Internet Threat Database Filter | Surf Control 5.2.4 specs

3

POLICY MANAGER

Global Policy

5Click Next.

6Enter a name in to the Filter Name field.

7This filter is enabled by default. Select the disable option if you want to switch it off.

8If you want to make the filter so that it can be overwritten by a sub-policy change the Filter Permission setting to writable. The default is read-only.

9Select Bypass Anti-Spam Agent scanning if message size is more than ... KB and set a maximum message size. This means that any message that is particularly large will not be scanned as possible spam. The default setting is 100KB.

INTERNET THREAT DATABASE FILTER

The Internet Threat Database Filter enables you to maximise message filtering by using SurfControl’s database of 9 Million URLs. Each category contains a list of URLs that have been added and are constantly updated by a team of SurfControl researchers. These categories enable you to apply a rule to a group of URLs rather than having to enter each one individually.

You also have the option to add specific URLs that are not covered in the categories already provided. Configuration of the Internet Threat Database Filter is carried out in the Internet Threat Database Filter screen.

Figure 3 - 23 The Internet Threat Database Filter screen

88 Administrator’s Guide

SurfControl RiskFilter - E-mail V5.2.4

Image 93

Surf Control 5.2.4 manual The Internet Threat Database Filter screen

Contents

SurfControl RiskFilter E-mail Contents Policy Manager Riskfilter System Management Console Appendix Chapter Managing Your Messages with Riskfilter HOW Riskfilter Works Connection ControlRelay Control Mail Exchanger IP Address MX Preference Load Balancing with Riskfilter Load balancing with RiskFilter Launching Surfcontrol Riskfilter Riskfilter System Management ConsoleHttps//hostnameoripaddress10000 Riskfilter Management Console Administrator Https//hostnameoripaddress/adminOpening the RiskFilter Management Console Before YOU Start System Settings System Settings TAB What can be Configured in the System Settings TAB?Terminology Used Select General Configuration from the System Settings tab ConfigurationGeneral Postmaster e-mail address Admin Console Other SettingsSession Timeout Smtp greeting Editing User Directories User Directories Open the User Directories screen Deleting a User Directory Click Add in the User Directories screen Microsoft Active Directory Select IBM Ldap Server IBM Ldap server Click Add in the User Directories screen Select Generic Ldap Generic Ldap Esmtp Server Information Validation settings Local Database Recipient File To add a local database Click Add Select General Secure Proxy from the System Settings tab Secure ProxyLocal Database Add/Edit Address screen is displayed Select Enable POP3 Proxy Select Enable Webmail ProxySelect Enable Imap Proxy Setting up the storage directories Select General Directories from the System Settings tabLogs and Archives Notifications Certificate Importing Certificates Select General Certificate from the System Settings tabExporting Certificates Certificate Signing Request Receive Settings Connection SettingsConnection Control Allow Access List Smtp Greeting Delay 16 The Directory Attack Control screen Directory Attack Control SPF Authentication Configuration Relay ControlControlling relaying of messages Allowing relaying to specific domains Relay for Internal Senders Recipient Validation Adding details of domainsAdd validation servers 19 The Message Control screen Message Control 20 Set what action is taken on messages Exception Control To configure exception control Adding an IP or subnet address to the blacklist Black List Adding domain or e-mail addresses to the blacklist Importing and exporting Lists White List Adding an IP or subnet address to the White ListDynamic White List Receive Settings Setting up the destination domains Send SettingsDOMAIN-BASED Delivery Delivering the messages Select Forward mail to the following Smtp servers Using TLS authentication Transport Layer Security Advanced Delivery Traffic Control Send Settings Account Manager User Management Specifying Administrator Access Changing the Administrator Account Password Setting up Administrator Access Editing Administrator Accounts Personal E-MAIL ManagerSelect Account Manager from the User Management menu Setting up the PEM message 31 What the user sees Personal E-mail Manager Adding users Exporting lists of usersImporting lists of users Setting up End User Control End-user Bypass Anti-Spam SettingEND-USER Control User List Authenticating PEM users User Authentication Authenticating remote users Update NOW License & Updates AVA and ASA License Expired Updating your Anti-Spam Agent Definitions Scheduled Update Select the Anti-Virus Agent Update check boxUpdating the Anti-Virus Agent License Status Select the Anti-Spam Agent Update check boxUpdating the Anti-Spam Agent Updating Component Licenses Update Server Manually setting up a license serverViewing component licenses User Number Exceeded License Server Select Help Contact Support from the System Settings tab Admin Guide Contact SupportHelp Submitting a Support Request Configuration Wizard Firstboot Wizard KEY Points Key Points Policy Manager Policy Manager TAB What can be Configured in the Policy Manager TAB? Creating a Policy Defining UsersDefining the Action Global Policy Filter List Defining the Rules Importing and Exporting Lists Address Group Deleting Address Groups Adding Queues Queue Manager Select Queue Manager from the Policy Manager tab Editing a Queue Dictionary Manager Surfcontrol DictionariesEditing SurfControl Dictionary properties Changing the value of words in the SurfControl Dictionaries Adding words to the SurfControl DictionariesDeleting a word or phrase Create a new dictionary Custom Dictionaries Importing a SurfControl Dictionary Pack Importing Dictionaries Worthlesstab space15 balancetab space10 Creating a unicode text file Importing a unicode text file Exporting a dictionarySelect Import from a Unicode text file Creating a NEW SUB-POLICY Global Policy 15 Enter the details of the new Sub-policy Select Global Policy from the Policy Manager tab Editing a SUB-POLICY Deleting a SUB-POLICYAdding Filters to the Policy 18 The Global Policy Filter List screen Defining a Filter Creating a new filter ANTI-VIRUS Agent FilterEditing the Anti-Virus Agent Filter Select Global Policy Filters from the Policy Manager tab Global Policy Select Anti-Spam Agent DFP ANTI-SPAM Agent Filters Select Anti-Spam Agent Heuristics Configuring the Anti-Spam Agent Heuristics Filter Select Anti-Spam Agent LexiRules Configuring the Anti-Spam Agent LexiRules Filter 23 The Internet Threat Database Filter screen Internet Threat Database Filter Standard Disclaimer Editing the Internet Threat Database FilterSelect the Internet Threat Database Filter and click Next Select the Standard Disclaimer Filter Editing the Standard Disclaimer Filter General Content Filter Editing the General Content FilterSelect the General Content Filter and click Next Advanced Content Filter Editing the Advanced Content FilterSelect the Advanced Content Filter and click Next 27 The Expression screen Using the Expression List Using Logical Operators RiskFilter and Gateway and Innovation Examples showing the use of OperandsRiskFilter or Gateway or Innovation Occur gateway Assume Frequency =2 28 Message Attachment Filter screen Message Attachment Filter Select the Message Attachment Filter and click Next Editing the Message Attachment Filter Content Guardian Creating a new Content Guardian filterSelect the Internet Content Guardian Filter and click Next Adding a filtering rule Dictionary Threshold Filter Deleting a filtering ruleHow the Dictionary Threshold Filter works Select the Dictionary Threshold Filter and click Next Configuring the Dictionary Threshold Filter Global Policy KEY Points Key Points Reports & Logs Reports and Logs TAB What can be Configured in the Reports and Logs TAB? Server status monitoring Dashboard Querying the Master Report Master ReportSelect Master Report from the Reports and Logs tab Select Specified date range from the Logs for list box Master Report Querying the Message Report Message Report Querying the Policy Report Policy Report Querying the Virus Report Virus Report Querying the Spam Report Spam Report Querying the Connection Report Connection Report Connection Report System Report Managing Isolated Messages Isolated MessagesSelect Isolated Messages from the Reports and Logs tab Click View Messages Isolated Messages Virus Messages Managing the Virus MessagesSelect Virus Messages from the Reports and Logs tab 14 An Archived message Spam Messages Managing Spam MessagesSelect Spam Messages from the Reports and Logs tab To view a message click the subject Archived Messages Managing Archived MessagesSelect Archived Messages from the Reports and Logs tab Export Messages Reprocess Messages View MessagesClick Reprocess Messages 19 Select the check box alongside the message Deferred Messages Querying Deferred MessagesSelect Deferred Messages from the Reports and Logs tab 22 An Archived message KEY Points Key Points RiskFilter System Management Console Overview What can be Configured with the System Management CONSOLE? Rfmngr Account Accessing the Riskfilter System Management Console Webmin TAB What can be Configured in the Webmin TAB? IP access control Webmin ConfigurationSelect Webmin Configuration from the Webmin tab Webmin Actions LOG Select Logging from the Webmin Configuration screen Select Language from the Webmin Configuration screenLanguage Ports and Addresses Proxy Servers Webmin Servers IndexAdding Webmin Servers Select Webmin Servers Index in the Webmin System TAB What can be Configured in the System TAB? Change Passwords Bootup and ShutdownSelect Change Passwords in the System tab Historic System Statistics Select Multi Gateway Policy Routing in the System tab Multi Gateway Policy Routing Network Interfaces Network Configuration Multi-NIC configuration in RiskFilter Setting up additional NICsEnter an IP Address Routing and Gateways 11 The Create Bootup Interface screen DNS Client Select DNS Client from the Network Configuration tab 15 Host Addresses Host Addresses Running Processes System TimeSelect System Time in the System tab Click Sync system time System and Server Status Riskfilter TAB What can be Configured in the Riskfilter TAB? Riskfilter Backup Manager Riskfilter Services Manager Click Complete Riskfilter Cluster Wizard 25Load balancing Load balancing with RiskFilter 26 RiskFilter in a cluster set up Select Web Access Manager in the RiskFilter tab Riskfilter WEB Access Manager 28 The Update RiskFilter-E-mail screen Update Riskfilter E-MAIL KEY Points Key Points Appendix # sudo /etc/init.d/smgd status Using the Command Line Interface QTOOL.SH Clean queues Using the Command Line Interface Using the Command Line Interface Using the Command Line Interface Example 6 uninstalling the RiskFilter software UNINSTALL.SH All items were successfully uninstalled Internet Theat Database Categories Internet Threat Database CategoriesCore / Liability Categories Productivity Categories Core / Liability Categories Productivity Categories Other Special Events Index Administrator’s Guide SurfControl RiskFilter E-mail SurfControl RiskFilter E-mail Administrator’s Guide OpenSSL Sun RPC Apache Software License, Version Expat XML Parser Toolkit SPFJava Ldap