Manuals / SonicWALL / Kitchen Appliance / Frozen Dessert Maker

SonicWALL 4.5 manual Customized policies, 4 Example Sales Team group and Sales policy

Models: 4.5

1 212

Page 19

Enforced Client Product Guide	Introduction
	Managing with the online SecurityCenter

Customized policies

After installation, Enforced Client protects client computers from threats immediately using default security settings. However, you might want to change the way some features are implemented for some or all of your computers. For example, you might want the service to check for updates every four hours or set up a list of programs you consider safe.

Policies are made up of security settings that define how protection services operate on client computers. Policy management allows you to assign different levels and types of protection to different users. If you have created groups, you can assign a unique policy to each group or one policy to all groups.

For example, you can assign a Sales policy to your mobile Sales Team group, with security settings that protect against threats in unsecure networks such as airports and hotels.

Figure 1-4 Example: Sales Team group and Sales policy

Page 19

Image 19

SonicWALL 4.5 manual Customized policies, 4 Example Sales Team group and Sales policy

Contents

6ERSIONS 3ONIC7!,,C%NFORCED #LIENT !NTI6IRUS AND !NTI3PYWARE 0RODUCTDUIDE02/4%#4/. !444%/30%%$!/& 53.%33 Attributions Enforced Client Anti-Virus and Anti-Spyware 4.5COPYRIGHTTRADEMARK ATTRIBUTIONS LICENSE INFORMATION License AgreementInstalling Enforced Client ContentsIntroduction Using Enforced Client Managing your subscriptions Using the Virus and Spyware Protection ServiceUsing the Firewall Protection Service Disabling on-access scanningUsing the Browser Protection Service „ How does the software work? 1 Introduction„ What is Enforced Client? „ What is new in this release? „ Managing with the online SecurityCenter „ Using this guide„ Ensure continuous, automatic protection What is Enforced Client?„ Select the right version of Enforced Client „ Protect against many kinds of threatsProtect against many kinds of threats Select the right version of Enforced ClientEnsure continuous, automatic protection Chapter 2, Installing Enforced Client What is new in this release?New feature users when support ends on page„ Internet Independent Updating IIU How does the software work?The updating process „ The updating process „ Outbreak response „ Rumor technologyFigure 1-2 Methods for updating client computers Retrieving updatesRumor technology Outbreak responseUploading security information Internet Independent Updating IIU Figure 1-3 The online SecurityCenter Managing with the online SecurityCenterSee Using the SecurityCenter on page 55 for more information User groups Figure 1-4 Example Sales Team group and Sales policy Customized policiesWho should read this guide? Using this guide„ Who should read this guide? „ Conventions Example ConventionsBold CondensedGetting product information Security Updates DATs, engine HotFix and Patch Releases Contact informationAvert Labs DAT Notification Service Product Upgrades Valid grant number requiredIntroduction Enforced Client Product GuideGetting product information „ After you place your order „ System requirements Installing Enforced Client„ Before you install „ Installing Enforced Client „ Completing the installation „ What should I do after installing?After you place your order Protection services System requirementsOperating systems „ Operating systems „ RAM „ Email security serviceOperating system support ending Notifying users when support endsEmail server security application Email security serviceTerminal servers „ Uninstall existing firewall software „ Configure your browser Before you installUninstall existing virus protection software „ Uninstall existing virus protection softwareFinjan SonicWALL EnterpriseSonicWALL Retail Computer AssociatesNon-Microsoft browsers Uninstall existing firewall softwareConfigure your browser Internet ExplorerInstall the standalone installation agent Standard URL installation Installing Enforced ClientStandard URL installation RequirementsInstalling on client computers Sending an installation URL to users3 When you are prompted to do so, click Install What is the email address used for?The administrator Advanced installation methodsFigure 2-2 Advanced installation methods Advanced installation methodRequirements Silent installation„ Requirements „ Installation What is my company key? InstallationVSSETUP parameters Push installation Requirements Considerations for scheduling push installations„ Requirements „ Installation 1 Download the Push Install utility from the SecurityCenterTo install Enforced Client using the Push Install utility InstallationEnabling relay servers If you use a corporate firewall or proxy serverFigure 2-6 Status for target computers „ Using the Push Install utility „ Using VSSETUP Completing the installationUsing the Push Install utility Using VSSETUPScan the client computer Test virus protectionScan the email Inbox Set up the default firewall„ Setting up policies on page „ Viewing reports on page What should I do after installing?„ Setting up your account on page „ Viewing your security services at-a-glance on pageWhat should I do after installing? Installing Enforced ClientEnforced Client Product Guide „ Setting up your account Using Enforced Client„ Using the client software „ Updating client computers „ Using the SecurityCenter „ Getting started„ Administrative menu and tasks Using the client softwareEnforced Client system tray icon Removing and displaying the iconUpdating client computers Administrative menu and tasksClient menu „ Update automatically „ Update manually „ Update during an outbreak Update automaticallyUpdate manually Update during an outbreakUpdate computers where no user is logged on Using the SecurityCenter„ Set up your profile „ Change your SecurityCenter password When you areSetting up your account Setting up policies Viewing reports Managing your correspondence„ Log on to the SecurityCenter „ Access online features and functions Access online features and functionsGetting started Log on to the SecurityCenterGetting started Using Enforced ClientFigure 3-1 SecurityCenter tabs Enforced Client Product GuideDo this Make the most of your online dataWhen you want to Figure 3-2 Page controls for listings and reportsCustomize listings and reports Previous and Next Using the online helpDo this Show NavigationSign up for email notifications Setting up your accountSet up your profile Change your SecurityCenter passwordViewing your security services at-a-glance „ Purchase, add, and renew services „ Request a trial subscription Install protection servicesView and resolve action items „ Install protection services „ View and resolve action itemsView security coverage for your account Managing your computers„ View user-approved applications for a computer „ Search for computers „ Install protection services„ Send email to computers „ Block computers from receiving updates „ Display details for a computer „ View detections for a computerSee Chapter 2, Installing Enforced Client for more information Search for computersDisplay details for a computer Install protection servicesFor System email address, type a new email address, then click Save When you want toFigure 3-5 Computer Details page Do thisView user-approved applications for a computer View detections for a computerSend email to computers Move computers into a group Block computers from receiving updatesCreating groups to manage your site Delete computers from your reports„ Create or edit a group „ Delete a group The Default groupCreate or edit a group Designating group administratorsDelete a group Figure 3-7 Site and group administrators „ Create or edit a group administrator „ Delete a group administrator Create or edit a group administrator„ Create or edit a policy „ Assign a policy to a group Setting up policiesDelete a group administrator „ Restore default policy settings „ Delete a policyVirus protection The SonicWALL Default policyDefault setting All programs types are enabledCreate or edit a policy Restore default policy settingsAssign a policy to a group Delete a policy Viewing reportsUnrecognized Use this reportTo view DetectionsFigure 3-9 Duplicate Computers report View duplicate computers„ Update your account’s email address „ Add your logo to reports Managing your correspondenceView computer profiles „ Send email to users „ Update user email addressesAdd your logo to reports Update user email addressesUpdate your account’s email address Send email to users„ Purchase, add, and renew services „ Request a trial subscription View your service subscriptionsManaging your subscriptions „ View your service subscriptions „ Update subscription informationPurchase, add, and renew services Update subscription informationView printed and online documents Getting assistanceRequest a trial subscription Receive subscription notificationsRun the Push Install Utility Download utilitiesContact product support VSSetup„ Accessing client features Scan Tasks menu Using the Virus and Spyware ProtectionService Accessing client features Scan Tasks menuFigure 4-1 Scan Tasks menu Select this commandDisable On-Access Scanner Scanner see Disabling on-access scanning on page„ Schedule on-demand scans „ Scan email „ Scan for spyware Scan automatically on-access scansScanning client computers „ Scan automatically on-access scans „ Scan manually on-demand scansView scan results Scan manually on-demand scans„ View scan results „ How detections are handled How detections are handled Scan email Schedule on-demand scansScan for spyware Close CleanCleaned Approve„ Schedule on-demand scans Configuring policies for virus and spyware protectionSet basic virus protection options Schedule on-demand scansExclude files and folders from virus scans „ Select your update frequency „ Enable optional protection Select your update frequencyEnable optional protection Set advanced virus protection optionsrar, .tat, .tgz Enable script scanningEnable outbreak response Enable buffer overflow protection Scan email before delivering to the Outlook Inbox„ Specify approved programs Enable spyware protectionSet basic spyware protection options „ Enable spyware protection „ Select a spyware protection modeReport Select a spyware protection modeBehavior of protection service ModeSet advanced spyware protection options Learn modeSpecify approved programs Description Password crackers2 Click the Advanced Settings tab Threat type„ Unrecognized Programs see View unrecognized programs on page Viewing reports for virus and spyware detectionsView detections „ Detections see View detectionsDetails page When you want toadvanced spyware protection options on page Buffer Overflow ProcessesFigure 4-7 Unrecognized Programs report View unrecognized programson page Using the Unrecognized Programs reportWhen you want to the Computer Details pageFigure 4-8 Detection History report View your detection history„ Manage quarantined files Managing detectionsManage your protection strategy with best practices „ Manage your protection strategy with best practices2 Select Scan Tasks Quarantine Viewer Manage quarantined filesRestore the Quarantine Viewer2 Select Disable On-Access Scanner or Enable On-Access Scanner Disabling on-access scanningCleaned Clean failedDisabling on-access scanning Using the Virus and Spyware Protection ServiceEnforced Client Product Guide „ Configuring policies for firewall protection Using the Firewall Protection ServiceAccessing client features Firewall Settings command „ Accessing client features Firewall Settings command„ Enable firewall protection „ Select a firewall protection mode Configuring policies for firewall protection„ Specify who configures firewall protection settings „ Install the firewall protection service via policyFigure 5-1 Desktop Firewall policy tab Specify who configures firewall protection settingsEnable firewall protection Install the firewall protection service via policyLearn mode Select a firewall protection modeSpecify a connection type Configure a custom connection„ Configure system services for a custom connection „ Standard system service ports „ Open a service port Configure system services for a custom connectionStandard system service ports „ Configure IP addresses for a custom connectionOpen a service port Close a service port Add and edit service portsConfigure IP addresses for a custom connection Set up allowed Internet applicationsSpecify whether to use SonicWALL recommendations Specify Internet applications in a policyView unrecognized Internet applications Viewing reports for firewall protection„ Unrecognized Programs see View unrecognized Internet applications View inbound events blocked by the firewall Events to display the Inbound Event List Managing suspicious activity with best practices„ When running the firewall protection service on a server, ensure that service ports are configured correctly to prevent disruption of system services see Configure system services for a custom connection on page 117. Ensure that no unnecessary ports are open Enforced Client Product Guide Using the Firewall Protection ServiceManaging suspicious activity with best practices „ Configuring browser protection settings „ Submitting feedback Using the Browser Protection ServiceAccessing site safety information „ Accessing site safety informationStaying safe during searches How safety ratings are compiledConfiguring browser protection on the client Staying safe while browsingSettings SettingsInstalling via policy Configuring browser protection settingsViewing safety reports Configuring browser protection from the SecurityCenterEnable or disable the color coding for the Configuring browser protection on the client computerEnable or disable the display of safety icons next Encrypt the data sent to the server using theSubmitting feedback „ Configuring a policy for email security Using the Email Security Service„ Activating the email security service „ Using the portal „ Setting up your account „ Viewing your email protection statusUsing the portal Activating the email security service2 Click Install Protection 3 Select Install email security service „ Update your MX records „ Customize your account settings Update your MX recordsCustomize your account settings Setting up your accountRecommended first steps Default settings1 Add your other domains Optional customization Figure 7-2 Administration page Configure general administration settingsGeneral Settings Viewing your email protection statusAccess basic administration features on the Administration page Use this featureTo view the status of your service Viewing reports for the email security service Configuring a policy for email security„ View and manage quarantined user messages Managing quarantined emailView and manage quarantined user messages Check the Quarantine SummaryView quarantined mail deliveries Getting more informationEnforced Client Product Guide Using the Email Security ServiceGetting more information „ Error messages „ Contacting product support 8 TroubleshootingUninstalling protection services „ Uninstalling protection services „ Frequently asked questions FAQ„ Configuring and managing policies „ Scanning „ Reporting „ Updating Frequently asked questions FAQInstalling „ Installing „ Adding, renewing, and moving licensesAdding, renewing, and moving licenses Configuring and managing policiesReporting ScanningUpdating Firewall protection Email Browser protectionGeneral „ Cannot find remote shared directory „ File does not exist Error messages„ Installation Declined „ Installation Denied „ Invalid Entitlement ErrorCannot find remote shared directory „ MyASUtil.SecureObjectFactory error message „ MyINX Error„ Unable to connect to the Enforced Client update server „ Unable to create Cab Installer ObjectA registry file is missing The user doesn’t have administrator rightsThe security level of the browser is too high Internet Explorer is blocking ActiveX controlsInstallation Denied Common causes and solutions 1 From the Windows Control Panel, open Add/Remove Programs If you do not see a Status column, set your view options to Details1 Select Start Run See If you use a corporate firewall or proxy server on page You might need to adjust your corporate firewall or proxy settingsContacting product support See reports GlossaryCompare to group administrator and user protection serviceCompare to trusted connection and untrusted connection Compare to URL installationCompare to SecurityCenter website See policySee also push installation, silent installation, and URL installation protection serviceprotection service Compare to administrator and userCompare to prompt mode and protect mode Compare to protect mode and report modeCompare to prompt mode and report mode Compare to silent installation and URL installationCompare to client software See on-access scanning and on-demand scanningCompare to push installation and URL installation Customer Home siteCompare to trusted connection Compare to push installation and silent installationCompare to administrator and group administrator service„ Viewing your security services at-a-glance Login pageSecurityCenter tab „ Log on to the SecurityCenter „ Change your SecurityCenter password„ Specify approved programs „ Set up allowed Internet applications Computers tab„ Managing your computers „ Install protection services „ Send email to computers „ Block computers from receiving updatesGroups DescriptionFind computers Add Computer„ View unrecognized Internet applications Reports tab„ Viewing reports for the email security service „ Viewing reports „ View detections „ View unrecognized programs„ Configuring policies for firewall protection Groups + Policies tab„ Creating groups to manage your site „ Setting up policies „ Configuring policies for virus and spyware protectionService Summary section My Account tab„ Setting up your account „ Change your SecurityCenter password „ Managing your subscriptions „ Designating group administratorsMy Logo section Notification Preferences section„ View printed and online documents „ Download utilities Install ProtectionHelp tab Email Page„ Using the portal Install Protection New ComputersInstall Protection New Computers Email Text „ Installing Enforced Client „ Standard URL installation„ Standard URL installation „ Advanced installation methods Install Protection Existing ComputersInstall Protection Existing Computers Email Text „ Standard URL installation„ Viewing reports for the email security service Install Email Security ServiceAdvanced Installation Methods „ Using the portal „ Update your MX records„ Request a trial subscription Product PurchaseProduct Coverage „ Managing your subscriptions „ Purchase, add, and renew services„ Customize listings and reports „ Specify approved programs Computer Details„ Set up allowed Internet applications „ Managing your computers „ Make the most of your online dataUser-Approved Application List Detection List„ View detections for a computer „ Managing your computers „ Search for computers Search Results„ Specify approved programs „ Set up allowed Internet applications „ View user-approved applications for a computer„ Manage your protection strategy with best practices Detections report by computer„ View detections „ Make the most of your online data „ Customize listings and reports„ Manage your protection strategy with best practices Detections report by detection„ View detections „ Make the most of your online data „ Customize listings and reports„ Customize listings and reports Unrecognized Programs report by computer„ Set up allowed Internet applications „ View unrecognized programs „ Make the most of your online data„ View user-approved applications for a computer Unrecognized Programs report by program„ Specify approved programs „ Set up allowed Internet applications „ View unrecognized programs„ View inbound events blocked by the firewall Inbound Events Blocked by Firewall report by originating computerInbound Events Blocked by Firewall report by destination computer Lists the IP address of the computer where the event originated„ View duplicate computers „ Display details for a computer Inbound Event ListDuplicate Computers report „ View inbound events blocked by the firewall„ View computer profiles Computer Profiles reportDescription Detection History report„ View your detection history „ Manage your protection strategy with best practices„ Creating groups to manage your site „ Setting up policies Edit Default GroupEdit Group „ Creating groups to manage your site „ Setting up policies„ Setting up policies „ Set basic virus protection options View Default PolicyAdd Group „ Setting up policies „ Assign a policy to a groupFirewall Configuration „ Configuring policies for firewall protection„ Configuring browser protection from the SecurityCenter „ The SonicWALL Default policyon-access scans Enable outbreak responseEnable buffer overflow Enable script scanning„ Set basic virus protection options „ Assign a policy to a group Edit Policy Virus Protection Settings„ Set basic spyware protection options „ Assign a policy to a group Edit Policy Spyware Protection Settings„ Configuring policies for firewall protection „ Learn mode Edit Policy Desktop Firewall Settings„ Assign a policy to a group Description update the policy to User configures firewallAutomatically install the Firewall Protection Mode„ Configure system services for a custom connection Firewall Custom SettingsCancel Add or Edit Incoming Connection„ Configure IP addresses for a custom connection „ Configure system services for a custom connection„ Update computers where no user is logged on Edit Policy Browser Protection SettingsEdit Policy Advanced Settings „ Configuring browser protection from the SecurityCenter„ Scan all file types during on-access scans Inspect all types of SettingsCheck for updates every „ Enable buffer overflow protection Detect code starting to run„ Set basic virus protection options „ Assign a policy to a group Add Policy Virus Protection Settings„ Set basic spyware protection options „ Assign a policy to a group Add Policy Spyware Protection Settings„ Configuring policies for firewall protection „ Learn mode Add Policy Desktop Firewall Settings„ Assign a policy to a group Firewall Protection Mode Firewall Configurationupdate the policy to User configures firewall Automatically install the„ Configuring browser protection from the SecurityCenter Add Policy Browser Protection Settings„ Assign a policy to a group „ Set advanced virus protection options Add Policy Advanced Settings„ Update computers where no user is logged on „ Notifying users when support ends „ Assign a policy to a groupCheck for updates every SettingsDescription „ Managing your subscriptions Subscription HistoryManaged Services Edit Subscription Information„ Update subscription information View Cancelled Services„ Designating group administrators Manage Group AdministratorsManage All Group Administrators „ Designating group administrators„ Sign up for email notifications Notification Preferences„ Set up your profile „ Change your SecurityCenter password Edit ProfileManage Logo Utilitiesprevious installation „ Install the standalone installation agentSilently install protection Install protection services