware Protection Service Disabling on-access scanningEnforced Client Product Guide Using the Firewall Protection Service Accessing client features Firewall Settings command„ Accessing client features Firewall Settings command „ Configuring policies for firewall protectionConfiguring policies for firewall protection „ Specify who configures firewall protection settings„ Install the firewall protection service via policy „ Enable firewall protection „ Select a firewall protection modeSpecify who configures firewall protection settings Figure 5-1 Desktop Firewall policy tabInstall the firewall protection service via policy Enable firewall protectionSelect a firewall protection mode Learn modeConfigure a custom connection Specify a connection type„ Configure system services for a custom connection Configure system services for a custom connection Standard system service ports„ Configure IP addresses for a custom connection „ Standard system service ports „ Open a service portOpen a service port Add and edit service ports Close a service portSet up allowed Internet applications Configure IP addresses for a custom connectionSpecify Internet applications in a policy Specify whether to use SonicWALL recommendationsViewing reports for firewall protection View unrecognized Internet applications„ Unrecognized Programs see View unrecognized Internet applications View inbound events blocked by the firewall Managing suspicious activity with best practices Events to display the Inbound Event List„ When running the firewall protection service on a server, ensure that service ports are configured correctly to prevent disruption of system services see Configure system services for a custom connection on page 117. Ensure that no unnecessary ports are open Using the Firewall Protection Service Enforced Client Product GuideManaging suspicious activity with best practices Using the Browser Protection Service Accessing site safety information„ Accessing site safety information „ Configuring browser protection settings „ Submitting feedbackHow safety ratings are compiled Staying safe during searchesStaying safe while browsing SettingsSettings Configuring browser protection on the clientConfiguring browser protection settings Viewing safety reportsConfiguring browser protection from the SecurityCenter Installing via policyConfiguring browser protection on the client computer Enable or disable the display of safety icons nextEncrypt the data sent to the server using the Enable or disable the color coding for theSubmitting feedback Using the Email Security Service „ Activating the email security service „ Using the portal„ Setting up your account „ Viewing your email protection status „ Configuring a policy for email securityActivating the email security service Using the portal2 Click Install Protection 3 Select Install email security service Update your MX records Customize your account settingsSetting up your account „ Update your MX records „ Customize your account settingsDefault settings Recommended first steps1 Add your other domains Optional customization Configure general administration settings Figure 7-2 Administration pageViewing your email protection status Access basic administration features on the Administration pageUse this feature General SettingsTo view the status of your service Configuring a policy for email security Viewing reports for the email security serviceManaging quarantined email View and manage quarantined user messagesCheck the Quarantine Summary „ View and manage quarantined user messagesGetting more information View quarantined mail deliveriesUsing the Email Security Service Enforced Client Product GuideGetting more information 8 Troubleshooting Uninstalling protection services„ Uninstalling protection services „ Frequently asked questions FAQ „ Error messages „ Contacting product supportFrequently asked questions FAQ Installing„ Installing „ Adding, renewing, and moving licenses „ Configuring and managing policies „ Scanning „ Reporting „ UpdatingConfiguring and managing policies Adding, renewing, and moving licensesScanning ReportingUpdating Firewall protection Browser protection EmailGeneral Error messages „ Installation Declined „ Installation Denied„ Invalid Entitlement Error „ Cannot find remote shared directory „ File does not exist„ MyASUtil.SecureObjectFactory error message „ MyINX Error „ Unable to connect to the Enforced Client update server„ Unable to create Cab Installer Object Cannot find remote shared directoryThe user doesn’t have administrator rights The security level of the browser is too highInternet Explorer is blocking ActiveX controls A registry file is missingInstallation Denied Common causes and solutions If you do not see a Status column, set your view options to Details 1 From the Windows Control Panel, open Add/Remove Programs1 Select Start Run You might need to adjust your corporate firewall or proxy settings See If you use a corporate firewall or proxy server on pageContacting product support Glossary Compare to group administrator and userprotection service See reportsCompare to URL installation Compare to SecurityCenter websiteSee policy Compare to trusted connection and untrusted connectionprotection service protection serviceCompare to administrator and user See also push installation, silent installation, and URL installationCompare to protect mode and report mode Compare to prompt mode and report modeCompare to silent installation and URL installation Compare to prompt mode and protect modeSee on-access scanning and on-demand scanning Compare to push installation and URL installationCustomer Home site Compare to client softwareCompare to push installation and silent installation Compare to administrator and group administratorservice Compare to trusted connectionLogin page SecurityCenter tab„ Log on to the SecurityCenter „ Change your SecurityCenter password „ Viewing your security services at-a-glanceComputers tab „ Managing your computers „ Install protection services„ Send email to computers „ Block computers from receiving updates „ Specify approved programs „ Set up allowed Internet applicationsDescription Find computersAdd Computer GroupsReports tab „ Viewing reports for the email security service„ Viewing reports „ View detections „ View unrecognized programs „ View unrecognized Internet applicationsGroups + Policies tab „ Creating groups to manage your site „ Setting up policies„ Configuring policies for virus and spyware protection „ Configuring policies for firewall protectionMy Account tab „ Setting up your account „ Change your SecurityCenter password„ Managing your subscriptions „ Designating group administrators Service Summary sectionNotification Preferences section My Logo sectionInstall Protection Help tabEmail Page „ View printed and online documents „ Download utilitiesInstall Protection New Computers Install Protection New Computers Email Text„ Installing Enforced Client „ Standard URL installation „ Using the portalInstall Protection Existing Computers Install Protection Existing Computers Email Text„ Standard URL installation „ Standard URL installation „ Advanced installation methodsInstall Email Security Service Advanced Installation Methods„ Using the portal „ Update your MX records „ Viewing reports for the email security serviceProduct Purchase Product Coverage„ Managing your subscriptions „ Purchase, add, and renew services „ Request a trial subscriptionComputer Details „ Set up allowed Internet applications„ Managing your computers „ Make the most of your online data „ Customize listings and reports „ Specify approved programsDetection List User-Approved Application List„ View detections for a computer Search Results „ Specify approved programs „ Set up allowed Internet applications„ View user-approved applications for a computer „ Managing your computers „ Search for computersDetections report by computer „ View detections „ Make the most of your online data„ Customize listings and reports „ Manage your protection strategy with best practicesDetections report by detection „ View detections „ Make the most of your online data„ Customize listings and reports „ Manage your protection strategy with best practicesUnrecognized Programs report by computer „ Set up allowed Internet applications„ View unrecognized programs „ Make the most of your online data „ Customize listings and reportsUnrecognized Programs report by program „ Specify approved programs „ Set up allowed Internet applications„ View unrecognized programs „ View user-approved applications for a computerInbound Events Blocked by Firewall report by originating computer Inbound Events Blocked by Firewall report by destination computerLists the IP address of the computer where the event originated „ View inbound events blocked by the firewallInbound Event List Duplicate Computers report„ View inbound events blocked by the firewall „ View duplicate computers „ Display details for a computerComputer Profiles report „ View computer profilesDetection History report „ View your detection history„ Manage your protection strategy with best practices DescriptionEdit Default Group Edit Group„ Creating groups to manage your site „ Setting up policies „ Creating groups to manage your site „ Setting up policiesView Default Policy Add Group„ Setting up policies „ Assign a policy to a group „ Setting up policies „ Set basic virus protection options„ Configuring policies for firewall protection „ Configuring browser protection from the SecurityCenter„ The SonicWALL Default policy Firewall ConfigurationEnable outbreak response Enable buffer overflowEnable script scanning on-access scansEdit Policy Virus Protection Settings „ Set basic virus protection options „ Assign a policy to a groupEdit Policy Spyware Protection Settings „ Set basic spyware protection options „ Assign a policy to a groupEdit Policy Desktop Firewall Settings „ Configuring policies for firewall protection „ Learn mode„ Assign a policy to a group update the policy to User configures firewall Automatically install theFirewall Protection Mode DescriptionFirewall Custom Settings „ Configure system services for a custom connectionAdd or Edit Incoming Connection „ Configure IP addresses for a custom connection„ Configure system services for a custom connection CancelEdit Policy Browser Protection Settings Edit Policy Advanced Settings„ Configuring browser protection from the SecurityCenter „ Update computers where no user is logged onSettings Check for updates every„ Enable buffer overflow protection Detect code starting to run „ Scan all file types during on-access scans Inspect all types ofAdd Policy Virus Protection Settings „ Set basic virus protection options „ Assign a policy to a groupAdd Policy Spyware Protection Settings „ Set basic spyware protection options „ Assign a policy to a groupAdd Policy Desktop Firewall Settings „ Configuring policies for firewall protection „ Learn mode„ Assign a policy to a group Firewall Configuration update the policy to User configures firewallAutomatically install the Firewall Protection ModeAdd Policy Browser Protection Settings „ Configuring browser protection from the SecurityCenter„ Assign a policy to a group Add Policy Advanced Settings „ Update computers where no user is logged on„ Notifying users when support ends „ Assign a policy to a group „ Set advanced virus protection optionsSettings Check for updates everyDescription Subscription History „ Managing your subscriptionsEdit Subscription Information „ Update subscription informationView Cancelled Services Managed ServicesManage Group Administrators Manage All Group Administrators„ Designating group administrators „ Designating group administratorsNotification Preferences „ Sign up for email notificationsEdit Profile Manage LogoUtilities „ Set up your profile „ Change your SecurityCenter password„ Install the standalone installation agent Silently install protectionInstall protection services previous installation