Manuals / Surf Control / Power Tools / Welder

Surf Control 5.2.4 manual Creating a Policy, Defining Users, Defining the Action

Models: 5.2.4

1 182

Download 182 pages 55.76 Kb

Page 72

POLICY MANAGER

Creating a Policy

3

CREATING A POLICY

There are three steps to creating a policy:

Step 1 - Defining users – Add the users, and groups of users, that you want to filter.

Step 2 - Defining actions – Define what should be done with a message that triggers a filter.

Step 3 - Defining the rules – Create filters to find messages of a specific type. You can filter virus/spam messages by adding one or more types of filter to the policy.

Note: RiskFilter supports multi-layered policies: global policy and sub-policy. If a filter is writable, it can be overwritten by a sub-policy (its child or grandchild). A read-only policy cannot be overwritten by a sub-policy.

STEP 1 - DEFINING USERS

RiskFilter enables you to apply different filtering solutions to messages from specific address groups, according to different routing paths. There are three ways to add an e-mail address:

•Add the address/es manually

•Import the address/es from a file

•Import the address/es from an LDAP connection

See Address Group on page 69 for more details on how to add addresses.

STEP 2 - DEFINING THE ACTION

Filter action determines how the message is finally processed. RiskFilter scans the messages and their attachments then takes action according to the settings in the different filters. The action is set when you create a new filter, within that filter’s configuration screen.

Figure 3 - 2 The Action if filter triggered section

These actions include:

•Modify Subject – Modify the original subject, by adding specific content in front of the original subject.

•X Header – Add a specified X-Header to all messages which triggered the filter.

•Copy to – Send a copy of the original message to a specified e-mail account. This would generally be the e-mail system administrator, the recipient will have no knowledge of this action.

SurfControl RiskFilter - E-mail V5.2.4

Administrator’s Guide 67

Image 72

Surf Control 5.2.4 manual Creating a Policy, Defining Users, Defining the Action

Contents

SurfControl RiskFilter E-mail Contents Policy Manager Riskfilter System Management Console Appendix Chapter HOW Riskfilter Works Managing Your Messages with RiskfilterConnection ControlRelay Control Load Balancing with Riskfilter Mail Exchanger IP Address MX PreferenceLoad balancing with RiskFilter Launching Surfcontrol Riskfilter Riskfilter System Management ConsoleHttps//hostnameoripaddress10000 Riskfilter Management Console Administrator Https//hostnameoripaddress/adminOpening the RiskFilter Management Console Before YOU Start System Settings System Settings TAB What can be Configured in the System Settings TAB?Terminology Used Configuration Select General Configuration from the System Settings tabGeneral Postmaster e-mail addressOther Settings Admin ConsoleSession Timeout Smtp greetingUser Directories Editing User DirectoriesDeleting a User Directory Open the User Directories screenMicrosoft Active Directory Click Add in the User Directories screenIBM Ldap server Select IBM Ldap ServerGeneric Ldap Click Add in the User Directories screen Select Generic LdapValidation settings Esmtp Server InformationRecipient File Local DatabaseTo add a local database Click Add Select General Secure Proxy from the System Settings tab Secure ProxyLocal Database Add/Edit Address screen is displayed Select Enable POP3 Proxy Select Enable Webmail ProxySelect Enable Imap Proxy Setting up the storage directories Select General Directories from the System Settings tabLogs and Archives Certificate NotificationsSelect General Certificate from the System Settings tab Importing CertificatesExporting Certificates Certificate Signing RequestReceive Settings Connection SettingsConnection Control Smtp Greeting Delay Allow Access ListDirectory Attack Control 16 The Directory Attack Control screenSPF Authentication Configuration Relay ControlControlling relaying of messages Allowing relaying to specific domains Relay for Internal Senders Recipient Validation Adding details of domainsAdd validation servers Message Control 19 The Message Control screenException Control 20 Set what action is taken on messagesTo configure exception control Black List Adding an IP or subnet address to the blacklistImporting and exporting Lists Adding domain or e-mail addresses to the blacklistWhite List Adding an IP or subnet address to the White ListDynamic White List Receive Settings Send Settings Setting up the destination domainsDOMAIN-BASED Delivery Delivering the messagesUsing TLS authentication Transport Layer Security Select Forward mail to the following Smtp serversTraffic Control Advanced DeliverySend Settings User Management Account ManagerChanging the Administrator Account Password Specifying Administrator AccessSetting up Administrator Access Editing Administrator Accounts Personal E-MAIL ManagerSelect Account Manager from the User Management menu Setting up the PEM message 31 What the user sees Personal E-mail Manager Adding users Exporting lists of usersImporting lists of users End-user Bypass Anti-Spam Setting Setting up End User ControlEND-USER Control User ListUser Authentication Authenticating PEM usersAuthenticating remote users License & Updates Update NOWUpdating your Anti-Spam Agent Definitions AVA and ASA License ExpiredScheduled Update Select the Anti-Virus Agent Update check boxUpdating the Anti-Virus Agent Select the Anti-Spam Agent Update check box License StatusUpdating the Anti-Spam Agent Updating Component LicensesUpdate Server Manually setting up a license serverViewing component licenses License Server User Number ExceededAdmin Guide Contact Support Select Help Contact Support from the System Settings tabHelp Submitting a Support RequestFirstboot Wizard Configuration WizardKEY Points Key Points Policy Manager What can be Configured in the Policy Manager TAB? Policy Manager TABCreating a Policy Defining UsersDefining the Action Defining the Rules Global Policy Filter ListAddress Group Importing and Exporting ListsDeleting Address Groups Queue Manager Adding QueuesEditing a Queue Select Queue Manager from the Policy Manager tabDictionary Manager Surfcontrol DictionariesEditing SurfControl Dictionary properties Changing the value of words in the SurfControl Dictionaries Adding words to the SurfControl DictionariesDeleting a word or phrase Custom Dictionaries Create a new dictionaryImporting Dictionaries Importing a SurfControl Dictionary PackCreating a unicode text file Worthlesstab space15 balancetab space10Importing a unicode text file Exporting a dictionarySelect Import from a Unicode text file Global Policy Creating a NEW SUB-POLICYSelect Global Policy from the Policy Manager tab 15 Enter the details of the new Sub-policyEditing a SUB-POLICY Deleting a SUB-POLICYAdding Filters to the Policy Defining a Filter 18 The Global Policy Filter List screenANTI-VIRUS Agent Filter Creating a new filterEditing the Anti-Virus Agent Filter Select Global Policy Filters from the Policy Manager tabGlobal Policy ANTI-SPAM Agent Filters Select Anti-Spam Agent DFPConfiguring the Anti-Spam Agent Heuristics Filter Select Anti-Spam Agent HeuristicsConfiguring the Anti-Spam Agent LexiRules Filter Select Anti-Spam Agent LexiRulesInternet Threat Database Filter 23 The Internet Threat Database Filter screenStandard Disclaimer Editing the Internet Threat Database FilterSelect the Internet Threat Database Filter and click Next Editing the Standard Disclaimer Filter Select the Standard Disclaimer FilterGeneral Content Filter Editing the General Content FilterSelect the General Content Filter and click Next Advanced Content Filter Editing the Advanced Content FilterSelect the Advanced Content Filter and click Next Using the Expression List 27 The Expression screenUsing Logical Operators Examples showing the use of Operands RiskFilter and Gateway and InnovationRiskFilter or Gateway or Innovation Occur gateway Assume Frequency =2Message Attachment Filter 28 Message Attachment Filter screenEditing the Message Attachment Filter Select the Message Attachment Filter and click NextContent Guardian Creating a new Content Guardian filterSelect the Internet Content Guardian Filter and click Next Adding a filtering rule Dictionary Threshold Filter Deleting a filtering ruleHow the Dictionary Threshold Filter works Configuring the Dictionary Threshold Filter Select the Dictionary Threshold Filter and click NextGlobal Policy KEY Points Key Points Reports & Logs What can be Configured in the Reports and Logs TAB? Reports and Logs TABDashboard Server status monitoringMaster Report Querying the Master ReportSelect Master Report from the Reports and Logs tab Select Specified date range from the Logs for list boxMaster Report Message Report Querying the Message ReportPolicy Report Querying the Policy ReportVirus Report Querying the Virus ReportSpam Report Querying the Spam ReportConnection Report Querying the Connection ReportConnection Report System Report Isolated Messages Managing Isolated MessagesSelect Isolated Messages from the Reports and Logs tab Click View MessagesIsolated Messages Virus Messages Managing the Virus MessagesSelect Virus Messages from the Reports and Logs tab 14 An Archived message Spam Messages Managing Spam MessagesSelect Spam Messages from the Reports and Logs tab To view a message click the subject Archived Messages Managing Archived MessagesSelect Archived Messages from the Reports and Logs tab Export Messages Reprocess Messages View MessagesClick Reprocess Messages 19 Select the check box alongside the message Deferred Messages Querying Deferred MessagesSelect Deferred Messages from the Reports and Logs tab 22 An Archived message KEY Points Key Points RiskFilter System Management Console What can be Configured with the System Management CONSOLE? OverviewAccessing the Riskfilter System Management Console Rfmngr AccountWhat can be Configured in the Webmin TAB? Webmin TABWebmin Configuration IP access controlSelect Webmin Configuration from the Webmin tab Webmin Actions LOGSelect Language from the Webmin Configuration screen Select Logging from the Webmin Configuration screenLanguage Ports and AddressesWebmin Servers Index Proxy ServersAdding Webmin Servers Select Webmin Servers Index in the WebminWhat can be Configured in the System TAB? System TABBootup and Shutdown Change PasswordsSelect Change Passwords in the System tab Historic System StatisticsMulti Gateway Policy Routing Select Multi Gateway Policy Routing in the System tabNetwork Configuration Network InterfacesMulti-NIC configuration in RiskFilter Setting up additional NICsEnter an IP Address 11 The Create Bootup Interface screen Routing and GatewaysSelect DNS Client from the Network Configuration tab DNS ClientHost Addresses 15 Host AddressesRunning Processes System TimeSelect System Time in the System tab System and Server Status Click Sync system timeWhat can be Configured in the Riskfilter TAB? Riskfilter TABRiskfilter Services Manager Riskfilter Backup ManagerRiskfilter Cluster Wizard Click CompleteLoad balancing with RiskFilter 25Load balancing26 RiskFilter in a cluster set up Riskfilter WEB Access Manager Select Web Access Manager in the RiskFilter tabUpdate Riskfilter E-MAIL 28 The Update RiskFilter-E-mail screenKEY Points Key Points Appendix Using the Command Line Interface # sudo /etc/init.d/smgd statusClean queues QTOOL.SHUsing the Command Line Interface Using the Command Line Interface Using the Command Line Interface UNINSTALL.SH Example 6 uninstalling the RiskFilter softwareAll items were successfully uninstalled Internet Threat Database Categories Internet Theat Database CategoriesCore / Liability Categories Productivity CategoriesCore / Liability Categories Productivity Categories Special Events OtherIndex Administrator’s Guide SurfControl RiskFilter E-mail SurfControl RiskFilter E-mail Administrator’s Guide OpenSSL Sun RPC Apache Software License, Version Expat XML Parser Toolkit SPFJava Ldap