Manuals / SonicWALL / Kitchen Appliance / Frozen Dessert Maker

SonicWALL 4.5 manual Unrecognized Programs report by computer, „ Customize listings and reports

Models: 4.5

1 212

Download 212 pages 10.59 Kb

Page 182

Unrecognized Programs report (by computer)

Enforced Client Product Guide

User Interface Definitions

A

Item	Description

Detected Objects	Shows the number of occurrences for this detection.

Select a quantity to display the Detection List, showing which items contained the detected threats.

	Last Detection Date		Shows the most recent date that a detection occurred.
	Last Detection Date		Shows the most recent date that a detection occurred.

Unrecognized Programs report (by computer)

Use this report to view and manage detected programs that were not recognized by the virus and spyware protection service or firewall protection service, and the computers where these programs were detected.

You can display all computers or a subset, then select individual computers for managing or viewing details. To select a computer, select the checkbox next to its name.

To approve any of these applications for use on client computers, you need to add them to a policy. After you approve detected programs and Internet applications, they are no longer detected as threats on the computers using the policy.

View unrecognized programs

Make the most of your online data

Customize listings and reports

View user-approved applications for a computer

Specify approved programs

View user-approved applications for a computer

Set up allowed Internet applications

Manage your protection strategy with best practices

Managing suspicious activity with best practices

	Item		Description

	Groups		Select the group of computers to display.
	Groups		Select the group of computers to display.
			If you have not created any groups, this option does not appear.

	Report period		Select the time period to display.

	Program type		Select the status of detections to display:
			All: All detected programs.
			Firewall-Blocked Programs: Internet applications blocked by
			the firewall protection service.
			Potentially Unwanted Programs: Programs detected by the
			virus and spyware protection service as possible spyware.

	Group by		Select Computer to list the computers where detections
			occurred.
			Select Detection to list the detections.

184

Image 182

SonicWALL 4.5 Unrecognized Programs report by computer, „ View unrecognized programs „ Make the most of your online data

Contents

02/4%#4/. !444%/30%%$!/& 53.%33 3ONIC7!,,C%NFORCED #LIENT !NTI6IRUS AND !NTI3PYWARE 0RODUCTDUIDE6ERSIONS LICENSE INFORMATION License Agreement Enforced Client Anti-Virus and Anti-Spyware 4.5COPYRIGHTTRADEMARK ATTRIBUTIONS AttributionsIntroduction ContentsInstalling Enforced Client Using Enforced Client Disabling on-access scanning Using the Virus and Spyware Protection ServiceUsing the Firewall Protection Service Managing your subscriptionsUsing the Browser Protection Service „ Managing with the online SecurityCenter „ Using this guide 1 Introduction„ What is Enforced Client? „ What is new in this release? „ How does the software work?„ Protect against many kinds of threats What is Enforced Client?„ Select the right version of Enforced Client „ Ensure continuous, automatic protectionSelect the right version of Enforced Client Protect against many kinds of threatsEnsure continuous, automatic protection users when support ends on page What is new in this release?New feature Chapter 2, Installing Enforced Client„ The updating process „ Outbreak response „ Rumor technology How does the software work?The updating process „ Internet Independent Updating IIURetrieving updates Figure 1-2 Methods for updating client computersUploading security information Outbreak responseRumor technology Internet Independent Updating IIU Managing with the online SecurityCenter Figure 1-3 The online SecurityCenterSee Using the SecurityCenter on page 55 for more information User groups Customized policies Figure 1-4 Example Sales Team group and Sales policy„ Who should read this guide? „ Conventions Using this guideWho should read this guide? Condensed ConventionsBold ExampleGetting product information Product Upgrades Valid grant number required Contact informationAvert Labs DAT Notification Service Security Updates DATs, engine HotFix and Patch ReleasesGetting product information Enforced Client Product GuideIntroduction „ Completing the installation „ What should I do after installing? Installing Enforced Client„ Before you install „ Installing Enforced Client „ After you place your order „ System requirementsAfter you place your order „ Operating systems „ RAM „ Email security service System requirementsOperating systems Protection servicesNotifying users when support ends Operating system support endingEmail security service Email server security applicationTerminal servers „ Uninstall existing virus protection software Before you installUninstall existing virus protection software „ Uninstall existing firewall software „ Configure your browserComputer Associates SonicWALL EnterpriseSonicWALL Retail FinjanInternet Explorer Uninstall existing firewall softwareConfigure your browser Non-Microsoft browsersInstall the standalone installation agent Requirements Installing Enforced ClientStandard URL installation Standard URL installationSending an installation URL to users Installing on client computersWhat is the email address used for? 3 When you are prompted to do so, click InstallAdvanced installation method Advanced installation methodsFigure 2-2 Advanced installation methods The administrator„ Requirements „ Installation Silent installationRequirements Installation What is my company key?VSSETUP parameters Push installation 1 Download the Push Install utility from the SecurityCenter Considerations for scheduling push installations„ Requirements „ Installation RequirementsInstallation To install Enforced Client using the Push Install utilityFigure 2-6 Status for target computers If you use a corporate firewall or proxy serverEnabling relay servers Using VSSETUP Completing the installationUsing the Push Install utility „ Using the Push Install utility „ Using VSSETUPTest virus protection Scan the client computerSet up the default firewall Scan the email Inbox„ Viewing your security services at-a-glance on page What should I do after installing?„ Setting up your account on page „ Setting up policies on page „ Viewing reports on pageEnforced Client Product Guide Installing Enforced ClientWhat should I do after installing? „ Using the SecurityCenter „ Getting started Using Enforced Client„ Using the client software „ Updating client computers „ Setting up your accountRemoving and displaying the icon Using the client softwareEnforced Client system tray icon „ Administrative menu and tasksClient menu Administrative menu and tasksUpdating client computers Update during an outbreak Update automaticallyUpdate manually „ Update automatically „ Update manually „ Update during an outbreakUsing the SecurityCenter Update computers where no user is logged onSetting up policies Viewing reports Managing your correspondence When you areSetting up your account „ Set up your profile „ Change your SecurityCenter passwordLog on to the SecurityCenter Access online features and functionsGetting started „ Log on to the SecurityCenter „ Access online features and functionsEnforced Client Product Guide Using Enforced ClientFigure 3-1 SecurityCenter tabs Getting startedFigure 3-2 Page controls for listings and reports Make the most of your online dataWhen you want to Do thisCustomize listings and reports Show Navigation Using the online helpDo this Previous and NextChange your SecurityCenter password Setting up your accountSet up your profile Sign up for email notificationsViewing your security services at-a-glance „ Install protection services „ View and resolve action items Install protection servicesView and resolve action items „ Purchase, add, and renew services „ Request a trial subscriptionManaging your computers View security coverage for your account„ Display details for a computer „ View detections for a computer „ Search for computers „ Install protection services„ Send email to computers „ Block computers from receiving updates „ View user-approved applications for a computerInstall protection services Search for computersDisplay details for a computer See Chapter 2, Installing Enforced Client for more informationDo this When you want toFigure 3-5 Computer Details page For System email address, type a new email address, then click SaveSend email to computers View detections for a computerView user-approved applications for a computer Delete computers from your reports Block computers from receiving updatesCreating groups to manage your site Move computers into a groupThe Default group „ Create or edit a group „ Delete a groupDelete a group Designating group administratorsCreate or edit a group Figure 3-7 Site and group administrators Create or edit a group administrator „ Create or edit a group administrator „ Delete a group administrator„ Restore default policy settings „ Delete a policy Setting up policiesDelete a group administrator „ Create or edit a policy „ Assign a policy to a groupAll programs types are enabled The SonicWALL Default policyDefault setting Virus protectionAssign a policy to a group Restore default policy settingsCreate or edit a policy Viewing reports Delete a policyDetections Use this reportTo view UnrecognizedView duplicate computers Figure 3-9 Duplicate Computers report„ Send email to users „ Update user email addresses Managing your correspondenceView computer profiles „ Update your account’s email address „ Add your logo to reportsSend email to users Update user email addressesUpdate your account’s email address Add your logo to reports„ View your service subscriptions „ Update subscription information View your service subscriptionsManaging your subscriptions „ Purchase, add, and renew services „ Request a trial subscriptionUpdate subscription information Purchase, add, and renew servicesReceive subscription notifications Getting assistanceRequest a trial subscription View printed and online documentsVSSetup Download utilitiesContact product support Run the Push Install UtilityAccessing client features Scan Tasks menu Using the Virus and Spyware ProtectionService „ Accessing client features Scan Tasks menuScanner see Disabling on-access scanning on page Select this commandDisable On-Access Scanner Figure 4-1 Scan Tasks menu„ Scan automatically on-access scans „ Scan manually on-demand scans Scan automatically on-access scansScanning client computers „ Schedule on-demand scans „ Scan email „ Scan for spyware„ View scan results „ How detections are handled Scan manually on-demand scansView scan results How detections are handled Scan for spyware Schedule on-demand scansScan email Approve CleanCleaned CloseSchedule on-demand scans Configuring policies for virus and spyware protectionSet basic virus protection options „ Schedule on-demand scansExclude files and folders from virus scans Set advanced virus protection options Select your update frequencyEnable optional protection „ Select your update frequency „ Enable optional protectionScan email before delivering to the Outlook Inbox Enable script scanningEnable outbreak response Enable buffer overflow protection rar, .tat, .tgz„ Enable spyware protection „ Select a spyware protection mode Enable spyware protectionSet basic spyware protection options „ Specify approved programsMode Select a spyware protection modeBehavior of protection service ReportSpecify approved programs Learn modeSet advanced spyware protection options Threat type Password crackers2 Click the Advanced Settings tab Description„ Detections see View detections Viewing reports for virus and spyware detectionsView detections „ Unrecognized Programs see View unrecognized programs on pageBuffer Overflow Processes When you want toadvanced spyware protection options on page Details pageView unrecognized programs Figure 4-7 Unrecognized Programs reportthe Computer Details page Using the Unrecognized Programs reportWhen you want to on pageView your detection history Figure 4-8 Detection History report„ Manage your protection strategy with best practices Managing detectionsManage your protection strategy with best practices „ Manage quarantined filesthe Quarantine Viewer Manage quarantined filesRestore 2 Select Scan Tasks Quarantine ViewerClean failed Disabling on-access scanningCleaned 2 Select Disable On-Access Scanner or Enable On-Access ScannerEnforced Client Product Guide Using the Virus and Spyware Protection ServiceDisabling on-access scanning „ Accessing client features Firewall Settings command Using the Firewall Protection ServiceAccessing client features Firewall Settings command „ Configuring policies for firewall protection„ Install the firewall protection service via policy Configuring policies for firewall protection„ Specify who configures firewall protection settings „ Enable firewall protection „ Select a firewall protection modeSpecify who configures firewall protection settings Figure 5-1 Desktop Firewall policy tabInstall the firewall protection service via policy Enable firewall protectionSelect a firewall protection mode Learn mode„ Configure system services for a custom connection Configure a custom connectionSpecify a connection type „ Configure IP addresses for a custom connection Configure system services for a custom connectionStandard system service ports „ Standard system service ports „ Open a service portOpen a service port Add and edit service ports Close a service portSet up allowed Internet applications Configure IP addresses for a custom connectionSpecify Internet applications in a policy Specify whether to use SonicWALL recommendations„ Unrecognized Programs see View unrecognized Internet applications Viewing reports for firewall protectionView unrecognized Internet applications View inbound events blocked by the firewall Managing suspicious activity with best practices Events to display the Inbound Event List„ When running the firewall protection service on a server, ensure that service ports are configured correctly to prevent disruption of system services see Configure system services for a custom connection on page 117. Ensure that no unnecessary ports are open Managing suspicious activity with best practices Using the Firewall Protection ServiceEnforced Client Product Guide „ Accessing site safety information Using the Browser Protection ServiceAccessing site safety information „ Configuring browser protection settings „ Submitting feedbackHow safety ratings are compiled Staying safe during searchesSettings Staying safe while browsingSettings Configuring browser protection on the clientConfiguring browser protection from the SecurityCenter Configuring browser protection settingsViewing safety reports Installing via policyEncrypt the data sent to the server using the Configuring browser protection on the client computerEnable or disable the display of safety icons next Enable or disable the color coding for theSubmitting feedback „ Setting up your account „ Viewing your email protection status Using the Email Security Service„ Activating the email security service „ Using the portal „ Configuring a policy for email security2 Click Install Protection 3 Select Install email security service Activating the email security serviceUsing the portal Setting up your account Update your MX recordsCustomize your account settings „ Update your MX records „ Customize your account settings1 Add your other domains Default settingsRecommended first steps Optional customization Configure general administration settings Figure 7-2 Administration pageUse this feature Viewing your email protection statusAccess basic administration features on the Administration page General SettingsTo view the status of your service Configuring a policy for email security Viewing reports for the email security serviceCheck the Quarantine Summary Managing quarantined emailView and manage quarantined user messages „ View and manage quarantined user messagesGetting more information View quarantined mail deliveriesGetting more information Using the Email Security ServiceEnforced Client Product Guide „ Uninstalling protection services „ Frequently asked questions FAQ 8 TroubleshootingUninstalling protection services „ Error messages „ Contacting product support„ Installing „ Adding, renewing, and moving licenses Frequently asked questions FAQInstalling „ Configuring and managing policies „ Scanning „ Reporting „ UpdatingConfiguring and managing policies Adding, renewing, and moving licensesScanning ReportingUpdating Firewall protection General Browser protectionEmail „ Invalid Entitlement Error Error messages„ Installation Declined „ Installation Denied „ Cannot find remote shared directory „ File does not exist„ Unable to create Cab Installer Object „ MyASUtil.SecureObjectFactory error message „ MyINX Error„ Unable to connect to the Enforced Client update server Cannot find remote shared directoryInternet Explorer is blocking ActiveX controls The user doesn’t have administrator rightsThe security level of the browser is too high A registry file is missingInstallation Denied Common causes and solutions 1 Select Start Run If you do not see a Status column, set your view options to Details1 From the Windows Control Panel, open Add/Remove Programs You might need to adjust your corporate firewall or proxy settings See If you use a corporate firewall or proxy server on pageContacting product support protection service GlossaryCompare to group administrator and user See reportsSee policy Compare to URL installationCompare to SecurityCenter website Compare to trusted connection and untrusted connectionCompare to administrator and user protection serviceprotection service See also push installation, silent installation, and URL installationCompare to silent installation and URL installation Compare to protect mode and report modeCompare to prompt mode and report mode Compare to prompt mode and protect modeCustomer Home site See on-access scanning and on-demand scanningCompare to push installation and URL installation Compare to client softwareservice Compare to push installation and silent installationCompare to administrator and group administrator Compare to trusted connection„ Log on to the SecurityCenter „ Change your SecurityCenter password Login pageSecurityCenter tab „ Viewing your security services at-a-glance„ Send email to computers „ Block computers from receiving updates Computers tab„ Managing your computers „ Install protection services „ Specify approved programs „ Set up allowed Internet applicationsAdd Computer DescriptionFind computers Groups„ Viewing reports „ View detections „ View unrecognized programs Reports tab„ Viewing reports for the email security service „ View unrecognized Internet applications„ Configuring policies for virus and spyware protection Groups + Policies tab„ Creating groups to manage your site „ Setting up policies „ Configuring policies for firewall protection„ Managing your subscriptions „ Designating group administrators My Account tab„ Setting up your account „ Change your SecurityCenter password Service Summary sectionNotification Preferences section My Logo sectionEmail Page Install ProtectionHelp tab „ View printed and online documents „ Download utilities„ Installing Enforced Client „ Standard URL installation Install Protection New ComputersInstall Protection New Computers Email Text „ Using the portal„ Standard URL installation Install Protection Existing ComputersInstall Protection Existing Computers Email Text „ Standard URL installation „ Advanced installation methods„ Using the portal „ Update your MX records Install Email Security ServiceAdvanced Installation Methods „ Viewing reports for the email security service„ Managing your subscriptions „ Purchase, add, and renew services Product PurchaseProduct Coverage „ Request a trial subscription„ Managing your computers „ Make the most of your online data Computer Details„ Set up allowed Internet applications „ Customize listings and reports „ Specify approved programs„ View detections for a computer Detection ListUser-Approved Application List „ View user-approved applications for a computer Search Results„ Specify approved programs „ Set up allowed Internet applications „ Managing your computers „ Search for computers„ Customize listings and reports Detections report by computer„ View detections „ Make the most of your online data „ Manage your protection strategy with best practices„ Customize listings and reports Detections report by detection„ View detections „ Make the most of your online data „ Manage your protection strategy with best practices„ View unrecognized programs „ Make the most of your online data Unrecognized Programs report by computer„ Set up allowed Internet applications „ Customize listings and reports„ View unrecognized programs Unrecognized Programs report by program„ Specify approved programs „ Set up allowed Internet applications „ View user-approved applications for a computerLists the IP address of the computer where the event originated Inbound Events Blocked by Firewall report by originating computerInbound Events Blocked by Firewall report by destination computer „ View inbound events blocked by the firewall„ View inbound events blocked by the firewall Inbound Event ListDuplicate Computers report „ View duplicate computers „ Display details for a computerComputer Profiles report „ View computer profiles„ Manage your protection strategy with best practices Detection History report„ View your detection history Description„ Creating groups to manage your site „ Setting up policies Edit Default GroupEdit Group „ Creating groups to manage your site „ Setting up policies„ Setting up policies „ Assign a policy to a group View Default PolicyAdd Group „ Setting up policies „ Set basic virus protection options„ The SonicWALL Default policy „ Configuring policies for firewall protection„ Configuring browser protection from the SecurityCenter Firewall ConfigurationEnable script scanning Enable outbreak responseEnable buffer overflow on-access scansEdit Policy Virus Protection Settings „ Set basic virus protection options „ Assign a policy to a groupEdit Policy Spyware Protection Settings „ Set basic spyware protection options „ Assign a policy to a group„ Assign a policy to a group Edit Policy Desktop Firewall Settings„ Configuring policies for firewall protection „ Learn mode Firewall Protection Mode update the policy to User configures firewallAutomatically install the DescriptionFirewall Custom Settings „ Configure system services for a custom connection„ Configure system services for a custom connection Add or Edit Incoming Connection„ Configure IP addresses for a custom connection Cancel„ Configuring browser protection from the SecurityCenter Edit Policy Browser Protection SettingsEdit Policy Advanced Settings „ Update computers where no user is logged on„ Enable buffer overflow protection Detect code starting to run SettingsCheck for updates every „ Scan all file types during on-access scans Inspect all types ofAdd Policy Virus Protection Settings „ Set basic virus protection options „ Assign a policy to a groupAdd Policy Spyware Protection Settings „ Set basic spyware protection options „ Assign a policy to a group„ Assign a policy to a group Add Policy Desktop Firewall Settings„ Configuring policies for firewall protection „ Learn mode Automatically install the Firewall Configurationupdate the policy to User configures firewall Firewall Protection Mode„ Assign a policy to a group Add Policy Browser Protection Settings„ Configuring browser protection from the SecurityCenter „ Notifying users when support ends „ Assign a policy to a group Add Policy Advanced Settings„ Update computers where no user is logged on „ Set advanced virus protection optionsDescription SettingsCheck for updates every Subscription History „ Managing your subscriptionsView Cancelled Services Edit Subscription Information„ Update subscription information Managed Services„ Designating group administrators Manage Group AdministratorsManage All Group Administrators „ Designating group administratorsNotification Preferences „ Sign up for email notificationsUtilities Edit ProfileManage Logo „ Set up your profile „ Change your SecurityCenter passwordInstall protection services „ Install the standalone installation agentSilently install protection previous installation