ESET GATEWAY SECURITY Installation Manual Download Page 16 | Manualshive

Page: 16 / 38

background image

16

ESET Gateway Security

The ESET Gateway Security protects organization’s HTTP and FTP services against viruses,

worms, trojans, spyware, phishing and other internet threats on the level of Internet Gateway

Servers. Note that under the term Gateway Servers we understand layer-3 Gateways of ISO/OSI

model, i.e. routers. In this chapter we review the process of the product integration with the

services introduced.

5.1. Transparent HTTP/FTP proxy configuration

Configuration for transparent proxying is based on standard routing mechanism shown in

the following figure.

Figure 5-1. Scheme of ESET Gateway Security as a transparent proxy.

The configuration is created naturally as kernel IP routing tables are defined on each local

network client. These routing tables are used to set-up static routes to the default network

gateway server (router). Note that it is done automatically in case of the DHCP network. Using

this mechanism all the HTTP (resp. FTP) communication with the outbound servers is routed

via network gateway server where ESET Gateway Security must be installed in order to scan the

communication for infiltrations. For this purpose, a generic

ESETS

HTTP (resp. FTP) filter -

esets_

http

(resp.

esets_ftp

) has been developed.

In order to configure ESET Gateway Security for scanning of HTTP (resp. FTP) messages routed

through the network gateway server, enter the command:

esets_setup

Follow instructions provided by the script. Once ‘Available installations/un-installations’ offer

appears, choose ‘HTTP’ (resp. FTP) option that will provide you with the appropriate module

‘install/uninstall’ options. Choose the one called ‘install’. This will automatically set-up the module

to listen to predefined port and redirect IP packets originating from the selected network and

with HTTP (resp. FTP) destination port to the port where

esets_http

(resp.

esets_ftp

) listens. This

means that only requests originally sent to HTTP (resp. FTP) destination port will by scanned. If

other ports are under interest, an equivalent redirection rules have to be assigned.

Note that the installer in default mode shows all steps it is going to perform and provide also

the backup of the configuration that may be restored later at any time. The detailed installer utility

steps for all possible scenarios are described also in the appendix A of this documentation.

Client

User Agent

Client

Router

Local Network

User Agent

INTERNET

User Agent

Eset Gateway Security

Client

«
...
14
15
16
17
18
...
»

Summary of Contents for GATEWAY SECURITY

Page 1: ...ESET Gateway Security Installation Manual and User s documentation we protect digital worlds ...

Page 2: ... World WideWeb Interface 26 6 6 Remote Administration 27 7 ESET Security system update 29 7 1 ESETS update utility 30 7 2 ESETS update process description 30 8 Let us know 31 A ESETS setup process description 33 A 1 Setting ESETS for scanning of HTTP communication transparent mode 34 A 2 Setting ESETS for scanning of FTP communication transparent mode 34 Appendix A PHP License 37 ESET Gateway Secu...

Page 3: ...Chapter 1 Introduction ...

Page 4: ...ests are sent to All executive daemons except esets_dac run under non privileged user account to enhance security The system supports selective configuration specific for user or client server identification Six logging levels can be configured to get information about system activity and infiltrations Configuration administration and license management can be provided using intuitive and user fri...

Page 5: ...Chapter 2 Terminology and abbreviations ...

Page 6: ...t the RSR package is installed as an add on application i e the primary installation directory is opt eset esets ESETS daemon Main ESETS system control and scanning daemon esets_daemon ESETS base directory ThedirectorywhereESETSloadablemodulescontainingforinstancevirussignaturesdatabase are stored Further in this documentation we use abbreviation BASEDIR for the directory The directory location is...

Page 7: ...ocation is as follows Linux usr sbin Linux RSR opt eset esets sbin FreeBSD usr local sbin NetBSD usr pkg sbin Solaris opt esets sbin ESETS object files directory The directory where the relevant ESET File Security object files and libraries are stored Further in this documentation we use abbreviation LIBDIR for the directory The directory location is as follows Linux usr lib esets Linux RSR opt es...

Page 8: ......

Page 9: ...Chapter 3 Installation ...

Page 10: ...firmed the Acceptance Agreement the installation package is placed into the current working directory and relevant information regarding the package s installation un installation or update is printed into terminal Once the package is installed and the main ESETS service is running in Linux OS you can check its operation by using command ps C esets_daemon In case of BSD OS you can use a command ps...

Page 11: ...Chapter 4 Product s Roadmap ...

Page 12: ...tility modules are particular fraction of the system They are developed to provide simple and effective management of the system They are responsible for relevant system tasks e g license management quarantine management system setup and update Please note a special chapter in this document devoted to the topic CONFIGURATION Proper configuration is the most important condition for the system opera...

Page 13: ... with this knowledge please refer to esets cfg 5 esets_daemon 8 manual page and also to manual pages related to relevant agents ETCDIR certs This directory is used to store the certificates used byESETSWWW Interface for authentication see esets_wwwi 8 for details ETCDIR license This directory is used to store the product s license key s you have acquired from your vendor Note that the ESETS daemon...

Page 14: ......

Page 15: ...Chapter 5 Integration with Internet Gateway services ...

Page 16: ...ations For this purpose a generic ESETS HTTP resp FTP filter esets_ http resp esets_ftp has been developed In order to configure ESET Gateway Security for scanning of HTTP resp FTP messages routed through the network gateway server enter the command esets_setup Follow instructions provided by the script Once Available installations un installations offer appears choose HTTP resp FTP option that wi...

Page 17: ...a Firefox The manual HTTP FTP proxy configuration of esets_http with the Mozilla Firefox is described in general by the left side of the figure 4 2 Note that this configuration allows to install ESET Gateway Security anywhere within the local network including gateway server and also user agent s computer In this example we configure esets_http to listen to port 8080 of the computer with local net...

Page 18: ... when requested again In this example we configure esets_http to listen to port 8080 of the gateway server with local network IP address 192 168 1 10 by specifying the following parameters within http section of ESETS configuration file agent_enabled yes listen_addr 192 168 1 10 listen_port 8080 Note that the parameter listen_addr can be specified either as the host name visible from the local net...

Page 19: ...point out that the deferred scan technique described above presents potential risk for the computer whose user agent requested the infected large file for the first time The risk resists in that even data transfer of an infected object has been deferred some parts of already transferred data can contain executable danger code That is why the ESET developed modification of the deferred scan techniq...

Page 20: ...id installed is 4 2 or higher enter the following commands ln s LIBDIR ssfi esets_ssfi so opt safesquid modules esets_ssfi so ln s LIBDIR ssfi esets_ssfi xml opt safesquid modules esets_ssfi xml If version of Safesquid installed is lower than 4 2 enter the following commands ln s LIBDIR ssfi esets_ssfi so opt safesquid modules esets_ssfi gcc295 so ln s LIBDIR ssfi esets_ssfi xml opt safesquid modu...

Page 21: ...i templates ssfi_not_scanned html opt safesquid ssfi_not_scanned html You have also to add the new templates definitions in the SafeSquid configuration by pressing Add in the Templates section In the list that appears the following parameters have to be defined for infected ESETS blocking page Comment ESET Gateway Security infected template Name esets_infected File ssfi_infected html Mime type tex...

Page 22: ......

Page 23: ...Chapter 6 Important ESET Gateway Security mechanisms ...

Page 24: ...ted otherwise the object is blocked NOTE Please note that some of the modules has been written to integrate ESETS into the environment which does not allow to modify scanned objects and thus this functionality is disabled in the module Particularly this means that configuration option av_clean_mode is ignored by the module To get detailed information on this topic refer to appropriate modules manu...

Page 25: ...ader name of the special section contains identification of the HTTP client for which we have created individual setting The section body then contains individual parameters specified for this identification Thus with this special configuration an HTTP traffic of all local network clients will be processed i e scanned for infiltrations with exception of the client determined by IP address 192 168 ...

Page 26: ...L INFORMATION ABOUTYOU AND ORTHE USER OFTHE COMPUTER AND SAMPLES OF NEWLY DETECTEDVIRUSES OR OTHERTHREATS AND SENDTHEMTO OURVIRUS LAB THIS FEATURE ISTURNED OFF BY DEFAULT WEWILL ONLY USETHIS INFORMATION AND DATATO STUDYTHETHREAT ANDWILLTAKE REASONABLE STEPSTO PRESERVETHE CONFIDENTIALITY OF SUCH INFORMATION In order to turn on Samples Submission System the samples submission system cache has to be ...

Page 27: ...t up specify the address of your ERA Server in racl_server_addr parameter and racl_password if appropriate in the global section of ESETS configuration file All RA Client variables are listed in the esets_daemon 8 manual page Unix ESETS RA Client has this functionality logins to ERA Server and provides System Information Configuration Protection Status and Features configuration can be viewed and ...

Page 28: ......

Page 29: ...Chapter 7 ESET Security system update ...

Page 30: ...re downloaded from the origin ESET server If configuration option av_mirror_enabled is enabled in section global of ESETS configuration file the mirror of these modules is created in directory BASEDIR mirror Note that the mirror directory path can be redefined using configuration option av_mirror_ dir in section update of ESETS configuration file The newly created mirror thus serves as fully funct...

Page 31: ...Chapter 8 Let us know ...

Page 32: ...g a documentation is a process that is never finished There will always be some parts that can be explained better or are not even explained at all Therefore in case of bugs or inconsistencies found within this documentation please report a problem to our support center http www eset com support We are looking forward to help you solve any problem concerning the product ...

Page 33: ...Appendix A ESETS setup process description ...

Page 34: ... A PREROUTING p tcp i if0 dport 80 j REDIRECT to ports 8080 On FreeBSD the rule is as follows ipfw add fwd 192 168 1 10 8080 tcp from any to any 80 via if0 in On NetBSD and Solaris echo rdr if0 0 0 0 0 0 port 80 192 168 1 10 port 8080 tcp ipnat f A 2 Setting ESETS for scanning of FTP communication transparent mode The FTP communication scanning is performed using esets_ftp daemon In the ftp sectio...

Page 35: ...p tcp i if0 dport 21 j REDIRECT to ports 2121 On FreeBSD the rule is as follows ipfw add fwd 192 168 1 10 2121 tcp from any to any 21 via if0 in On NetBSD and Solaris echo rdr if0 0 0 0 0 0 port 21 192 168 1 10 port 2121 tcp ipnat f ...

Page 36: ......

Page 37: ...Appendix A PHP License ...

Page 38: ...will be given a distinguishing version number Once covered code has been published under a particular version of the license you may always continue to use it under the terms of that version You may also choose to use such covered code under the terms of any subsequent version of the license published by the PHP Group No one other than the PHP Group has the right to modify the terms applicable to ...

Reviews:

No comments

Related manuals for GATEWAY SECURITY

DL385 - ProLiant - G5

Brand: XenSource Pages: 313

PT-D10000 Series

Brand: Panasonic Pages: 37

SmartSwitch 1800

Brand: Cabletron Systems Pages: 48

Brand: Adobe Pages: 822

IFOLDER 3 - ADMINISTRATION

Brand: Novell Pages: 148

Brand: ITech Pages: 22

VIRUSSCAN HOME EDITION 7.0

Brand: McAfee Pages: 56

SADPmini Logger

Brand: Alpha Moisture Systems Pages: 14

Brand: deXlan Pages: 17

CERTIFICATE 7.3 RELEASE NOTES

Brand: Red Hat Pages: 24

SmartST Professional

Brand: Navman Pages: 60

Brand: Navman Pages: 68

D:Scribe Standalone

Brand: Sonifex Pages: 32

Brand: Symantec Pages: 44

20097684 - Norton Ghost 15.0

Brand: Symantec Pages: 213

ZVM - FOR LINUX V6 RELEASE 1

Brand: IBM Pages: 172

ML 2851ND - B/W Laser Printer

Brand: Samsung Pages: 30

Brand: Samsung Pages: 116

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands