3ONIC7!,,C%NFORCED #LIENT !NTI6IRUS AND !NTI3PYWARE 0RODUCTDUIDE
6ERSIONS
02/4%#4/. !444%/30%%$!/& 53.%33
Enforced Client Anti-Virus and Anti-Spyware 4.5COPYRIGHT
TRADEMARK ATTRIBUTIONS
LICENSE INFORMATION License Agreement
Attributions
Contents
Installing Enforced Client
Introduction
Using Enforced Client
Using the Virus and Spyware Protection Service
Using the Firewall Protection Service
Disabling on-access scanning
Managing your subscriptions
Using the Browser Protection Service
1 Introduction
What is Enforced Client? What is new in this release?
Managing with the online SecurityCenter Using this guide
How does the software work?
What is Enforced Client?
Select the right version of Enforced Client
Protect against many kinds of threats
Ensure continuous, automatic protection
Select the right version of Enforced Client
Protect against many kinds of threats
Ensure continuous, automatic protection
What is new in this release?
New feature
users when support ends on page
Chapter 2, Installing Enforced Client
How does the software work?
The updating process
The updating process Outbreak response Rumor technology
Internet Independent Updating IIU
Retrieving updates
Figure 1-2 Methods for updating client computers
Outbreak response
Rumor technology
Uploading security information
Internet Independent Updating IIU
Managing with the online SecurityCenter
Figure 1-3 The online SecurityCenter
See Using the SecurityCenter on page 55 for more information
User groups
Customized policies
Figure 1-4 Example Sales Team group and Sales policy
Using this guide
Who should read this guide?
Who should read this guide? Conventions
Conventions
Bold
Condensed
Example
Getting product information
Contact information
Avert Labs DAT Notification Service
Product Upgrades Valid grant number required
Security Updates DATs, engine HotFix and Patch Releases
Enforced Client Product Guide
Introduction
Getting product information
Installing Enforced Client
Before you install Installing Enforced Client
Completing the installation What should I do after installing?
After you place your order System requirements
After you place your order
System requirements
Operating systems
Operating systems RAM Email security service
Protection services
Notifying users when support ends
Operating system support ending
Email security service
Email server security application
Terminal servers
Before you install
Uninstall existing virus protection software
Uninstall existing virus protection software
Uninstall existing firewall software Configure your browser
SonicWALL Enterprise
SonicWALL Retail
Computer Associates
Finjan
Uninstall existing firewall software
Configure your browser
Internet Explorer
Non-Microsoft browsers
Install the standalone installation agent
Installing Enforced Client
Standard URL installation
Requirements
Standard URL installation
Sending an installation URL to users
Installing on client computers
What is the email address used for?
3 When you are prompted to do so, click Install
Advanced installation methods
Figure 2-2 Advanced installation methods
Advanced installation method
The administrator
Silent installation
Requirements
Requirements Installation
Installation
What is my company key?
VSSETUP parameters
Push installation
Considerations for scheduling push installations
Requirements Installation
1 Download the Push Install utility from the SecurityCenter
Requirements
Installation
To install Enforced Client using the Push Install utility
If you use a corporate firewall or proxy server
Enabling relay servers
Figure 2-6 Status for target computers
Completing the installation
Using the Push Install utility
Using VSSETUP
Using the Push Install utility Using VSSETUP
Test virus protection
Scan the client computer
Set up the default firewall
Scan the email Inbox
What should I do after installing?
Setting up your account on page
Viewing your security services at-a-glance on page
Setting up policies on page Viewing reports on page
Installing Enforced Client
What should I do after installing?
Enforced Client Product Guide
Using Enforced Client
Using the client software Updating client computers
Using the SecurityCenter Getting started
Setting up your account
Using the client software
Enforced Client system tray icon
Removing and displaying the icon
Administrative menu and tasks
Administrative menu and tasks
Updating client computers
Client menu
Update automatically
Update manually
Update during an outbreak
Update automatically Update manually Update during an outbreak
Using the SecurityCenter
Update computers where no user is logged on
When you are
Setting up your account
Setting up policies Viewing reports Managing your correspondence
Set up your profile Change your SecurityCenter password
Access online features and functions
Getting started
Log on to the SecurityCenter
Log on to the SecurityCenter Access online features and functions
Using Enforced Client
Figure 3-1 SecurityCenter tabs
Enforced Client Product Guide
Getting started
Make the most of your online data
When you want to
Figure 3-2 Page controls for listings and reports
Do this
Customize listings and reports
Using the online help
Do this
Show Navigation
Previous and Next
Setting up your account
Set up your profile
Change your SecurityCenter password
Sign up for email notifications
Viewing your security services at-a-glance
Install protection services
View and resolve action items
Install protection services View and resolve action items
Purchase, add, and renew services Request a trial subscription
Managing your computers
View security coverage for your account
Search for computers Install protection services
Send email to computers Block computers from receiving updates
Display details for a computer View detections for a computer
View user-approved applications for a computer
Search for computers
Display details for a computer
Install protection services
See Chapter 2, Installing Enforced Client for more information
When you want to
Figure 3-5 Computer Details page
Do this
For System email address, type a new email address, then click Save
View detections for a computer
View user-approved applications for a computer
Send email to computers
Block computers from receiving updates
Creating groups to manage your site
Delete computers from your reports
Move computers into a group
The Default group
Create or edit a group Delete a group
Designating group administrators
Create or edit a group
Delete a group
Figure 3-7 Site and group administrators
Create or edit a group administrator
Create or edit a group administrator Delete a group administrator
Setting up policies
Delete a group administrator
Restore default policy settings Delete a policy
Create or edit a policy Assign a policy to a group
The SonicWALL Default policy
Default setting
All programs types are enabled
Virus protection
Restore default policy settings
Create or edit a policy
Assign a policy to a group
Viewing reports
Delete a policy
Use this report
To view
Detections
Unrecognized
View duplicate computers
Figure 3-9 Duplicate Computers report
Managing your correspondence
View computer profiles
Send email to users Update user email addresses
Update your account’s email address Add your logo to reports
Update user email addresses
Update your account’s email address
Send email to users
Add your logo to reports
View your service subscriptions
Managing your subscriptions
View your service subscriptions Update subscription information
Purchase, add, and renew services Request a trial subscription
Update subscription information
Purchase, add, and renew services
Getting assistance
Request a trial subscription
Receive subscription notifications
View printed and online documents
Download utilities
Contact product support
VSSetup
Run the Push Install Utility
Using the Virus and Spyware Protection
Service
Accessing client features Scan Tasks menu
Accessing client features Scan Tasks menu
Select this command
Disable On-Access Scanner
Scanner see Disabling on-access scanning on page
Figure 4-1 Scan Tasks menu
Scan automatically on-access scans
Scanning client computers
Scan automatically on-access scans Scan manually on-demand scans
Schedule on-demand scans Scan email Scan for spyware
Scan manually on-demand scans
View scan results
View scan results How detections are handled
How detections are handled
Schedule on-demand scans
Scan email
Scan for spyware
Clean
Cleaned
Approve
Close
Configuring policies for virus and spyware protection
Set basic virus protection options
Schedule on-demand scans
Schedule on-demand scans
Exclude files and folders from virus scans
Select your update frequency
Enable optional protection
Set advanced virus protection options
Select your update frequency Enable optional protection
Enable script scanning
Enable outbreak response Enable buffer overflow protection
Scan email before delivering to the Outlook Inbox
rar, .tat, .tgz
Enable spyware protection
Set basic spyware protection options
Enable spyware protection Select a spyware protection mode
Specify approved programs
Select a spyware protection mode
Behavior of protection service
Mode
Report
Learn mode
Set advanced spyware protection options
Specify approved programs
Password crackers
2 Click the Advanced Settings tab
Threat type
Description
Viewing reports for virus and spyware detections
View detections
Detections see View detections
Unrecognized Programs see View unrecognized programs on page
When you want to
advanced spyware protection options on page
Buffer Overflow Processes
Details page
View unrecognized programs
Figure 4-7 Unrecognized Programs report
Using the Unrecognized Programs report
When you want to
the Computer Details page
on page
View your detection history
Figure 4-8 Detection History report
Managing detections
Manage your protection strategy with best practices
Manage your protection strategy with best practices
Manage quarantined files
Manage quarantined files
Restore
the Quarantine Viewer
2 Select Scan Tasks Quarantine Viewer
Disabling on-access scanning
Cleaned
Clean failed
2 Select Disable On-Access Scanner or Enable On-Access Scanner
Using the Virus and Spyware Protection Service
Disabling on-access scanning
Enforced Client Product Guide
Using the Firewall Protection Service
Accessing client features Firewall Settings command
Accessing client features Firewall Settings command
Configuring policies for firewall protection
Configuring policies for firewall protection
Specify who configures firewall protection settings
Install the firewall protection service via policy
Enable firewall protection Select a firewall protection mode
Specify who configures firewall protection settings
Figure 5-1 Desktop Firewall policy tab
Install the firewall protection service via policy
Enable firewall protection
Select a firewall protection mode
Learn mode
Configure a custom connection
Specify a connection type
Configure system services for a custom connection
Configure system services for a custom connection
Standard system service ports
Configure IP addresses for a custom connection
Standard system service ports Open a service port
Open a service port
Add and edit service ports
Close a service port
Set up allowed Internet applications
Configure IP addresses for a custom connection
Specify Internet applications in a policy
Specify whether to use SonicWALL recommendations
Viewing reports for firewall protection
View unrecognized Internet applications
Unrecognized Programs see View unrecognized Internet applications
View inbound events blocked by the firewall
Managing suspicious activity with best practices
Events to display the Inbound Event List
When running the firewall protection service on a server, ensure that service ports are configured correctly to prevent disruption of system services see Configure system services for a custom connection on page 117. Ensure that no unnecessary ports are open
Using the Firewall Protection Service
Enforced Client Product Guide
Managing suspicious activity with best practices
Using the Browser Protection Service
Accessing site safety information
Accessing site safety information
Configuring browser protection settings Submitting feedback
How safety ratings are compiled
Staying safe during searches
Staying safe while browsing
Settings
Settings
Configuring browser protection on the client
Configuring browser protection settings
Viewing safety reports
Configuring browser protection from the SecurityCenter
Installing via policy
Configuring browser protection on the client computer
Enable or disable the display of safety icons next
Encrypt the data sent to the server using the
Enable or disable the color coding for the
Submitting feedback
Using the Email Security Service
Activating the email security service Using the portal
Setting up your account Viewing your email protection status
Configuring a policy for email security
Activating the email security service
Using the portal
2 Click Install Protection 3 Select Install email security service
Update your MX records
Customize your account settings
Setting up your account
Update your MX records Customize your account settings
Default settings
Recommended first steps
1 Add your other domains
Optional customization
Configure general administration settings
Figure 7-2 Administration page
Viewing your email protection status
Access basic administration features on the Administration page
Use this feature
General Settings
To view the status of your service
Configuring a policy for email security
Viewing reports for the email security service
Managing quarantined email
View and manage quarantined user messages
Check the Quarantine Summary
View and manage quarantined user messages
Getting more information
View quarantined mail deliveries
Using the Email Security Service
Enforced Client Product Guide
Getting more information
8 Troubleshooting
Uninstalling protection services
Uninstalling protection services Frequently asked questions FAQ
Error messages Contacting product support
Frequently asked questions FAQ
Installing
Installing Adding, renewing, and moving licenses
Configuring and managing policies Scanning Reporting Updating
Configuring and managing policies
Adding, renewing, and moving licenses
Scanning
Reporting
Updating
Firewall protection
Browser protection
Email
General
Error messages
Installation Declined Installation Denied
Invalid Entitlement Error
Cannot find remote shared directory File does not exist
MyASUtil.SecureObjectFactory error message MyINX Error
Unable to connect to the Enforced Client update server
Unable to create Cab Installer Object
Cannot find remote shared directory
The user doesn’t have administrator rights
The security level of the browser is too high
Internet Explorer is blocking ActiveX controls
A registry file is missing
Installation Denied Common causes and solutions
If you do not see a Status column, set your view options to Details
1 From the Windows Control Panel, open Add/Remove Programs
1 Select Start Run
You might need to adjust your corporate firewall or proxy settings
See If you use a corporate firewall or proxy server on page
Contacting product support
Glossary
Compare to group administrator and user
protection service
See reports
Compare to URL installation
Compare to SecurityCenter website
See policy
Compare to trusted connection and untrusted connection
protection service
protection service
Compare to administrator and user
See also push installation, silent installation, and URL installation
Compare to protect mode and report mode
Compare to prompt mode and report mode
Compare to silent installation and URL installation
Compare to prompt mode and protect mode
See on-access scanning and on-demand scanning
Compare to push installation and URL installation
Customer Home site
Compare to client software
Compare to push installation and silent installation
Compare to administrator and group administrator
service
Compare to trusted connection
Login page
SecurityCenter tab
Log on to the SecurityCenter Change your SecurityCenter password
Viewing your security services at-a-glance
Computers tab
Managing your computers Install protection services
Send email to computers Block computers from receiving updates
Specify approved programs Set up allowed Internet applications
Description
Find computers
Add Computer
Groups
Reports tab
Viewing reports for the email security service
Viewing reports View detections View unrecognized programs
View unrecognized Internet applications
Groups + Policies tab
Creating groups to manage your site Setting up policies
Configuring policies for virus and spyware protection
Configuring policies for firewall protection
My Account tab
Setting up your account Change your SecurityCenter password
Managing your subscriptions Designating group administrators
Service Summary section
Notification Preferences section
My Logo section
Install Protection
Help tab
Email Page
View printed and online documents Download utilities
Install Protection New Computers
Install Protection New Computers Email Text
Installing Enforced Client Standard URL installation
Using the portal
Install Protection Existing Computers
Install Protection Existing Computers Email Text
Standard URL installation
Standard URL installation Advanced installation methods
Install Email Security Service
Advanced Installation Methods
Using the portal Update your MX records
Viewing reports for the email security service
Product Purchase
Product Coverage
Managing your subscriptions Purchase, add, and renew services
Request a trial subscription
Computer Details
Set up allowed Internet applications
Managing your computers Make the most of your online data
Customize listings and reports Specify approved programs
Detection List
User-Approved Application List
View detections for a computer
Search Results
Specify approved programs Set up allowed Internet applications
View user-approved applications for a computer
Managing your computers Search for computers
Detections report by computer
View detections Make the most of your online data
Customize listings and reports
Manage your protection strategy with best practices
Detections report by detection
View detections Make the most of your online data
Customize listings and reports
Manage your protection strategy with best practices
Unrecognized Programs report by computer
Set up allowed Internet applications
View unrecognized programs Make the most of your online data
Customize listings and reports
Unrecognized Programs report by program
Specify approved programs Set up allowed Internet applications
View unrecognized programs
View user-approved applications for a computer
Inbound Events Blocked by Firewall report by originating computer
Inbound Events Blocked by Firewall report by destination computer
Lists the IP address of the computer where the event originated
View inbound events blocked by the firewall
Inbound Event List
Duplicate Computers report
View inbound events blocked by the firewall
View duplicate computers Display details for a computer
Computer Profiles report
View computer profiles
Detection History report
View your detection history
Manage your protection strategy with best practices
Description
Edit Default Group
Edit Group
Creating groups to manage your site Setting up policies
Creating groups to manage your site Setting up policies
View Default Policy
Add Group
Setting up policies Assign a policy to a group
Setting up policies Set basic virus protection options
Configuring policies for firewall protection
Configuring browser protection from the SecurityCenter
The SonicWALL Default policy
Firewall Configuration
Enable outbreak response
Enable buffer overflow
Enable script scanning
on-access scans
Edit Policy Virus Protection Settings
Set basic virus protection options Assign a policy to a group
Edit Policy Spyware Protection Settings
Set basic spyware protection options Assign a policy to a group
Edit Policy Desktop Firewall Settings
Configuring policies for firewall protection Learn mode
Assign a policy to a group
update the policy to User configures firewall
Automatically install the
Firewall Protection Mode
Description
Firewall Custom Settings
Configure system services for a custom connection
Add or Edit Incoming Connection
Configure IP addresses for a custom connection
Configure system services for a custom connection
Cancel
Edit Policy Browser Protection Settings
Edit Policy Advanced Settings
Configuring browser protection from the SecurityCenter
Update computers where no user is logged on
Settings
Check for updates every
Enable buffer overflow protection Detect code starting to run
Scan all file types during on-access scans Inspect all types of
Add Policy Virus Protection Settings
Set basic virus protection options Assign a policy to a group
Add Policy Spyware Protection Settings
Set basic spyware protection options Assign a policy to a group
Add Policy Desktop Firewall Settings
Configuring policies for firewall protection Learn mode
Assign a policy to a group
Firewall Configuration
update the policy to User configures firewall
Automatically install the
Firewall Protection Mode
Add Policy Browser Protection Settings
Configuring browser protection from the SecurityCenter
Assign a policy to a group
Add Policy Advanced Settings
Update computers where no user is logged on
Notifying users when support ends Assign a policy to a group
Set advanced virus protection options
Settings
Check for updates every
Description
Subscription History
Managing your subscriptions
Edit Subscription Information
Update subscription information
View Cancelled Services
Managed Services
Manage Group Administrators
Manage All Group Administrators
Designating group administrators
Designating group administrators
Notification Preferences
Sign up for email notifications
Edit Profile
Manage Logo
Utilities
Set up your profile Change your SecurityCenter password
Install the standalone installation agent
Silently install protection
Install protection services
previous installation