M86 Security M86 IR Enterprise Reporter User Manual Download | Manualshive

Page: 59 / 110

background image

A

DMINISTRATOR

S

ECTION

C

HAPTER

2: C

ONFIGURING

THE

ER S

ERVER

M86 S

ECURITY

U

SER

G

UIDE

53

View the Current Username Display Setting

In the Current Username Display Setting frame, the current
username format displays—if previously entered in the
Display username field and saved on this screen.

Modify the Username Display Setting

In the Modify Username Display Setting frame, make selec-
tions from list boxes and apply results for the new username
format to be displayed in the report.

1. By default, the following choices display in the Available

Fields list box: Domain Name, Organization Name,
Department Name, User Name. Make a selection from
this list for the first field displayed in your server console
and raw logs that you wish to include in the username
format in the report.

2. Click

Add

to include this selection in the Raw Log Fields

list box below.

NOTE

: Follow steps 1 and 2 for each consecutive field to be

added to the Raw Log Fields list box.

TIP

: Click the Reset button on this screen at any time to revert to

the default settings.

WARNING

: It is important to select the correct fields from this list,

in the order in which they appear in your server console. For
example, if the username format on the console is Domain
Name\Department Name\User Name, and only User Name and
Department Name are selected from the Available Fields list
box—in that order—the report will display information in the
wrong order. In this example, if the Domain Name is LOGO, the
Department Name is Admin, and the User Name is JSmith, the
report will show JSmith\Admin, instead of LOGO\Admin\JSmith.

3. In the Raw Log Fields list box, select the first field to be

displayed in the username format on the report.

«
...
57
58
59
60
61
...
»

Summary of Contents for M86 IR Enterprise Reporter

Page 1: ...M86 IR Enterprise Reporter USER GUIDE Administrator Console Software Version 6 0 10 Document Version 06 15 10...

Page 2: ...documentation and disclaims any implied war ranties of merchantability and fitness for a particular purpose M86 Security shall not be liable for any error or for incidental or consequential damages in...

Page 3: ...uirements 9 Network Requirements 9 Chapter 1 Accessing the Server 10 Preliminary Network Settings 10 Procedures for Logging On Off 10 Access the ER Administrator Login window 10 Access ER Admin Module...

Page 4: ...il Addresses 32 Set up and Activate Self Monitoring 32 Remove Recipient from E mail Notification List 32 Deactivate Self Monitoring 32 Server Status screen 33 View the Status of the Server 34 Secure A...

Page 5: ...0 View Database Status Logs 60 Expiration screen 63 Expiration Screen Terminology 64 Expiration Rules 65 View Data Storage Statistics 66 Change Data Storage Settings 69 Optional Features screen 70 Ena...

Page 6: ...ge the Evaluation Mode 88 Activation Page 89 Appendix B 90 Disable Pop up Blocking Software 90 Yahoo Toolbar Pop up Blocker 90 Add the Client to the White List 90 Google Toolbar Pop up Blocker 92 Add...

Page 7: ...tion and productivity The Enterprise Reporter ER from M86 Security is designed to readily obtain this information giving the user the ability to interrogate massive datasets through flexible drill dow...

Page 8: ...r mation on configuring and maintaining the ER Server via the Administrator console application Tech Support Product Warranties Section This section contains information on technical support and produ...

Page 9: ...The tip icon is followed by italicized text giving you hints on how to execute a task more efficiently WARNING The warning icon is followed by italicized text cautioning you about making entries in t...

Page 10: ...ith your mouse to execute a command checkbox a small square in a dialog box window or screen used for indi cating whether or not you wish to select an option This object allows you to toggle between t...

Page 11: ...n or group A frame often is labeled to indicate its function or purpose list box an area in a dialog box window or screen that accommo dates and or displays entries of items that can be added or remov...

Page 12: ...screen a main object of an application that displays across your monitor A screen can contain windows frames fields tables text boxes list boxes buttons and radio buttons table an area in a window or...

Page 13: ...horized Client workstations adds new administrators sets up administrators for receiving automatic alerts updates the Server with software updates supplied by M86 Security analyzes Server statistics u...

Page 14: ...ard drives Optional One or more attached NAS storage devices e g Ethernet connected SCSI Fibre Channel connected SAN Software Linux OS Administrator Graphical User Interface GUI console utilized by an...

Page 15: ...ersion 10 5 or 10 6 running Safari 4 0 Firefox 3 5 Pop up blocking software if installed must be disabled Session cookies from the ER Server must be allowed in order for the Administrator console to f...

Page 16: ...the Server is running the Server should be connected to a UPS or other battery backup system Procedures for Logging On Off Access the ER Administrator Login window WARNING Once you turn on the Server...

Page 17: ...ver s IP address or host name and use port number 1443 for a secure network connection For example if your IP address is 210 10 131 34 type in https 210 10 131 34 1443 Using a host name example if the...

Page 18: ...ame and use port number 8843 for a secure network connection For example if your IP address is 210 10 131 34 type in https 210 10 131 34 8843 Using a host name example if the host name is logo com typ...

Page 19: ...in window type in the generic Username admin and Password reporter if you have not yet set up your own user name and password Otherwise enter your personal Username and Password Fig 1 1 2 Login window...

Page 20: ...ent status of the ER Server NOTES See Server Status screen in the Server section of this document for information about the contents and usage of this screen If using this product in the Evaluation Mo...

Page 21: ...e Administrators to display the Add Edit Delete Administrators screen where you set up your user name and password Fig 1 1 4 Add Edit Delete Administrators screen 2 Select New Administrators from the...

Page 22: ...ut link beneath the banner in any screen to display the logout window Fig 1 1 5 Logout window Click the X in the upper right corner of the browser window tab to close the logout window Exiting the Adm...

Page 23: ...console includes three menus Network Server and Database Each menu contains options from which you make selections to access screens used for configuring your Server TIP When making a complete configu...

Page 24: ...functioning in the live mode or in the archive mode When the box mode displays on the screen you can view the current mode set for the Server and can change this setting if necessary Fig 1 2 1 Box Mod...

Page 25: ...aced on the Server can be viewed using the Client reporting application Change the Box Mode 1 Click the Change Mode button to display the two box mode options on the screen Fig 1 2 2 Change Box Mode 2...

Page 26: ...y will immediately be in effect NOTE After applying the box mode setting you must restart the Server by selecting the Restart Hardware option on the Shut Down screen See the Shut Down sub section unde...

Page 27: ...dministrator 1 Select New Administrator from the pull down menu 2 In the User Name field enter up to 20 characters this may include upper and or lowercase alphanumeric char acters and special characte...

Page 28: ...3 Click the Save button Delete an Administrator 1 Select the administrator s user name from the pull down menu 2 After the administrator s login ID information populates the fields click the Delete bu...

Page 29: ...e Locked out Accounts and IPs screen displays when the Lockouts option is selected from the Network menu This screen is used for unlocking accounts or IP addresses of administrators and sub administra...

Page 30: ...lient Accounts There is no Web Client account currently locked out Locked out IPs There is no IP currently locked out If there are any locked accounts IP addresses in a frame each locked username IP a...

Page 31: ...cked username IP address 3 Click OK to return to the Locked out Accounts and IPs screen that no longer shows the accounts IPs that have been unlocked Server Menu The Server pull down menu includes opt...

Page 32: ...uting an immediate backup on the ER Server and for performing a restoration to the database from the previous backup run Fig 1 2 5 Backup screen Backup and Recovery Procedures IMPORTANT M86 Security r...

Page 33: ...d the current date and time Some scenarios and action plans to consider include the following The ER database becomes corrupted Correct the root problem Restore the database from the most recent ER ba...

Page 34: ...will be activated after two minutes Execute a Manual Backup In addition to performing on demand backups in preparation for a disaster recovery you may wish to execute a manual backup under the followi...

Page 35: ...not perform other functions on the ER Server until the backup is complete The time it will take to complete the backup depends on the size of all tables being saved Perform a Remote Backup After execu...

Page 36: ...the remote server 1 Load the backup data on your remote server 2 Log in to your FTP account 3 FTP the backup data to the ER Server s internal backup drive On the ER Server s Backup screen 1 Click the...

Page 37: ...otifications if prob lems occur with the network Possible alerts include situa tions in which a daemon stops running software fails to run corrupted files are detected or a power outage occurs Fig 1 2...

Page 38: ...us field Entries in the three remaining fields are optional 4 If e mail addresses were entered in any of the four optional e mail address fields click in the Choice one Choice four checkboxes correspo...

Page 39: ...screen displays when the Server Status option is selected from the Server menu This screen which automatically refreshes itself every 10 seconds displays the statuses of processes currently running o...

Page 40: ...top of the screen along with the date that software version was implemented Status information displays in the following sections of this screen CPU Utilization includes CPU process data and infor ma...

Page 41: ...ecure Access screen displays when the Secure Access option is selected from the Server menu This screen is primarily used by M86 Security technical support representatives to perform maintenance on yo...

Page 42: ...Server 1 After the administrator at the customer s site authorizes you to use a designated port to access their Server enter that number at the Port field 2 Click the Start button to activate the por...

Page 43: ...tive port number from the list box by clicking on it 2 Click the Stop button to terminate the port connection This action removes the port number from the list box Terminate All Port Connections If mo...

Page 44: ...e Update screen displays when the Software Update option is selected from the Server menu This screen is used for updating the Server with software updates supplied by M86 Security and for viewing a l...

Page 45: ...tly applied software update can be unapplied by clicking Undo This action removes the software update from the Server View Available Software Updates Any software update available for installing on th...

Page 46: ...All soft ware updates must be installed in numerical order on your Server NOTES Be sure to terminate all reports that are currently running or are scheduled to run before applying a software update a...

Page 47: ...HE ER SERVER M86 SECURITY USER GUIDE 41 Apply Now 1 Click Apply Now to open a dialog box containing infor mation about the software release Fig 1 2 12 Software update dialog box 2 Click Yes to open th...

Page 48: ...s been successfully applied click the hyperlink here beneath the ER Software Update History frame in the Software Update screen to open the Software Update Log window Fig 1 2 14 Software Update Log wi...

Page 49: ...he Shut Down option is selected from the Server menu This screen is used to restart or shut down the Server s software or hardware Fig 1 2 15 Shut Down screen Server Action Selections Restart the Serv...

Page 50: ...tion should be selected if daemons fail to run and or the database needs to be started again When this option is selected the MySQL database is rebooted Shut Down the Server s Software The Shutdown So...

Page 51: ...he Server menu This screen is used for enabling specified Web Client Server features Fig 1 2 16 Web Client Server Management screen Restart the Web Client Server In the Restart Web Client Server frame...

Page 52: ...ically run scheduled Web Client reports ON Choose this option to let the Web Client auto matically run scheduled reports WARNING Do not select this option if using the Access Client to run scheduled r...

Page 53: ...ition Tools Expi ration Optional Features and User Group Import User Name Identification screen The User Name Identification screen displays when the IP ID option is selected from the Database menu Th...

Page 54: ...CURITY USER GUIDE Fig 1 2 17 User Name Identification screen with IP ID activated As the administrator of the Server you have the option to either enable or disable this feature for logging users acti...

Page 55: ...used it should be set up to prevent logging NetBIOS requests outside the network If using IP ID note that user login times are established for set periods of 15 minutes and if more than one user logs...

Page 56: ...e enabled these user names will overwrite those that are being imported from the shadow log 2 Click OK to close the alert box and to activate the IP ID and Static IP assignment checkboxes 3 in the IP...

Page 57: ...enter all IP addresses machine names and or usernames the Server should disregard when identifying users Each entry should be made in a separate row 5 After making all necessary entries on this scree...

Page 58: ...reen This Username Display Setting screen displays when the Username Display Setting option is selected from the Data base menu This screen is used for configuring the user name format imported from r...

Page 59: ...he username format in the report 2 Click Add to include this selection in the Raw Log Fields list box below NOTE Follow steps 1 and 2 for each consecutive field to be added to the Raw Log Fields list...

Page 60: ...to the display name is preceded by a backslash 5 Click Apply to save your entries and to display the new username format in the Current Username Display Setting frame NOTE Changes made to username dis...

Page 61: ...een is used for establishing the value amount of time that will be used when tracking the length of a user s stay at a given Web site and the number of times the user accesses that site Fig 1 2 19 Pag...

Page 62: ...the user s activity will be tracked as one visit to that Web site Each time the user exceeds the value entered at the Elapse Time field the user will be tracked as having visited the site an additiona...

Page 63: ...when the Page Defini tion option is selected from the Database menu This screen is used for specifying the types of pages to be included in the detail report for Page searches Fig 1 2 20 Page Definiti...

Page 64: ...ove a page type from the detail report 1 Select the page extension from the Current page types list box 2 Click Remove 3 Click Apply Add a Page Type To add a page type in the detail report 1 Enter the...

Page 65: ...screen displays when the Tools option is selected from the Database menu This screen is used for viewing reports and logs to help you troubleshoot problems with the Client application Fig 1 2 21 Tools...

Page 66: ...ws a list of current SQL queries in the database in the full format that includes all columns of data Tables This report contains a list of the names of tables currently in the database Daily Summary...

Page 67: ...d invalid records that are processed db Nbtlookup This log provides a list of user machine IP addresses from the NetBIOS lookup db Split This log contains information pertaining to the formation of th...

Page 68: ...pdate Log This log gives information about applied software updates MYSQL Log This log provides information pertaining to the MySQL server Error Entry Web Filter This log displays a list of Web Filter...

Page 69: ...reen shows statistics on the amount of data currently stored on the Server box and provides an estimated date when that data will expire By reviewing the current database disk space utilization and th...

Page 70: ...s the indexes for these items When setting up the Server to store data M86 Security recommends that you allocate the highest percentage possible for live data storage since reports run faster if index...

Page 71: ...on the Server based on the storage capacity of the hard drive and the number of hits on the Server After inputting the percentage of live data to be stored the Server translates that figure into the...

Page 72: ...e HH MM SS time format Total number of week s stored the number of weeks represented in the total data date scope Current live data yearweekno date scope the range of dates and times of live data curr...

Page 73: ...mber of archive week s the number of weeks represented in the archive data date scope Database disk space utilization the percentage of space currently being used on the hard drive for both live and a...

Page 74: ...ew entry in the Percentage of live data field in the Change Settings section of this screen and saving the result of your calculations that displays below in the Estimated total week s of live data fi...

Page 75: ...lay results in the following fields below Estimated total week s of live data and Estimated total week s of archive data After viewing your results in these display fields you can adjust the number of...

Page 76: ...quire additional storage space NOTE See Appendix A Evaluation Mode for information about viewing the Expiration screen in the evaluation mode Optional Features screen The Optional Features screen disp...

Page 77: ...ADMINISTRATOR SECTION CHAPTER 2 CONFIGURING THE ER SERVER M86 SECURITY USER GUIDE 71 Fig 1 2 23 Optional Features screen...

Page 78: ...equest Executive Report can be generated by the administrator 1 Click the radio button corresponding to ON to make the Top 20 Users by Blocked Request Executive Report selection available in an admini...

Page 79: ...b time within a given 24 hour period 1 Click the radio button corresponding to ON to make the Wall Clock Time Report selection available in an admin istrator s Custom Reports menu 2 Click Apply to app...

Page 80: ...rom accessing the Administrator console and Web Client after a specified number of failed password entry attempts within a defined interval of time 1 Enable any of the following options At the Passwor...

Page 81: ...tton corresponding to either of the following options ON Choose this option to lock out the user by IP address if the incorrect password is entered for the number of times specified in the Allowable N...

Page 82: ...or Lockout by IP Address option s enabled enter the number of minutes that defines the interval in which a user can enter an incorrect password as specified in the Allowable Number of Failed Password...

Page 83: ...een displays when the User Group Import option is selected from the Database menu This screen is used for specifying Web Filter servers to send LDAP user group membership information to this ER Server...

Page 84: ...er IP address of each Web Filter to send LDAP user group membership data to this ER 2 Click the checkbox corresponding to Import from this Web Filter NOTE If additional Web Filter servers need to be s...

Page 85: ...by email or in writing Hours Regular office hours are from Monday through Friday 8 a m to 5 p m PST After hours support is available for emergency issues only Requests for assistance are routed to a...

Page 86: ...orporate Headquarters USA 828 West Taft Avenue Orange CA 92865 4232 USA Local 714 282 6111 Fax 714 282 6116 Domestic US 1 888 786 7999 International 1 714 282 6111 M86 Taiwan 7 Fl No 1 Sec 2 Ren Ai Rd...

Page 87: ...empt to resolve the issue directly If your issue needs to be escalated you will be given a ticket number for reference and a senior level technician will contact you to resolve the issue If your issue...

Page 88: ...urity warrants that the M86 product s do es not infringe on any third party copyrights or patents This warranty shall not apply to the extent that infringement is based on any misuse or modification o...

Page 89: ...voice line Technical support information Online http www m86security com support Toll Free 888 786 7999 press 3 Telephone 1 714 282 6111 press 3 E mail support m86security com Have the following infor...

Page 90: ...rnished as necessary to maintain the proper operational condition of the product s If parts are discontinued from production during the Warranty Period immediate replacement product s or hardware part...

Page 91: ...ate the ER Server to function in the activated mode Administrator Console When accessing the Server Server Status screen for the first time the ER Status pop up box opens to inform you that the ER uni...

Page 92: ...extending the evaluation period or by activating the unit so that it can be used in the activated mode NOTE The message EVALUATION MODE MAX DATA STORAGE X WEEKS also displays at the top of the Expirat...

Page 93: ...e unit in the evaluation mode click the X in the upper right corner of the ER Status pop up box to close it Expiration screen In the evaluation mode the Expiration screen can only be used for viewing...

Page 94: ...erver Thus the Save button is not included at the bottom of the screen Change the Evaluation Mode After the designated evaluation period has expired you may extend your evaluation period or activate t...

Page 95: ...luation Extension or Full Activation 4 Click Send Information After M86 obtains your informa tion a technical support representative will issue you an activation code 5 Return to the Activation Page s...

Page 96: ...op up blocking software for the following products Yahoo Toolbar Google Toolbar AdwareSafe and Windows XP Service Pack 2 SP2 Yahoo Toolbar Pop up Blocker Add the Client to the White List If the Client...

Page 97: ...Blocker dialog box Fig B 2 Allow pop ups from source 3 Select the source from the Sources of Recently Blocked Pop Ups list box to activate the Allow button 4 Click Allow to move the selected source to...

Page 98: ...White List To add the Client to the white list so that it will always be allowed to pass go to the Google Toolbar and click the blocked icon Fig B 3 blocked icon enabled Clicking this icon toggles to...

Page 99: ...p up blocking Popup protection off by clicking the pop up icon 1 In the IE browser go to the SearchSafe toolbar and click the icon for popups blocked to toggle to Popup protec tion off This action tur...

Page 100: ...up Pop up Blocking There are two ways to enable the pop up blocking feature in the IE browser Use the Internet Options dialog box 1 From the IE browser go to the toolbar and select Tools Internet Opt...

Page 101: ...ar and select Tools Pop up Blocker Turn On Pop up Blocker Fig B 6 Toolbar setup When you click Turn On Pop up Blocker this menu selec tion changes to Turn Off Pop up Blocker and activates the Pop up B...

Page 102: ...e the IE Toolbar 1 With pop up blocking enabled go to the toolbar and select Tools Pop up Blocker Pop up Blocker Settings to open the Pop up Blocker Settings dialog box Fig B 7 Pop up Blocker Settings...

Page 103: ...ools Pop up Blocker Pop up Blocker Settings to open the Pop up Blocker Settings dialog box see Fig B 7 2 In the Notifications and Filter Level frame click the checkbox for Show Information Bar when a...

Page 104: ...6 SECURITY USER GUIDE 3 Click Yes to add the Client to your white list and to close the dialog box NOTE To view your white list go to the Pop up Blocker Settings dialog box see Fig B 7 and see the ent...

Page 105: ...nsole 17 alert box terminology 4 archive data setup on Server 63 terminology 64 B back up data internal on demand backup 28 to remote server 29 backup procedures 26 Backup screen 26 Block Request Coun...

Page 106: ...0 diagnostic reports 60 evaluation mode 85 troubleshoot problems 59 expiration 65 Expiration screen 63 expire data from Server 63 passwords 74 terminology 65 F field terminology 5 File Transfer Protoc...

Page 107: ...Server 63 terminology 64 Locked out Accounts and IPs screen 23 lockout 75 log database status 60 off the Server 16 on the Server 13 M Macintosh 9 Manual Backup button 28 Manual Restore button 30 MySQL...

Page 108: ...erver backup 29 reports diagnostic 60 restart the Server 43 restore data from backup 30 rules elapsed time 56 expiration 65 S Safari 9 screen terminology 6 Search String Reporting 72 Secure Access scr...

Page 109: ...4 text box terminology 6 Tools screen 59 U update software 38 User Group Import screen 77 User Name Identification screen 47 Username Display Setting screen 52 V view diagnostic reports 60 W Wall Clo...

Page 110: ...INDEX 104 M86 SECURITY USER GUIDE...

Reviews:

No comments

Related manuals for M86 IR Enterprise Reporter

Brand: PaloAlto Networks Pages: 2

Brand: IBM Pages: 52

Brand: Fortinet Pages: 26

Brand: Watchguard Pages: 2

Brand: PaloAlto Networks Pages: 2

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands