3ONIC7!,,C%NFORCED #LIENT !NTI6IRUS AND !NTI3PYWARE 0RODUCTDUIDE
6ERSIONS
02/4%#4/. !444%/30%%$!/& 53.%33
Attributions
Enforced Client Anti-Virus and Anti-Spyware 4.5COPYRIGHT
TRADEMARK ATTRIBUTIONS
LICENSE INFORMATION License Agreement
Contents
Installing Enforced Client
Introduction
Using Enforced Client
Managing your subscriptions
Using the Virus and Spyware Protection Service
Using the Firewall Protection Service
Disabling on-access scanning
Using the Browser Protection Service
How does the software work?
1 Introduction
What is Enforced Client? What is new in this release?
Managing with the online SecurityCenter Using this guide
Ensure continuous, automatic protection
What is Enforced Client?
Select the right version of Enforced Client
Protect against many kinds of threats
Protect against many kinds of threats
Select the right version of Enforced Client
Ensure continuous, automatic protection
Chapter 2, Installing Enforced Client
What is new in this release?
New feature
users when support ends on page
Internet Independent Updating IIU
How does the software work?
The updating process
The updating process Outbreak response Rumor technology
Figure 1-2 Methods for updating client computers
Retrieving updates
Outbreak response
Rumor technology
Uploading security information
Internet Independent Updating IIU
Figure 1-3 The online SecurityCenter
Managing with the online SecurityCenter
See Using the SecurityCenter on page 55 for more information
User groups
Figure 1-4 Example Sales Team group and Sales policy
Customized policies
Using this guide
Who should read this guide?
Who should read this guide? Conventions
Example
Conventions
Bold
Condensed
Getting product information
Security Updates DATs, engine HotFix and Patch Releases
Contact information
Avert Labs DAT Notification Service
Product Upgrades Valid grant number required
Enforced Client Product Guide
Introduction
Getting product information
After you place your order System requirements
Installing Enforced Client
Before you install Installing Enforced Client
Completing the installation What should I do after installing?
After you place your order
Protection services
System requirements
Operating systems
Operating systems RAM Email security service
Operating system support ending
Notifying users when support ends
Email server security application
Email security service
Terminal servers
Uninstall existing firewall software Configure your browser
Before you install
Uninstall existing virus protection software
Uninstall existing virus protection software
Finjan
SonicWALL Enterprise
SonicWALL Retail
Computer Associates
Non-Microsoft browsers
Uninstall existing firewall software
Configure your browser
Internet Explorer
Install the standalone installation agent
Standard URL installation
Installing Enforced Client
Standard URL installation
Requirements
Installing on client computers
Sending an installation URL to users
3 When you are prompted to do so, click Install
What is the email address used for?
The administrator
Advanced installation methods
Figure 2-2 Advanced installation methods
Advanced installation method
Silent installation
Requirements
Requirements Installation
What is my company key?
Installation
VSSETUP parameters
Push installation
Requirements
Considerations for scheduling push installations
Requirements Installation
1 Download the Push Install utility from the SecurityCenter
To install Enforced Client using the Push Install utility
Installation
If you use a corporate firewall or proxy server
Enabling relay servers
Figure 2-6 Status for target computers
Using the Push Install utility Using VSSETUP
Completing the installation
Using the Push Install utility
Using VSSETUP
Scan the client computer
Test virus protection
Scan the email Inbox
Set up the default firewall
Setting up policies on page Viewing reports on page
What should I do after installing?
Setting up your account on page
Viewing your security services at-a-glance on page
Installing Enforced Client
What should I do after installing?
Enforced Client Product Guide
Setting up your account
Using Enforced Client
Using the client software Updating client computers
Using the SecurityCenter Getting started
Administrative menu and tasks
Using the client software
Enforced Client system tray icon
Removing and displaying the icon
Administrative menu and tasks
Updating client computers
Client menu
Update automatically Update manually Update during an outbreak
Update automatically
Update manually
Update during an outbreak
Update computers where no user is logged on
Using the SecurityCenter
Set up your profile Change your SecurityCenter password
When you are
Setting up your account
Setting up policies Viewing reports Managing your correspondence
Log on to the SecurityCenter Access online features and functions
Access online features and functions
Getting started
Log on to the SecurityCenter
Getting started
Using Enforced Client
Figure 3-1 SecurityCenter tabs
Enforced Client Product Guide
Do this
Make the most of your online data
When you want to
Figure 3-2 Page controls for listings and reports
Customize listings and reports
Previous and Next
Using the online help
Do this
Show Navigation
Sign up for email notifications
Setting up your account
Set up your profile
Change your SecurityCenter password
Viewing your security services at-a-glance
Purchase, add, and renew services Request a trial subscription
Install protection services
View and resolve action items
Install protection services View and resolve action items
View security coverage for your account
Managing your computers
View user-approved applications for a computer
Search for computers Install protection services
Send email to computers Block computers from receiving updates
Display details for a computer View detections for a computer
See Chapter 2, Installing Enforced Client for more information
Search for computers
Display details for a computer
Install protection services
For System email address, type a new email address, then click Save
When you want to
Figure 3-5 Computer Details page
Do this
View detections for a computer
View user-approved applications for a computer
Send email to computers
Move computers into a group
Block computers from receiving updates
Creating groups to manage your site
Delete computers from your reports
Create or edit a group Delete a group
The Default group
Designating group administrators
Create or edit a group
Delete a group
Figure 3-7 Site and group administrators
Create or edit a group administrator Delete a group administrator
Create or edit a group administrator
Create or edit a policy Assign a policy to a group
Setting up policies
Delete a group administrator
Restore default policy settings Delete a policy
Virus protection
The SonicWALL Default policy
Default setting
All programs types are enabled
Restore default policy settings
Create or edit a policy
Assign a policy to a group
Delete a policy
Viewing reports
Unrecognized
Use this report
To view
Detections
Figure 3-9 Duplicate Computers report
View duplicate computers
Update your account’s email address Add your logo to reports
Managing your correspondence
View computer profiles
Send email to users Update user email addresses
Add your logo to reports
Update user email addresses
Update your account’s email address
Send email to users
Purchase, add, and renew services Request a trial subscription
View your service subscriptions
Managing your subscriptions
View your service subscriptions Update subscription information
Purchase, add, and renew services
Update subscription information
View printed and online documents
Getting assistance
Request a trial subscription
Receive subscription notifications
Run the Push Install Utility
Download utilities
Contact product support
VSSetup
Accessing client features Scan Tasks menu
Using the Virus and Spyware Protection
Service
Accessing client features Scan Tasks menu
Figure 4-1 Scan Tasks menu
Select this command
Disable On-Access Scanner
Scanner see Disabling on-access scanning on page
Schedule on-demand scans Scan email Scan for spyware
Scan automatically on-access scans
Scanning client computers
Scan automatically on-access scans Scan manually on-demand scans
Scan manually on-demand scans
View scan results
View scan results How detections are handled
How detections are handled
Schedule on-demand scans
Scan email
Scan for spyware
Close
Clean
Cleaned
Approve
Schedule on-demand scans
Configuring policies for virus and spyware protection
Set basic virus protection options
Schedule on-demand scans
Exclude files and folders from virus scans
Select your update frequency Enable optional protection
Select your update frequency
Enable optional protection
Set advanced virus protection options
rar, .tat, .tgz
Enable script scanning
Enable outbreak response Enable buffer overflow protection
Scan email before delivering to the Outlook Inbox
Specify approved programs
Enable spyware protection
Set basic spyware protection options
Enable spyware protection Select a spyware protection mode
Report
Select a spyware protection mode
Behavior of protection service
Mode
Learn mode
Set advanced spyware protection options
Specify approved programs
Description
Password crackers
2 Click the Advanced Settings tab
Threat type
Unrecognized Programs see View unrecognized programs on page
Viewing reports for virus and spyware detections
View detections
Detections see View detections
Details page
When you want to
advanced spyware protection options on page
Buffer Overflow Processes
Figure 4-7 Unrecognized Programs report
View unrecognized programs
on page
Using the Unrecognized Programs report
When you want to
the Computer Details page
Figure 4-8 Detection History report
View your detection history
Manage quarantined files
Managing detections
Manage your protection strategy with best practices
Manage your protection strategy with best practices
2 Select Scan Tasks Quarantine Viewer
Manage quarantined files
Restore
the Quarantine Viewer
2 Select Disable On-Access Scanner or Enable On-Access Scanner
Disabling on-access scanning
Cleaned
Clean failed
Using the Virus and Spyware Protection Service
Disabling on-access scanning
Enforced Client Product Guide
Configuring policies for firewall protection
Using the Firewall Protection Service
Accessing client features Firewall Settings command
Accessing client features Firewall Settings command
Enable firewall protection Select a firewall protection mode
Configuring policies for firewall protection
Specify who configures firewall protection settings
Install the firewall protection service via policy
Figure 5-1 Desktop Firewall policy tab
Specify who configures firewall protection settings
Enable firewall protection
Install the firewall protection service via policy
Learn mode
Select a firewall protection mode
Configure a custom connection
Specify a connection type
Configure system services for a custom connection
Standard system service ports Open a service port
Configure system services for a custom connection
Standard system service ports
Configure IP addresses for a custom connection
Open a service port
Close a service port
Add and edit service ports
Configure IP addresses for a custom connection
Set up allowed Internet applications
Specify whether to use SonicWALL recommendations
Specify Internet applications in a policy
Viewing reports for firewall protection
View unrecognized Internet applications
Unrecognized Programs see View unrecognized Internet applications
View inbound events blocked by the firewall
Events to display the Inbound Event List
Managing suspicious activity with best practices
When running the firewall protection service on a server, ensure that service ports are configured correctly to prevent disruption of system services see Configure system services for a custom connection on page 117. Ensure that no unnecessary ports are open
Using the Firewall Protection Service
Enforced Client Product Guide
Managing suspicious activity with best practices
Configuring browser protection settings Submitting feedback
Using the Browser Protection Service
Accessing site safety information
Accessing site safety information
Staying safe during searches
How safety ratings are compiled
Configuring browser protection on the client
Staying safe while browsing
Settings
Settings
Installing via policy
Configuring browser protection settings
Viewing safety reports
Configuring browser protection from the SecurityCenter
Enable or disable the color coding for the
Configuring browser protection on the client computer
Enable or disable the display of safety icons next
Encrypt the data sent to the server using the
Submitting feedback
Configuring a policy for email security
Using the Email Security Service
Activating the email security service Using the portal
Setting up your account Viewing your email protection status
Activating the email security service
Using the portal
2 Click Install Protection 3 Select Install email security service
Update your MX records Customize your account settings
Update your MX records
Customize your account settings
Setting up your account
Default settings
Recommended first steps
1 Add your other domains
Optional customization
Figure 7-2 Administration page
Configure general administration settings
General Settings
Viewing your email protection status
Access basic administration features on the Administration page
Use this feature
To view the status of your service
Viewing reports for the email security service
Configuring a policy for email security
View and manage quarantined user messages
Managing quarantined email
View and manage quarantined user messages
Check the Quarantine Summary
View quarantined mail deliveries
Getting more information
Using the Email Security Service
Enforced Client Product Guide
Getting more information
Error messages Contacting product support
8 Troubleshooting
Uninstalling protection services
Uninstalling protection services Frequently asked questions FAQ
Configuring and managing policies Scanning Reporting Updating
Frequently asked questions FAQ
Installing
Installing Adding, renewing, and moving licenses
Adding, renewing, and moving licenses
Configuring and managing policies
Reporting
Scanning
Updating
Firewall protection
Browser protection
Email
General
Cannot find remote shared directory File does not exist
Error messages
Installation Declined Installation Denied
Invalid Entitlement Error
Cannot find remote shared directory
MyASUtil.SecureObjectFactory error message MyINX Error
Unable to connect to the Enforced Client update server
Unable to create Cab Installer Object
A registry file is missing
The user doesn’t have administrator rights
The security level of the browser is too high
Internet Explorer is blocking ActiveX controls
Installation Denied Common causes and solutions
If you do not see a Status column, set your view options to Details
1 From the Windows Control Panel, open Add/Remove Programs
1 Select Start Run
See If you use a corporate firewall or proxy server on page
You might need to adjust your corporate firewall or proxy settings
Contacting product support
See reports
Glossary
Compare to group administrator and user
protection service
Compare to trusted connection and untrusted connection
Compare to URL installation
Compare to SecurityCenter website
See policy
See also push installation, silent installation, and URL installation
protection service
protection service
Compare to administrator and user
Compare to prompt mode and protect mode
Compare to protect mode and report mode
Compare to prompt mode and report mode
Compare to silent installation and URL installation
Compare to client software
See on-access scanning and on-demand scanning
Compare to push installation and URL installation
Customer Home site
Compare to trusted connection
Compare to push installation and silent installation
Compare to administrator and group administrator
service
Viewing your security services at-a-glance
Login page
SecurityCenter tab
Log on to the SecurityCenter Change your SecurityCenter password
Specify approved programs Set up allowed Internet applications
Computers tab
Managing your computers Install protection services
Send email to computers Block computers from receiving updates
Groups
Description
Find computers
Add Computer
View unrecognized Internet applications
Reports tab
Viewing reports for the email security service
Viewing reports View detections View unrecognized programs
Configuring policies for firewall protection
Groups + Policies tab
Creating groups to manage your site Setting up policies
Configuring policies for virus and spyware protection
Service Summary section
My Account tab
Setting up your account Change your SecurityCenter password
Managing your subscriptions Designating group administrators
My Logo section
Notification Preferences section
View printed and online documents Download utilities
Install Protection
Help tab
Email Page
Using the portal
Install Protection New Computers
Install Protection New Computers Email Text
Installing Enforced Client Standard URL installation
Standard URL installation Advanced installation methods
Install Protection Existing Computers
Install Protection Existing Computers Email Text
Standard URL installation
Viewing reports for the email security service
Install Email Security Service
Advanced Installation Methods
Using the portal Update your MX records
Request a trial subscription
Product Purchase
Product Coverage
Managing your subscriptions Purchase, add, and renew services
Customize listings and reports Specify approved programs
Computer Details
Set up allowed Internet applications
Managing your computers Make the most of your online data
Detection List
User-Approved Application List
View detections for a computer
Managing your computers Search for computers
Search Results
Specify approved programs Set up allowed Internet applications
View user-approved applications for a computer
Manage your protection strategy with best practices
Detections report by computer
View detections Make the most of your online data
Customize listings and reports
Manage your protection strategy with best practices
Detections report by detection
View detections Make the most of your online data
Customize listings and reports
Customize listings and reports
Unrecognized Programs report by computer
Set up allowed Internet applications
View unrecognized programs Make the most of your online data
View user-approved applications for a computer
Unrecognized Programs report by program
Specify approved programs Set up allowed Internet applications
View unrecognized programs
View inbound events blocked by the firewall
Inbound Events Blocked by Firewall report by originating computer
Inbound Events Blocked by Firewall report by destination computer
Lists the IP address of the computer where the event originated
View duplicate computers Display details for a computer
Inbound Event List
Duplicate Computers report
View inbound events blocked by the firewall
View computer profiles
Computer Profiles report
Description
Detection History report
View your detection history
Manage your protection strategy with best practices
Creating groups to manage your site Setting up policies
Edit Default Group
Edit Group
Creating groups to manage your site Setting up policies
Setting up policies Set basic virus protection options
View Default Policy
Add Group
Setting up policies Assign a policy to a group
Firewall Configuration
Configuring policies for firewall protection
Configuring browser protection from the SecurityCenter
The SonicWALL Default policy
on-access scans
Enable outbreak response
Enable buffer overflow
Enable script scanning
Set basic virus protection options Assign a policy to a group
Edit Policy Virus Protection Settings
Set basic spyware protection options Assign a policy to a group
Edit Policy Spyware Protection Settings
Edit Policy Desktop Firewall Settings
Configuring policies for firewall protection Learn mode
Assign a policy to a group
Description
update the policy to User configures firewall
Automatically install the
Firewall Protection Mode
Configure system services for a custom connection
Firewall Custom Settings
Cancel
Add or Edit Incoming Connection
Configure IP addresses for a custom connection
Configure system services for a custom connection
Update computers where no user is logged on
Edit Policy Browser Protection Settings
Edit Policy Advanced Settings
Configuring browser protection from the SecurityCenter
Scan all file types during on-access scans Inspect all types of
Settings
Check for updates every
Enable buffer overflow protection Detect code starting to run
Set basic virus protection options Assign a policy to a group
Add Policy Virus Protection Settings
Set basic spyware protection options Assign a policy to a group
Add Policy Spyware Protection Settings
Add Policy Desktop Firewall Settings
Configuring policies for firewall protection Learn mode
Assign a policy to a group
Firewall Protection Mode
Firewall Configuration
update the policy to User configures firewall
Automatically install the
Add Policy Browser Protection Settings
Configuring browser protection from the SecurityCenter
Assign a policy to a group
Set advanced virus protection options
Add Policy Advanced Settings
Update computers where no user is logged on
Notifying users when support ends Assign a policy to a group
Settings
Check for updates every
Description
Managing your subscriptions
Subscription History
Managed Services
Edit Subscription Information
Update subscription information
View Cancelled Services
Designating group administrators
Manage Group Administrators
Manage All Group Administrators
Designating group administrators
Sign up for email notifications
Notification Preferences
Set up your profile Change your SecurityCenter password
Edit Profile
Manage Logo
Utilities
previous installation
Install the standalone installation agent
Silently install protection
Install protection services