Manuals / SonicWALL / Kitchen Appliance / Frozen Dessert Maker

SonicWALL 4.5 Description, users are not logged in, on client computers, Enable outbreak response

Models: 4.5

1 212

Download 212 pages 10.59 Kb

Page 191

users are not logged in

Enforced Client Product Guide

User Interface Definitions

A

	Item		Description

	Update client computers where		Enabled. Automatic updates occur on computers where no user is
	users are not logged in		logged on, for example, terminal servers and computers where the
			fast user switching feature is used.

	Display support notifications		Enabled. Notification dialog boxes warn client computer users

	on client computers		when software upgrades and DAT file updates are being discontinued
			for their operating system.
	Enable outbreak response		Enabled: Client computers check for an outbreak detection
			definition (DAT) file every hour.

	Enable buffer overflow		Enabled: Detect code starting to run from data in reserved memory
	protection		and prevent that code from running. The virus and spyware
			protection service protects against buffer overflow in more than 30
			most commonly used Windows-based programs. SonicWALL
			updates this list as it adds buffer overflow protection for additional
			programs.
			Important: Buffer overflow protection does not stop data from
			being written. Do not rely on the exploited application remaining
			stable after being compromised, even if buffer overflow protection
			stops the corrupted code from running.

	Enable script scanning		Enabled: Detect harmful code embedded in web pages that would
			cause unauthorized programs to run on client computers.

	Scan email (before delivering		Enabled: Look for threats in email before it is placed into the user’s

	to the Outlook Inbox)		Inbox.

	Scan all file types during		Enabled: Look for threats in all types of files, instead of only default
	on-access scans		types, when they are downloaded, opened, or run. (Default file types
			are defined in the DAT files.).

Scan within archives during on-access scans (e.g., .zip,

.rar, .tat, .tgz)

Disabled: Look for threats in compressed archive files when the files are accessed.

Scan within archives during on-demand scans (e.g., .zip,

.rar, .tat, .tgz)

Enabled: Do not look for threats in compressed archive files when files are scanned manually.

193

Image 191

SonicWALL 4.5 Description, users are not logged in, on client computers, Enable outbreak response, Enable buffer overflow

Contents

02/4%#4/. !444%/30%%$!/& 53.%33 3ONIC7!,,C%NFORCED #LIENT !NTI6IRUS AND !NTI3PYWARE 0RODUCTDUIDE6ERSIONS Attributions Enforced Client Anti-Virus and Anti-Spyware 4.5COPYRIGHTTRADEMARK ATTRIBUTIONS LICENSE INFORMATION License AgreementIntroduction ContentsInstalling Enforced Client Using Enforced Client Managing your subscriptions Using the Virus and Spyware Protection ServiceUsing the Firewall Protection Service Disabling on-access scanningUsing the Browser Protection Service „ How does the software work? 1 Introduction„ What is Enforced Client? „ What is new in this release? „ Managing with the online SecurityCenter „ Using this guide„ Ensure continuous, automatic protection What is Enforced Client?„ Select the right version of Enforced Client „ Protect against many kinds of threatsProtect against many kinds of threats Select the right version of Enforced ClientEnsure continuous, automatic protection Chapter 2, Installing Enforced Client What is new in this release?New feature users when support ends on page„ Internet Independent Updating IIU How does the software work?The updating process „ The updating process „ Outbreak response „ Rumor technologyFigure 1-2 Methods for updating client computers Retrieving updatesUploading security information Outbreak responseRumor technology Internet Independent Updating IIU Figure 1-3 The online SecurityCenter Managing with the online SecurityCenterSee Using the SecurityCenter on page 55 for more information User groups Figure 1-4 Example Sales Team group and Sales policy Customized policies„ Who should read this guide? „ Conventions Using this guideWho should read this guide? Example ConventionsBold CondensedGetting product information Security Updates DATs, engine HotFix and Patch Releases Contact informationAvert Labs DAT Notification Service Product Upgrades Valid grant number requiredGetting product information Enforced Client Product GuideIntroduction „ After you place your order „ System requirements Installing Enforced Client„ Before you install „ Installing Enforced Client „ Completing the installation „ What should I do after installing?After you place your order Protection services System requirementsOperating systems „ Operating systems „ RAM „ Email security serviceOperating system support ending Notifying users when support endsEmail server security application Email security serviceTerminal servers „ Uninstall existing firewall software „ Configure your browser Before you installUninstall existing virus protection software „ Uninstall existing virus protection softwareFinjan SonicWALL EnterpriseSonicWALL Retail Computer AssociatesNon-Microsoft browsers Uninstall existing firewall softwareConfigure your browser Internet ExplorerInstall the standalone installation agent Standard URL installation Installing Enforced ClientStandard URL installation RequirementsInstalling on client computers Sending an installation URL to users3 When you are prompted to do so, click Install What is the email address used for?The administrator Advanced installation methodsFigure 2-2 Advanced installation methods Advanced installation method„ Requirements „ Installation Silent installationRequirements What is my company key? InstallationVSSETUP parameters Push installation Requirements Considerations for scheduling push installations„ Requirements „ Installation 1 Download the Push Install utility from the SecurityCenterTo install Enforced Client using the Push Install utility InstallationFigure 2-6 Status for target computers If you use a corporate firewall or proxy serverEnabling relay servers „ Using the Push Install utility „ Using VSSETUP Completing the installationUsing the Push Install utility Using VSSETUPScan the client computer Test virus protectionScan the email Inbox Set up the default firewall„ Setting up policies on page „ Viewing reports on page What should I do after installing?„ Setting up your account on page „ Viewing your security services at-a-glance on pageEnforced Client Product Guide Installing Enforced ClientWhat should I do after installing? „ Setting up your account Using Enforced Client„ Using the client software „ Updating client computers „ Using the SecurityCenter „ Getting started„ Administrative menu and tasks Using the client softwareEnforced Client system tray icon Removing and displaying the iconClient menu Administrative menu and tasksUpdating client computers „ Update automatically „ Update manually „ Update during an outbreak Update automaticallyUpdate manually Update during an outbreakUpdate computers where no user is logged on Using the SecurityCenter„ Set up your profile „ Change your SecurityCenter password When you areSetting up your account Setting up policies Viewing reports Managing your correspondence„ Log on to the SecurityCenter „ Access online features and functions Access online features and functionsGetting started Log on to the SecurityCenterGetting started Using Enforced ClientFigure 3-1 SecurityCenter tabs Enforced Client Product GuideDo this Make the most of your online dataWhen you want to Figure 3-2 Page controls for listings and reportsCustomize listings and reports Previous and Next Using the online helpDo this Show NavigationSign up for email notifications Setting up your accountSet up your profile Change your SecurityCenter passwordViewing your security services at-a-glance „ Purchase, add, and renew services „ Request a trial subscription Install protection servicesView and resolve action items „ Install protection services „ View and resolve action itemsView security coverage for your account Managing your computers„ View user-approved applications for a computer „ Search for computers „ Install protection services„ Send email to computers „ Block computers from receiving updates „ Display details for a computer „ View detections for a computerSee Chapter 2, Installing Enforced Client for more information Search for computersDisplay details for a computer Install protection servicesFor System email address, type a new email address, then click Save When you want toFigure 3-5 Computer Details page Do thisSend email to computers View detections for a computerView user-approved applications for a computer Move computers into a group Block computers from receiving updatesCreating groups to manage your site Delete computers from your reports„ Create or edit a group „ Delete a group The Default groupDelete a group Designating group administratorsCreate or edit a group Figure 3-7 Site and group administrators „ Create or edit a group administrator „ Delete a group administrator Create or edit a group administrator„ Create or edit a policy „ Assign a policy to a group Setting up policiesDelete a group administrator „ Restore default policy settings „ Delete a policyVirus protection The SonicWALL Default policyDefault setting All programs types are enabledAssign a policy to a group Restore default policy settingsCreate or edit a policy Delete a policy Viewing reportsUnrecognized Use this reportTo view DetectionsFigure 3-9 Duplicate Computers report View duplicate computers„ Update your account’s email address „ Add your logo to reports Managing your correspondenceView computer profiles „ Send email to users „ Update user email addressesAdd your logo to reports Update user email addressesUpdate your account’s email address Send email to users„ Purchase, add, and renew services „ Request a trial subscription View your service subscriptionsManaging your subscriptions „ View your service subscriptions „ Update subscription informationPurchase, add, and renew services Update subscription informationView printed and online documents Getting assistanceRequest a trial subscription Receive subscription notificationsRun the Push Install Utility Download utilitiesContact product support VSSetup„ Accessing client features Scan Tasks menu Using the Virus and Spyware ProtectionService Accessing client features Scan Tasks menuFigure 4-1 Scan Tasks menu Select this commandDisable On-Access Scanner Scanner see Disabling on-access scanning on page„ Schedule on-demand scans „ Scan email „ Scan for spyware Scan automatically on-access scansScanning client computers „ Scan automatically on-access scans „ Scan manually on-demand scans„ View scan results „ How detections are handled Scan manually on-demand scansView scan results How detections are handled Scan for spyware Schedule on-demand scansScan email Close CleanCleaned Approve„ Schedule on-demand scans Configuring policies for virus and spyware protectionSet basic virus protection options Schedule on-demand scansExclude files and folders from virus scans „ Select your update frequency „ Enable optional protection Select your update frequencyEnable optional protection Set advanced virus protection optionsrar, .tat, .tgz Enable script scanningEnable outbreak response Enable buffer overflow protection Scan email before delivering to the Outlook Inbox„ Specify approved programs Enable spyware protectionSet basic spyware protection options „ Enable spyware protection „ Select a spyware protection modeReport Select a spyware protection modeBehavior of protection service ModeSpecify approved programs Learn modeSet advanced spyware protection options Description Password crackers2 Click the Advanced Settings tab Threat type„ Unrecognized Programs see View unrecognized programs on page Viewing reports for virus and spyware detectionsView detections „ Detections see View detectionsDetails page When you want toadvanced spyware protection options on page Buffer Overflow ProcessesFigure 4-7 Unrecognized Programs report View unrecognized programson page Using the Unrecognized Programs reportWhen you want to the Computer Details pageFigure 4-8 Detection History report View your detection history„ Manage quarantined files Managing detectionsManage your protection strategy with best practices „ Manage your protection strategy with best practices2 Select Scan Tasks Quarantine Viewer Manage quarantined filesRestore the Quarantine Viewer2 Select Disable On-Access Scanner or Enable On-Access Scanner Disabling on-access scanningCleaned Clean failedEnforced Client Product Guide Using the Virus and Spyware Protection ServiceDisabling on-access scanning „ Configuring policies for firewall protection Using the Firewall Protection ServiceAccessing client features Firewall Settings command „ Accessing client features Firewall Settings command„ Enable firewall protection „ Select a firewall protection mode Configuring policies for firewall protection„ Specify who configures firewall protection settings „ Install the firewall protection service via policyFigure 5-1 Desktop Firewall policy tab Specify who configures firewall protection settingsEnable firewall protection Install the firewall protection service via policyLearn mode Select a firewall protection mode„ Configure system services for a custom connection Configure a custom connectionSpecify a connection type „ Standard system service ports „ Open a service port Configure system services for a custom connectionStandard system service ports „ Configure IP addresses for a custom connectionOpen a service port Close a service port Add and edit service portsConfigure IP addresses for a custom connection Set up allowed Internet applicationsSpecify whether to use SonicWALL recommendations Specify Internet applications in a policy„ Unrecognized Programs see View unrecognized Internet applications Viewing reports for firewall protectionView unrecognized Internet applications View inbound events blocked by the firewall Events to display the Inbound Event List Managing suspicious activity with best practices„ When running the firewall protection service on a server, ensure that service ports are configured correctly to prevent disruption of system services see Configure system services for a custom connection on page 117. Ensure that no unnecessary ports are open Managing suspicious activity with best practices Using the Firewall Protection ServiceEnforced Client Product Guide „ Configuring browser protection settings „ Submitting feedback Using the Browser Protection ServiceAccessing site safety information „ Accessing site safety informationStaying safe during searches How safety ratings are compiledConfiguring browser protection on the client Staying safe while browsingSettings SettingsInstalling via policy Configuring browser protection settingsViewing safety reports Configuring browser protection from the SecurityCenterEnable or disable the color coding for the Configuring browser protection on the client computerEnable or disable the display of safety icons next Encrypt the data sent to the server using theSubmitting feedback „ Configuring a policy for email security Using the Email Security Service„ Activating the email security service „ Using the portal „ Setting up your account „ Viewing your email protection status2 Click Install Protection 3 Select Install email security service Activating the email security serviceUsing the portal „ Update your MX records „ Customize your account settings Update your MX recordsCustomize your account settings Setting up your account1 Add your other domains Default settingsRecommended first steps Optional customization Figure 7-2 Administration page Configure general administration settingsGeneral Settings Viewing your email protection statusAccess basic administration features on the Administration page Use this featureTo view the status of your service Viewing reports for the email security service Configuring a policy for email security„ View and manage quarantined user messages Managing quarantined emailView and manage quarantined user messages Check the Quarantine SummaryView quarantined mail deliveries Getting more informationGetting more information Using the Email Security ServiceEnforced Client Product Guide „ Error messages „ Contacting product support 8 TroubleshootingUninstalling protection services „ Uninstalling protection services „ Frequently asked questions FAQ„ Configuring and managing policies „ Scanning „ Reporting „ Updating Frequently asked questions FAQInstalling „ Installing „ Adding, renewing, and moving licensesAdding, renewing, and moving licenses Configuring and managing policiesReporting ScanningUpdating Firewall protection General Browser protectionEmail „ Cannot find remote shared directory „ File does not exist Error messages„ Installation Declined „ Installation Denied „ Invalid Entitlement ErrorCannot find remote shared directory „ MyASUtil.SecureObjectFactory error message „ MyINX Error„ Unable to connect to the Enforced Client update server „ Unable to create Cab Installer ObjectA registry file is missing The user doesn’t have administrator rightsThe security level of the browser is too high Internet Explorer is blocking ActiveX controlsInstallation Denied Common causes and solutions 1 Select Start Run If you do not see a Status column, set your view options to Details1 From the Windows Control Panel, open Add/Remove Programs See If you use a corporate firewall or proxy server on page You might need to adjust your corporate firewall or proxy settingsContacting product support See reports GlossaryCompare to group administrator and user protection serviceCompare to trusted connection and untrusted connection Compare to URL installationCompare to SecurityCenter website See policySee also push installation, silent installation, and URL installation protection serviceprotection service Compare to administrator and userCompare to prompt mode and protect mode Compare to protect mode and report modeCompare to prompt mode and report mode Compare to silent installation and URL installationCompare to client software See on-access scanning and on-demand scanningCompare to push installation and URL installation Customer Home siteCompare to trusted connection Compare to push installation and silent installationCompare to administrator and group administrator service„ Viewing your security services at-a-glance Login pageSecurityCenter tab „ Log on to the SecurityCenter „ Change your SecurityCenter password„ Specify approved programs „ Set up allowed Internet applications Computers tab„ Managing your computers „ Install protection services „ Send email to computers „ Block computers from receiving updatesGroups DescriptionFind computers Add Computer„ View unrecognized Internet applications Reports tab„ Viewing reports for the email security service „ Viewing reports „ View detections „ View unrecognized programs„ Configuring policies for firewall protection Groups + Policies tab„ Creating groups to manage your site „ Setting up policies „ Configuring policies for virus and spyware protectionService Summary section My Account tab„ Setting up your account „ Change your SecurityCenter password „ Managing your subscriptions „ Designating group administratorsMy Logo section Notification Preferences section„ View printed and online documents „ Download utilities Install ProtectionHelp tab Email Page„ Using the portal Install Protection New ComputersInstall Protection New Computers Email Text „ Installing Enforced Client „ Standard URL installation„ Standard URL installation „ Advanced installation methods Install Protection Existing ComputersInstall Protection Existing Computers Email Text „ Standard URL installation„ Viewing reports for the email security service Install Email Security ServiceAdvanced Installation Methods „ Using the portal „ Update your MX records„ Request a trial subscription Product PurchaseProduct Coverage „ Managing your subscriptions „ Purchase, add, and renew services„ Customize listings and reports „ Specify approved programs Computer Details„ Set up allowed Internet applications „ Managing your computers „ Make the most of your online data„ View detections for a computer Detection ListUser-Approved Application List „ Managing your computers „ Search for computers Search Results„ Specify approved programs „ Set up allowed Internet applications „ View user-approved applications for a computer„ Manage your protection strategy with best practices Detections report by computer„ View detections „ Make the most of your online data „ Customize listings and reports„ Manage your protection strategy with best practices Detections report by detection„ View detections „ Make the most of your online data „ Customize listings and reports„ Customize listings and reports Unrecognized Programs report by computer„ Set up allowed Internet applications „ View unrecognized programs „ Make the most of your online data„ View user-approved applications for a computer Unrecognized Programs report by program„ Specify approved programs „ Set up allowed Internet applications „ View unrecognized programs„ View inbound events blocked by the firewall Inbound Events Blocked by Firewall report by originating computerInbound Events Blocked by Firewall report by destination computer Lists the IP address of the computer where the event originated„ View duplicate computers „ Display details for a computer Inbound Event ListDuplicate Computers report „ View inbound events blocked by the firewall„ View computer profiles Computer Profiles reportDescription Detection History report„ View your detection history „ Manage your protection strategy with best practices„ Creating groups to manage your site „ Setting up policies Edit Default GroupEdit Group „ Creating groups to manage your site „ Setting up policies„ Setting up policies „ Set basic virus protection options View Default PolicyAdd Group „ Setting up policies „ Assign a policy to a groupFirewall Configuration „ Configuring policies for firewall protection„ Configuring browser protection from the SecurityCenter „ The SonicWALL Default policyon-access scans Enable outbreak responseEnable buffer overflow Enable script scanning„ Set basic virus protection options „ Assign a policy to a group Edit Policy Virus Protection Settings„ Set basic spyware protection options „ Assign a policy to a group Edit Policy Spyware Protection Settings„ Assign a policy to a group Edit Policy Desktop Firewall Settings„ Configuring policies for firewall protection „ Learn mode Description update the policy to User configures firewallAutomatically install the Firewall Protection Mode„ Configure system services for a custom connection Firewall Custom SettingsCancel Add or Edit Incoming Connection„ Configure IP addresses for a custom connection „ Configure system services for a custom connection„ Update computers where no user is logged on Edit Policy Browser Protection SettingsEdit Policy Advanced Settings „ Configuring browser protection from the SecurityCenter„ Scan all file types during on-access scans Inspect all types of SettingsCheck for updates every „ Enable buffer overflow protection Detect code starting to run„ Set basic virus protection options „ Assign a policy to a group Add Policy Virus Protection Settings„ Set basic spyware protection options „ Assign a policy to a group Add Policy Spyware Protection Settings„ Assign a policy to a group Add Policy Desktop Firewall Settings„ Configuring policies for firewall protection „ Learn mode Firewall Protection Mode Firewall Configurationupdate the policy to User configures firewall Automatically install the„ Assign a policy to a group Add Policy Browser Protection Settings„ Configuring browser protection from the SecurityCenter „ Set advanced virus protection options Add Policy Advanced Settings„ Update computers where no user is logged on „ Notifying users when support ends „ Assign a policy to a groupDescription SettingsCheck for updates every „ Managing your subscriptions Subscription HistoryManaged Services Edit Subscription Information„ Update subscription information View Cancelled Services„ Designating group administrators Manage Group AdministratorsManage All Group Administrators „ Designating group administrators„ Sign up for email notifications Notification Preferences„ Set up your profile „ Change your SecurityCenter password Edit ProfileManage Logo Utilitiesprevious installation „ Install the standalone installation agentSilently install protection Install protection services