Manuals / SonicWALL / Kitchen Appliance / Frozen Dessert Maker

SonicWALL 4.5 Close, Action Required, Approved, Cleaned, Quarantined, page, Delete failed

Models: 4.5

1 212

Download 212 pages 10.59 Kb

Page 93

Clean

Enforced Client Product Guide	Using the Virus and Spyware Protection Service
	Scanning client computers

2Select one or more detections, then select an action:

Clean	Place an encrypted original copy of each selected item in a quarantine folder, then
	attempt to clean it. If it cannot be cleaned, delete the item.
Approve	Add each selected item to the user’s list of approved programs. These programs
	will not be detected as spyware during future scans. (Clicking Approved displays a
	list of all currently approved programs on the client computer.)
Close	Allow the items to remain on the computer and close the Potentially Unwanted
	Program Viewer. They will be detected again during the next scan.

4

3Check the status of each item, then click Close.

Action Required	You have not performed any action on this item since it was detected.
Approved	The item was added to the list of user-approved programs and will no longer
	be detected as spyware on this computer.
Cleaned	The item was cleaned successfully and can be used safely. An encrypted,
	backup copy of the original item was placed in a quarantine folder.
Quarantined	The item could not be cleaned. The original item was deleted, and an
	encrypted copy was placed in a quarantine folder. If the item was a program,
	all associated cookies and registry keys were also deleted.
	Note: Items are placed into the quarantine folder in a format that is no longer a
	threat to the computer. After 30 days, these items are deleted. You can manage
	these items using the Quarantine Viewer (see Manage quarantined files on
	page 109).
Delete failed	The item could not be cleaned or deleted. If it is in use, close it and attempt the
	clean again. If it resides on read-only media, such as CD, no further action is
	required. The virus and spyware protection service has prevented the original
	item from accessing the computer, but it cannot delete the item. Any items
	copied to the computer have been cleaned.
	Note: If you are not sure why the item could not be cleaned, it is possible that
	a risk still exists. If you cannot determine why the delete failed, contact
	product support.

93

Image 93

SonicWALL 4.5 manual Close, Action Required, Approved, Cleaned, Quarantined, page, Delete failed

Contents

3ONIC7!,,C%NFORCED #LIENT !NTI6IRUS AND !NTI3PYWARE 0RODUCTDUIDE 6ERSIONS02/4%#4/. !444%/30%%$!/& 53.%33 TRADEMARK ATTRIBUTIONS Enforced Client Anti-Virus and Anti-Spyware 4.5COPYRIGHTLICENSE INFORMATION License Agreement AttributionsContents Installing Enforced ClientIntroduction Using Enforced Client Using the Firewall Protection Service Using the Virus and Spyware Protection ServiceDisabling on-access scanning Managing your subscriptionsUsing the Browser Protection Service „ What is Enforced Client? „ What is new in this release? 1 Introduction„ Managing with the online SecurityCenter „ Using this guide „ How does the software work?„ Select the right version of Enforced Client What is Enforced Client?„ Protect against many kinds of threats „ Ensure continuous, automatic protectionProtect against many kinds of threats Select the right version of Enforced ClientEnsure continuous, automatic protection New feature What is new in this release?users when support ends on page Chapter 2, Installing Enforced ClientThe updating process How does the software work?„ The updating process „ Outbreak response „ Rumor technology „ Internet Independent Updating IIUFigure 1-2 Methods for updating client computers Retrieving updatesOutbreak response Rumor technologyUploading security information Internet Independent Updating IIU Figure 1-3 The online SecurityCenter Managing with the online SecurityCenterSee Using the SecurityCenter on page 55 for more information User groups Figure 1-4 Example Sales Team group and Sales policy Customized policiesUsing this guide Who should read this guide?„ Who should read this guide? „ Conventions Bold ConventionsCondensed ExampleGetting product information Avert Labs DAT Notification Service Contact informationProduct Upgrades Valid grant number required Security Updates DATs, engine HotFix and Patch ReleasesEnforced Client Product Guide IntroductionGetting product information „ Before you install „ Installing Enforced Client Installing Enforced Client„ Completing the installation „ What should I do after installing? „ After you place your order „ System requirementsAfter you place your order Operating systems System requirements„ Operating systems „ RAM „ Email security service Protection servicesOperating system support ending Notifying users when support endsEmail server security application Email security serviceTerminal servers Uninstall existing virus protection software Before you install„ Uninstall existing virus protection software „ Uninstall existing firewall software „ Configure your browserSonicWALL Retail SonicWALL EnterpriseComputer Associates FinjanConfigure your browser Uninstall existing firewall softwareInternet Explorer Non-Microsoft browsersInstall the standalone installation agent Standard URL installation Installing Enforced ClientRequirements Standard URL installationInstalling on client computers Sending an installation URL to users3 When you are prompted to do so, click Install What is the email address used for?Figure 2-2 Advanced installation methods Advanced installation methodsAdvanced installation method The administratorSilent installation Requirements„ Requirements „ Installation What is my company key? InstallationVSSETUP parameters Push installation „ Requirements „ Installation Considerations for scheduling push installations1 Download the Push Install utility from the SecurityCenter RequirementsTo install Enforced Client using the Push Install utility InstallationIf you use a corporate firewall or proxy server Enabling relay serversFigure 2-6 Status for target computers Using the Push Install utility Completing the installationUsing VSSETUP „ Using the Push Install utility „ Using VSSETUPScan the client computer Test virus protectionScan the email Inbox Set up the default firewall„ Setting up your account on page What should I do after installing?„ Viewing your security services at-a-glance on page „ Setting up policies on page „ Viewing reports on pageInstalling Enforced Client What should I do after installing?Enforced Client Product Guide „ Using the client software „ Updating client computers Using Enforced Client„ Using the SecurityCenter „ Getting started „ Setting up your accountEnforced Client system tray icon Using the client softwareRemoving and displaying the icon „ Administrative menu and tasksAdministrative menu and tasks Updating client computersClient menu Update manually Update automaticallyUpdate during an outbreak „ Update automatically „ Update manually „ Update during an outbreakUpdate computers where no user is logged on Using the SecurityCenterSetting up your account When you areSetting up policies Viewing reports Managing your correspondence „ Set up your profile „ Change your SecurityCenter passwordGetting started Access online features and functionsLog on to the SecurityCenter „ Log on to the SecurityCenter „ Access online features and functionsFigure 3-1 SecurityCenter tabs Using Enforced ClientEnforced Client Product Guide Getting startedWhen you want to Make the most of your online dataFigure 3-2 Page controls for listings and reports Do thisCustomize listings and reports Do this Using the online helpShow Navigation Previous and NextSet up your profile Setting up your accountChange your SecurityCenter password Sign up for email notificationsViewing your security services at-a-glance View and resolve action items Install protection services„ Install protection services „ View and resolve action items „ Purchase, add, and renew services „ Request a trial subscriptionView security coverage for your account Managing your computers„ Send email to computers „ Block computers from receiving updates „ Search for computers „ Install protection services„ Display details for a computer „ View detections for a computer „ View user-approved applications for a computerDisplay details for a computer Search for computersInstall protection services See Chapter 2, Installing Enforced Client for more informationFigure 3-5 Computer Details page When you want toDo this For System email address, type a new email address, then click SaveView detections for a computer View user-approved applications for a computerSend email to computers Creating groups to manage your site Block computers from receiving updatesDelete computers from your reports Move computers into a group„ Create or edit a group „ Delete a group The Default groupDesignating group administrators Create or edit a groupDelete a group Figure 3-7 Site and group administrators „ Create or edit a group administrator „ Delete a group administrator Create or edit a group administratorDelete a group administrator Setting up policies„ Restore default policy settings „ Delete a policy „ Create or edit a policy „ Assign a policy to a groupDefault setting The SonicWALL Default policyAll programs types are enabled Virus protectionRestore default policy settings Create or edit a policyAssign a policy to a group Delete a policy Viewing reportsTo view Use this reportDetections UnrecognizedFigure 3-9 Duplicate Computers report View duplicate computersView computer profiles Managing your correspondence„ Send email to users „ Update user email addresses „ Update your account’s email address „ Add your logo to reportsUpdate your account’s email address Update user email addressesSend email to users Add your logo to reportsManaging your subscriptions View your service subscriptions„ View your service subscriptions „ Update subscription information „ Purchase, add, and renew services „ Request a trial subscriptionPurchase, add, and renew services Update subscription informationRequest a trial subscription Getting assistanceReceive subscription notifications View printed and online documentsContact product support Download utilitiesVSSetup Run the Push Install UtilityService Using the Virus and Spyware ProtectionAccessing client features Scan Tasks menu „ Accessing client features Scan Tasks menuDisable On-Access Scanner Select this commandScanner see Disabling on-access scanning on page Figure 4-1 Scan Tasks menuScanning client computers Scan automatically on-access scans„ Scan automatically on-access scans „ Scan manually on-demand scans „ Schedule on-demand scans „ Scan email „ Scan for spywareScan manually on-demand scans View scan results„ View scan results „ How detections are handled How detections are handled Schedule on-demand scans Scan emailScan for spyware Cleaned CleanApprove CloseSet basic virus protection options Configuring policies for virus and spyware protectionSchedule on-demand scans „ Schedule on-demand scansExclude files and folders from virus scans Enable optional protection Select your update frequencySet advanced virus protection options „ Select your update frequency „ Enable optional protectionEnable outbreak response Enable buffer overflow protection Enable script scanningScan email before delivering to the Outlook Inbox rar, .tat, .tgzSet basic spyware protection options Enable spyware protection„ Enable spyware protection „ Select a spyware protection mode „ Specify approved programsBehavior of protection service Select a spyware protection modeMode ReportLearn mode Set advanced spyware protection optionsSpecify approved programs 2 Click the Advanced Settings tab Password crackersThreat type DescriptionView detections Viewing reports for virus and spyware detections„ Detections see View detections „ Unrecognized Programs see View unrecognized programs on pageadvanced spyware protection options on page When you want toBuffer Overflow Processes Details pageFigure 4-7 Unrecognized Programs report View unrecognized programsWhen you want to Using the Unrecognized Programs reportthe Computer Details page on pageFigure 4-8 Detection History report View your detection historyManage your protection strategy with best practices Managing detections„ Manage your protection strategy with best practices „ Manage quarantined filesRestore Manage quarantined filesthe Quarantine Viewer 2 Select Scan Tasks Quarantine ViewerCleaned Disabling on-access scanningClean failed 2 Select Disable On-Access Scanner or Enable On-Access ScannerUsing the Virus and Spyware Protection Service Disabling on-access scanningEnforced Client Product Guide Accessing client features Firewall Settings command Using the Firewall Protection Service„ Accessing client features Firewall Settings command „ Configuring policies for firewall protection„ Specify who configures firewall protection settings Configuring policies for firewall protection„ Install the firewall protection service via policy „ Enable firewall protection „ Select a firewall protection modeFigure 5-1 Desktop Firewall policy tab Specify who configures firewall protection settingsEnable firewall protection Install the firewall protection service via policyLearn mode Select a firewall protection modeConfigure a custom connection Specify a connection type„ Configure system services for a custom connection Standard system service ports Configure system services for a custom connection„ Configure IP addresses for a custom connection „ Standard system service ports „ Open a service portOpen a service port Close a service port Add and edit service portsConfigure IP addresses for a custom connection Set up allowed Internet applicationsSpecify whether to use SonicWALL recommendations Specify Internet applications in a policyViewing reports for firewall protection View unrecognized Internet applications„ Unrecognized Programs see View unrecognized Internet applications View inbound events blocked by the firewall Events to display the Inbound Event List Managing suspicious activity with best practices„ When running the firewall protection service on a server, ensure that service ports are configured correctly to prevent disruption of system services see Configure system services for a custom connection on page 117. Ensure that no unnecessary ports are open Using the Firewall Protection Service Enforced Client Product GuideManaging suspicious activity with best practices Accessing site safety information Using the Browser Protection Service„ Accessing site safety information „ Configuring browser protection settings „ Submitting feedbackStaying safe during searches How safety ratings are compiledSettings Staying safe while browsingSettings Configuring browser protection on the clientViewing safety reports Configuring browser protection settingsConfiguring browser protection from the SecurityCenter Installing via policyEnable or disable the display of safety icons next Configuring browser protection on the client computerEncrypt the data sent to the server using the Enable or disable the color coding for theSubmitting feedback „ Activating the email security service „ Using the portal Using the Email Security Service„ Setting up your account „ Viewing your email protection status „ Configuring a policy for email securityActivating the email security service Using the portal2 Click Install Protection 3 Select Install email security service Customize your account settings Update your MX recordsSetting up your account „ Update your MX records „ Customize your account settingsDefault settings Recommended first steps1 Add your other domains Optional customization Figure 7-2 Administration page Configure general administration settingsAccess basic administration features on the Administration page Viewing your email protection statusUse this feature General SettingsTo view the status of your service Viewing reports for the email security service Configuring a policy for email securityView and manage quarantined user messages Managing quarantined emailCheck the Quarantine Summary „ View and manage quarantined user messagesView quarantined mail deliveries Getting more informationUsing the Email Security Service Enforced Client Product GuideGetting more information Uninstalling protection services 8 Troubleshooting„ Uninstalling protection services „ Frequently asked questions FAQ „ Error messages „ Contacting product supportInstalling Frequently asked questions FAQ„ Installing „ Adding, renewing, and moving licenses „ Configuring and managing policies „ Scanning „ Reporting „ UpdatingAdding, renewing, and moving licenses Configuring and managing policiesReporting ScanningUpdating Firewall protection Browser protection EmailGeneral „ Installation Declined „ Installation Denied Error messages„ Invalid Entitlement Error „ Cannot find remote shared directory „ File does not exist„ Unable to connect to the Enforced Client update server „ MyASUtil.SecureObjectFactory error message „ MyINX Error„ Unable to create Cab Installer Object Cannot find remote shared directoryThe security level of the browser is too high The user doesn’t have administrator rightsInternet Explorer is blocking ActiveX controls A registry file is missingInstallation Denied Common causes and solutions If you do not see a Status column, set your view options to Details 1 From the Windows Control Panel, open Add/Remove Programs1 Select Start Run See If you use a corporate firewall or proxy server on page You might need to adjust your corporate firewall or proxy settingsContacting product support Compare to group administrator and user Glossaryprotection service See reportsCompare to SecurityCenter website Compare to URL installationSee policy Compare to trusted connection and untrusted connectionprotection service protection serviceCompare to administrator and user See also push installation, silent installation, and URL installationCompare to prompt mode and report mode Compare to protect mode and report modeCompare to silent installation and URL installation Compare to prompt mode and protect modeCompare to push installation and URL installation See on-access scanning and on-demand scanningCustomer Home site Compare to client softwareCompare to administrator and group administrator Compare to push installation and silent installationservice Compare to trusted connectionSecurityCenter tab Login page„ Log on to the SecurityCenter „ Change your SecurityCenter password „ Viewing your security services at-a-glance„ Managing your computers „ Install protection services Computers tab„ Send email to computers „ Block computers from receiving updates „ Specify approved programs „ Set up allowed Internet applicationsFind computers DescriptionAdd Computer Groups„ Viewing reports for the email security service Reports tab„ Viewing reports „ View detections „ View unrecognized programs „ View unrecognized Internet applications„ Creating groups to manage your site „ Setting up policies Groups + Policies tab„ Configuring policies for virus and spyware protection „ Configuring policies for firewall protection„ Setting up your account „ Change your SecurityCenter password My Account tab„ Managing your subscriptions „ Designating group administrators Service Summary sectionMy Logo section Notification Preferences sectionHelp tab Install ProtectionEmail Page „ View printed and online documents „ Download utilitiesInstall Protection New Computers Email Text Install Protection New Computers„ Installing Enforced Client „ Standard URL installation „ Using the portalInstall Protection Existing Computers Email Text Install Protection Existing Computers„ Standard URL installation „ Standard URL installation „ Advanced installation methodsAdvanced Installation Methods Install Email Security Service„ Using the portal „ Update your MX records „ Viewing reports for the email security serviceProduct Coverage Product Purchase„ Managing your subscriptions „ Purchase, add, and renew services „ Request a trial subscription„ Set up allowed Internet applications Computer Details„ Managing your computers „ Make the most of your online data „ Customize listings and reports „ Specify approved programsDetection List User-Approved Application List„ View detections for a computer „ Specify approved programs „ Set up allowed Internet applications Search Results„ View user-approved applications for a computer „ Managing your computers „ Search for computers„ View detections „ Make the most of your online data Detections report by computer„ Customize listings and reports „ Manage your protection strategy with best practices„ View detections „ Make the most of your online data Detections report by detection„ Customize listings and reports „ Manage your protection strategy with best practices„ Set up allowed Internet applications Unrecognized Programs report by computer„ View unrecognized programs „ Make the most of your online data „ Customize listings and reports„ Specify approved programs „ Set up allowed Internet applications Unrecognized Programs report by program„ View unrecognized programs „ View user-approved applications for a computerInbound Events Blocked by Firewall report by destination computer Inbound Events Blocked by Firewall report by originating computerLists the IP address of the computer where the event originated „ View inbound events blocked by the firewallDuplicate Computers report Inbound Event List„ View inbound events blocked by the firewall „ View duplicate computers „ Display details for a computer„ View computer profiles Computer Profiles report„ View your detection history Detection History report„ Manage your protection strategy with best practices DescriptionEdit Group Edit Default Group„ Creating groups to manage your site „ Setting up policies „ Creating groups to manage your site „ Setting up policiesAdd Group View Default Policy„ Setting up policies „ Assign a policy to a group „ Setting up policies „ Set basic virus protection options„ Configuring browser protection from the SecurityCenter „ Configuring policies for firewall protection„ The SonicWALL Default policy Firewall ConfigurationEnable buffer overflow Enable outbreak responseEnable script scanning on-access scans„ Set basic virus protection options „ Assign a policy to a group Edit Policy Virus Protection Settings„ Set basic spyware protection options „ Assign a policy to a group Edit Policy Spyware Protection SettingsEdit Policy Desktop Firewall Settings „ Configuring policies for firewall protection „ Learn mode„ Assign a policy to a group Automatically install the update the policy to User configures firewallFirewall Protection Mode Description„ Configure system services for a custom connection Firewall Custom Settings„ Configure IP addresses for a custom connection Add or Edit Incoming Connection„ Configure system services for a custom connection CancelEdit Policy Advanced Settings Edit Policy Browser Protection Settings„ Configuring browser protection from the SecurityCenter „ Update computers where no user is logged onCheck for updates every Settings„ Enable buffer overflow protection Detect code starting to run „ Scan all file types during on-access scans Inspect all types of„ Set basic virus protection options „ Assign a policy to a group Add Policy Virus Protection Settings„ Set basic spyware protection options „ Assign a policy to a group Add Policy Spyware Protection SettingsAdd Policy Desktop Firewall Settings „ Configuring policies for firewall protection „ Learn mode„ Assign a policy to a group update the policy to User configures firewall Firewall ConfigurationAutomatically install the Firewall Protection ModeAdd Policy Browser Protection Settings „ Configuring browser protection from the SecurityCenter„ Assign a policy to a group „ Update computers where no user is logged on Add Policy Advanced Settings„ Notifying users when support ends „ Assign a policy to a group „ Set advanced virus protection optionsSettings Check for updates everyDescription „ Managing your subscriptions Subscription History„ Update subscription information Edit Subscription InformationView Cancelled Services Managed ServicesManage All Group Administrators Manage Group Administrators„ Designating group administrators „ Designating group administrators„ Sign up for email notifications Notification PreferencesManage Logo Edit ProfileUtilities „ Set up your profile „ Change your SecurityCenter passwordSilently install protection „ Install the standalone installation agentInstall protection services previous installation