Manuals / SonicWALL / Kitchen Appliance / Frozen Dessert Maker

SonicWALL 4.5 manual Edit Policy Spyware Protection Settings

Models: 4.5

1 212

Download 212 pages 10.59 Kb

Page 193

Edit Policy: Spyware Protection Settings

Enforced Client Product Guide

User Interface Definitions

A

Item	Description

Excluded Files and Folders Lists files, folders, and file name extensions that the virus and spyware protection service does not scan for viruses. If you have not designated any files or folders to exclude, no list appears here.

			Only files that you know are safe should be excluded from on-access
			and on-demand virus scans.
	Type		Select the type of exclusion:
			File: The file will not be scanned.
			Folder: No files or subfolders in this folder will be scanned.
			File Extension: No files using this extension will be scanned.
			The selected type determines the contents of the Value field.

	Value		Specify the file, folder, or file extension. You can browse to select a
	Value
			file.

	Add Exclusion		Click to add the specified folder, file, or file extension. Once it is
			added, it appears in the list on this tab.

	remove		Select this link to delete the file, folder, or file extension from the
	remove
			list. During future scans, this item is checked for threats.
	Save		Click to update the policy and return to the Groups + Policies page.
	Save

	Cancel		Click to return to the Groups + Policies page without changing the
	Cancel
			policy.

	Reset to Defaults		Click to assign the original SonicWALL Default policy settings to
			this policy.
			Note: This resets all settings on all tabs. Settings will not take effect
			until you click Save.

Edit Policy: Spyware Protection Settings

Policies are made up of security settings for all of your protection services. These settings define how your services operate on client computers.

Use this page to rename a policy or modify its spyware protection settings. Changes do not take effect until you click Save.

Set basic spyware protection options

Assign a policy to a group

	Item		Description

	Policy name		Type a new name for the policy if you want to rename it.
	Policy name		Type a new name for the policy if you want to rename it.
	Spyware Protection Status		Select On to enable the spyware scanning feature of the virus and
			spyware protection service.
			Select Off to disable it.
			When enabled, the virus and spyware protection service checks for
			potentially unwanted programs during on-access and on-demand
			scans.

195

Image 193

SonicWALL 4.5 Edit Policy Spyware Protection Settings, „ Set basic spyware protection options „ Assign a policy to a group

Contents

6ERSIONS 3ONIC7!,,C%NFORCED #LIENT !NTI6IRUS AND !NTI3PYWARE 0RODUCTDUIDE02/4%#4/. !444%/30%%$!/& 53.%33 TRADEMARK ATTRIBUTIONS Enforced Client Anti-Virus and Anti-Spyware 4.5COPYRIGHTLICENSE INFORMATION License Agreement AttributionsInstalling Enforced Client ContentsIntroduction Using Enforced Client Using the Firewall Protection Service Using the Virus and Spyware Protection ServiceDisabling on-access scanning Managing your subscriptionsUsing the Browser Protection Service „ What is Enforced Client? „ What is new in this release? 1 Introduction„ Managing with the online SecurityCenter „ Using this guide „ How does the software work?„ Select the right version of Enforced Client What is Enforced Client?„ Protect against many kinds of threats „ Ensure continuous, automatic protectionProtect against many kinds of threats Select the right version of Enforced ClientEnsure continuous, automatic protection New feature What is new in this release?users when support ends on page Chapter 2, Installing Enforced ClientThe updating process How does the software work?„ The updating process „ Outbreak response „ Rumor technology „ Internet Independent Updating IIUFigure 1-2 Methods for updating client computers Retrieving updatesRumor technology Outbreak responseUploading security information Internet Independent Updating IIU Figure 1-3 The online SecurityCenter Managing with the online SecurityCenterSee Using the SecurityCenter on page 55 for more information User groups Figure 1-4 Example Sales Team group and Sales policy Customized policiesWho should read this guide? Using this guide„ Who should read this guide? „ Conventions Bold ConventionsCondensed ExampleGetting product information Avert Labs DAT Notification Service Contact informationProduct Upgrades Valid grant number required Security Updates DATs, engine HotFix and Patch ReleasesIntroduction Enforced Client Product GuideGetting product information „ Before you install „ Installing Enforced Client Installing Enforced Client„ Completing the installation „ What should I do after installing? „ After you place your order „ System requirementsAfter you place your order Operating systems System requirements„ Operating systems „ RAM „ Email security service Protection servicesOperating system support ending Notifying users when support endsEmail server security application Email security serviceTerminal servers Uninstall existing virus protection software Before you install„ Uninstall existing virus protection software „ Uninstall existing firewall software „ Configure your browserSonicWALL Retail SonicWALL EnterpriseComputer Associates FinjanConfigure your browser Uninstall existing firewall softwareInternet Explorer Non-Microsoft browsersInstall the standalone installation agent Standard URL installation Installing Enforced ClientRequirements Standard URL installationInstalling on client computers Sending an installation URL to users3 When you are prompted to do so, click Install What is the email address used for?Figure 2-2 Advanced installation methods Advanced installation methodsAdvanced installation method The administratorRequirements Silent installation„ Requirements „ Installation What is my company key? InstallationVSSETUP parameters Push installation „ Requirements „ Installation Considerations for scheduling push installations1 Download the Push Install utility from the SecurityCenter RequirementsTo install Enforced Client using the Push Install utility InstallationEnabling relay servers If you use a corporate firewall or proxy serverFigure 2-6 Status for target computers Using the Push Install utility Completing the installationUsing VSSETUP „ Using the Push Install utility „ Using VSSETUPScan the client computer Test virus protectionScan the email Inbox Set up the default firewall„ Setting up your account on page What should I do after installing?„ Viewing your security services at-a-glance on page „ Setting up policies on page „ Viewing reports on pageWhat should I do after installing? Installing Enforced ClientEnforced Client Product Guide „ Using the client software „ Updating client computers Using Enforced Client„ Using the SecurityCenter „ Getting started „ Setting up your accountEnforced Client system tray icon Using the client softwareRemoving and displaying the icon „ Administrative menu and tasksUpdating client computers Administrative menu and tasksClient menu Update manually Update automaticallyUpdate during an outbreak „ Update automatically „ Update manually „ Update during an outbreakUpdate computers where no user is logged on Using the SecurityCenterSetting up your account When you areSetting up policies Viewing reports Managing your correspondence „ Set up your profile „ Change your SecurityCenter passwordGetting started Access online features and functionsLog on to the SecurityCenter „ Log on to the SecurityCenter „ Access online features and functionsFigure 3-1 SecurityCenter tabs Using Enforced ClientEnforced Client Product Guide Getting startedWhen you want to Make the most of your online dataFigure 3-2 Page controls for listings and reports Do thisCustomize listings and reports Do this Using the online helpShow Navigation Previous and NextSet up your profile Setting up your accountChange your SecurityCenter password Sign up for email notificationsViewing your security services at-a-glance View and resolve action items Install protection services„ Install protection services „ View and resolve action items „ Purchase, add, and renew services „ Request a trial subscriptionView security coverage for your account Managing your computers„ Send email to computers „ Block computers from receiving updates „ Search for computers „ Install protection services„ Display details for a computer „ View detections for a computer „ View user-approved applications for a computerDisplay details for a computer Search for computersInstall protection services See Chapter 2, Installing Enforced Client for more informationFigure 3-5 Computer Details page When you want toDo this For System email address, type a new email address, then click SaveView user-approved applications for a computer View detections for a computerSend email to computers Creating groups to manage your site Block computers from receiving updatesDelete computers from your reports Move computers into a group„ Create or edit a group „ Delete a group The Default groupCreate or edit a group Designating group administratorsDelete a group Figure 3-7 Site and group administrators „ Create or edit a group administrator „ Delete a group administrator Create or edit a group administratorDelete a group administrator Setting up policies„ Restore default policy settings „ Delete a policy „ Create or edit a policy „ Assign a policy to a groupDefault setting The SonicWALL Default policyAll programs types are enabled Virus protectionCreate or edit a policy Restore default policy settingsAssign a policy to a group Delete a policy Viewing reportsTo view Use this reportDetections UnrecognizedFigure 3-9 Duplicate Computers report View duplicate computersView computer profiles Managing your correspondence„ Send email to users „ Update user email addresses „ Update your account’s email address „ Add your logo to reportsUpdate your account’s email address Update user email addressesSend email to users Add your logo to reportsManaging your subscriptions View your service subscriptions„ View your service subscriptions „ Update subscription information „ Purchase, add, and renew services „ Request a trial subscriptionPurchase, add, and renew services Update subscription informationRequest a trial subscription Getting assistanceReceive subscription notifications View printed and online documentsContact product support Download utilitiesVSSetup Run the Push Install UtilityService Using the Virus and Spyware ProtectionAccessing client features Scan Tasks menu „ Accessing client features Scan Tasks menuDisable On-Access Scanner Select this commandScanner see Disabling on-access scanning on page Figure 4-1 Scan Tasks menuScanning client computers Scan automatically on-access scans„ Scan automatically on-access scans „ Scan manually on-demand scans „ Schedule on-demand scans „ Scan email „ Scan for spywareView scan results Scan manually on-demand scans„ View scan results „ How detections are handled How detections are handled Scan email Schedule on-demand scansScan for spyware Cleaned CleanApprove CloseSet basic virus protection options Configuring policies for virus and spyware protectionSchedule on-demand scans „ Schedule on-demand scansExclude files and folders from virus scans Enable optional protection Select your update frequencySet advanced virus protection options „ Select your update frequency „ Enable optional protectionEnable outbreak response Enable buffer overflow protection Enable script scanningScan email before delivering to the Outlook Inbox rar, .tat, .tgzSet basic spyware protection options Enable spyware protection„ Enable spyware protection „ Select a spyware protection mode „ Specify approved programsBehavior of protection service Select a spyware protection modeMode ReportSet advanced spyware protection options Learn modeSpecify approved programs 2 Click the Advanced Settings tab Password crackersThreat type DescriptionView detections Viewing reports for virus and spyware detections„ Detections see View detections „ Unrecognized Programs see View unrecognized programs on pageadvanced spyware protection options on page When you want toBuffer Overflow Processes Details pageFigure 4-7 Unrecognized Programs report View unrecognized programsWhen you want to Using the Unrecognized Programs reportthe Computer Details page on pageFigure 4-8 Detection History report View your detection historyManage your protection strategy with best practices Managing detections„ Manage your protection strategy with best practices „ Manage quarantined filesRestore Manage quarantined filesthe Quarantine Viewer 2 Select Scan Tasks Quarantine ViewerCleaned Disabling on-access scanningClean failed 2 Select Disable On-Access Scanner or Enable On-Access ScannerDisabling on-access scanning Using the Virus and Spyware Protection ServiceEnforced Client Product Guide Accessing client features Firewall Settings command Using the Firewall Protection Service„ Accessing client features Firewall Settings command „ Configuring policies for firewall protection„ Specify who configures firewall protection settings Configuring policies for firewall protection„ Install the firewall protection service via policy „ Enable firewall protection „ Select a firewall protection modeFigure 5-1 Desktop Firewall policy tab Specify who configures firewall protection settingsEnable firewall protection Install the firewall protection service via policyLearn mode Select a firewall protection modeSpecify a connection type Configure a custom connection„ Configure system services for a custom connection Standard system service ports Configure system services for a custom connection„ Configure IP addresses for a custom connection „ Standard system service ports „ Open a service portOpen a service port Close a service port Add and edit service portsConfigure IP addresses for a custom connection Set up allowed Internet applicationsSpecify whether to use SonicWALL recommendations Specify Internet applications in a policyView unrecognized Internet applications Viewing reports for firewall protection„ Unrecognized Programs see View unrecognized Internet applications View inbound events blocked by the firewall Events to display the Inbound Event List Managing suspicious activity with best practices„ When running the firewall protection service on a server, ensure that service ports are configured correctly to prevent disruption of system services see Configure system services for a custom connection on page 117. Ensure that no unnecessary ports are open Enforced Client Product Guide Using the Firewall Protection ServiceManaging suspicious activity with best practices Accessing site safety information Using the Browser Protection Service„ Accessing site safety information „ Configuring browser protection settings „ Submitting feedbackStaying safe during searches How safety ratings are compiledSettings Staying safe while browsingSettings Configuring browser protection on the clientViewing safety reports Configuring browser protection settingsConfiguring browser protection from the SecurityCenter Installing via policyEnable or disable the display of safety icons next Configuring browser protection on the client computerEncrypt the data sent to the server using the Enable or disable the color coding for theSubmitting feedback „ Activating the email security service „ Using the portal Using the Email Security Service„ Setting up your account „ Viewing your email protection status „ Configuring a policy for email securityUsing the portal Activating the email security service2 Click Install Protection 3 Select Install email security service Customize your account settings Update your MX recordsSetting up your account „ Update your MX records „ Customize your account settingsRecommended first steps Default settings1 Add your other domains Optional customization Figure 7-2 Administration page Configure general administration settingsAccess basic administration features on the Administration page Viewing your email protection statusUse this feature General SettingsTo view the status of your service Viewing reports for the email security service Configuring a policy for email securityView and manage quarantined user messages Managing quarantined emailCheck the Quarantine Summary „ View and manage quarantined user messagesView quarantined mail deliveries Getting more informationEnforced Client Product Guide Using the Email Security ServiceGetting more information Uninstalling protection services 8 Troubleshooting„ Uninstalling protection services „ Frequently asked questions FAQ „ Error messages „ Contacting product supportInstalling Frequently asked questions FAQ„ Installing „ Adding, renewing, and moving licenses „ Configuring and managing policies „ Scanning „ Reporting „ UpdatingAdding, renewing, and moving licenses Configuring and managing policiesReporting ScanningUpdating Firewall protection Email Browser protectionGeneral „ Installation Declined „ Installation Denied Error messages„ Invalid Entitlement Error „ Cannot find remote shared directory „ File does not exist„ Unable to connect to the Enforced Client update server „ MyASUtil.SecureObjectFactory error message „ MyINX Error„ Unable to create Cab Installer Object Cannot find remote shared directoryThe security level of the browser is too high The user doesn’t have administrator rightsInternet Explorer is blocking ActiveX controls A registry file is missingInstallation Denied Common causes and solutions 1 From the Windows Control Panel, open Add/Remove Programs If you do not see a Status column, set your view options to Details1 Select Start Run See If you use a corporate firewall or proxy server on page You might need to adjust your corporate firewall or proxy settingsContacting product support Compare to group administrator and user Glossaryprotection service See reportsCompare to SecurityCenter website Compare to URL installationSee policy Compare to trusted connection and untrusted connectionprotection service protection serviceCompare to administrator and user See also push installation, silent installation, and URL installationCompare to prompt mode and report mode Compare to protect mode and report modeCompare to silent installation and URL installation Compare to prompt mode and protect modeCompare to push installation and URL installation See on-access scanning and on-demand scanningCustomer Home site Compare to client softwareCompare to administrator and group administrator Compare to push installation and silent installationservice Compare to trusted connectionSecurityCenter tab Login page„ Log on to the SecurityCenter „ Change your SecurityCenter password „ Viewing your security services at-a-glance„ Managing your computers „ Install protection services Computers tab„ Send email to computers „ Block computers from receiving updates „ Specify approved programs „ Set up allowed Internet applicationsFind computers DescriptionAdd Computer Groups„ Viewing reports for the email security service Reports tab„ Viewing reports „ View detections „ View unrecognized programs „ View unrecognized Internet applications„ Creating groups to manage your site „ Setting up policies Groups + Policies tab„ Configuring policies for virus and spyware protection „ Configuring policies for firewall protection„ Setting up your account „ Change your SecurityCenter password My Account tab„ Managing your subscriptions „ Designating group administrators Service Summary sectionMy Logo section Notification Preferences sectionHelp tab Install ProtectionEmail Page „ View printed and online documents „ Download utilitiesInstall Protection New Computers Email Text Install Protection New Computers„ Installing Enforced Client „ Standard URL installation „ Using the portalInstall Protection Existing Computers Email Text Install Protection Existing Computers„ Standard URL installation „ Standard URL installation „ Advanced installation methodsAdvanced Installation Methods Install Email Security Service„ Using the portal „ Update your MX records „ Viewing reports for the email security serviceProduct Coverage Product Purchase„ Managing your subscriptions „ Purchase, add, and renew services „ Request a trial subscription„ Set up allowed Internet applications Computer Details„ Managing your computers „ Make the most of your online data „ Customize listings and reports „ Specify approved programsUser-Approved Application List Detection List„ View detections for a computer „ Specify approved programs „ Set up allowed Internet applications Search Results„ View user-approved applications for a computer „ Managing your computers „ Search for computers„ View detections „ Make the most of your online data Detections report by computer„ Customize listings and reports „ Manage your protection strategy with best practices„ View detections „ Make the most of your online data Detections report by detection„ Customize listings and reports „ Manage your protection strategy with best practices„ Set up allowed Internet applications Unrecognized Programs report by computer„ View unrecognized programs „ Make the most of your online data „ Customize listings and reports„ Specify approved programs „ Set up allowed Internet applications Unrecognized Programs report by program„ View unrecognized programs „ View user-approved applications for a computerInbound Events Blocked by Firewall report by destination computer Inbound Events Blocked by Firewall report by originating computerLists the IP address of the computer where the event originated „ View inbound events blocked by the firewallDuplicate Computers report Inbound Event List„ View inbound events blocked by the firewall „ View duplicate computers „ Display details for a computer„ View computer profiles Computer Profiles report„ View your detection history Detection History report„ Manage your protection strategy with best practices DescriptionEdit Group Edit Default Group„ Creating groups to manage your site „ Setting up policies „ Creating groups to manage your site „ Setting up policiesAdd Group View Default Policy„ Setting up policies „ Assign a policy to a group „ Setting up policies „ Set basic virus protection options„ Configuring browser protection from the SecurityCenter „ Configuring policies for firewall protection„ The SonicWALL Default policy Firewall ConfigurationEnable buffer overflow Enable outbreak responseEnable script scanning on-access scans„ Set basic virus protection options „ Assign a policy to a group Edit Policy Virus Protection Settings„ Set basic spyware protection options „ Assign a policy to a group Edit Policy Spyware Protection Settings„ Configuring policies for firewall protection „ Learn mode Edit Policy Desktop Firewall Settings„ Assign a policy to a group Automatically install the update the policy to User configures firewallFirewall Protection Mode Description„ Configure system services for a custom connection Firewall Custom Settings„ Configure IP addresses for a custom connection Add or Edit Incoming Connection„ Configure system services for a custom connection CancelEdit Policy Advanced Settings Edit Policy Browser Protection Settings„ Configuring browser protection from the SecurityCenter „ Update computers where no user is logged onCheck for updates every Settings„ Enable buffer overflow protection Detect code starting to run „ Scan all file types during on-access scans Inspect all types of„ Set basic virus protection options „ Assign a policy to a group Add Policy Virus Protection Settings„ Set basic spyware protection options „ Assign a policy to a group Add Policy Spyware Protection Settings„ Configuring policies for firewall protection „ Learn mode Add Policy Desktop Firewall Settings„ Assign a policy to a group update the policy to User configures firewall Firewall ConfigurationAutomatically install the Firewall Protection Mode„ Configuring browser protection from the SecurityCenter Add Policy Browser Protection Settings„ Assign a policy to a group „ Update computers where no user is logged on Add Policy Advanced Settings„ Notifying users when support ends „ Assign a policy to a group „ Set advanced virus protection optionsCheck for updates every SettingsDescription „ Managing your subscriptions Subscription History„ Update subscription information Edit Subscription InformationView Cancelled Services Managed ServicesManage All Group Administrators Manage Group Administrators„ Designating group administrators „ Designating group administrators„ Sign up for email notifications Notification PreferencesManage Logo Edit ProfileUtilities „ Set up your profile „ Change your SecurityCenter passwordSilently install protection „ Install the standalone installation agentInstall protection services previous installation