02/4%#4/. !444%/30%%$!/& 53.%33
3ONIC7!,,C%NFORCED #LIENT !NTI6IRUS AND !NTI3PYWARE 0RODUCTDUIDE
6ERSIONS���
LICENSE INFORMATION License Agreement
Enforced Client Anti-Virus and Anti-Spyware 4.5COPYRIGHT
TRADEMARK ATTRIBUTIONS
Attributions
Introduction
Contents
Installing Enforced Client
Using Enforced Client
Disabling on-access scanning
Using the Virus and Spyware Protection Service
Using the Firewall Protection Service
Managing your subscriptions
Using the Browser Protection Service
„ Managing with the online SecurityCenter „ Using this guide
1 Introduction
„ What is Enforced Client? „ What is new in this release?
„ How does the software work?
„ Protect against many kinds of threats
What is Enforced Client?
„ Select the right version of Enforced Client
„ Ensure continuous, automatic protection
Select the right version of Enforced Client
Protect against many kinds of threats
Ensure continuous, automatic protection
users when support ends on page
What is new in this release?
New feature
Chapter 2, Installing Enforced Client
„ The updating process „ Outbreak response „ Rumor technology
How does the software work?
The updating process
„ Internet Independent Updating IIU
Retrieving updates
Figure 1-2 Methods for updating client computers
Uploading security information
Outbreak response
Rumor technology
Internet Independent Updating IIU
Managing with the online SecurityCenter
Figure 1-3 The online SecurityCenter
See Using the SecurityCenter on page 55 for more information
User groups
Customized policies
Figure 1-4 Example Sales Team group and Sales policy
„ Who should read this guide? „ Conventions
Using this guide
Who should read this guide?
Condensed
Conventions
Bold
Example
Getting product information
Product Upgrades Valid grant number required
Contact information
Avert Labs DAT Notification Service
Security Updates DATs, engine HotFix and Patch Releases
Getting product information
Enforced Client Product Guide
Introduction
„ Completing the installation „ What should I do after installing?
Installing Enforced Client
„ Before you install „ Installing Enforced Client
„ After you place your order „ System requirements
After you place your order
„ Operating systems „ RAM „ Email security service
System requirements
Operating systems
Protection services
Notifying users when support ends
Operating system support ending
Email security service
Email server security application
Terminal servers
„ Uninstall existing virus protection software
Before you install
Uninstall existing virus protection software
„ Uninstall existing firewall software „ Configure your browser
Computer Associates
SonicWALL Enterprise
SonicWALL Retail
Finjan
Internet Explorer
Uninstall existing firewall software
Configure your browser
Non-Microsoft browsers
Install the standalone installation agent
Requirements
Installing Enforced Client
Standard URL installation
Standard URL installation
Sending an installation URL to users
Installing on client computers
What is the email address used for?
3 When you are prompted to do so, click Install
Advanced installation method
Advanced installation methods
Figure 2-2 Advanced installation methods
The administrator
„ Requirements „ Installation
Silent installation
Requirements
Installation
What is my company key?
VSSETUP parameters
Push installation
1 Download the Push Install utility from the SecurityCenter
Considerations for scheduling push installations
„ Requirements „ Installation
Requirements
Installation
To install Enforced Client using the Push Install utility
Figure 2-6 Status for target computers
If you use a corporate firewall or proxy server
Enabling relay servers
Using VSSETUP
Completing the installation
Using the Push Install utility
„ Using the Push Install utility „ Using VSSETUP
Test virus protection
Scan the client computer
Set up the default firewall
Scan the email Inbox
„ Viewing your security services at-a-glance on page
What should I do after installing?
„ Setting up your account on page
„ Setting up policies on page „ Viewing reports on page
Enforced Client Product Guide
Installing Enforced Client
What should I do after installing?
„ Using the SecurityCenter „ Getting started
Using Enforced Client
„ Using the client software „ Updating client computers
„ Setting up your account
Removing and displaying the icon
Using the client software
Enforced Client system tray icon
„ Administrative menu and tasks
Client menu
Administrative menu and tasks
Updating client computers
Update during an outbreak
Update automatically
Update manually
„ Update automatically „ Update manually „ Update during an outbreak
Using the SecurityCenter
Update computers where no user is logged on
Setting up policies Viewing reports Managing your correspondence
When you are
Setting up your account
„ Set up your profile „ Change your SecurityCenter password
Log on to the SecurityCenter
Access online features and functions
Getting started
„ Log on to the SecurityCenter „ Access online features and functions
Enforced Client Product Guide
Using Enforced Client
Figure 3-1 SecurityCenter tabs
Getting started
Figure 3-2 Page controls for listings and reports
Make the most of your online data
When you want to
Do this
Customize listings and reports
Show Navigation
Using the online help
Do this
Previous and Next
Change your SecurityCenter password
Setting up your account
Set up your profile
Sign up for email notifications
Viewing your security services at-a-glance
„ Install protection services „ View and resolve action items
Install protection services
View and resolve action items
„ Purchase, add, and renew services „ Request a trial subscription
Managing your computers
View security coverage for your account
„ Display details for a computer „ View detections for a computer
„ Search for computers „ Install protection services
„ Send email to computers „ Block computers from receiving updates
„ View user-approved applications for a computer
Install protection services
Search for computers
Display details for a computer
See Chapter 2, Installing Enforced Client for more information
Do this
When you want to
Figure 3-5 Computer Details page
For System email address, type a new email address, then click Save
Send email to computers
View detections for a computer
View user-approved applications for a computer
Delete computers from your reports
Block computers from receiving updates
Creating groups to manage your site
Move computers into a group
The Default group
„ Create or edit a group „ Delete a group
Delete a group
Designating group administrators
Create or edit a group
Figure 3-7 Site and group administrators
Create or edit a group administrator
„ Create or edit a group administrator „ Delete a group administrator
„ Restore default policy settings „ Delete a policy
Setting up policies
Delete a group administrator
„ Create or edit a policy „ Assign a policy to a group
All programs types are enabled
The SonicWALL Default policy
Default setting
Virus protection
Assign a policy to a group
Restore default policy settings
Create or edit a policy
Viewing reports
Delete a policy
Detections
Use this report
To view
Unrecognized
View duplicate computers
Figure 3-9 Duplicate Computers report
„ Send email to users „ Update user email addresses
Managing your correspondence
View computer profiles
„ Update your account’s email address „ Add your logo to reports
Send email to users
Update user email addresses
Update your account’s email address
Add your logo to reports
„ View your service subscriptions „ Update subscription information
View your service subscriptions
Managing your subscriptions
„ Purchase, add, and renew services „ Request a trial subscription
Update subscription information
Purchase, add, and renew services
Receive subscription notifications
Getting assistance
Request a trial subscription
View printed and online documents
VSSetup
Download utilities
Contact product support
Run the Push Install Utility
Accessing client features Scan Tasks menu
Using the Virus and Spyware Protection
Service
„ Accessing client features Scan Tasks menu
Scanner see Disabling on-access scanning on page
Select this command
Disable On-Access Scanner
Figure 4-1 Scan Tasks menu
„ Scan automatically on-access scans „ Scan manually on-demand scans
Scan automatically on-access scans
Scanning client computers
„ Schedule on-demand scans „ Scan email „ Scan for spyware
„ View scan results „ How detections are handled
Scan manually on-demand scans
View scan results
How detections are handled
Scan for spyware
Schedule on-demand scans
Scan email
Approve
Clean
Cleaned
Close
Schedule on-demand scans
Configuring policies for virus and spyware protection
Set basic virus protection options
„ Schedule on-demand scans
Exclude files and folders from virus scans
Set advanced virus protection options
Select your update frequency
Enable optional protection
„ Select your update frequency „ Enable optional protection
Scan email before delivering to the Outlook Inbox
Enable script scanning
Enable outbreak response Enable buffer overflow protection
rar, .tat, .tgz
„ Enable spyware protection „ Select a spyware protection mode
Enable spyware protection
Set basic spyware protection options
„ Specify approved programs
Mode
Select a spyware protection mode
Behavior of protection service
Report
Specify approved programs
Learn mode
Set advanced spyware protection options
Threat type
Password crackers
2 Click the Advanced Settings tab
Description
„ Detections see View detections
Viewing reports for virus and spyware detections
View detections
„ Unrecognized Programs see View unrecognized programs on page
Buffer Overflow Processes
When you want to
advanced spyware protection options on page
Details page
View unrecognized programs
Figure 4-7 Unrecognized Programs report
the Computer Details page
Using the Unrecognized Programs report
When you want to
on page
View your detection history
Figure 4-8 Detection History report
„ Manage your protection strategy with best practices
Managing detections
Manage your protection strategy with best practices
„ Manage quarantined files
the Quarantine Viewer
Manage quarantined files
Restore
2 Select Scan Tasks Quarantine Viewer
Clean failed
Disabling on-access scanning
Cleaned
2 Select Disable On-Access Scanner or Enable On-Access Scanner
Enforced Client Product Guide
Using the Virus and Spyware Protection Service
Disabling on-access scanning
„ Accessing client features Firewall Settings command
Using the Firewall Protection Service
Accessing client features Firewall Settings command
„ Configuring policies for firewall protection
„ Install the firewall protection service via policy
Configuring policies for firewall protection
„ Specify who configures firewall protection settings
„ Enable firewall protection „ Select a firewall protection mode
Specify who configures firewall protection settings
Figure 5-1 Desktop Firewall policy tab
Install the firewall protection service via policy
Enable firewall protection
Select a firewall protection mode
Learn mode
„ Configure system services for a custom connection
Configure a custom connection
Specify a connection type
„ Configure IP addresses for a custom connection
Configure system services for a custom connection
Standard system service ports
„ Standard system service ports „ Open a service port
Open a service port
Add and edit service ports
Close a service port
Set up allowed Internet applications
Configure IP addresses for a custom connection
Specify Internet applications in a policy
Specify whether to use SonicWALL recommendations
„ Unrecognized Programs see View unrecognized Internet applications
Viewing reports for firewall protection
View unrecognized Internet applications
View inbound events blocked by the firewall
Managing suspicious activity with best practices
Events to display the Inbound Event List
„ When running the firewall protection service on a server, ensure that service ports are configured correctly to prevent disruption of system services see Configure system services for a custom connection on page 117. Ensure that no unnecessary ports are open
Managing suspicious activity with best practices
Using the Firewall Protection Service
Enforced Client Product Guide
„ Accessing site safety information
Using the Browser Protection Service
Accessing site safety information
„ Configuring browser protection settings „ Submitting feedback
How safety ratings are compiled
Staying safe during searches
Settings
Staying safe while browsing
Settings
Configuring browser protection on the client
Configuring browser protection from the SecurityCenter
Configuring browser protection settings
Viewing safety reports
Installing via policy
Encrypt the data sent to the server using the
Configuring browser protection on the client computer
Enable or disable the display of safety icons next
Enable or disable the color coding for the
Submitting feedback
„ Setting up your account „ Viewing your email protection status
Using the Email Security Service
„ Activating the email security service „ Using the portal
„ Configuring a policy for email security
2 Click Install Protection 3 Select Install email security service
Activating the email security service
Using the portal
Setting up your account
Update your MX records
Customize your account settings
„ Update your MX records „ Customize your account settings
1 Add your other domains
Default settings
Recommended first steps
Optional customization
Configure general administration settings
Figure 7-2 Administration page
Use this feature
Viewing your email protection status
Access basic administration features on the Administration page
General Settings
To view the status of your service
Configuring a policy for email security
Viewing reports for the email security service
Check the Quarantine Summary
Managing quarantined email
View and manage quarantined user messages
„ View and manage quarantined user messages
Getting more information
View quarantined mail deliveries
Getting more information
Using the Email Security Service
Enforced Client Product Guide
„ Uninstalling protection services „ Frequently asked questions FAQ
8 Troubleshooting
Uninstalling protection services
„ Error messages „ Contacting product support
„ Installing „ Adding, renewing, and moving licenses
Frequently asked questions FAQ
Installing
„ Configuring and managing policies „ Scanning „ Reporting „ Updating
Configuring and managing policies
Adding, renewing, and moving licenses
Scanning
Reporting
Updating
Firewall protection
General
Browser protection
Email
„ Invalid Entitlement Error
Error messages
„ Installation Declined „ Installation Denied
„ Cannot find remote shared directory „ File does not exist
„ Unable to create Cab Installer Object
„ MyASUtil.SecureObjectFactory error message „ MyINX Error
„ Unable to connect to the Enforced Client update server
Cannot find remote shared directory
Internet Explorer is blocking ActiveX controls
The user doesn’t have administrator rights
The security level of the browser is too high
A registry file is missing
Installation Denied Common causes and solutions
1 Select Start Run
If you do not see a Status column, set your view options to Details
1 From the Windows Control Panel, open Add/Remove Programs
You might need to adjust your corporate firewall or proxy settings
See If you use a corporate firewall or proxy server on page
Contacting product support
protection service
Glossary
Compare to group administrator and user
See reports
See policy
Compare to URL installation
Compare to SecurityCenter website
Compare to trusted connection and untrusted connection
Compare to administrator and user
protection service
protection service
See also push installation, silent installation, and URL installation
Compare to silent installation and URL installation
Compare to protect mode and report mode
Compare to prompt mode and report mode
Compare to prompt mode and protect mode
Customer Home site
See on-access scanning and on-demand scanning
Compare to push installation and URL installation
Compare to client software
service
Compare to push installation and silent installation
Compare to administrator and group administrator
Compare to trusted connection
„ Log on to the SecurityCenter „ Change your SecurityCenter password
Login page
SecurityCenter tab
„ Viewing your security services at-a-glance
„ Send email to computers „ Block computers from receiving updates
Computers tab
„ Managing your computers „ Install protection services
„ Specify approved programs „ Set up allowed Internet applications
Add Computer
Description
Find computers
Groups
„ Viewing reports „ View detections „ View unrecognized programs
Reports tab
„ Viewing reports for the email security service
„ View unrecognized Internet applications
„ Configuring policies for virus and spyware protection
Groups + Policies tab
„ Creating groups to manage your site „ Setting up policies
„ Configuring policies for firewall protection
„ Managing your subscriptions „ Designating group administrators
My Account tab
„ Setting up your account „ Change your SecurityCenter password
Service Summary section
Notification Preferences section
My Logo section
Email Page
Install Protection
Help tab
„ View printed and online documents „ Download utilities
„ Installing Enforced Client „ Standard URL installation
Install Protection New Computers
Install Protection New Computers Email Text
„ Using the portal
„ Standard URL installation
Install Protection Existing Computers
Install Protection Existing Computers Email Text
„ Standard URL installation „ Advanced installation methods
„ Using the portal „ Update your MX records
Install Email Security Service
Advanced Installation Methods
„ Viewing reports for the email security service
„ Managing your subscriptions „ Purchase, add, and renew services
Product Purchase
Product Coverage
„ Request a trial subscription
„ Managing your computers „ Make the most of your online data
Computer Details
„ Set up allowed Internet applications
„ Customize listings and reports „ Specify approved programs
„ View detections for a computer
Detection List
User-Approved Application List
„ View user-approved applications for a computer
Search Results
„ Specify approved programs „ Set up allowed Internet applications
„ Managing your computers „ Search for computers
„ Customize listings and reports
Detections report by computer
„ View detections „ Make the most of your online data
„ Manage your protection strategy with best practices
„ Customize listings and reports
Detections report by detection
„ View detections „ Make the most of your online data
„ Manage your protection strategy with best practices
„ View unrecognized programs „ Make the most of your online data
Unrecognized Programs report by computer
„ Set up allowed Internet applications
„ Customize listings and reports
„ View unrecognized programs
Unrecognized Programs report by program
„ Specify approved programs „ Set up allowed Internet applications
„ View user-approved applications for a computer
Lists the IP address of the computer where the event originated
Inbound Events Blocked by Firewall report by originating computer
Inbound Events Blocked by Firewall report by destination computer
„ View inbound events blocked by the firewall
„ View inbound events blocked by the firewall
Inbound Event List
Duplicate Computers report
„ View duplicate computers „ Display details for a computer
Computer Profiles report
„ View computer profiles
„ Manage your protection strategy with best practices
Detection History report
„ View your detection history
Description
„ Creating groups to manage your site „ Setting up policies
Edit Default Group
Edit Group
„ Creating groups to manage your site „ Setting up policies
„ Setting up policies „ Assign a policy to a group
View Default Policy
Add Group
„ Setting up policies „ Set basic virus protection options
„ The SonicWALL Default policy
„ Configuring policies for firewall protection
„ Configuring browser protection from the SecurityCenter
Firewall Configuration
Enable script scanning
Enable outbreak response
Enable buffer overflow
on-access scans
Edit Policy Virus Protection Settings
„ Set basic virus protection options „ Assign a policy to a group
Edit Policy Spyware Protection Settings
„ Set basic spyware protection options „ Assign a policy to a group
„ Assign a policy to a group
Edit Policy Desktop Firewall Settings
„ Configuring policies for firewall protection „ Learn mode
Firewall Protection Mode
update the policy to User configures firewall
Automatically install the
Description
Firewall Custom Settings
„ Configure system services for a custom connection
„ Configure system services for a custom connection
Add or Edit Incoming Connection
„ Configure IP addresses for a custom connection
Cancel
„ Configuring browser protection from the SecurityCenter
Edit Policy Browser Protection Settings
Edit Policy Advanced Settings
„ Update computers where no user is logged on
„ Enable buffer overflow protection Detect code starting to run
Settings
Check for updates every
„ Scan all file types during on-access scans Inspect all types of
Add Policy Virus Protection Settings
„ Set basic virus protection options „ Assign a policy to a group
Add Policy Spyware Protection Settings
„ Set basic spyware protection options „ Assign a policy to a group
„ Assign a policy to a group
Add Policy Desktop Firewall Settings
„ Configuring policies for firewall protection „ Learn mode
Automatically install the
Firewall Configuration
update the policy to User configures firewall
Firewall Protection Mode
„ Assign a policy to a group
Add Policy Browser Protection Settings
„ Configuring browser protection from the SecurityCenter
„ Notifying users when support ends „ Assign a policy to a group
Add Policy Advanced Settings
„ Update computers where no user is logged on
„ Set advanced virus protection options
Description
Settings
Check for updates every
Subscription History
„ Managing your subscriptions
View Cancelled Services
Edit Subscription Information
„ Update subscription information
Managed Services
„ Designating group administrators
Manage Group Administrators
Manage All Group Administrators
„ Designating group administrators
Notification Preferences
„ Sign up for email notifications
Utilities
Edit Profile
Manage Logo
„ Set up your profile „ Change your SecurityCenter password
Install protection services
„ Install the standalone installation agent
Silently install protection
previous installation
