Manuals / SonicWALL / Kitchen Appliance / Frozen Dessert Maker

SonicWALL 4.5 manual User groups

Models: 4.5

1 212

Download 212 pages 10.59 Kb

Page 18

User groups

Enforced Client Product Guide	Introduction
	Managing with the online SecurityCenter

1

User groups

Each computer running the client software belongs to a group. A group consists of one or more computers using the same security settings (called policies). By default, computers are placed in the Default group.

Groups help you manage different types of computers effectively. You can base groups on geographic location, department, computer type, user tasks, or anything meaningful to your organization.

For example, you might place all laptops used by traveling sales representatives into a single group called Sales Team. You can then view details about this group of computers separately from other computers in your account. You can easily check detections for these computers or customize their security settings in a policy (see Customized policies on page 19) that accounts for specific circumstances and risks of a remote user.

To create groups, use the Groups + Policies groups to manage your site on page 71 for

tab on the SecurityCenter website. See Creating more information.

The following example shows how an administrator might configure policies for three different groups of client computer users in an organization. You should configure policies for your users to meet your own company’s needs.

Policy Setting

On-Demand Scan	Weekly	Daily	Daily

Enable outbreak response	Enabled	Enabled	Enabled

Scan within archives during	No	Enabled	Enabled
on-access scans

Check for updates every	12 hours	4 hours	4 hours

Spyware Protection Mode	Prompt	Protect	Prompt

Approved Programs	None	None	Nmap remote admin tool

Firewall Protection Mode	Protect	Protect	Prompt

Use Smart Recommen-	Enabled	No	Enabled
dations to automatically
approve common Internet
applications

Connection Type	Trusted network	Untrusted network	Trusted network

Allowed Internet	AOL Instant Messenger	None	AOL Instant Messenger
Applications			GoogleTalk

18

Image 18

SonicWALL 4.5 manual User groups

Contents

3ONIC7!,,C%NFORCED #LIENT !NTI6IRUS AND !NTI3PYWARE 0RODUCTDUIDE 6ERSIONS02/4%#4/. !444%/30%%$!/& 53.%33 LICENSE INFORMATION License Agreement Enforced Client Anti-Virus and Anti-Spyware 4.5COPYRIGHTTRADEMARK ATTRIBUTIONS AttributionsContents Installing Enforced ClientIntroduction Using Enforced Client Disabling on-access scanning Using the Virus and Spyware Protection ServiceUsing the Firewall Protection Service Managing your subscriptionsUsing the Browser Protection Service „ Managing with the online SecurityCenter „ Using this guide 1 Introduction„ What is Enforced Client? „ What is new in this release? „ How does the software work?„ Protect against many kinds of threats What is Enforced Client?„ Select the right version of Enforced Client „ Ensure continuous, automatic protectionSelect the right version of Enforced Client Protect against many kinds of threatsEnsure continuous, automatic protection users when support ends on page What is new in this release?New feature Chapter 2, Installing Enforced Client„ The updating process „ Outbreak response „ Rumor technology How does the software work?The updating process „ Internet Independent Updating IIURetrieving updates Figure 1-2 Methods for updating client computersOutbreak response Rumor technologyUploading security information Internet Independent Updating IIU Managing with the online SecurityCenter Figure 1-3 The online SecurityCenterSee Using the SecurityCenter on page 55 for more information User groups Customized policies Figure 1-4 Example Sales Team group and Sales policyUsing this guide Who should read this guide?„ Who should read this guide? „ Conventions Condensed ConventionsBold ExampleGetting product information Product Upgrades Valid grant number required Contact informationAvert Labs DAT Notification Service Security Updates DATs, engine HotFix and Patch ReleasesEnforced Client Product Guide IntroductionGetting product information „ Completing the installation „ What should I do after installing? Installing Enforced Client„ Before you install „ Installing Enforced Client „ After you place your order „ System requirementsAfter you place your order „ Operating systems „ RAM „ Email security service System requirementsOperating systems Protection servicesNotifying users when support ends Operating system support endingEmail security service Email server security applicationTerminal servers „ Uninstall existing virus protection software Before you installUninstall existing virus protection software „ Uninstall existing firewall software „ Configure your browserComputer Associates SonicWALL EnterpriseSonicWALL Retail FinjanInternet Explorer Uninstall existing firewall softwareConfigure your browser Non-Microsoft browsersInstall the standalone installation agent Requirements Installing Enforced ClientStandard URL installation Standard URL installationSending an installation URL to users Installing on client computersWhat is the email address used for? 3 When you are prompted to do so, click InstallAdvanced installation method Advanced installation methodsFigure 2-2 Advanced installation methods The administratorSilent installation Requirements„ Requirements „ Installation Installation What is my company key?VSSETUP parameters Push installation 1 Download the Push Install utility from the SecurityCenter Considerations for scheduling push installations„ Requirements „ Installation RequirementsInstallation To install Enforced Client using the Push Install utilityIf you use a corporate firewall or proxy server Enabling relay serversFigure 2-6 Status for target computers Using VSSETUP Completing the installationUsing the Push Install utility „ Using the Push Install utility „ Using VSSETUPTest virus protection Scan the client computerSet up the default firewall Scan the email Inbox„ Viewing your security services at-a-glance on page What should I do after installing?„ Setting up your account on page „ Setting up policies on page „ Viewing reports on pageInstalling Enforced Client What should I do after installing?Enforced Client Product Guide „ Using the SecurityCenter „ Getting started Using Enforced Client„ Using the client software „ Updating client computers „ Setting up your accountRemoving and displaying the icon Using the client softwareEnforced Client system tray icon „ Administrative menu and tasksAdministrative menu and tasks Updating client computersClient menu Update during an outbreak Update automaticallyUpdate manually „ Update automatically „ Update manually „ Update during an outbreakUsing the SecurityCenter Update computers where no user is logged onSetting up policies Viewing reports Managing your correspondence When you areSetting up your account „ Set up your profile „ Change your SecurityCenter passwordLog on to the SecurityCenter Access online features and functionsGetting started „ Log on to the SecurityCenter „ Access online features and functionsEnforced Client Product Guide Using Enforced ClientFigure 3-1 SecurityCenter tabs Getting startedFigure 3-2 Page controls for listings and reports Make the most of your online dataWhen you want to Do thisCustomize listings and reports Show Navigation Using the online helpDo this Previous and NextChange your SecurityCenter password Setting up your accountSet up your profile Sign up for email notificationsViewing your security services at-a-glance „ Install protection services „ View and resolve action items Install protection servicesView and resolve action items „ Purchase, add, and renew services „ Request a trial subscriptionManaging your computers View security coverage for your account„ Display details for a computer „ View detections for a computer „ Search for computers „ Install protection services„ Send email to computers „ Block computers from receiving updates „ View user-approved applications for a computerInstall protection services Search for computersDisplay details for a computer See Chapter 2, Installing Enforced Client for more informationDo this When you want toFigure 3-5 Computer Details page For System email address, type a new email address, then click SaveView detections for a computer View user-approved applications for a computerSend email to computers Delete computers from your reports Block computers from receiving updatesCreating groups to manage your site Move computers into a groupThe Default group „ Create or edit a group „ Delete a groupDesignating group administrators Create or edit a groupDelete a group Figure 3-7 Site and group administrators Create or edit a group administrator „ Create or edit a group administrator „ Delete a group administrator„ Restore default policy settings „ Delete a policy Setting up policiesDelete a group administrator „ Create or edit a policy „ Assign a policy to a groupAll programs types are enabled The SonicWALL Default policyDefault setting Virus protectionRestore default policy settings Create or edit a policyAssign a policy to a group Viewing reports Delete a policyDetections Use this reportTo view UnrecognizedView duplicate computers Figure 3-9 Duplicate Computers report„ Send email to users „ Update user email addresses Managing your correspondenceView computer profiles „ Update your account’s email address „ Add your logo to reportsSend email to users Update user email addressesUpdate your account’s email address Add your logo to reports„ View your service subscriptions „ Update subscription information View your service subscriptionsManaging your subscriptions „ Purchase, add, and renew services „ Request a trial subscriptionUpdate subscription information Purchase, add, and renew servicesReceive subscription notifications Getting assistanceRequest a trial subscription View printed and online documentsVSSetup Download utilitiesContact product support Run the Push Install UtilityAccessing client features Scan Tasks menu Using the Virus and Spyware ProtectionService „ Accessing client features Scan Tasks menuScanner see Disabling on-access scanning on page Select this commandDisable On-Access Scanner Figure 4-1 Scan Tasks menu„ Scan automatically on-access scans „ Scan manually on-demand scans Scan automatically on-access scansScanning client computers „ Schedule on-demand scans „ Scan email „ Scan for spywareScan manually on-demand scans View scan results„ View scan results „ How detections are handled How detections are handled Schedule on-demand scans Scan emailScan for spyware Approve CleanCleaned CloseSchedule on-demand scans Configuring policies for virus and spyware protectionSet basic virus protection options „ Schedule on-demand scansExclude files and folders from virus scans Set advanced virus protection options Select your update frequencyEnable optional protection „ Select your update frequency „ Enable optional protectionScan email before delivering to the Outlook Inbox Enable script scanningEnable outbreak response Enable buffer overflow protection rar, .tat, .tgz„ Enable spyware protection „ Select a spyware protection mode Enable spyware protectionSet basic spyware protection options „ Specify approved programsMode Select a spyware protection modeBehavior of protection service ReportSet advanced spyware protection options Specify approved programsLearn mode Threat type Password crackers2 Click the Advanced Settings tab Description„ Detections see View detections Viewing reports for virus and spyware detectionsView detections „ Unrecognized Programs see View unrecognized programs on pageBuffer Overflow Processes When you want toadvanced spyware protection options on page Details pageView unrecognized programs Figure 4-7 Unrecognized Programs reportthe Computer Details page Using the Unrecognized Programs reportWhen you want to on pageView your detection history Figure 4-8 Detection History report„ Manage your protection strategy with best practices Managing detectionsManage your protection strategy with best practices „ Manage quarantined filesthe Quarantine Viewer Manage quarantined filesRestore 2 Select Scan Tasks Quarantine ViewerClean failed Disabling on-access scanningCleaned 2 Select Disable On-Access Scanner or Enable On-Access ScannerUsing the Virus and Spyware Protection Service Disabling on-access scanningEnforced Client Product Guide „ Accessing client features Firewall Settings command Using the Firewall Protection ServiceAccessing client features Firewall Settings command „ Configuring policies for firewall protection„ Install the firewall protection service via policy Configuring policies for firewall protection„ Specify who configures firewall protection settings „ Enable firewall protection „ Select a firewall protection modeSpecify who configures firewall protection settings Figure 5-1 Desktop Firewall policy tabInstall the firewall protection service via policy Enable firewall protectionSelect a firewall protection mode Learn modeConfigure a custom connection Specify a connection type„ Configure system services for a custom connection „ Configure IP addresses for a custom connection Configure system services for a custom connectionStandard system service ports „ Standard system service ports „ Open a service portOpen a service port Add and edit service ports Close a service portSet up allowed Internet applications Configure IP addresses for a custom connectionSpecify Internet applications in a policy Specify whether to use SonicWALL recommendationsViewing reports for firewall protection View unrecognized Internet applications„ Unrecognized Programs see View unrecognized Internet applications View inbound events blocked by the firewall Managing suspicious activity with best practices Events to display the Inbound Event List„ When running the firewall protection service on a server, ensure that service ports are configured correctly to prevent disruption of system services see Configure system services for a custom connection on page 117. Ensure that no unnecessary ports are open Using the Firewall Protection Service Enforced Client Product GuideManaging suspicious activity with best practices „ Accessing site safety information Using the Browser Protection ServiceAccessing site safety information „ Configuring browser protection settings „ Submitting feedbackHow safety ratings are compiled Staying safe during searchesSettings Staying safe while browsingSettings Configuring browser protection on the clientConfiguring browser protection from the SecurityCenter Configuring browser protection settingsViewing safety reports Installing via policyEncrypt the data sent to the server using the Configuring browser protection on the client computerEnable or disable the display of safety icons next Enable or disable the color coding for theSubmitting feedback „ Setting up your account „ Viewing your email protection status Using the Email Security Service„ Activating the email security service „ Using the portal „ Configuring a policy for email securityActivating the email security service Using the portal2 Click Install Protection 3 Select Install email security service Setting up your account Update your MX recordsCustomize your account settings „ Update your MX records „ Customize your account settingsDefault settings Recommended first steps1 Add your other domains Optional customization Configure general administration settings Figure 7-2 Administration pageUse this feature Viewing your email protection statusAccess basic administration features on the Administration page General SettingsTo view the status of your service Configuring a policy for email security Viewing reports for the email security serviceCheck the Quarantine Summary Managing quarantined emailView and manage quarantined user messages „ View and manage quarantined user messagesGetting more information View quarantined mail deliveriesUsing the Email Security Service Enforced Client Product GuideGetting more information „ Uninstalling protection services „ Frequently asked questions FAQ 8 TroubleshootingUninstalling protection services „ Error messages „ Contacting product support„ Installing „ Adding, renewing, and moving licenses Frequently asked questions FAQInstalling „ Configuring and managing policies „ Scanning „ Reporting „ UpdatingConfiguring and managing policies Adding, renewing, and moving licensesScanning ReportingUpdating Firewall protection Browser protection EmailGeneral „ Invalid Entitlement Error Error messages„ Installation Declined „ Installation Denied „ Cannot find remote shared directory „ File does not exist„ Unable to create Cab Installer Object „ MyASUtil.SecureObjectFactory error message „ MyINX Error„ Unable to connect to the Enforced Client update server Cannot find remote shared directoryInternet Explorer is blocking ActiveX controls The user doesn’t have administrator rightsThe security level of the browser is too high A registry file is missingInstallation Denied Common causes and solutions If you do not see a Status column, set your view options to Details 1 From the Windows Control Panel, open Add/Remove Programs1 Select Start Run You might need to adjust your corporate firewall or proxy settings See If you use a corporate firewall or proxy server on pageContacting product support protection service GlossaryCompare to group administrator and user See reportsSee policy Compare to URL installationCompare to SecurityCenter website Compare to trusted connection and untrusted connectionCompare to administrator and user protection serviceprotection service See also push installation, silent installation, and URL installationCompare to protect mode and report mode Compare to silent installation and URL installationSee also detection definition files Compare to prompt mode and report modeCustomer Home site See on-access scanning and on-demand scanningCompare to push installation and URL installation Compare to client softwareservice Compare to push installation and silent installationCompare to administrator and group administrator Compare to trusted connection„ Log on to the SecurityCenter „ Change your SecurityCenter password Login pageSecurityCenter tab „ Viewing your security services at-a-glance„ Send email to computers „ Block computers from receiving updates Computers tab„ Managing your computers „ Install protection services „ Specify approved programs „ Set up allowed Internet applicationsAdd Computer DescriptionFind computers Groups„ Viewing reports „ View detections „ View unrecognized programs Reports tab„ Viewing reports for the email security service „ View unrecognized Internet applications„ Configuring policies for virus and spyware protection Groups + Policies tab„ Creating groups to manage your site „ Setting up policies „ Configuring policies for firewall protection„ Managing your subscriptions „ Designating group administrators My Account tab„ Setting up your account „ Change your SecurityCenter password Service Summary sectionNotification Preferences section My Logo sectionEmail Page Install ProtectionHelp tab „ View printed and online documents „ Download utilities„ Installing Enforced Client „ Standard URL installation Install Protection New ComputersInstall Protection New Computers Email Text „ Using the portal„ Standard URL installation Install Protection Existing ComputersInstall Protection Existing Computers Email Text „ Standard URL installation „ Advanced installation methods„ Using the portal „ Update your MX records Install Email Security ServiceAdvanced Installation Methods „ Viewing reports for the email security service„ Managing your subscriptions „ Purchase, add, and renew services Product PurchaseProduct Coverage „ Request a trial subscription„ Managing your computers „ Make the most of your online data Computer Details„ Set up allowed Internet applications „ Customize listings and reports „ Specify approved programsDetection List User-Approved Application List„ View detections for a computer „ View user-approved applications for a computer Search Results„ Specify approved programs „ Set up allowed Internet applications „ Managing your computers „ Search for computers„ Customize listings and reports Detections report by computer„ View detections „ Make the most of your online data „ Manage your protection strategy with best practices„ Customize listings and reports Detections report by detection„ View detections „ Make the most of your online data „ Manage your protection strategy with best practices„ View unrecognized programs „ Make the most of your online data Unrecognized Programs report by computer„ Set up allowed Internet applications „ Customize listings and reports„ View unrecognized programs Unrecognized Programs report by program„ Specify approved programs „ Set up allowed Internet applications „ View user-approved applications for a computerLists the IP address of the computer where the event originated Inbound Events Blocked by Firewall report by originating computerInbound Events Blocked by Firewall report by destination computer „ View inbound events blocked by the firewall„ View inbound events blocked by the firewall Inbound Event ListDuplicate Computers report „ View duplicate computers „ Display details for a computerComputer Profiles report „ View computer profiles„ Manage your protection strategy with best practices Detection History report„ View your detection history Description„ Creating groups to manage your site „ Setting up policies Edit Default GroupEdit Group „ Creating groups to manage your site „ Setting up policies„ Setting up policies „ Assign a policy to a group View Default PolicyAdd Group „ Setting up policies „ Set basic virus protection options„ The SonicWALL Default policy „ Configuring policies for firewall protection„ Configuring browser protection from the SecurityCenter Firewall ConfigurationEnable script scanning Enable outbreak responseEnable buffer overflow on-access scansEdit Policy Virus Protection Settings „ Set basic virus protection options „ Assign a policy to a groupEdit Policy Spyware Protection Settings „ Set basic spyware protection options „ Assign a policy to a groupEdit Policy Desktop Firewall Settings „ Configuring policies for firewall protection „ Learn mode„ Assign a policy to a group Description update the policy to User configures firewallAutomatically install the Policy nameFirewall Custom Settings „ Configure system services for a custom connection„ Configure system services for a custom connection Add or Edit Incoming Connection„ Configure IP addresses for a custom connection Cancel„ Configuring browser protection from the SecurityCenter Edit Policy Browser Protection SettingsEdit Policy Advanced Settings „ Update computers where no user is logged on„ Enable buffer overflow protection Detect code starting to run SettingsCheck for updates every „ Scan all file types during on-access scans Inspect all types ofAdd Policy Virus Protection Settings „ Set basic virus protection options „ Assign a policy to a groupAdd Policy Spyware Protection Settings „ Set basic spyware protection options „ Assign a policy to a groupAdd Policy Desktop Firewall Settings „ Configuring policies for firewall protection „ Learn mode„ Assign a policy to a group Automatically install the Firewall Configurationupdate the policy to User configures firewall DescriptionAdd Policy Browser Protection Settings „ Configuring browser protection from the SecurityCenter„ Assign a policy to a group „ Notifying users when support ends „ Assign a policy to a group Add Policy Advanced Settings„ Update computers where no user is logged on „ Set advanced virus protection optionsSettings Check for updates everyDescription Subscription History „ Managing your subscriptionsView Cancelled Services Edit Subscription Information„ Update subscription information Managed Services„ Designating group administrators Manage Group AdministratorsManage All Group Administrators „ Designating group administratorsNotification Preferences „ Sign up for email notificationsUtilities Edit ProfileManage Logo „ Set up your profile „ Change your SecurityCenter passwordInstall protection services „ Install the standalone installation agentSilently install protection previous installation