M86 Security M86 Threat Analysis Reporter, User Manual, Page: 543 / 938

Share

Page: 543 / 938

M86 Security M86 Threat Analysis Reporter User Manual Download Page 543

SR I

NTRODUCTORY

S

ECTION

S

ECURITY

R

EPORTER

O

VERVIEW

M86 S

ECURITY

U

SER

G

UIDE

515

SR I

NTRODUCTORY

S

ECTION

Security Reporter Overview

M86’s Security Reporter (SR) application is comprised of
the System Configuration administrator console and Report
Manager.

Using System Configuration screens, the global adminis-
trator configures the SR to accept log files from the M86
Web Filter—and the M86 Secure Web Gateway, if this
filtering device is added to the device registry—“normalize”
the transferred data, and insert them into a MySQL data-
base the Report Manager accesses to provide snapshots of
end user Internet and/or network activity.

Using the Report Manager, the global administrator sets up
group administrator accounts and grants these users
access to designated sections in the Report Manager and
System Configuration console, as applicable.

Administrators consult Report Manager dashboards for a
high level picture of real time network Internet traffic, and
then drill down into the URL categories or bandwidth
gauges to quickly identify the source of user-generated Web
threats. For further investigation of end user Internet usage,
administrators generate productivity report views and inter-
rogate massive datasets until the desired view is obtained.
This “view” can be memorized and saved to a user-defined
report menu for repetitive, scheduled execution and distri-
bution.

If using an M86 Secure Web Gateway (SWG) appliance
with the WFR, security reports show potentially harmful end
user Internet/network activity that was halted by the SWG.

The SR targets threats to your network, thus arming you
with the capability to take immediate action for terminating
the source and securing your network.

«
...
541
542
543
544
545
...
»

Summary of Contents for M86 Threat Analysis Reporter

Page 1: ...M86 Web Filtering and Reporting Suite USER GUIDE Software Version 4 2 00 Document Version 10 10 11...

Page 2: ...umentation and disclaims any implied war ranties of merchantability and fitness for a particular purpose M86 Security shall not be liable for any error or for incidental or consequential damages in co...

Page 3: ...ion Requirements 6 How to Use the WFR on the Web 7 Initial Setup 7 Access the WFR Welcome Window 7 Single Sign On Access 9 Access all applications from the SR UI 9 Default Usernames and Passwords 10 T...

Page 4: ...s 32 Service Ports 33 Rules 33 Minimum Filtering Level 33 Filter Settings 34 Filtering Rules 35 Filtering Levels Applied 35 Chapter 2 Logging and Blocking 38 Web Access Logging 38 Instant Messaging Pe...

Page 5: ...Backup File to Set up a Source Server 55 Set up a Target Server as a Source Server 55 Set up a Replacement Target Server 56 Set up a New Source Server from Scratch 56 Set up a Target Server as a Sourc...

Page 6: ...cify the Time Zone Language Set 100 Block Page Route Table window 101 Add a Router 102 Remove a Router 102 Administrator 103 Administrator window 103 View Administrator Accounts 104 Add an Administrat...

Page 7: ...ion about a Software Update 137 Select and Apply a Software Update 138 Undo an Applied Software Update 142 Software Update Log window 143 View Log Contents 143 Download Log View Print Contents 144 Syn...

Page 8: ...Reset window 180 Radius Authentication Settings 181 Radius Authentication Settings window 181 Enable Radius 182 Disable Radius 183 SNMP 184 SNMP window 184 Enable SNMP 184 Specify Monitoring Settings...

Page 9: ...ota Block Page 222 Quota Notice Page Customization window 224 Add Edit Entries 224 Preview Sample Quota Notice Page 225 CMC Management 227 Software Update Management window 227 View Software Update In...

Page 10: ...nt setup and configuration 275 Minimum Filtering Level window 277 Minimum Filtering Categories 278 Port 280 Minimum Filtering Bypass Options 281 Refresh All 282 Refresh All Main Branches 282 IP 283 Ad...

Page 11: ...308 Weighting Library Categories 309 NNTP Newsgroup 310 NNTP Newsgroup window 310 Add a Newsgroup to the Library 310 Remove a Newsgroup from the Library 311 Pattern Detection Whitelist 312 Pattern Det...

Page 12: ...ormat 349 Shadow Log Format window 349 Specify the Shadow Log Format 349 Apply Setting 350 WF GROUP ADMINISTRATOR SECTION 351 Introduction 351 Chapter 1 Policy screen 352 IP 353 Refresh 353 Refresh th...

Page 13: ...398 Add an IP Sub Group 398 Add Individual IP 399 Add an Individual IP Member 399 Delete Group 400 Delete a Master IP Group Profile 400 Paste Sub Group 400 Paste a Copied IP Sub Group 400 Sub Group 40...

Page 14: ...418 URLs window 419 View a List of URLs in the Library Category 420 Add or Remove URLs or Wildcard URLs 421 Upload a Master List to the Library 423 Reload the Library 427 URL Keywords window 427 View...

Page 15: ...52 Add Override Account to the White List 452 Google Toolbar Pop up Blocker 454 If Pop up Blocking is Enabled 454 Add Override Account to the White List 454 AdwareSafe Pop up Blocker 455 If Pop up Blo...

Page 16: ...obile Client Section 474 Download and Install the Deployment Kit 475 Access the Mobile Client Deployment Tool window 478 Configure a New Package Set 479 Edit a Package Configuration 493 View Package C...

Page 17: ...ccounts and IPs screen 540 View Locked Accounts IP addresses 541 Unlock Accounts IP addresses 541 Server Menu 542 Backup screen 542 Backup and Recovery Procedures 543 Set up Edit External Backup FTP P...

Page 18: ...rrent Page Types 563 Remove a Page Type 564 Add a Page Type 564 Tools screen 565 View Diagnostic Reports 566 View Database Status Logs 566 Generate Technical Support Report Package 568 Expiration scre...

Page 19: ...dit Admin Detail 609 View Admin Details 609 Edit Account Info 610 Delete Admin 611 Chapter 2 Database Management 612 HTTPS Configuration panel 612 Generate a Self Signed Certificate for the SR 613 Cre...

Page 20: ...evice registry 634 Edit Policy Server criteria change password 635 Delete a Policy Server from the device registry 637 LDAP Server Device Management 637 Add an LDAP Server to the device registry 637 I...

Page 21: ...port a Summary Report 670 PDF format 670 CSV format 672 PNG format 673 Sample Reports 674 Sample Report types 675 View Export a Sample Report 676 View Sample Report contents 676 Export the Sample Repo...

Page 22: ...w Components 700 Report Fields and Usage 700 Type field 700 Date Scope and date fields 701 Number of Records fields 703 Filter and Filter String fields 703 Sort By and Limit summary result to fields 7...

Page 23: ...d Report 731 Run a Saved Report 732 Delete a Report 733 Report Schedule 734 View Details for a Scheduled Report Run Event 735 Edit a Scheduled Report Run Event 736 Add a Report Run Event to the Schedu...

Page 24: ...nge Gauges 775 Hide a gauge 777 Disable a gauge 777 Show a gauge 777 Rearrange the gauge display in the dashboard 777 Delete a gauge 778 View End User Gauge Activity 779 View Overall Ranking 779 View...

Page 25: ...9 View gauge activity for a different time period 809 Analyze gauge activity in a pie chart 810 Analyze gauge activity in a line chart 810 View In Outbound bandwidth gauge activity 812 Print a trend c...

Page 26: ...1 Chapter 2 Security Report Wizard 843 Create a Custom Security Report 843 Specify Report Details 843 Select Users 845 Specify Email Settings 847 Schedule Run a Report using the Wizard 848 SR APPENDIC...

Page 27: ...1 AdwareSafe Pop up Blocker 872 Disable Pop up Blocking 872 Mozilla Firefox Pop up Blocker 873 Add the Client to the White List 873 Windows XP SP2 Pop up Blocker 875 Set up Pop up Blocking 875 Use the...

Page 28: ...CONTENTS xxviii M86 SECURITY USER GUIDE INDEX 887...

Page 29: ...hrough flexible drill down technology until the desired view is obtained This view can then be memorized and saved to a user defined report menu for repetitive scheduled execution and distribution The...

Page 30: ...support Web Filter WF Refer to this portion for information on configuring and maintaining the Web Filter application Security Reporter SR Refer to this portion for infor mation on configuring and us...

Page 31: ...ip icon is followed by italicized text giving you hints on how to execute a task more efficiently WARNING The warning icon is followed by italicized text cautioning you about making entries in the app...

Page 32: ...mance server equipped with RAID Two or four high capacity hard drives Optional One or more attached NAS storage devices e g Ethernet connected SCSI Fibre Channel connected SAN Software Linux OS Admini...

Page 33: ...d with the SR High speed access to the WFR server by authorized client workstations Internet connectivity for downloading Java virtual machine if not already installed Port 1443 must be available for...

Page 34: ...r the Administrator consoles to function properly NOTES Information about disabling pop up blocking software can be found in WFR Appendix I Disable Pop up Blocking Soft ware End User Workstation Requi...

Page 35: ...is running the server should be connected to a UPS or other battery backup system Once you turn on the WFR server DO NOT interrupt the initial boot up process This process may take from five to 10 mi...

Page 36: ...sec cert wfr4 2 pdf 3 Click Go to open the Welcome window of the WFR user interface Fig 1 1 1 WFR Welcome window Using this portal you can click the icon corresponding to Web Filter or Security Report...

Page 37: ...username and password combination set up in the wizard hardware installation process is saved in the Web Filter System Adminis trator Admin account type profile Also be sure the host name for the WFR...

Page 38: ...r and Security Reporter are identical admin but the pass words are dissimilar the SSO feature will not function Thus in order to use SSO M86 recommends setting up an admin istrator account in the Web...

Page 39: ...ring a user s filtering profile to comply with your organization s Internet usage policy based on the end user s Internet usage habits About this Portion of the User Guide The Web Filter portion of th...

Page 40: ...s and to configure the Web Filter for filtering the entire network WF Group Administrator Section This section includes information for administrators authorized by the global administrator to manage...

Page 41: ...og box window or screen used for indi cating whether or not you wish to select an option This object allows you to toggle between two choices By clicking in this box a check mark or an X is placed ind...

Page 42: ...t displays rows and columns of data as a result of various processes This data can be reorganized in the Administrator console by changing the order of the columns list box an area in a dialog box win...

Page 43: ...reen that contains a down arrow to the right When you click the arrow a menu of items displays from which you make a selection radio button a small circular object in a dialog box window or screen use...

Page 44: ...f a sub topic is selected the window for that sub topic displays in the right panel of the screen or a pop up window or an alert box opens as appro priate text box an area in a dialog box window or sc...

Page 45: ...apsed By double clicking the item a minus sign replaces the plus sign and any entity within that branch of the tree displays An item in the tree is selected by clicking it window a window displays on...

Page 46: ...ion User Guide at http www m86security com support wf documentation asp for information on setting up and using authentication synchronize multiple Web Filter units so that all servers will be updated...

Page 47: ...ATIONS M86 SECURITY USER GUIDE 19 Chapter 1 Filtering Operations Operational Modes Based on the setup of your network the Web Filter can be configured to use one of these operational modes for filteri...

Page 48: ...each IP packet on the same Ethernet segment The unit will only intercept a session if an inappropriate request was submitted by a client In this scenario the Web Filter returns a message to the client...

Page 49: ...ock message 4 is sent to the user plus a terminate message 4 is sent to the Internet server A Web Filter set up in the invisible mode can also work in the router mode Figure 1 1 2 illustrates an examp...

Page 50: ...is inappropriate a block page is returned to the client to replace the actual requested Web page or service Since only outgoing packets need to be routed and not return packets the Web Filter only ap...

Page 51: ...e Web Filter set up in this mode the unit will filter all requests If the request is appropriate the original packet will pass unchanged If the request is inappropriate the original packet will be blo...

Page 52: ...ains unfiltered bad cached pages since no request can pass until it is filtered Figure 1 1 5 illustrates an example of a firewall mode setup in which requests are always sent to the caching server In...

Page 53: ...group to be maintained NOTES If authentication is enabled the global administrator can also access the LDAP branch of the tree If multiple Web Filter units are set up on the network and the synchroni...

Page 54: ...s The global administrator adds master IP groups adds and maintains override accounts at the global level and estab lishes and maintains the minimum filtering level The group administrator of a master...

Page 55: ...ioned at the base of the hierarchical tree structure used by end users who do not belong to a group IP group master group master group filtering profile used by end users who belong to the master grou...

Page 56: ...profile set up under X Strikes Blocking in the Filter Options section of the profile Radius profile used by end users on a Radius accounting server if the Radius server is connected to the Web Filter...

Page 57: ...roup and individual IP group members and is customized to allow deny users access to URLs or warn users about accessing specified URLs to redirect users to another URL instead of having a block page d...

Page 58: ...s that are configured to be blocked A URL can be specified for use instead of the standard block page when users attempt to access material set up to be blocked Various filter options can be enabled O...

Page 59: ...rary categories should be blocked left open a set number of minutes in which that category remains open can be defined assigned a warn setting or white listed filter options specify which features wil...

Page 60: ...he heading Category Groups excluding the Custom Categories group Updates to these categories are provided by M86 on an ongoing basis and administra tors also can add or delete individual URLs within a...

Page 61: ...NNTP Secured HTTP Transmission HTTPS and Secure Shell SSH Rules A rule is comprised of library categories to block leave open assign a warn setting or include in a white list Access to an open library...

Page 62: ...executed block if a category or a service port is given a block setting users will be denied access to the URL set up as blocked open if a category or the filter segment detected on the network is gi...

Page 63: ...imum filtering level is defined it applies to all master IP groups and members assigned filtering profiles The minimum filtering level combines with the user s profile to guarantee that categories blo...

Page 64: ...over an authentication profile or a time profile profile locking out the end user from library categories specified in the lockout profile in the TAR module 8 An override account profile takes precede...

Page 65: ...WEB FILTER INTRODUCTORY SECTION CHAPTER 1 FILTERING OPERATIONS M86 SECURITY USER GUIDE 37 Fig 1 1 7 Sample filtering hierarchy diagram...

Page 66: ...locking and or logging the use of Instant Messaging and Peer to Peer services and makes use of Intelligent Footprint Technology IFT for greatly increasing management and control of these popular yet p...

Page 67: ...nt create a network interface that send a network connection through a UDP proxy server which prevents blocking IM P2P Blocking Peer to Peer P2P involves communication between computing devices deskto...

Page 68: ...In the Manual Update to M86 Supplied Categories window accessible via Library Updates Manual Update IM pattern files can be updated on demand Using IM and P2P To solely log IM and or P2P user activit...

Page 69: ...ategories such as IMGEN IMGCHAT IMGTALK ICQAIM IMMSN IMMYSP and or IMYAHOO set up to be blocked the minimum filtering level profile must have both CHAT and specified individual Instant Messaging libra...

Page 70: ...affic with the Range to Detect feature is desired the minimum filtering level profile should not have IM blocked unless blocking all IM traffic with the Range to Detect feature is desired Block P2P fo...

Page 71: ...accesses on the network that user s Internet usage is appropriately filtered and blocked The act of configuring multiple Web Filters to share the same user profile informa tion is known as synchroniza...

Page 72: ...have been iden tified by the source unit via the Synchronization Setup window of the Web Filter console This means that all filtering configuration should be made on the source Web Filter This also me...

Page 73: ...ing from a WFR to a standalone Web Filter server please consult the chart at http www m86security com software 8e6 hlp ifr files 1system_sync_versions html for software version compatibility between t...

Page 74: ...ctivation or user profile update the change is applied locally Once locally applied on the source server this update is sent to all target Web Filters Each target server will then immediately apply th...

Page 75: ...urce server this update will be placed in a queue for submission to target Web Filters The source server will then send the information in the queue to all target servers Each target server will recei...

Page 76: ...lay in activating a library change can take a little longer than in activating a filtering profile change This is due to the fact that the library on the Web Filter is loaded into the physical memory...

Page 77: ...om the source Web Filter For purpose of differentiation these items will be referred to as functionally synchronized for purposes of this user guide These functionally synchronized items will be avail...

Page 78: ...Content settings in the Global Group profile Functionally Synchronized Items Common Customization Block Page Authentication settings Authentication Form Customization Lock Page Customization Warn Page...

Page 79: ...E 51 Quota Setting Non synchronized Items Filter control settings Virtual IP and Authentication IP addresses IP addresses Default routes Software Update application Synchronization settings Filter Mod...

Page 80: ...e keyword additions deletions Keywords in URL additions deletions Functionally Synchronized Items Category Weight System additions deletions Non synchronized Items Common Customization Block Page Auth...

Page 81: ...hanges profile activation deactivation Filter control settings Virtual IP and Authentication IP addresses IP addresses Default routes Software Update application Synchronization settings Filter Mode B...

Page 82: ...server will need to be replaced due to hardware failure In cases in which the source Web Filter server is out of commission for an extended period of time this server should be replaced as soon as pos...

Page 83: ...on to a safe storage place until it is needed 4 In the LAN Settings window accessible via System Network set up IP addresses to be the same as on the source server that is being replaced 5 Go to the R...

Page 84: ...le again and should operate normally Set up a New Source Server from Scratch In the event that you do not have a reliable backup file that can be used for establishing a new source server you must rec...

Page 85: ...lcome window see Access the Web Filter from the WFR Portal by launching an Internet browser window supported by the Web Filter and then entering the Web Filter s URL in the Address field see Enter Web...

Page 86: ...le if your IP address is 210 10 131 34 type in https 210 10 131 34 1443 login jsp Using a host name example if the host name is logo com type in https logo com 1443 login jsp With a secure connection...

Page 87: ...change this username and password go to the Administrator window see the Administrator window of the System screen in the WF Global Administrator Section and create a global admin istrator account NO...

Page 88: ...tware Version number Last Library Update message If it has been more than seven days since the Web Filter last received updates to library categories upon logging into the Administrator console a pop...

Page 89: ...on demand No clicking this button closes the dialog box and displays the welcome screen with the Last Library Update and the following message below in purple colored text Libraries were last updated...

Page 90: ...P domains groups and individual users and their filtering profiles Library clicking this link displays the main screen for the Library section Library section windows are used for adding and maintaini...

Page 91: ...on has been terminated the login window re displays Note that on each screen in the right side of the navigation path bar beneath the banner the following displays X Strikes Blocking icon If the X Str...

Page 92: ...tooltips Access Help Topics Each of the main section screens contains a link beneath the banner When that link is clicked a separate browser window opens with Help Topics for that section Fig 1 4 6 He...

Page 93: ...h bar beneath the banner additional information about that window can be obtained by hovering over that icon with your mouse or by pressing the F1 key on your keyboard Hover Display The yellow tooltip...

Page 94: ...RODUCTORY SECTION CHAPTER 4 GETTING STARTED 66 M86 SECURITY USER GUIDE Help pop up box The Help pop up box opens when you press the F1 key on your keyboard Fig 1 4 8 Help pop up box Click OK to close...

Page 95: ...ministrator console screens and windows use different navigation formats based on the contents of a given screen or window Screens can contain topic links and sub topic menus and or tree lists with to...

Page 96: ...ub topics Some topics in Library and System screens consist of more than one window For these topics clicking a topic link opens a menu of sub topics Fig 1 4 10 Sub topics menu When a sub topic from t...

Page 97: ...rary screens Fig 1 4 11 Tree menu A tree is comprised of a hierarchical list of items An entity associated with a branch of the tree is preceded by a plus sign when that branch of the tree is collapse...

Page 98: ...sub topics Topics in the tree list display by default when the tree is opened Examples of tree list topics are circled in Fig 1 4 12 When a tree list topic is selected and clicked a menu of sub topics...

Page 99: ...here are windows with tabs When selecting a window with tabs from the navigation panel the main tab for that window displays Entries made in a tab must be saved on that tab if the tab includes the App...

Page 100: ...gation Path The navigation path displays at the top of each window Fig 1 4 14 Navigation path This path reminds you of your location in the console The entire path shows the screen name followed by th...

Page 101: ...items is selected click the appropriate button to perform the action on the items Copy and Paste Text To save time when making duplicate data entries text previ ously keyed into the user interface can...

Page 102: ...o open the IP Calculator pop up window If the IP address field in the window on the console is already populated note the IP Calculator pop up window displays the IP address default Netmask in both th...

Page 103: ...tion in this pop up window click Close to close the IP Calculator Re size the User Interface For greater ease in viewing content in any screen re size the browser window by placing your cursor at any...

Page 104: ...n the navigation toolbar at the top of the screen This action opens the Quit dialog box Fig 1 4 16 Quit dialog box 2 Click Yes to return to the Login window 3 Click the X in the upper right corner of...

Page 105: ...cation on the WFR server The global administrator performs the following tasks provides a suitable environment for the server including high speed access to the server by authorized client workstation...

Page 106: ...pics displays in the navigation panel at the left of the screen Main topics in this section include the following Control settings Network settings Administrator account information Secure Logon Diagn...

Page 107: ...s cannot be edited and the following topics and any asso ciated sub topics are not available Block Page Authentication Authentication Radius Authentication Settings X Strikes Blocking and Warn Option...

Page 108: ...network filtering preferences on this server Fig 2 1 2 Filter window Local Filtering is used for specifying whether this server being configured will filter traffic on the network If enabling the HTT...

Page 109: ...n the Target mode NOTE This window displays greyed out if the synchronization feature is used and this server being configured is set up in the Target mode to synchronize both profile and library sett...

Page 110: ...P packet Enable HTTP Packet Splitting Detection By default the feature that automatically detects a split HTTP packet is disabled 1 Click On to enable HTTP Packet Splitting Detection this action displ...

Page 111: ...te High if you want the Web Filter to communicate with HTTPS servers to obtain the certificate with a very strict validation of the return URL If High is selected by default the option is enabled for...

Page 112: ...PROXY library category Web based Proxies Anonymizers must be applied to the group or user s filtering profile Or to block all users from accessing these proxy patterns the global filtering profile and...

Page 113: ...s if the Web Filter currently being configured is set up in the Source mode for synchronization The default setting has All Target s Filtering On Disable Filtering on Target Servers To disable All Tar...

Page 114: ...page that displays when an end user attempts to access a site or service that is set up to be blocked Fig 2 1 3 Block Page Authentication window NOTE This feature is not available if the synchronizati...

Page 115: ...has an Override Account allowing him her to access URLs set up to be blocked at the global or IP group level Re authentication select this option for the re authentication option The user can restore...

Page 116: ...cating users on the network in the event that a user s machine loses its connection with the server or if the server is rebooted This format requires the entry of two backslashes the authentication se...

Page 117: ...e block page HELP Clicking this link takes the user to M86 s Tech nical Support page that explains why access to the site or service may have been denied M86 Security Clicking this link takes the user...

Page 118: ...sage is submitted to the global administrator Options page The Options page displays when the user clicks the following link in the block page For further options click here Fig 2 1 5 Options page The...

Page 119: ...e Account was selected at the Re authentication Options field This option is used by any user who has an override account set up for him her by the global group administrator or the group administrato...

Page 120: ...at the Re authentication Options field Re start your system and re login This phrase displays for Option 3 whether or not either of the other Re authentication Options Re authentication or Web based...

Page 121: ...Chrome he she will see a message specifying that IE is the only browser type supported for re authentication ShutDown window The ShutDown window displays when ShutDown is selected from the Control men...

Page 122: ...boot frame click Reboot to open the Reboot Web Filter dialog box 2 Click Yes to close the dialog box and to launch the Server Status message box informing you that the server is now disconnected When...

Page 123: ...server 3 Click OK to close the Web Filter ready alert box 4 Click OK to close the Server connected alert box 5 You must now re access the Web Filter Administrator console NOTE See the WFR Suite Overv...

Page 124: ...on the network Click the Network link to view a menu of sub topics LAN Settings NTP Servers Regional Setting and Block Page Route Table LAN Settings window The LAN Settings window displays when LAN Se...

Page 125: ...n the network TIP Be sure to place the LAN1 and LAN2 IP addresses in different subnets In the Primary IP field of the DNS frame the default IP address is 4 2 2 1 Enter the IP address of the first DNS...

Page 126: ...ifying IP addresses of servers running Network Time Protocol NTP software NTP is a time synchronization system for computer clocks throughout the Internet The Web Filter will use the actual time from...

Page 127: ...in the Servers list box is only used in the event that the Web Filter cannot access the primary time NTP server specified IP addresses are used in the order in which they display in the list box Add...

Page 128: ...2 1 12 Regional Setting window Specify the Time Zone Language Set In the Details frame the Region US and the Location Pacific display by default To change these settings 1 At the Region pull down menu...

Page 129: ...building and maintaining a list of destina tion based routers the server will use for communicating with other segments of the network You need to set up a route table only if your local network is i...

Page 130: ...tal to which packets will be transferred to and from the Internet TIP Click Calculator to open the IP Calculator pop up window Use this calculator to calculate IP ranges without any overlaps 4 Click A...

Page 131: ...es A Help Desk administrator can verify a user s current filtering profile status and can perform URL and search engine keyword lookups in library categories NOTE See the Group Details window in Chapt...

Page 132: ...st box includes the Account Name and corresponding account Type Admin Sub Admin or Help Desk for each active global administrator LDAP group administrator or help desk administrator previously set up...

Page 133: ...d one special character The password is case sensitive 3 Enter the same new password again in the Confirm Password field If the administrator s account type needs to be changed select the appropriate...

Page 134: ...gs and Logon Management Logon Settings window The Logon Settings window displays when Logon Settings is selected from the Secure Logon menu This window is used for enabling the password expiration fea...

Page 135: ...llowing select from available choices 1 30 90 365 Never Expired make an entry for the number of days until passwords expire NOTE If a user s password has expired when he she enters his her username an...

Page 136: ...ncorrect password At the Lockout by IP address field click the radio button corresponding to either of the following options On Choose this option to lock out the user by IP address if the incorrect p...

Page 137: ...re enters an incorrect password for that same username within the 10 minute timespan a lockout would be made for that username on the third unsuccessful attempt However if the third failed login attem...

Page 138: ...locking usernames and IPs currently locked out of the Web Filter If the user account is a global Admin LDAP group administrator Sub Admin or help desk administrator Help Desk account the areas of user...

Page 139: ...Administrator window Help Desk help desk administrator account set up in the Administrator window Group IP group administrator account set up in the IP branch of the Policy tree Probe Real Time Probe...

Page 140: ...and to remove the locked symbol from the Locked column for the row corre sponding to the username View Locked IP Address Unlock IP Address View Locked IPs The Current Locked IP Addresses frame displa...

Page 141: ...he Admin Sub Admin or Help Desk username from the list 2 Click View Access to open the Assign Access View pop up window Fig 2 1 18 Assign Access View 3 The View Preview assign access frame displays th...

Page 142: ...ub topics System Command View Log File Troubleshooting Mode Active Profile Lookup and Admin Audit Trail System Command window The System Command window displays when System Command is selected from th...

Page 143: ...le free current memory usage iostat CPU usage sar system performance recent logins uptime system uptime df disk usage and dmesg print kernel ring buffer NOTE See Command Selections for a list of comma...

Page 144: ...network configuration This diagnostic tool records each hop the data packet made identifying the IP addresses of gateway computers where the packet stopped en route to its final destination and the l...

Page 145: ...Configuration is used for verifying the server s network interface configuration at bootup When Execute is clicked information about the NIC mode and RX packets and TX packets displays in the pop up w...

Page 146: ...tool shows information on resources being used When Execute is clicked the pop up window shows averages on various statistics These results can be stored in a compact binary format and then viewed at...

Page 147: ...usage information by file system When Execute is clicked rows of disk information display in the Result pop up window including the following information for each disk Filesystem name 1K blocks on th...

Page 148: ...File window View Log Results In the Log File Details frame 1 Select the type of Log File to view Realtime Traffic Log shadow log used for viewing the Internet activity of all users on the network User...

Page 149: ...information on entries made by the admin istrator in the Web Filter console NOTE For information about the Authentication Log Authenti cationServer log eDirectory Agent Debug Log edirAgent log eDirec...

Page 150: ...1 23 Troubleshooting Mode window WARNING This tool utilizes system resources impacting the WFR s performance When you click Enable the Web Filter will stop filtering the network After you finish maki...

Page 151: ...s Mode field the default choice on or off displays based on the operation mode that was selected The promiscuous mode is a mode of operation in which each data packet that is sent will be received and...

Page 152: ...This window is used for verifying whether an entity has an active filtering profile This window also is used for troubleshooting synchronization on target Web Filters to verify whether settings for u...

Page 153: ...pens containing the Result frame that displays profile settings applied to the profile Fig 2 1 25 Active Profile Lookup results The default Login Summary tab displays the following information Domain...

Page 154: ...displays group and library categories with filter settings that determine whether or not the end user can access URLs set up for that category group library category TIP In the Category Groups tree do...

Page 155: ...within that group has a filter setting in a column other than the filter setting designated for all collective library categories within that group For example if in the Adult Content category group s...

Page 156: ...yword Filter Control option selected 4 Click the X in the upper right corner of the pop up box to close it Admin Audit Trail window The Admin Audit Trail window displays when Admin Audit Trail is sele...

Page 157: ...lected by default indicating that transfers will be made via unre stricted outgoing network connections Click Active if transfers will be initiated by the server 4 Type in the Username to be used 5 Ty...

Page 158: ...the View tab Fig 2 1 27 Admin Audit Trail window View tab Click View Log to display data on recent activity For each change made on the server the log will contain the date and time the change was ma...

Page 159: ...cted from the Alert menu This window is used for setting up and maintaining email addresses of contacts who will receive automated notifications if problems on the network are detected during the WFR...

Page 160: ...ve from reaching 100 percent utilization Log File Transmission If the Web Filter is unable to send log files as scheduled to the SR the log files are placed in a queue so they can be sent when a conne...

Page 161: ...t email messages to designated administrators enter the email address of the WFR in the From Email Address field 5 Click Apply to apply your settings Modify Alert Settings 1 Make any of the following...

Page 162: ...e used for sending email alert messages to specified administrators Fig 2 1 29 SMTP Server Settings window Enter Edit SMTP Server Settings 1 Enter the SMTP Server name for example mail logo com 2 By d...

Page 163: ...ername b Enter the Password and make the same entry in the Confirm Password field 5 Click Apply to apply your settings Verify SMTP Settings To verify that email messages can be sent to a specified add...

Page 164: ...ate menu This window is used for viewing information about software updates previously applied to this server or currently available to apply This screen is also used for accepting LA Beta software do...

Page 165: ...tained Read Information about a Software Update In either the Available Software Updates frame or the History of Software Updates frame the Date Name Type of update GA LA or Beta and Synopsis are incl...

Page 166: ...GA software updates or LA Beta software updates if the download and installation of LA Beta software updates has been enabled in the Enable Disable Software Update Type Download frame see the Enable...

Page 167: ...tware update application process Fig 2 1 35 Software update verification message box NOTE To verify whether or not a software update has been successfully applied go to System Diagnostics View Log Fil...

Page 168: ...frame is used for enabling or disabling the download of Limited Availability LA and Beta software updates By default all active WFRs will receive General Availability GA software downloads Clicking th...

Page 169: ...E and Apply Now Click Apply Now to open the Software Update Installa tion Key pop up box Fig 2 1 37 Software Update Installation Key box 2 If you have an installation key for receiving LA or Beta soft...

Page 170: ...acceptance dialog box and to open the End User License Agreement dialog see Fig 2 1 34 5 Follow steps 4 and 8 in the preceding General Software Installation Procedures sub section to accept the EULA a...

Page 171: ...Update Log window displays when Software Update Log is selected from the Software Update menu This window is used for viewing the software update log that provides the status on the WFR s software upd...

Page 172: ...oad is completed In the file download dialog box select the save option this action opens the window on your worksta tion where you specify the filename for the file and where to save the file 3 Selec...

Page 173: ...has been downloaded to your workstation you can view its contents 1 Find the log file in the folder and right click on it to open the pop up menu Fig 2 1 41 Folder containing downloaded file 2 Choose...

Page 174: ...en the window containing the zip file Fig 2 1 43 WinZip window 4 Right click the zip file to open the pop up menu and choose View to open the View dialog box Fig 2 1 44 View dialog box 5 Select Intern...

Page 175: ...h to save or print the contents of this file 1 Click Clipboard Copy wait for the dialog box to open and confirm that the text has been copied to the clip board and then click OK to close the dialog bo...

Page 176: ...ntioned manner the menu option for Status also becomes available in the pop up menu If the Web Filter is set up to send profile library setting changes that Web Filter will function as a Central ized...

Page 177: ...rs as targets so that user profiles and or library settings can be copied to other servers This process ensures that all servers run in parallel on the network thereby eliminating the need to manually...

Page 178: ...b Filter to be a Source Server A Web Filter configured to be a source server will send profile library setting changes to other Web Filter target servers WARNING If a Web Filter is set up in the Sourc...

Page 179: ...pliance Watchdog software release 3 0 00 must first be installed on a separate workstation and set up to watch that Web Filter Go to http www m86security com support Watchdog documentation asp to down...

Page 180: ...rresponding Location information if applicable in the list box The following optional steps can be performed Follow steps 5 to 7 for each server that should receive profile library setting changes fro...

Page 181: ...the second scenario the source server has failed and needs to be replaced with another server One of the target servers is promoted to function as the new source server The newly designated source se...

Page 182: ...Source IP frame enter the Source IP address to use for sending profile library setting changes to this server being configured NOTE If a source server is set up with a NAT device the NAT IP address m...

Page 183: ...Status window The Status window displays when Status is selected from the Synchronization menu This menu selection is available only if this server currently being configured is either set up in the...

Page 184: ...zation last occurred for the target server TIPS The order in which columns display in the grid can be changed by clicking the column header and sliding the column to another position in the grid To ch...

Page 185: ...ly synced to a specified target server 1 In the History column for that server click Details to open the History of Target pop up window 2 Select the maximum Last Number of Lines from the pull down me...

Page 186: ...the Web Filter System Time displays above the Target Sync Status frame This is the current date and time from the Web Filter using the YYYY MM DD and HH MM SS format and includes the UTC code for the...

Page 187: ...and time of the last successful synchronization displays using the YYYY MM DD and HH MM SS format History Log Click the Details button to open the History of Target pop up window See View Items Previ...

Page 188: ...use to filter the network and the settings the Web Filter will use for listening to traffic and sending traffic This window is also used for configuring the Web Filter to perform other opera tional c...

Page 189: ...u need any assis tance with setup procedures NOTE If using the firewall mode the bandwidth module in the Security Reporter will not capture incoming traffic Specify the Listening Device In the Listeni...

Page 190: ...s Choose from either of the two Protocol Methods Send Block Page via ARP Table this option uses the Address Resolution Protocol method to find the best possible destination MAC address of a specified...

Page 191: ...l solely work with ICAP requests from an ICAP client proxy server When an end user makes a request for Internet content this request is routed to the proxy server which then submits the request to the...

Page 192: ...default 30 displays 4 In the Options TTL in Sections 0 86400 field enter the time in seconds in which the options response is valid By default 3600 displays 5 In the Preview Bytes 0 4096 field enter t...

Page 193: ...nization NOTE See Appendix D Mobile Client for information on setting up and using the Mobile Client Apply Operation Mode Settings Click Apply to apply your settings in the Mode frame Proxy Environmen...

Page 194: ...ck Apply to apply your setting Use Proxy Port 80 In the Proxy Port 80 Setting frame the default setting is Disable To specify that the public proxy server will channel https traffic through Port 80 1...

Page 195: ...ion link to view a menu of sub topics Enable Disable Authentication Authentication Settings and Authentication SSL Certificate NOTES Information about these sub topics can be found in the M86 Web Filt...

Page 196: ...tings modifications later if necessary Fig 2 1 55 Backup Restore window Backup tab WARNING A backup should be created and downloaded off the WFR server whenever a change is made to filtering settings...

Page 197: ...umn Backup Procedures M86 recommends performing backup procedures whenever changes are made to system configurations or to library configurations By creating backup files and saving these files off th...

Page 198: ...ose the dialog box and to open the Backup Restore alert box that informs you it may take some time to back up configurations based on the amount of data to be saved 5 Click OK to close the Backup Rest...

Page 199: ...ame for FTP transfers 4 In the Password and Confirm Password fields type in the password for the username specified in the FTP Directory field 5 Click Apply to open the Server Configuration dialog box...

Page 200: ...range criteria a Select from a list of time slots incremented by 15 minutes 12 00 to 11 45 By default the Start field displays the closest 15 minute future time and the End field displays a time that...

Page 201: ...n is made enter the interval for the number of days this time profile will be used By default 1 displays indicating this profile will be used each day during the specified time period If 5 is entered...

Page 202: ...ed and the Third Weekday are selected this profile will be used every three months on the third week day of the month If the month begins on a Thursday for example May 1st the third week day would be...

Page 203: ...time profile will be effective up to a given date No end date If this selection is made the time profile will be effective indefinitely End by If this selection is made by default today s date displa...

Page 204: ...ox containing a message on how to download the log file to your worksta tion if using Windows XP 3 Click OK to close the alert box and to open the file down load dialog box 4 Select the save option th...

Page 205: ...urations grid you must upload it to the server WARNING Be sure the file you are restoring uses the same version of the software currently used by the Web Filter Adminis trator console Refer to the Loc...

Page 206: ...e to upload this file to the server If the file is successfully uploaded the pop up window s banner name says Upload Successful After a few seconds the pop up window closes 7 Click Refresh to display...

Page 207: ...pen the Backup Restore Log pop up box Fig 2 1 60 Backup Restore pop up box The pop up box includes rows of data about backup and restore processes performed via the Backup Restore window The following...

Page 208: ...SCREEN 180 M86 SECURITY USER GUIDE Reset Reset window The Reset window displays when Reset is selected from the navigation panel This function used for resetting the server to factory default settings...

Page 209: ...ngs topic does not display if the synchronization feature is used and this server being configured is set up in the Target mode to synchronize both profile and library setting changes The Radius featu...

Page 210: ...e transferred Click the radio button corresponding to Network Byte Order to transfer the most significant byte first Click the radio button corresponding to Host Byte Order to use the byte order store...

Page 211: ...Radius server Enter an Authenticated Phrase to be shared by the Radius server and NAS At the Copy Proxy State field click the On radio button if you wish to copy the proxy state attribute to the pack...

Page 212: ...working status of the Web Filter s filtering on a network Fig 2 1 63 SNMP window The following aspects of the WFR are monitored by SNMP data traffic sent received by a NIC CPU load average at a given...

Page 213: ...Access Control List 1 In the Enter new IP to add field enter the IP address of an interface from to which the SNMP should receive send data 2 Click Add to include the entry in the Access control list...

Page 214: ...ure Detection window The Hardware Failure Detection window displays when Hardware Failure Detection is selected from the navigation panel This feature shows the status of each drive on the RAID server...

Page 215: ...the hard drive number and no other text displays on the screen If any of the hard drives has failed the message FAIL displays to the right of the hard drive number and instruc tions for replacing the...

Page 216: ...tempts to such sites Unacceptable Internet sites pertain to sites included in categories that are blocked in a user s profile Fig 2 1 66 X Strikes Blocking window Configuration tab NOTES The X Strikes...

Page 217: ...the strike that will lock out that user from his her Internet access The default setting is 5 and the maximum limit is 1440 minutes 24 hours 4 Enter the number of seconds for the Flood Tolerance Delay...

Page 218: ...workstations Click Reset All Strikes to remove all strikes from all workstations and to unlock all locked workstations Click Unlock All Locks to remove locks on all locked workstations Lock Page A us...

Page 219: ...ed Life Time field passes or unless an authorized staff member manually unlocks that user s workstation see Go to X Strikes Unlock Workstation GUI in this section Overblocking or Underblocking NOTES I...

Page 220: ...s scenario the first strike would be delivered at 0 seconds the second at 4 seconds the third at 8 seconds the fourth at 12 seconds and the fifth at 16 seconds If the configuration settings for this e...

Page 221: ...the specified recipient s 2 In the Interval Minutes to Wait Before Sending Alerts 24 hours field enter the number of minutes within the 24 hour period that should elapse between email alerts For examp...

Page 222: ...n individual who will receive locked workstation email alerts 2 Click Add to include the email address in the Current Email Alerts list box NOTE The maximum number of email alert recipients is 50 If m...

Page 223: ...d to unlock workstations 2 Enter the user s password in the Password and Confirm Password fields using eight to 20 characters and at least one alpha character one numeric character and one special cha...

Page 224: ...name to the Current Un Accessible Users list box Delete a Logon Account To delete a user s account 1 Select the username from the Current Accessible Users list box 2 Click Delete WARNING By deleting a...

Page 225: ...elect library categories from the No Strike Categories list box 2 Click the right arrow to move the selected library cate gories to the Strike Categories list box TIP Use the left arrow to move select...

Page 226: ...king icon or Go to X Strikes Unlock Workstation GUI either the Re login window or the X Strikes Unlock Workstation pop up window opens Re login window The Re login window opens if the user s session n...

Page 227: ...ig 2 1 73 X Strikes Unlock Workstation window Unlock a Workstation To unlock a specified workstation 1 Select that workstation from the grid 2 Click Unlock NOTE An authorized staff member can click a...

Page 228: ...w Enter the Username and Password and click OK to open the X Strikes Unlock Workstation pop up window see Fig 2 1 70 The Web Filter Introductory Window for X Strikes simultaneously opens with the Logi...

Page 229: ...l address in the Email Address to be Subscribed Unsubscribed text box 2 Click Subscribe Remove an Email Address from the Alert List To remove an administrator s email address from the notifi cation li...

Page 230: ...r specify the number of minutes for the interval of time in which a warning page will redisplay for the end user who accesses a URL in a library category with a Warn setting for his her profile If the...

Page 231: ...in the Target mode to synchronize both profile and library setting changes See the Warn Page Customization window in this chapter for information on customizing text in the warning page that displays...

Page 232: ...link to view a menu of sub topics Common Customization Authentication Form Lock Page Block Page Warn Page Profile Control Quota Block Page Quota Notice Page NOTES All Customization windows display gre...

Page 233: ...ts to be included in block lock profile and warning pages and or the authentication request form the end user will see Fig 2 1 77 Common Customization window By default in the Details frame all elemen...

Page 234: ...splays Blocked URL followed by the blocked URL in block pages Copyright Display if enabled displays M86 Web Filter copyright information at the footer of block and lock pages and the authentication re...

Page 235: ...d email address specified in the Submission Email Address field described below is accessible to the end user by clicking the click here link NOTE If enabling the Submission Review Display feature an...

Page 236: ...s will see when attempting to access Internet content blocked for their profiles and their workstations are currently locked Entries saved in this window display in the customized lock page if these f...

Page 237: ...be displayed beneath the lock page header Any entries made in these fields will display centered in the customized lock page using the Arial font type 2 At the Explanation Display field by default On...

Page 238: ...tion window Fig 2 1 79 Sample Customized Lock Page By default the following data displays in the User Machine frame User Machine field The username displays for the LDAP user This field is blank for t...

Page 239: ...tomization window The Block Page Customization window displays when Block Page Customization is selected from the Customization menu This feature is used if you want to display customized text and inc...

Page 240: ...er a static header to be displayed at the top of the block page In the Description field enter a static text message to be displayed beneath the block page header In the Link Text field enter text for...

Page 241: ...Block Page By default the following data displays in the User Machine frame User Machine field The username displays for the LDAP user This field is blank for the IP group user IP field The user s IP...

Page 242: ...r to the Options window NOTE See the Options page in the Block Page Authentication window sub section for information on options that display in the Options window To submit this blocked site for revi...

Page 243: ...ow end users will see if attempting to access a URL in a library category set up with a Warn setting for his her profile Entries saved in this window display in the warning page if these features are...

Page 244: ...ld enter a static text message to be displayed beneath the warning page header In the Link Text field enter text for the link s URL and in the Link URL field enter the corresponding hyper link in plai...

Page 245: ...in the Common Customization window Fig 2 1 83 Sample Customized Warning Page By default the following data displays in the User Machine frame User Machine field The username displays for the LDAP use...

Page 246: ...s warning page will redisplay and the user must click this button once more in order to continue accessing the URL NOTE If using the Real Time Probe feature in the Real Time Information box the Filter...

Page 247: ...ected from the Customization menu This window is used with the Override Account feature and lets you customize text in the pop up window end users with override accounts will see when logging into the...

Page 248: ...er a static header to be displayed at the top of the profile control pop up window In the Warning Text field enter a static text message to be displayed at the bottom of the pop up window 2 Click Appl...

Page 249: ...s a quota time limit set for a passed category in his her profile and has attained or exceeded that limit Fig 2 1 85 Quota Block Page Customization window TIP An entry in any of the fields in this win...

Page 250: ...Arial font type 2 Click Apply TIP Click Restore Default and then click Apply to revert to the default settings in this window Preview Sample Quota Block Page 1 Click Preview to launch a separate brows...

Page 251: ...are included in the quota block page HELP Clicking this link takes the user to M86 s Tech nical Support page that explains why access to the site or service may have been denied M86 Security Clicking...

Page 252: ...time limit set for a passed category in his her profile and has used 75 percent of the allotted time in that category Fig 2 1 87 Quota Notice Page Customization window TIP An entry in any of the field...

Page 253: ...the Quota Percentage Display is enabled indicating the percentage of quota used by the individual will display in the quota notice page Click Off to not display this information in the quota notice p...

Page 254: ...wing standard links are included in the quota notice page HELP Clicking this link takes the user to M86 s Tech nical Support page that explains why access to the site or service may have been denied M...

Page 255: ...anagement window The Software Update Management window displays when Software Update Management is selected from the CMC Management menu This window is used for viewing soft ware updates currently app...

Page 256: ...abled in the Local Software Update window or N A if no new software update is available Download Date date the latest software update was downloaded to the server or N A if none is available NOTE Defi...

Page 257: ...he Local Software Updates window for information about the EULA and applying software updates Only a software update number that is lesser to or equal to the source server s software update number can...

Page 258: ...w Filtering Status Information The Status frame displays the following columns of informa tion Hostname Location criteria entered in the LAN Settings window for the source server s hostname or the inf...

Page 259: ...DD format if this information is available TIPS The order in which columns display in the grid can be changed by clicking the column header and sliding the column to another position in the grid Colum...

Page 260: ...igure URL hits that along with quotas specified in filtering profiles determine when a user will be blocked from further accessing URLs in a library group category This window is also used for resetti...

Page 261: ...anging from one second to 3600 seconds one hour As an example of how a quota works in conjunction with hits if a quota is set to 10 minutes and the number of seconds per hit is set to 10 seconds then...

Page 262: ...be able to access URLs in any library group category with a quota Set up a Schedule to Automatically Reset Quotas A schedule can be set up to reset all quotas at the appointed hour s minute s each day...

Page 263: ...emove the quota reset time from the list box TIP After making all configuration settings in this window during this session click Apply Quota Notice page When the end user has spent 75 percent of time...

Page 264: ...eld is blank for the IP group user By default the following standard links are included in the quota notice page HELP Clicking this link takes the user to M86 s Tech nical Support page that explains w...

Page 265: ...ing a quota block page the end user will not be able to access content in that library group category until the quota is reset By default the following fields display Category field The name of the li...

Page 266: ...plains why access to the site or service may have been denied M86 Security Clicking this link takes the user to M86 s Web site SSL Certificate SSL Certificate window The SSL Certificate window display...

Page 267: ...signated group administrator creates sub groups and individual IP members and adds and maintains their filtering profiles For the LDAP domain branch the global administrator must first set up authenti...

Page 268: ...w a menu of topics or actions that can be performed for that entity NOTES Information on LDAP groups can be found in the M86 Web Filter Authentication User Guide Information on creating filtering prof...

Page 269: ...eature is used and this Web Filter being configured is set up in the Target mode to synchronize both profile and library setting changes the only sub topic that displays is Range to Detect Range to De...

Page 270: ...e The Mandatory Settings tab provides examples of settings that can be made NOTE If this Web Filter is using the Source mode and the Upstream Failover Detect feature is enabled if a downstream target...

Page 271: ...Wizard clicking this button takes you to the Range to Detect Setup Wizard Follow the instructions in the Range to Detect Setup Wizard sub section to complete the addition of the segment on the networ...

Page 272: ...Settings made using the Wizard are saved in Step 6 Step 1 In this step you define the source IP address es to be filtered Fig 2 2 5 Range to Detect Setup Wizard Step 1 Since the first four pages of th...

Page 273: ...he next page of the Wizard NOTE Click Cancel to be given the option to return to the main Range to Detect Settings window Step 2 Optional In this step you define the destination IP address es to be fi...

Page 274: ...window Step 3 Step 4 Optional In this step you define the destination IP address es to be excluded from filtering Any entries from the list box in Step 1 automatically display in the list box above NO...

Page 275: ...POLICY SCREEN M86 SECURITY USER GUIDE 247 Fig 2 2 8 Range to Detect Setup Wizard window Step 4 Step 5 Optional In this step you enter destination port numbers to be excluded from filtering Fig 2 2 9 R...

Page 276: ...ick Remove 3 Click Next to go to the last page of the Wizard Step 6 In this final step of the Wizard you review your entries and make modifications if necessary Fig 2 2 10 Range to Detect Setup Wizard...

Page 277: ...gs window Fig 2 2 11 Range to Detect Advanced Settings window 1 Enter the settings in the list box using the correct syntax Refer to the examples above TIP Use the Calculator to calculate IP ranges wi...

Page 278: ...he segment Start the Setup Wizard clicking this button takes you to Step 6 of the Range to Detect Setup Wizard see Fig 2 2 10 Follow the instructions in the Range to Detect Setup Wizard sub section fo...

Page 279: ...are Rule2 BLOCK Porn Rule3 Block IM and Porn Rule4 M86 CIPA Compliance which pertains to the Chil dren s Internet Protection Act and Rule5 Block All By default Rule1 displays in the Rule field BYPASS...

Page 280: ...green circle in the Pass column TIP In the Category Groups tree double click the group enve lope to open that segment of the tree and to view library catego ries belonging to that group To change the...

Page 281: ...d then pressing the Shift key on your keyboard while clicking the last category and then double clicking in the appropriate column 4 Make a selection from the Uncategorized Sites pull down menu to spe...

Page 282: ...o include your rule to the list that displays in the pull down menu Modify a Rule After a rule is added it can later be modified To make changes to a rule 1 Select the rule from the Current Rules pull...

Page 283: ...splays when Global Group Profile is selected from the Global Group menu This window is used for viewing creating the global default filtering profile that will be used by all users on the network unle...

Page 284: ...nd Pornography Adult Content indicating that the end user can access URLs in all other library categories This filter setting is designated by the check mark inside a green circle in the Pass column f...

Page 285: ...ropriate column Blocks of categories can be assigned the same filter setting by clicking the first category and then pressing the Shift key on your keyboard while clicking the last category and then d...

Page 286: ...turned Off If turned On enter the number of minutes in the Min field to indicate when the end user s access to passed library groups categories with quotas will be blocked If the end user spends this...

Page 287: ...Port s list box 3 Click Apply to apply your settings at the global level To remove a port number from the list box 1 Select the port number 2 Click Remove 3 Click Apply to apply your settings at the...

Page 288: ...URL instead of the block page 2 Click Apply to apply your settings Filter Options Filter Options displays when the Filter Options tab is clicked This tab is used for specifying which filter option s...

Page 289: ...ption enabled Google Bing com Yahoo YouTube Ask com and AOL s strict SafeSearch Filtering option will be used whenever end users perform a Google Bing com Yahoo YouTube Ask com or AOL Web search or Im...

Page 290: ...tegories NOTES Search engine keyword filtering relies on an exact keyword match For example if the word sex is set up to be blocked but sexes is not set up to be blocked a search will be allowed on se...

Page 291: ...character in a URL NOTE To set up URL keywords in a URL Keywords window see the following sections of this user guide for the specified library type M86 Supplied Categories see Chapter 3 Library scree...

Page 292: ...blocked at the minimum filtering level Fig 2 2 17 Override Account window NOTES A user can have only one override account If an over ride account was previously created for a user in a master IP group...

Page 293: ...e list box of the Current Accounts frame and to open the pop up window containing the Current Accounts name as well as tabs to be used for specifying the components of the override account profile 5 C...

Page 294: ...arn and or Block columns in the Rule Details frame with filter settings for each category group library category in the Category Groups tree TIP In the Category Groups tree double click the group enve...

Page 295: ...rn the end user that the URL he she requested can be accessed but may be against the organization s policies The end user can view the URL after seeing a warning message and agreeing to its terms Bloc...

Page 296: ...s window in Chapter 1 System screen for more information on configuring quota settings and resetting quotas for end users currently blocked by quotas The Overall Quota field becomes enabled if a quota...

Page 297: ...ecify the type of redirect URL to be used Default Block Page Authentication Request Form or Custom URL If Custom URL is selected enter the redirect URL in the corresponding text box The user will be r...

Page 298: ...Click the checkbox es corresponding to the option s to be applied to the override account filtering profile X Strikes Blocking With the X Strikes Blocking option enabled if the user attempts to acces...

Page 299: ...com or AOL images returned by the query to load on the page The user will receive only one strike if all inappropriate images load within the tolerance time range of a given strike Search Engine Keyw...

Page 300: ...d search will be extended after the character in a URL NOTE To set up URL keywords in a URL Keywords window see the following sections of this user guide for the specified library type M86 Supplied Ca...

Page 301: ...fy an override account 1 In the Current Accounts frame select the username from the list box 2 Click View Modify to open the pop up window 3 Click the tab in which to make modifications Rule Redi rect...

Page 302: ...nt Settings window Approved Content feature and VuSafe The Approved Content feature primarily used by the educa tion sector lets administrators specify which online videos posted to YouTube or SchoolT...

Page 303: ...Category Groups Bandwidth Streaming Media Flash Video Approved Content portal setup To create a portal for users to view approved YouTube and or SchoolTube videos you will need the following Online We...

Page 304: ...to the Passkey list box 1 Enter the eight to 20 character code comprised of at least one alpha character one numeric character and one special character TIP The passkey entry is case sensitive and mu...

Page 305: ...ltering profile other than the global default filtering profile The minimum filtering level is created by making selections from the list of library categories and service ports These settings can be...

Page 306: ...each of these selected categories will be opened or blocked at the minimum filtering level Fig 2 2 22 Minimum Filtering Level window Min Filtering Categories By default Child Pornography and Pornogra...

Page 307: ...tegory will pass to the end user Block URLs in this category will be blocked TIPS Multiple categories can be assigned the same filter setting by clicking each category while pressing the Ctrl key on y...

Page 308: ...ng Level window Port tab Create Edit a List of Service Ports All service ports are filtered by default To block a service port from being accessed at the minimum filtering level 1 Enter the port numbe...

Page 309: ...s tab is clicked This tab is used for specifying whether users in a master IP group will be allowed to bypass the minimum filtering level with an override account or an exception URL Fig 2 2 24 Minimu...

Page 310: ...L frame click the On checkbox Users will be able to bypass settings at the minimum filtering level if URLs blocked at the minimum filtering level are set up to be accessed by users 2 Click Save to app...

Page 311: ...he Group Name NOTES The name of the master IP group must be less than 20 characters cannot be IP or LDAP and cannot contain spaces The first character cannot be a digit The following characters cannot...

Page 312: ...ter one numeric character and one special character The password is case sensitive 4 Click OK to add the group to the tree NOTE Information on defining the group and its members and establishing their...

Page 313: ...l at the left of the screen Updates Library Lookup Customer Feed back Module Category Weight System NNTP Newsgroup Pattern Detection Whitelist and Category Groups NOTE If the synchronization feature i...

Page 314: ...brary categories for that group Click a library category topic to view a menu of sub topics for that library category item Library Details URLs URL Keywords and Search Engine Keywords To add a custom...

Page 315: ...Log Configuration window The Configuration window displays when Configuration is selected from the Updates menu This window is used for making settings to allow the Web Filter to receive M86 supplied...

Page 316: ...m displays as the host name of the Proxy Server Enter the host name for the proxy server in this field 3 By default userid displays in the Username field Enter the username for the FTP account 4 Enter...

Page 317: ...daily updates due to an occurrence such as a power outage Fig 2 3 3 Manual Update window NOTE The Configuration window should be used for scheduling the Web Filter to automatically download libraries...

Page 318: ...available Any software updates that are downloaded can be found in the System section of the console in the Local Soft ware Update window Using that window a software update can be selected and appli...

Page 319: ...al Languages 1 Make a selection from the Unselected Languages list box and click the right arrow to move that selection to the Selected Languages list box 2 Once the Selected Languages list box is pop...

Page 320: ...te Log is selected from the Updates menu This window is used for viewing transfer activity of library updates from the update server to your Web Filter and for downloading the activity log Fig 2 3 5 L...

Page 321: ...ndow on your worksta tion where you specify the filename for the file and where to save the file 3 Select the folder in which to save the file and then enter the File name retaining the zip file exten...

Page 322: ...GUIDE Fig 2 3 6 Folder containing downloaded file 2 Choose Open With and then select a zip file executable program such as WinZip Executable to launch that application Fig 2 3 7 WinZip Executable prog...

Page 323: ...5 Fig 2 3 8 WinZip window 4 Right click the zip file to open the pop up menu and choose View to open the View dialog box Fig 2 2 9 View dialog box 5 Select Internal ASCII text viewer and then click Vi...

Page 324: ...or print the contents of this file 1 Click Clipboard Copy wait for the dialog box to open and confirm that the text has been copied to the clip board and then click OK to close the dialog box 2 Open...

Page 325: ...ected from the Updates menu This window is used for viewing transfer activity of emergency software updates from the update server to your Web Filter and for downloading the activity log Fig 2 3 12 Em...

Page 326: ...ick OK in this box after the download is completed In the file download dialog box select the save option this action opens the window on your worksta tion where you specify the filename for the file...

Page 327: ...ther a URL or search engine keyword or keyword phrase exists in a library category and to remove it if necessary Fig 2 3 13 Library Lookup window URL Lookup Removal Perform a URL Check To see if a URL...

Page 328: ...E 4 7 47 41 4D 45 53 43 4F 4D query string e g http www youtube com watch v 3_Wfnj1llMU NOTES The pound sign character is not allowed in this entry The minimum number of wildcard levels that can be en...

Page 329: ...al Perform a Search Engine Keyword Check To see if a search engine keyword or keyword phrase has been included in any library category 1 In the Search Engine Keyword Lookup frame enter the Search Engi...

Page 330: ...ibrary Once all changes have been made to library windows click Reload Library to refresh NOTE Since reloading the library utilizes system resources that impact the performance of the Web Filter M86 r...

Page 331: ...collected by M86 will be reviewed and added to M86 s standard library cate gories as appropriate so they can be blocked Fig 2 3 14 Customer Feedback Module window WARNING This feature is enabled by de...

Page 332: ...Learning Feature field click Off to indicate that you wish to disable the Customer Feedback Module 2 Click Apply Enable Customer Feedback Module 1 At the Customer Feedback Module Auto Learning Featur...

Page 333: ...in the URLs collected by the Customer Feedback Module and sent to M86 Security At no time will any personal information collected be released publicly nor will the Web request data be used for any pur...

Page 334: ...to M86 Security once you click the Accept button 4 After reading this text if you agree with the terms click in the checkbox to activate the Accept button 5 Click Accept to close the Disclaimer box an...

Page 335: ...ht System window displays when Cate gory Weight System is selected from the navigation panel This feature lets you choose which category will be logged and reported for a URL request that exists in mu...

Page 336: ...categories the highest operational prece dence would be logged If a URL exists in a category that is Always Allowed as well as a category set to be Blocked for that user Always Allowed would be logged...

Page 337: ...eight Categories list box Once the Weight Categories list box is populated with categories you wish to include select a category and use the arrow keys to weight it against other categories TIP There...

Page 338: ...ews group is selected from the navigation panel This window is used for adding or removing a newsgroup from the libraries Fig 2 3 18 NNTP Newsgroup window Add a Newsgroup to the Library To add a newsg...

Page 339: ...1 In the Newsgroup frame enter the Newsgroup address 2 Click Remove After all changes have been made to library windows click Reload Library to refresh NOTE Since reloading the library utilizes syste...

Page 340: ...tern Detection Whitelist is selected from the navigation panel This window is used for creating a list of IP addresses always allowed to bypass pattern detection filtering Fig 2 3 19 Pattern Detection...

Page 341: ...rom the list select the IP address from the IPs list box and then click Remove Multiple IP addresses can be selected by clicking each IP address while simultaneously pressing down the Ctrl key on the...

Page 342: ...so contains the Custom Categories category group Customized category groups and library categories must be set up and maintained by global or group administrators Fig 2 3 20 Library screen Category Gr...

Page 343: ...ary Details URLs URL Keywords and Search Engine Keywords Menus for Instant Messaging library categories only include the sub topics Library Details and URLs Library Details window The Library Details...

Page 344: ...is used in a filtering profile for blocking a user s access to a specified site or service A URL can contain a domain name such as playboy in http www playboy com or an IP address such as 209 247 228...

Page 345: ...ory To view a list of all URLs that either have been added or deleted 1 Click the View tab 2 Make a selection from the pull down menu for Addition List Deletion List Wildcard Addition List or Wild car...

Page 346: ...ng types of URL formats also can be entered in this field IP address e g 209 247 228 221 in http 209 247 228 221 octal format e g http 0106 0125 0226 0322 hexadecimal short format e g http 0x465596d2...

Page 347: ...Click Add to display the associated wildcard URL s in the list box below 3 Select the wildcard URL s that you wish to add to the category 4 Click Apply Action NOTE Wildcard URL query results include a...

Page 348: ...ame as pertinent 3 Click Remove to display the associated URLs in the list box below 4 Select the URL s that you wish to remove from the cate gory 5 Click Apply Action Reload the Library After all cha...

Page 349: ...ature for URL keyword filtering is not enabled in a filtering profile URL keywords can be added in this window but URL keyword filtering will not be in effect for the user s See the Filter Options tab...

Page 350: ...he pull down menu for Addition List or Deletion List 2 Click View List to display the specified items in the Select List list box Add or Remove URL Keywords Add a URL Keyword to the Library Category T...

Page 351: ...ver by clicking the Append or Overwrite radio button Upload a List of URL Keyword Additions To upload a text file with URL keyword additions 1 Click Upload To Addition File to open the Upload Library...

Page 352: ...indow see Fig 2 3 25 2 Click Browse to open the Choose file window 3 Select the file to be uploaded 4 Click Upload File to upload this file to the server Reload the Library After all changes have been...

Page 353: ...ning keywords included in its list Fig 2 3 26 Search Engine Keywords window NOTES Master lists cannot be uploaded to any M86 supplied library category See the Custom Categories sub section of the WF G...

Page 354: ...up to be blocked a search will be allowed on sexes but not sex since a search engine keyword must exactly match a word set up to be blocked View a List of Search Engine Keywords To view a list of all...

Page 355: ...rd frame specify whether the contents of this file will add to the current file or overwrite the current file on the server by clicking the Append or Overwrite radio button Upload a List of Search Eng...

Page 356: ...ord pop up window see Fig 2 3 25 2 Click Browse to open the Choose file window Select the file to be uploaded 3 Click Upload File to upload this file to the server Reload the Library After all changes...

Page 357: ...guration to display the Report Configuration window used for transferring Web Filter log files to the SR Administration module on demand Click Real Time Probe to display windows for configuring and ma...

Page 358: ...window The Report Configuration window displays when Report Configuration is selected from the navigation panel This window is used for initiating an on demand log transfer to the SR Fig 2 4 2 Report...

Page 359: ...the navigation panel This feature lets the probe administrator monitor a user s Internet usage in real time to see if that user is using the Internet appropri ately Fig 2 4 3 Real Time Probe window C...

Page 360: ...me in Minutes the probe will search for URLs up to 1440 minutes 24 hours The default setting is 1000 minutes 4 Enter the Maximum Report Lifetime in Days to keep a saved report before deleting it The d...

Page 361: ...port Fig 2 4 4 Real Time Probe window Report Recipients tab Specify Email File Criteria 1 Click the radio button corresponding the to the Email Format to be used for the file Plain Text or HTML By def...

Page 362: ...clude the email address in the Current List of Completed Reports to be Emailed list box NOTE The maximum number of report recipients is 50 If more than 50 recipients need to be included M86 recommends...

Page 363: ...eate real time probes 2 Enter the user s password in the Password and Confirm Password fields using eight to 20 characters and at least one alpha character one numeric character and one special charac...

Page 364: ...me to the Current Un Accessible Users list box Delete a Logon Account To delete a user s account 1 Select the username from the Current Accessible Users list box 2 Click Delete WARNING By deleting a l...

Page 365: ...e Probe icon or Go to Real Time Probe Reports GUI either the Re login window or the Real Time Probe Reports pop up window opens Re login window The Re login window opens if the user s session needs to...

Page 366: ...ff member can click a link in an email alert or type in https x x x x 1443 RtProbe jsp in the address field of a browser window in which x x x x is the IP address of the Web Filter to only see probes...

Page 367: ...SER GUIDE 339 Fig 2 4 8 Real Time Probes introductory window This window must be left open during the entire session Create a Real Time Probe Click the Create tab to enter and specify criteria for the...

Page 368: ...ters to be included in the User Name s to be probed The entry in this field is case sensitive This selection generates a report with data for all usernames containing the consecutive characters you sp...

Page 369: ...s User Name or URL 4 If you wish to send the completed report to a specified email address enter the Email Address to Mail the Completed Report 5 Specify the Start Date Time by clicking the appropriat...

Page 370: ...ab The Start Date Time displays in the YYYY MM DD HH MM SS format Daily displays in the Recurrence column if the probe is scheduled to run on a daily basis The Status of the probe displays Completed I...

Page 371: ...ry PASSED for any uncategorized sites allowed to pass and Approved Content if the Approved Content feature is enabled and the record pertains to an approved video Filter Action set up in the profile P...

Page 372: ...dialog box in which you specify an email address to send the completed report see Email option Click Close to close the Real Time Information window Properties option Clicking Properties opens the Pr...

Page 373: ...box via the Stop button Clicking Delete opens the following dialog box asking if you want to delete the probe Fig 2 4 13 Probe Properties deletion box Click Yes to delete the probe and remove it from...

Page 374: ...ion panel This window is used for viewing and analyzing Internet usage data for a specified time period within the past 14 days The following data can be analyzed for the given time period number of U...

Page 375: ...ct either Recent Trend or one of the Daily Peaks dates 2 Click View to open a separate browser window containing the specified graph Recent Trend The Recent Trend graph includes the following informat...

Page 376: ...SECURITY USER GUIDE Daily Peaks The Daily Peaks graph includes the following information date and Number of Hits per Second at Peak Time for a given Time using the HH MM format Fig 2 4 17 Daily Peaks...

Page 377: ...Web Filter will use for sending logs to the SR Fig 2 4 18 Shadow Log Format window Specify the Shadow Log Format The window is comprised of the Log Format frame containing radio buttons corresponding...

Page 378: ...ys by default Inactive displays if the SR is not connected to the Web Filter Log Format Post 1 9 log format not applicable in this software release Post 2 0 log format not applicable in this software...

Page 379: ...d group members Chapter 2 includes information on creating and maintaining Custom Categories for libraries The group administrator performs the following tasks defines members of a master IP group add...

Page 380: ...ge Fig 3 1 1 Policy screen The navigation panel at the left of the screen contains the IP branch of the Policy tree NOTE If the synchronization feature is used a server set up in the Target mode to sy...

Page 381: ...N CHAPTER 1 POLICY SCREEN M86 SECURITY USER GUIDE 353 IP Refresh Refresh the Master IP Group Member Click Refresh whenever a change has been made to the master IP group or member level of the tree Fig...

Page 382: ...f sub topics Group Details Members Override Account Group Profile Exception URL Time Profile Approved Content incl VuSafe Upload Download IP Profile Add Sub Group Add Individual IP Delete Group and Pa...

Page 383: ...ck Apply to apply your settings Members window The Members window displays when Members is selected from the menu This window is used for adding and managing members of a master IP group For the invis...

Page 384: ...the Source IP fields If Source IP Start End was selected enter the Start and End of the IP address range 2 Click Add to include the IP address entry in the Current Members list box TIP Click Calculat...

Page 385: ...e minimum filtering level if the option to bypass the minimum filtering level is activated Fig 3 1 5 Override Account window NOTES Override accounts can be created for any authorized user In order for...

Page 386: ...entry again in the Confirm Password field 4 Click Add to include the username in the list box of the Current Accounts frame and to open the pop up window containing the Current Accounts name as well a...

Page 387: ...rn and or Block columns in the Rule Details frame with filter settings for each category group library category in the Category Groups tree TIP In the Category Groups tree double click the group enve...

Page 388: ...n the end user that the URL he she requested can be accessed but may be against the organization s policies The end user can view the URL after seeing a warning message and agreeing to its terms Block...

Page 389: ...s window in Chapter 1 System screen for more information on configuring quota settings and resetting quotas for end users currently blocked by quotas The Overall Quota field becomes enabled if a quota...

Page 390: ...he attempts to access a site or service set up to be blocked Fig 3 1 7 Override Account pop up window Redirect tab Specify the type of redirect URL to be used Default Block Page Authentication Request...

Page 391: ...trikes Blocking With the X Strikes Blocking option enabled if the user attempts to access inappropriate sites on the Internet he she will be locked out from his her workstation after a specified numbe...

Page 392: ...lter Control With the Search Engine Keyword Filter Control option enabled search engine keywords can be set up to be blocked When the user enters a keyword in the search engine if that keyword has bee...

Page 393: ...rname in the Name field 3 Enter the new Password 4 Make the same entry again in the Confirm Password field 5 Click View Modify to open the pop up window 6 Click Apply 7 Click Close to close the pop up...

Page 394: ...e Click the following tabs in this window Category Redirect URL and Filter Options Entries in these tabs comprise the profile string for the group NOTE The Group Profile window is similar to the Sub G...

Page 395: ...Content By default Uncategorized Sites are allowed to Pass NOTE By default the Available Filter Levels pull down menu also includes these five rule choices Rule1 BYPASS Rule2 BLOCK Porn Rule3 Block IM...

Page 396: ...he column Pass Allow Warn Block in the row corresponding to that category group library category to move the check mark to that column Pass URLs in this category will pass to the end user Allow URLs i...

Page 397: ...fined in the Quota Settings window to determine when the end user will be blocked from further access to URLs in that library group category TIP If a quota entry is made for a category group all libra...

Page 398: ...ss a site or service set up to be blocked at the group level Fig 3 1 10 Group Profile window Redirect URL tab Create Edit the Redirect URL 1 Specify the type of redirect URL to be used Default Block P...

Page 399: ...Filter Options 1 Click the checkbox es corresponding to the option s to be applied to the sub group filtering profile X Strikes Blocking Google Yahoo Youtube Ask AOL Safe Search Enforcement Search En...

Page 400: ...n M86 s library or is blocked by Google Bing com Yahoo YouTube Ask com or AOL If this option is used in conjunction with the X Strikes Blocking feature and a user is performing an inappropriate Google...

Page 401: ...ss line of a browser window if that keyword has been set up to be blocked the user will be denied access to that site or service URL keywords are entered in the URL Keywords window of custom library c...

Page 402: ...d Individual IP sections of the Policy tree Fig 3 1 12 Exception URL window NOTE Settings in this window work in conjunction with those made in the Override Account window and in the Minimum Filtering...

Page 403: ...180014290 escaped hexadecimal format e g http 57 57 57 41 44 44 49 43 54 49 4E 47 47 41 4D 45 53 43 4F 4D query string e g http www youtube com watch v 3_Wfnj1llMU NOTE The pound sign character is not...

Page 404: ...by the query Fig 3 1 13 Add ByPass URLs pop up window This window includes the pre populated Add checkbox preceding each URL in the table Uncheck any checkbox corresponding to a URL you do not want t...

Page 405: ...olumn messages and icons If conflicting URL entries are found by the query the following message displays at the top of the query results pop up window Mouseover table row for messages on conflicts an...

Page 406: ...ists the Ignore warnings and add URL checkbox displays to the left of the Add Selected button at the bottom of the pop up window Fig 3 1 14 Conflicting URLs found by query Clicking this checkbox activ...

Page 407: ...URL to maximize results to be returned by the URL query 2 Click Remove to open the Remove Block URLs Remove ByPass URLs pop up window to view all corre sponding URLs found by the query Fig 3 1 15 Rem...

Page 408: ...URLs Time Profile window The Time Profile window displays when Time Profile is selected from the group menu This window is used for setting up or modifying a filtering profile to be activated at a sp...

Page 409: ...Profile 2 Type in three to 20 alphanumeric characters the under score _ character can be used for the profile name 3 Click OK to close the pop up box and to open the Adding Time Profile pop up window...

Page 410: ...To choose another date click the arrow in the date drop down menu to open the calendar pop up box In this pop up box you can do the following Click the left or right arrow at the top of this box to n...

Page 411: ...l for the months this time profile will be used and next specify which day of the month If Day is chosen select from 1 31 If a non specific day is chosen make selections from the two pull down menus f...

Page 412: ...2 is entered and the First Monday of June are selected this profile will be used every two years on the first Monday in June For example if the current month and year are May 2010 the first Monday in...

Page 413: ...er Options and Excep tion tabs 8 Click Apply to activate the time profile for the IP group at the specified time 9 Click Close to close the Adding Time Profile pop up window and to return to the Time...

Page 414: ...e The Rule tab is used for creating the categories portion of the time profile Fig 3 1 19 Time Profile pop up window Rule tab NOTE See the Override Account window Category Profile sub section in this...

Page 415: ...ying the URL to be used for redirecting users who attempt to access a site or service set up to be blocked Fig 3 1 20 Time Profile pop up window Redirect URL tab NOTE See the Override Account window R...

Page 416: ...s tab is used for specifying which filter option s will be applied to the time profile Fig 3 1 21 Time Profile pop up window Filter Options tab NOTE See the Override Account window Filter Options sub...

Page 417: ...s that can be made for this component of the filtering profile Settings in this window work in conjunction with those made in the Override Account window and in the Minimum Filtering Level window main...

Page 418: ...ific YouTube or SchoolTube videos from a designated portal or from VuSafe If this feature is enabled for this profile pass keys for approved videos are entered in the Passkey list box Fig 3 1 23 Time...

Page 419: ...ndow 3 Make modifications in the default Recurrence tab and or click the tab in which to make modifications Rule Redi rect Filter Options Exception Approved Content 4 Make edits in this tab and in any...

Page 420: ...managed by someone within the organization or videos posted to VuSafe Fig 3 1 24 Approved Content Settings window NOTE See Approved Content Settings window from Chapter 2 of the WF Global Administrat...

Page 421: ...editor tool such as Notepad or TextPad MD5 checksum calculator tool NOTE See the M86 Approved Content Portal Setup document at http www m86security com software 8e6 docs ug misc wf ac 4 1 00 pdf for...

Page 422: ...ns based on whether the Approved Content feature should be disabled or enabled for this profile Disable approved content for this profile Choosing this option disables the Approved Content feature for...

Page 423: ...P Profile is selected from the group menu This window is used for uploading or downloading a text file containing filtering profiles of multiple users or sub groups Fig 3 1 25 IP Profile Management wi...

Page 424: ...amples of entries to include in a profile file go to http www m86security com software 8e6 hlp ifr files 2group_ipprofiles html Once the file is selected the path displays in File field WARNING Any ex...

Page 425: ...If profiles have been created and or uploaded to the server 1 Click Download Profile to open a browser window containing the profiles Fig 3 1 28 Download IP Profiles window The contents of this windo...

Page 426: ...point question mark ampersand asterisk quotation mark apostrophe grave accent mark tilde caret _ underscore pipe slash backslash double backslashes left parenthesis right paren thesis left brace right...

Page 427: ...lon exclamation point question mark ampersand asterisk quotation mark apostrophe grave accent mark tilde caret _ underscore pipe slash backslash double backslashes left parenthesis right paren thesis...

Page 428: ...ocess of creating sub groups if the sub group to be added has the same configuration settings as one that already exists A sub group can be pasted or copied to a group if the Copy Sub Group function w...

Page 429: ...L Time Profile Approved Content incl VuSafe Delete Sub Group and Copy Sub Group Sub Group IP Group window The Sub Group IP Group window displays when Sub Group Details is selected from the menu This w...

Page 430: ...previously defined the fields in the IP Address frame and the Apply button remain activated Fig 3 1 33 Sub Group IP Group window fields activated 1 In the IP Address frame click the appropriate radio...

Page 431: ...ecomes deactivated see Fig 3 1 32 Members window The Members window displays when Members is selected from the menu This window is used for modifying the sub group s Member IP address if using the inv...

Page 432: ...t and End of the IP address range TIP Click Calculator to open the IP Calculator and calculate IP ranges without any overlaps 2 Click Modify to apply your settings Sub Group Profile window The Sub Gro...

Page 433: ...URL window in the Master IP Group sub section of this chapter for information on entries that can be made in this window Time Profile window The Time Profile window displays when Time Profile is selec...

Page 434: ...anization or videos posted to VuSafe NOTES See the Approved Content Settings window in Chapter 2 of the WF Global Administrator Section of this user guide for information about the Approved Content fe...

Page 435: ...roup function is used for expediting the process of creating sub groups if the sub group to be added has the same configuration settings as one that already exists Copy an IP Sub Group To copy configu...

Page 436: ...Profile Exception URL Time Profile Approved Content incl VuSafe Delete Individual IP Member window The member window displays when Members is selected from the menu This window is used for modifying t...

Page 437: ...ofile window in this chapter for informa tion about entries that can be made for the following components of the filtering profile Category Profile Redirect URL Filter Options Exception URL window The...

Page 438: ...rtal managed by someone within the organization or videos posted to VuSafe NOTES See the Approved Content Settings window in Chapter 2 of the WF Global Administrator Section of this user guide for inf...

Page 439: ...up Library categories are used when creating or modifying filtering profiles Fig 3 2 1 Library screen A list of main topics displays in the navigation panel at the left of the screen Main topics in th...

Page 440: ...om the navigation panel This window is used for verifying whether or not a URL or search engine keyword or keyword phrase exists in a library category Fig 3 2 2 Library Lookup window NOTE This window...

Page 441: ...6d2 hexadecimal long format e g http 0x46 0x55 0x96 0xd2 decimal value format e g http 1180014290 escaped hexadecimal format e g http 57 57 57 41 44 44 49 43 54 49 4E 4 7 47 41 4D 45 53 43 4F 4D query...

Page 442: ...display results in the Result Category list box showing the long name of all categories that contain the search engine keyword phrase Custom Categories Custom Categories includes options for adding a...

Page 443: ...y the group administrator Add a Custom Library Category 1 Select Add Category to open the Create Category dialog box Fig 3 2 4 Create Category dialog box The Group Name field displays Custom Categorie...

Page 444: ...long name TIP If this is the first custom category you are adding you may need to double click Custom Categories to open the tree list NOTE The category must have URLs URL keywords and or search keywo...

Page 445: ...ywords and Delete Category Fig 3 2 5 Library screen custom library category menu NOTE Since custom categories are not created by M86 updates cannot be provided Maintaining the list of URLs and keyword...

Page 446: ...brary Details window View Edit Library Details The following display and cannot be edited Custom Cate gories Group Name and library category Short Name 1 The long Description name displays and can be...

Page 447: ...aster wildcard URL list A URL is used in a filtering profile for blocking a user s access to a specified site or service A URL can contain a domain name such as playboy in http www playboy com or an I...

Page 448: ...view a list of all URLs that either have been added or deleted from the master URL list or master wildcard URL list 1 Click the View tab 2 Make a selection from the pull down menu for Master List or...

Page 449: ...coors com or coors com The following types of URL formats also can be entered in this field IP address e g 209 247 228 221 in http 209 247 228 221 octal format e g http 0106 0125 0226 0322 hexadecimal...

Page 450: ...lick Add to display the associated wildcard URL s in the list box below 3 Select the wildcard URL s that you wish to add to the category 4 Click Apply Action NOTE Wildcard URL query results include al...

Page 451: ...me as pertinent 3 Click Remove to display the associated URLs in the list box below 4 Select the URL s that you wish to remove from the cate gory 5 Click Apply Action Upload a Master List to the Libra...

Page 452: ...Click Upload File to display the results of the library file content validation in the Library File Content IP Lookup Options pop up window Fig 3 2 10 Library File Content IP Lookup Options URLs conta...

Page 453: ...e file without IP Lookup If this option is selected an IP lookup for IP addresses that correspond to URLs in the uploaded file will not be performed b Click Upload to open the Upload Successful pop up...

Page 454: ...display the results of the library file content validation in the Library File Content IP Lookup Options pop up window Fig 3 2 12 Library File Content IP Lookup Options Wildcard URLs contained in the...

Page 455: ...ct the performance of the Web Filter M86 recommends clicking Reload Library only after modifications to all library windows have been made URL Keywords window The URL Keywords window displays when URL...

Page 456: ...s that are not even within blocked categories For example if all URL keywords containing sex are blocked users will not be able to access a non pornographic site such as http www essex com View a List...

Page 457: ...oose file window 3 Select the file to be uploaded 4 Click Upload File to upload this file to the server NOTE A URL keywords text file must contain one URL keyword per line WARNING The text file upload...

Page 458: ...e Keywords window NOTE If the feature for search engine keyword filtering is not enabled in a filtering profile search engine keywords can be added in this window but search engine keyword filtering w...

Page 459: ...word Addition Deletion List frame make a selection from the pull down menu for Master List 2 Click View List to display the specified items in the Select List list box Add or Remove Search Engine Keyw...

Page 460: ...ord phrase per line WARNING The text file uploaded to the server will overwrite the current file 4 Click Upload File to upload this file to the server Reload the Library After all changes have been ma...

Page 461: ...The username or group name 2 IP address or MAC address 3 Filtering profile criteria Rule number Rule0 Rule1 etc or rule criteria a Ports to Block or Filter b Categories to Block or Open c Filter Mode...

Page 462: ...Filter the defined port number s I Open all ports J Open the defined port number s M Set the defined port number s to trigger a warn message Q Block all ports R Block the defined port number s Port N...

Page 463: ...a profile string indicating that all other categories should pass PASSED When positioned at the end of a string of categories or after a category command code this code indicates that unidentified cat...

Page 464: ...uld be entered at the end of the profile string unless the quota option is used in which case the quota should be entered at the end of the profile string To disable all filter codes for an IP profile...

Page 465: ...ns in one of the redirect URL tabs Go to Policy IP Group Name Sub Group Name Sub Group Profile Redirect URL Go to Policy Global Group Global Group Profile Default Redirect URL 2 Set the redirect URL t...

Page 466: ...estination IP Exclude IP Without excluding this IP address the Web Filter may capture filter block the following redirect link http server for block_page port for block page blockpage URL blocked url...

Page 467: ...page and post the required hidden form data shown in the table below Name Description Value URL Blocked URL From the query string of the block page URL IP IP that accessed the blocked URL see URL CAT...

Page 468: ...d in the custom ized block page Examples include 1 HTML using Java Script to parse post form data 2 CGI written in Perl 3 CGI written in C See the Reference portion of this appendix for coding details...

Page 469: ...result i str indexOf start if i 0 len str length substr str substr i start length len start length j substr indexOf end if j 0 result substr substring 0 j else if j 0 len substr length result substr s...

Page 470: ...block action http Web Filter IP 81 cgi block cgi document block submit script head body form method post name block input type hidden name SITE value _BLOCK_SITE_ input type hidden name URL value inp...

Page 471: ...or Web Filter customized block page Replace the Web Filter IP with the real IP before using This script provide data to the options CGI through query string Revision 1 Date 03 08 2004 method ENV REQUE...

Page 472: ...ace the Web Filter IP with the real IP before using This script uses Java Script to post form data to options CGI Revision 1 Date 03 08 2004 method ENV REQUEST_METHOD if method post i string STDIN els...

Page 473: ...Web Filter Customized Block Page CGI written with Perl using Java Script to post form data br n print URL url br n print IP ip br n print CAT cat br n print USER user br n print br For further options...

Page 474: ...paramv char step 120 printf content type text html n n If using the GET method if strcmp char getenv REQUEST_METHOD GET 0 paramd char strdup char getenv QUERY_STRING getquery paramd paramv while para...

Page 475: ...index name CAT 0 strcpy szCategory entries index val else if strcmp entries index name USER 0 strcpy szUserName entries index val printhtml void printhtml printf html n printf head n printf script lan...

Page 476: ...br n szCategory printf USER s br n szUserName printf br For further options a href javascript do_options click here a br n printf form n printf body n printf html n functions to get the CGI parameter...

Page 477: ...x y 0 while line y line x return word void plustospace char str register int x for x 0 str x x if str x str x char fmakeword FILE f char stop int cl int wsize char word int ll wsize 102400 ll 0 word...

Page 478: ...nt to_upper char string int len int i char tmp NULL if string strlen string if tmp char strdup string return 0 len strlen string for i 0 i len i string i toupper tmp i free tmp return 1 void getquery...

Page 479: ...workstation will need to temporarily disable pop up blocking in order to authenticate him herself via the Options page Fig C 1 Options page This appendix provides instructions on how to use an over r...

Page 480: ...this action opens the override account pop up window Add Override Account to the White List If the override account window was previously blocked by the Yahoo Toolbar it can be moved from the black li...

Page 481: ...pop ups from source 3 Select the source from the Sources of Recently Blocked Pop Ups list box to activate the Allow button 4 Click Allow to move the selected source to the Always Allow Pop Ups From Th...

Page 482: ...y clicking the Override button this action opens the override account pop up window Add Override Account to the White List To add the override account window to the white list so that it will always b...

Page 483: ...oolbar lets you toggle between enabling pop up blocking popups blocked and disabling pop up blocking Popup protection off by clicking the pop up icon 1 In the IE browser go to the SearchSafe toolbar a...

Page 484: ...om the Firefox browser go to the toolbar and select Tools Options to open the Options dialog box 2 Click the Content tab at the top of this box to open the Content section Fig C 6 Mozilla Firefox Pop...

Page 485: ...7 Mozilla Firefox Pop up Window Exceptions 4 Enter the Address of the web site to let the override account window pass 5 Click Allow to add the URL to the list box section below 6 Click Close to clos...

Page 486: ...up blocking feature in the IE browser Use the Internet Options dialog box 1 From the IE browser go to the toolbar and select Tools Internet Options to open the Internet Options dialog box 2 Click the...

Page 487: ...s menu selec tion changes to Turn Off Pop up Blocker and activates the Pop up Blocker Settings menu item You can toggle between the On and Off settings to enable or disable pop up blocking Temporarily...

Page 488: ...oolbar and select Tools Pop up Blocker Pop up Blocker Settings to open the Pop up Blocker Settings dialog box Fig C 10 Pop up Blocker Settings 2 Enter the Address of Web site to allow and click Add to...

Page 489: ...locker Settings to open the Pop up Blocker Settings dialog box see Fig C 10 2 In the Notifications and Filter Level frame click the checkbox for Show Information Bar when a pop up is blocked 3 Click C...

Page 490: ...is action opens the Allow pop ups from this site dialog box Fig C 13 Allow pop ups dialog box 5 Click Yes to add the override account to your white list and to close the dialog box NOTE To view your w...

Page 491: ...nfigured to use the mobile mode and Mobile Client software installed on end users workstations Mobile Client ensures Internet activity of all end users located outside the organization will be tracked...

Page 492: ...blocking software if installed must be disabled JavaScript enabled Java Virtual Machine Java Plug in use the version specified for the Web Filter software version System requirements for the end user...

Page 493: ...activity the Mobile Client application is used on the remote PC for filtering the end user s Internet activity When these two components are installed the following scenario occurs on the network 1 T...

Page 494: ...ronment and the Web Filter is configured to use the High HTTPS Filtering Level Macintosh end users will be blocked from accessing any HTTPS URL See the Filter window in the WF Global Administrator Sec...

Page 495: ...obile mode 2 In the Client Resynchronization Time field specify the interval of minutes for the Web Filter to resynchronize the profile on the end user s workstation with the profile set up for him he...

Page 496: ...ad contains catego ries with Warn or Quota settings the Global Group Profile will be assigned instead 3 Click Apply to apply your settings Add MAC Addresses to the Master IP Group In the mobile mode t...

Page 497: ...sub group Fig D 3 Members window sub group with MAC addresses The Modify Sub Group Member frame is comprised of the IP Address and MAC Address frames 1 In the MAC Address frame Source MAC addresses pr...

Page 498: ...arrow key pointing to that list box Blocks of MAC addresses can be moved to a list box by clicking the first MAC address and then pressing the Shift key on your keyboard while clicking the last MAC ad...

Page 499: ...ed in this window Add a MAC Address to an Individual Member When using the mobile mode the Individual IP s Member window is used for selecting the member s MAC address for inclusion in the sub group F...

Page 500: ...the end user has both an IP address and a MAC address each profile should be entered on a separate line in the file For example if end user tlind has the IP address 150 100 30 2 and MAC address 00 04...

Page 501: ...or his her MAC address This window also is used for troubleshooting synchronization on target Web Filters to verify whether settings for user profiles match the ones synced over from the source Web Fi...

Page 502: ...ows and 8e6clientInstaller mpkg tar for Macintosh OS X NOTE The unconfigured 8e6clientInstaller mpkg tar package in this kit contains Mobile Client software for Macintosh OS X and should be used in a...

Page 503: ...WARNING If a prior version of the Mobile Client is installed on your workstation i e software version 1 x or 2 x you must unin stall that software before installing software version 3 0 See Mobile Cl...

Page 504: ...t to proceed with the option you selected for installing the application If you chose the Custom option you will need to specify where or how the main execut able and support files will be installed o...

Page 505: ...SER GUIDE 477 Fig D 11 Installation process ready to begin 6 Click Install to begin the installation process The following page displays when the installation process is complete Fig D 12 Installation...

Page 506: ...obile Client Deployment Tool for instructions on using these windows The Mobile Client Deployment Tool window is accessible via Start All Programs M86 Security Mobile Client Deployment Kit Package Edi...

Page 507: ...indow go to File New Package to open the Choose Product Version dialog box Fig D 14 Choose Product Version dialog box 2 Select the Mobile Client software version from the avail able choices and then c...

Page 508: ...e configuration are saved When deploying the Mobile Client to end user workstations the installer uses this revision number to determine whether a newer configuration is already installed on the works...

Page 509: ...Add Remove Mobile Filter Host s dialog box Fig D 16 Add Remove Mobile Filter Host s 2 In the IP or Host Name field enter the public IP address or hostname of your mobile filter host server 3 By defaul...

Page 510: ...x Fig D 17 Add Remove Internal Filter Host s 2 In the IP or Host Name field enter the public IP address or hostname of your internal filter host server 3 By default 81 displays in the Port field and s...

Page 511: ...nd Password fields b Enter the proxy server Username c Enter the proxy server Password twice Optional Block all URLs if Mobile Server cannot be found The Block all URLs if Mobile Server cannot be foun...

Page 512: ...ates could impact the performance of the server For more information about using a host server for the Mobile Client Updater see MCU file preparations Choose a deployment host for updates 1 In the Aut...

Page 513: ...network Both Windows and Macintosh OS X share a single set of Applications Options Settings This is not a problem as long as you qualify the application s sufficiently to avoid any chance of ambiguity...

Page 514: ...ou wish to add any options you must first type in Mode 0 on the first line For example Mode 0 option 1 option 2 Step 2 Identify the name and path of the application Determine the name and path of the...

Page 515: ...r iexplore exe xt 0 xl 0 Here s an example of the entire set of entries to enable verbose logging for all applications block Firefox for Windows and grant unfiltered access to Myapp exe Mode0 logall c...

Page 516: ...your users NOTE Contact M86 Technical Support for advanced information about Applications Options Settings To encrypt or decrypt commands to be included in the Appli cation Options Settings frame of...

Page 517: ...om the File menu for saving the package configuration Save Saves the current package Save as Launches the Save Package window in which you specify the Package Name click OK and then Yes in a dialog bo...

Page 518: ...WEB FILTER APPENDICES SECTION APPENDIX D 490 M86 SECURITY USER GUIDE Fig D 20 Mobile Client Package Contents page...

Page 519: ...workstations Mac OS X Client Installer Direct or Remote Desktop Setup links for accessing the following components 8e6clientInstaller mpkg tar download the compressed Mobile Client application install...

Page 520: ...s if filter is not found true or false and Update URL if using the Mobile Client Updater and a Web server was specified AppOptions Application Options Settings entries if any were made and saved When...

Page 521: ...ia about the package The Mobile Client Windows and Macintosh version numbers and MCU version numbers also display TIP Click Explore Packages to open the Mobile Client Deploy ment Kit s Packages folder...

Page 522: ...kage Configuration window for default settings This window is similiar in appearance to the Package Configuration window used for adding a new package or editing an existing package except the Package...

Page 523: ...files in Configure a New Package Set for information about these Save options View Package Configuration contents 1 From the Mobile Client Deployment Tool select File Explore Packages to open the Pac...

Page 524: ...nd user workstations Step 1 Install MCU on end user workstations 1 Access the appropriate MCU installer 8e6winmcu msi for Windows and 8e6osxmcu pkg tar for Macintosh OS X and copy it to respective use...

Page 525: ...t clients know where to get current updates Thereafter any newer packages should be uploaded to the new server The MIME types map may need to be modified in order to support custom file extensions for...

Page 526: ...random statistical distribution Nevertheless it is conceivable that if you have 4 000 client workstations they might all attempt to download the update within the first hour after it is posted althoug...

Page 527: ...a Web server If you are using your own Web server as an update host extract the tgz file into the host directory associated with the Update URL Base field entry made in the Package Configu ration wind...

Page 528: ...The default location is http mobile_server_address 81 mobile_client_updates To verify that your update files have been posted go to the file latest manifest mcxml in this directory Clients read this...

Page 529: ...ent msi 2 Create a new Group Policy Object GPO a in the GPMC select Group Policy Management Forest Domains domain name Group Policy Objects b Right click and choose New then create a name for the poli...

Page 530: ...ut not servers There are two types of filters Security filters and WMI filters To create a Security filter a Select the new policy link Note the Security Filtering section in the Scope panel to the ri...

Page 531: ...icies by running gpup date exe NOTE By default Windows periodically refreshes the group policy automatically Using gpupdate allows you to force an immediate refresh for test purposes this is not somet...

Page 532: ...has been installed a dialog box opens asking if you wish to complete the installation process now or later Fig D 26 Finish installation process 2 To complete the installation process now save any app...

Page 533: ...kstation the Mobile Client will be uninstalled from end users machines NOTE The Remover does not require configuration prior to distri bution You will probably want to change the name of the policy e...

Page 534: ...g box 3 Copy the eight digit number displayed in the Machine ID field In this example 20686190 4 Access the Mobile Client Deployment Tool window and go to Tools Create uninstall key to open the Create...

Page 535: ...ess the M86 Mobile Client Uninstall dialog box again and enter the generated password key in the Key field In this example f0d34d Fig D 30 Uninstall the Mobile Client 7 Click OK to begin the uninstall...

Page 536: ...when creating a rule or when setting up a filtering profile or the minimum filtering level If an item is given a block setting users will be denied access to it custom category A unique library categ...

Page 537: ...ween workstations either locally or across the Internet Using this feature of the Web Filter groups and or individual client machines can be set up to block the use of IM services specified in the lib...

Page 538: ...s applied in conjunction with a user s filtering profile If a user does not belong to a group or the user s group does not have a filtering profile the default global filtering profile is used and the...

Page 539: ...g A setting assigned to a service port or library category when creating a rule or when setting up a filtering profile or the minimum filtering level If an item is given an open pass setting users wil...

Page 540: ...will be filtered and how they will be filtered The user profile in the Radius accounting server holds the filter definition for the user Real Time Probe On the Web Filter this tool is used for monitor...

Page 541: ...group with an associ ated member IP address and filtering profile synchronization A process by which two or more machines run in parallel to each other User filtering profiles and library configuratio...

Page 542: ...LAN segment warn setting A setting assigned to a library category or uncategorized URLs when creating a rule or when setting up a filtering profile This designation indicates URLs in the library cate...

Page 543: ...s to designated sections in the Report Manager and System Configuration console as applicable Administrators consult Report Manager dashboards for a high level picture of real time network Internet tr...

Page 544: ...w to access and use the SR and this user guide and provides information on how to contact M86 Security technical support SR System Configuration Section This section pertains to information on configu...

Page 545: ...pendix A of this section explains how to use the SR in the evaluation mode and how to switch to the registered mode Appendix B provides details on setting up and using the System Tray feature for real...

Page 546: ...ndow or panel that can be clicked with your mouse to execute a command checkbox a small square in a dialog box window or panel used for indi cating whether or not you wish to select an option This obj...

Page 547: ...checkboxes accordions tables tabs and or tables Objects within a frame belong to a specific function or group A frame often is labeled to indicate its function or purpose icon a small image in a dial...

Page 548: ...s from which you make a selection radio button a small circular object in a dialog box window or screen used for selecting an option This object allows you to toggle between two choices By clicking a...

Page 549: ...A tab can display anywhere in a panel usually above a box or list box table an area in a window or screen that contains items previously entered or selected text box an area in a dialog box window or...

Page 550: ...l by launching an Internet browser window supported by the Security Reporter and then entering SR s URL in the Address field see Enter Report Manager s URL in the Address field Access SR Report Manage...

Page 551: ...network connection appended by SR For example if your IP address is 210 10 131 34 type in https 210 10 131 34 8443 SR Using a host name example if the host name is logo com type in https logo com 8443...

Page 552: ...2 Security Reporter Login window TIP In any box or window in the application press the Tab key on your keyboard to move to the next field To return to a previous field press Shift Tab 2 In the Passwo...

Page 553: ...reporting data is inacces sible and will not display in the dashboard until the server is configured logs are transferred to the SR and the database is built the latter process could take about 24 ho...

Page 554: ...eed to log into the application again after an eight hour period of inactivity or in the event that the SR server was restarted If your session in the application is timed out when you click a button...

Page 555: ...Fig 1 1 5 Update Password window 1 Beneath your username displayed in the SR Login field enter your Old Password 2 In the Password and Confirm Password fields enter eight to 20 characters for the new...

Page 556: ...his request and display the original login window 2 Enter your Username and then click Submit to open an alert pop up box informing you that An email has been sent with instructions to reset your pass...

Page 557: ...Fig 1 1 7 Reset Your Password window 5 Enter a password comprised of eight to 20 characters using at least one alpha one numeric and one symbol character In the New Password and Confirm Pass word fie...

Page 558: ...r converting the application to registered mode Links in the Report Manager Navigation Toolbar The navigation toolbar at the top of the Report Manager screen consists of the following links and menu t...

Page 559: ...pop up window Logout Click this link to log out of the SR see Log Out for details on log out procedures Navigation Tips and Conventions The following tips and list of conventions will help you navi g...

Page 560: ...task Ctrl Key To select multiple items from a list box click each item while pressing the Ctrl key on your keyboard Shift Key To select a block of consecutive items from a list box click the first it...

Page 561: ...oolbar at the top of the System Configura tion screen consists of the following menu topics and selec tions for configuring and using the SR Network Select a menu item to access its corre sponding pag...

Page 562: ...tab to close the window tab Exiting the SR application will log you out of the user inter face but will not log you out of the SR server nor turn off the server WARNING If you need to turn off the WF...

Page 563: ...ng and maintaining the SR The global administrator performs the following tasks provides a suitable environment for the SR including a high speed access to authorized client workstations adds new admi...

Page 564: ...Administration System Configuration Fig 2 1 1 Server Status screen The System Configuration user interface launches in a separate window tab using port 8843 and displays the Server Status screen showi...

Page 565: ...configuring the SR and maintaining the Report Manager TIP When making a complete configuration in the System Configuration administrator console M86 Security recommends you navigate from left to right...

Page 566: ...erver box is functioning in the live mode or in the archive mode When the box mode displays on the screen you can view the current mode set for the server and can change this setting if necessary Fig...

Page 567: ...les placed on the server can be viewed using the Report Manager Change the Box Mode 1 Click the Change Mode button to display the two server box mode options on the screen Fig 2 2 2 Change Box Mode 2...

Page 568: ...plays when the Lockouts option is selected from the Network menu This screen is used for unlocking accounts or IP addresses of administrators currently locked out of the SR user interface Fig 2 2 3 Lo...

Page 569: ...y at the bottom of the frame Unlock Accounts IP addresses To unlock an account IP address in a frame 1 Click the checkbox corresponding to the username IP address TIP To unlock all accounts IPs in a f...

Page 570: ...s are Backup Self Monitoring Server Status Secure Access Shut Down and Report Manager Backup screen The Backup screen displays when the Backup option is selected from the Server menu This screen is us...

Page 571: ...aw logs and SR database files are available for restoration without relying on the SR s hard drives In general recovery plans involve i restoring the most recent backup of the database and ii restorin...

Page 572: ...The entry in this field is alphanumeric and case sensitive 2 In the Confirm Password field re enter the password in the exact format used in the Password field 3 Click the Apply button to save your e...

Page 573: ...rame to specify that you wish to back up live data to the SR s internal backup drive 2 On the Confirm Backup Restore screen click the Yes button to back up the database tables and indexes WARNING M86...

Page 574: ...ata that is restored to the SR will automatically include indexes Perform these steps on the remote server 1 Load the gz file backup data on your remote server 2 Log in to your FTP account 3 FTP the b...

Page 575: ...omated notifications if prob lems occur with the network Possible alerts include situa tions in which a daemon stops running software fails to run corrupted files are detected or a power outage occurs...

Page 576: ...evious field Entries in the three remaining fields are optional 4 If e mail addresses were entered in any of the four optional e mail address fields click in the Choice one Choice four checkboxes corr...

Page 577: ...Status screen displays when the Server Status option is selected from the Server menu This screen which automatically refreshes itself every 10 seconds displays the statuses of processes currently run...

Page 578: ...the top of the screen along with the date that software version was implemented Status information displays in the following sections of this screen CPU Utilization includes CPU process data and info...

Page 579: ...t representatives to perform maintenance on your server if your system is behind a firewall that denies access to your server Fig 2 2 7 Secure Access screen Activate a Port to Access the SR 1 After th...

Page 580: ...er select the active port number from the list box by clicking on it 2 Click the Stop button to terminate the port connection This action removes the port number from the list box Terminate All Port C...

Page 581: ...shut down the SR s software Fig 2 2 9 Shut Down screen SR Action Selections Restart the SR s Software The Restart Software option should be selected if daemons fail to run and or the database needs t...

Page 582: ...ick the Apply button to display the warning screen 3 To proceed with your selection click the RESTART or SHUTDOWN button on the warning screen To change your selection select the Shutdown from the Ser...

Page 583: ...is screen is used for enabling specified features on the reporting side of the application Fig 2 2 10 Report Manager screen Restart the Report Manager 1 In the Restart Report Manager frame click Resta...

Page 584: ...Manager Scheduler frame click the appropriate radio button to specify whether or not to automatically run scheduled reports ON Choose this option to let the Report Manager automatically run scheduled...

Page 585: ...s Expiration Optional Features and User Group Import User Name Identification screen The User Name Identification screen displays when the IP ID option is selected from the Database menu This screen i...

Page 586: ...M86 SECURITY USER GUIDE Fig 2 2 11 User Name Identification screen with IP ID activated As the administrator of the SR you have the option to either enable or disable this feature for logging users a...

Page 587: ...r SWG Failure in executing this setup will cause inconsis tencies when users logging times are reported especially if IP ID is activated If multiple Web access logging devices are used be sure to iden...

Page 588: ...are enabled these user names will overwrite those that are being imported from the shadow log 2 Click OK to close the alert box and to activate the IP ID and Static IP assignment checkboxes 3 in the...

Page 589: ...screen is used for establishing the value amount of time that will be used when tracking the length of a user s stay at a given Web site and the number of times the user accesses that site Fig 2 2 12...

Page 590: ...ite the user s activity will be tracked as one visit to that Web site Each time the user exceeds the value entered at the Elapse Time field the user will be tracked as having visited the site an addit...

Page 591: ...ays when the Page Defini tion option is selected from the Database menu This screen is used for specifying the types of pages to be included in the detail report for Page searches Fig 2 2 13 Page Defi...

Page 592: ...remove a page type from the detail report 1 Select the page extension from the Current page types list box 2 Click Remove 3 Click Apply Add a Page Type To add a page type in the detail report 1 Enter...

Page 593: ...hen the Tools option is selected from the Database menu This screen is used for viewing reports and logs to help you troubleshoot problems with the Report Manager application Fig 2 2 14 Tools screen T...

Page 594: ...shows a list of current SQL queries in the database in the full format that includes all columns of data Tables This report contains a list of the names of tables currently in the database Daily Summ...

Page 595: ...ontains information pertaining to the formation of the hits_objects hits_pages tables db Staticip This log provides information about settings on the server for the static IP assignment option db Supp...

Page 596: ...e pop up window to close the window Generate Technical Support Report Package When troubleshooting the SR unit with M86 Security Tech nical Support a diagnostic report can be generated and submitted t...

Page 597: ...ration screen NOTES Though the database is backed up automatically each week under certain circumstances you may need to perform a manual backup to the internal backup drive and then save this data of...

Page 598: ...ding the week with the highest end user hit activity and assuming this may be the trend for future end user activity then determines whether it will have enough storage space for the current week and...

Page 599: ...ays is current as of the most recent database expiration check Date scope for total data The first line in this field displays the range of weeks of data stored on the server represented in the YYYY M...

Page 600: ...n Mode for information about viewing the Expiration screen in the evaluation mode Optional Features screen The Optional Features screen displays when Optional Features is selected from the Database me...

Page 601: ...SR SYSTEM CONFIGURATION SECTION CHAPTER 2 CONFIGURING THE SERVER M86 SECURITY USER GUIDE 573 Fig 2 2 16 Optional Features screen...

Page 602: ...ary Report can be generated by the administrator 1 Click the radio button corresponding to ON to make the Top 20 Users by Blocked Requests report selection avail able in an administrator s Summary Rep...

Page 603: ...sage Report selection available in an adminis trator s Custom Reports menu 2 Click Apply to apply your setting NOTE Since Time Usage reports are processed each night any changes made to settings today...

Page 604: ...manually unlocked via System Configuration Network Lockouts Locked out Accounts and IPs see Locked out Accounts and IPs screen in this chapter 1 Enable any of the following options At the Password Ex...

Page 605: ...button corresponding to either of the following options ON Choose this option to lock out the user by IP address if the incorrect password is entered for the number of times specified in the Allowable...

Page 606: ...and or Lockout by IP Address option s enabled enter the number of minutes that defines the interval in which a user can enter an incorrect password as specified in the Allowable Number of Failed Passw...

Page 607: ...mport screen displays when the User Group Import option is selected from the Database menu This screen is used for specifying the Web Filter s to send LDAP user group membership information to this SR...

Page 608: ...corresponding to Import from this Web Filter NOTE If additional Web Filter servers need to be specified click More Web Filters to display the next four sets of entry fields 3 After specifying all Web...

Page 609: ...L server must be installed on the network and connected to the Web access logging device s The Report Manager s Administration menu consists of the following options described in these chapters Chapte...

Page 610: ...ECTION INTRODUCTION 582 M86 SECURITY USER GUIDE Chapter 3 Report Configuration This chapter explains how to create and manage Custom Category Groups used for monitoring end user Internet activity and...

Page 611: ...r groups whose Internet activity will be monitored by group administrators A group administrator should set up user groups once he she is given an account by the global administrator with permissions...

Page 612: ...by an administrator LDAP displays for an LDAP user group used by the Web Filter or SWG and SWG displays for an SWG user group NOTES A global administrator will see all user groups and a group administ...

Page 613: ...rom the Web Filter or SWG using IP group authentication or the following LDAP server types Active Directory Novell eDirectory Sun One Open Directory For the Web Filter Active Directory Mixed Mode and...

Page 614: ...cannot be rebuilt on demand View a list of members in a user group To view a list of members that belong to an existing user group 1 Select the user group from the User Groups sub panel by clicking it...

Page 615: ...p Single Users accordion view a list of User Names and IP Addresses for individual users previously selected from the Available Users list for that user group Exclusions accordion view a list of User...

Page 616: ...panel At the top of this panel are the Patterns IP Ranges Single Users Exclude checkboxes Group Name field and Save and Cancel buttons Greyed out sub panels corresponding to the checkboxes display be...

Page 617: ...w the list of users to be included in the new group A pattern consists of a wildcard or a wildcard plus one or more alphanumeric characters NOTE Since user group data is stored by domain username the...

Page 618: ...g 3 1 4 Add user group Patterns Preview Pattern Users The Patterns box displays the pattern you added to the Assigned Patterns list box The Resolved Users box includes a list of each user resolved by...

Page 619: ...g IP range Beneath those fields is a section in which you can Calculate an IP Range by entering a single IP Address and Subnet Mask At the bottom portion of this sub panel is the Assigned Ranges list...

Page 620: ...below If necessary edits can be made to these fields To add an IP address range without selecting from the Parent Ranges sub panel a Enter the Starting IP address b Enter the Ending IP address To cal...

Page 621: ...Fig 3 1 6 Add user group IP range added Remove an IP address range To remove an IP address range from the Assigned Ranges list box 1 Click the row to highlight and select it this action acti vates th...

Page 622: ...ers from the base user group For each record in the list the User Name or IP address displays The list box below includes the target Assigned Add Delete and Exclude tabs The Add tab displays by defaul...

Page 623: ...Enter filter terms to narrow the selection of Available Users For example Type in 150 to only display results matching an IP address that begins with 150 2 Click Apply to display filtered results in...

Page 624: ...596 M86 SECURITY USER GUIDE Remove users from the Add tab To remove users from this user group 1 Select the user s from the Add tab this action activates the Remove button Fig 3 1 8 Add user group re...

Page 625: ...anel with settings made in it that sub panel is activated Any sub panel without settings made in it displays greyed out 3 Make any of these edits To make entries in a sub panel that is not yet activat...

Page 626: ...User Group NOTES A user group can only be deleted by the administrator who added it A base group cannot be deleted After deleting a user group the Rebuild function should be executed To delete a user...

Page 627: ...sions were granted by the administrator who set up his her account as detailed in this chapter In the navigation toolbar hover over the Administration menu link and select Admin Groups to open the Adm...

Page 628: ...istinguish the name from other names such as those set up for user groups 3 In the Group Privileges section click the appropriate checkbox es to specify the type of access the adminis trator group wil...

Page 629: ...have reached their established upper thresholds Web Filter This privilege gives the administrator access to the Web Filter via a link in the Administration menu Summary Reports This privilege lets the...

Page 630: ...ttings In the Administrator Groups sub panel click the name of the administrator group to highlight the group name activate all buttons and to populate the Group Privileges sub panel with previously s...

Page 631: ...to clear all selections in the Group Privileges sub panel Delete an Administrator Group 1 In the Group Names list box click the name of the admin istrator group to highlight the group name activate al...

Page 632: ...w If logged in as the global administrator or as a group admin istrator with privileges to create other administrator profiles at the left side of this panel the Admin list box in the Admin istrators...

Page 633: ...rator s account information and modifying or deleting a group administrator profile as necessary If logged in as a group administrator without privileges to create other administrator profiles only th...

Page 634: ...g entries or selections as appropriate Fig 3 1 14 New administrator information entered but not yet saved Optional Type in the group administrator s Full Name Select the Administrator Group previously...

Page 635: ...user name and domain type in the alphanumeric group administrator s LDAP Username exactly as set up on the Active Directory domain in which he she is registered Optional If an entry was made in the L...

Page 636: ...by the group administrator In the Available User Groups list box click the user group s to highlight your selection s and to activate the Add Group button Click Add Group to include the user group s i...

Page 637: ...1 15 Admin selection NOTE Administrator accounts with permissions to create other user profiles display at minimum the Email address Graph Colors selection Username Language selection LDAP Username U...

Page 638: ...guage selection and Username Format selection The following information can be added modified or deleted Full Name Comments Location information and LDAP Username or Domain name the latter two fields...

Page 639: ...elete a user profile he she created NOTE The global administrator account established during the wizard hardware installation process can be modified but cannot be deleted 1 In the Admin list box sele...

Page 640: ...istrator uses the HTTPS Configuration panel to generate a Secured Sockets Layer SSL self signed certificate or a trusted SSL certificate for adminis trator workstations so that the WFR will be recogni...

Page 641: ...rey out the tab or make entries in these fields a Common Name Full DNS Name Hostname of the server such as logo com b Organization Name Name of your organization such as Logo c Organizational Unit Nam...

Page 642: ...the Trusted tab you create a Certificate Signing Request for the WFR s digital identity certificate download save or delete a CSR and upload a trusted SSL certificate Step A Create a CSR WARNING Gener...

Page 643: ...il address 3 Click Create CSR to generate the Certificate Signing Request and to restart the Report Manager NOTE Once the CSR has been created the Create CSR button displays greyed out and the Browse...

Page 644: ...to Notepad in the following order a SSL certificate b Intermediate certificate s this step is not required if you have a Single Root SSL Certificate c Root certificate 3 Save the contents of the Notep...

Page 645: ...3 HTTPS Configuration panel Trusted tab Download the SSL Certificate To download the WFR s third party SSL certificate to your workstation go to the Download Delete Certificate tab and click Download...

Page 646: ...f there are any discrepancies synchronization can be forced between the two servers see Device Registry panel in this chapter NOTE The User Profiles panel is available to a group adminis trator only i...

Page 647: ...ld to the right If Username was selected enter a username If IP Address was selected enter an IP address 3 Click Search to display a record that matches your criteria TIPS After performing a search if...

Page 648: ...ative activity performed on the SR In the navigation toolbar hover over the Administration menu link and select Activity View to display the Activity View panel Fig 3 2 5 Activity View panel The Activ...

Page 649: ...pes performed on SR within the past 30 days 2 In the Date Range field click the calendar icon on the left to open the larger calendar for the current month with today s date highlighted TIP To view th...

Page 650: ...ername field in the login window Activity Target administrator group name or group administrator name if applicable and Timestamp using the YYYY MM DD HH MM SS format The information that displays in...

Page 651: ...SR REPORT MANAGER ADMINISTRATION SECTION CHAPTER 2 DATABASE MANAGEMENT M86 SECURITY USER GUIDE 623 alert name for Add Edit Delete Alert gauge name for Add Edit Delete URL Bandwidth Gauge...

Page 652: ...er to from the registry This function is available to a group administrator only if permissions were granted by the administrator who set up his her account as detailed in Admin Groups panel in Chapte...

Page 653: ...y display in the user interface Refresh Settings Click this button to synchronize Web Filter library Categories and or User Groups New Web Filter Click this button to add a Web Filter to the device re...

Page 654: ...nformation about backing up data Device s listed in registry Change s made to registry Result SWG Remove SWG All data for Time Usage Reports Sum mary Reports Summary Drill Down Reports and Detail Dril...

Page 655: ...Filter pop up window Fig 3 2 8 New Web Filter pop up window 2 Type in the server Name 3 Type in the IP address of the server 4 If this Web Filter will be the source server click the Source Web Filter...

Page 656: ...urce Web Filter click in the checkbox to place a check mark here TIP Click Cancel to close this pop up window 3 Click Save to save your edits and to close the pop up window Delete a Web Filter from th...

Page 657: ...criteria Go to the SR server icon in the Device Registry panel and click Edit to open the Security Reporter pop up window Fig 3 2 10 Security Reporter pop up window The following displays at the left...

Page 658: ...from the list box this action activates the Remove button b Click Remove to remove the IP address range TIP Click Cancel to close the pop up window without saving your entries 2 After making all modi...

Page 659: ...e Registry panel and click View to open the Patch Server pop up window The following information displays Name of server Device Type Patch Server IP address Username if applicable Password if applicab...

Page 660: ...se this pop up window Refresh Settings If using a Web Filter a forced synchronization should be performed on the SR unit if any of the source Web Filter s related devices listed in the device registry...

Page 661: ...y and thus may create an impact on the SR s performance 3 Click Synchronize to close the pop up window and to begin the synchronization process SWG Policy Server Device Maintenance Add the first Polic...

Page 662: ...ain in the Confirm Password field TIP Click Cancel to close this pop up window 4 Click Save to save and process your information and to return to the Device Registry panel where an icon repre senting...

Page 663: ...device you added now displays Edit Policy Server criteria change password 1 Go to the SWG server icon in the Device Registry panel and click Edit to open the Edit SWG Policy Server pop up window Fig...

Page 664: ...erver entered in this device registry The password must be comprised of eight to 20 characters and include at least one alpha numeric and special character b Enter the same password again in the Confi...

Page 665: ...this device NOTE Click No to close the dialog box 2 Click Yes to delete the SWG device from the registry and to remove the SWG server icon from the Device Registry panel LDAP Server Device Management...

Page 666: ...ry Member Specify membership attributes if necessary Address LDAP server IP address User Enter the authorized user s full LDAP Distin guished Name For example enter the entire string in a format such...

Page 667: ...roup importation process was successful click OK to close the pop up box TIP If the importation process failed make edits in the LDAP server pop up window and run the import process again View edit LD...

Page 668: ...e pop up window Delete an LDAP Server from the device registry 1 Go to the LDAP server icon in the Device Registry panel and click Delete to open the CONFIRM dialog box with a message asking if you wa...

Page 669: ...dministrator uses the Database Process List panel to view a list of processes currently running on the SR or to halt a process that is currently running In the navigation toolbar hover over the Admini...

Page 670: ...port connected to the database the state of the last Command issued by the user Query or Sleep the amount of Time in seconds the process has remained in its current state and SQL statement for a proce...

Page 671: ...ion toolbar hover over the Administration menu link and select Server Information to display the Server Information panel Fig 3 2 20 Server Information panel The panel is comprised of six sections Mod...

Page 672: ...storage as determined by the SR when making its routine 30 minute check of available storage space the oldest week of data from Sunday through Saturday is dropped from the database Evaluation mode is...

Page 673: ...n pertaining to the last time the Report Manager was restarted Day of the week and month name abbreviation day year YYYY and military time HH MM SS NOTE This information is useful for troubleshooting...

Page 674: ...n the larger calendar for the current month with today s date highlighted TIP To view the calendar for the previous month click the left arrow To view the calendar for the next month click the right a...

Page 675: ...selected Hits By Day days within the date range are plotted on the graph grouped into equal time intervals The summary shows the Number of Hits in purple and Number of IPs in blue for a specified Day...

Page 676: ...Per Week chart Hits Per Month If you selected Hits By Month each month within the date range is plotted on the graph The summary shows the general Number of Hits in purple and Number of IPs that gener...

Page 677: ...rt Click the print icon to open the Print dialog box and proceed with standard print procedures Save the chart Click the save icon to open the Save a Copy dialog box and proceed with standard save pro...

Page 678: ...weeks from this week that data on the SR will expire NOTE If using the SR in evaluation mode the text IF REGIS TERED is included in the label to indicate the number of weeks of data that would be sto...

Page 679: ...nt software update level of the application In the navigation toolbar hover over the Administration menu link and select Reset to Factory Defaults to display the Reset to Factory Defaults panel Fig 3...

Page 680: ...e installation process 2 Enter the above characters displayed beneath the Admin password security characters 3 Click Reset to Factory Defaults to reset the SR applica tion and to display the WFR s End...

Page 681: ...UIDE 653 Wizard panel 1 In the Wizard Login window type in the Username created during the wizard hardware installation process 2 Type in the Password created for the Username during the wizard hardwa...

Page 682: ...upon saving your entries in this panel TIP The Language setting field is also available in the Admin Profiles panel accessible to each administrator and sub adminis trator See Admin Profiles panel in...

Page 683: ...must be configured in the device registry in order to use the SR on your network as described in the Device Registry panel sub section of this chapter 1 In the Secure Web Gateway Setup section type i...

Page 684: ...REPORT MANAGER ADMINISTRATION SECTION CHAPTER 2 DATABASE MANAGEMENT 656 M86 SECURITY USER GUIDE Save Entries Click Save to save your entries and to go to the SR login window Fig 3 2 28 SR Login windo...

Page 685: ...scribed in this chapter Default Report Settings and Custom Category Groups Default Report Settings panel The global administrator uses the Default Report Settings panel for specifying various settings...

Page 686: ...d message This warning message indicates that the number of records exceeds the number specified in this field The default is 10000 records 4 By default the Hide Unidentified IPs checkbox is de select...

Page 687: ...licy servers Force combination This selection indicates that dupli cate name entries from log feeds of all SWGs collec tively will be combined under one record entry in the generated report Do not com...

Page 688: ...ts if you wish to run reports only using certain filter categories or ports In the navigation toolbar hover over the Administration menu link and select Custom Category Groups to display the Custom Ca...

Page 689: ...he selection s to the Assigned Categories list box Bandwidth In the Port Number field type in a specific value in the pre populated field and or use the up down arrow buttons to increment decrement th...

Page 690: ...he Custom Category Group name edit the Category Group Name in the Custom Category Group Detail sub panel To update the assigned selections in the list box select the item to select it and then click R...

Page 691: ...Dash board canned Summary Reports and Sample Reports that provide a high level overview of end user Internet and network activity Chapter 2 Drill Down Reports This chapter provides instructions on usi...

Page 692: ...l overview of how end users are currently using the Internet and network resources Dashboard The Dashboard provides statistics and bar charts depicting the top end user requests in various productivit...

Page 693: ...requested Security group library categories and a bar chart depicting the number of end user requests Top Blocked Users by Requests Top five end users with blocked library category requests and a bar...

Page 694: ...access the Reports Summary Reports menu selection By default yesterday s report view showing the Top 20 Users by Blocked Requests displays in the panel Fig 4 1 2 Yesterday s Top 20 Users by Blocked Re...

Page 695: ...s report is avail able if the Block Request Count feature is enabled in the Optional Features screen in the System Configuration administrator console Top 20 Users by Virus Hit Count for SWG Bar chart...

Page 696: ...d Keywords Bar chart report depicting the total top blocked keyword requests This report is only available if the Block Searched Keywords Report feature is enabled in the Optional Features screen in t...

Page 697: ...Use any the following tools to modify the report view Date Scope Click one of these tabs at the top of the panel to display data for another period Yesterday default Last Week Last Month Week to Yest...

Page 698: ...n the PDF format Clicking the PDF button opens a separate browser window containing the Summary Report in the pdf format Fig 4 1 4 Sample Summary Report in the PDF format The header of the generated r...

Page 699: ...thers Combined label The body of the pages following the first page of the bar or pie chart report includes the following information Top 20 Users by Blocked Requests report User NAME and correspondin...

Page 700: ...ion sort criteria From To date and time range MM D YYYY HH MM SS AM PM format and time zone for the reporting period and location The body of the report includes a row containing column labels followe...

Page 701: ...cludes the report title followed by a graphical chart image Bar chart Name of category username username path URL or site IP address user group name or blocked user request and corresponding bar graph...

Page 702: ...UIDE Sample Reports Sample Reports are productivity reports in the PDF format that contain today s data for a specified reporting topic These types of reports are accessible by navigating to Reports S...

Page 703: ...Top end users who accessed library categories Top 20 Categories by User Category Top library cate gories each end user accessed Top 20 Sites by User Site Top sites each end user accessed By User Categ...

Page 704: ...luding the sort order and Page Count descending The body of the report contains rows of records and is comprised of one or more sections For each record end user statistics display in columns such as...

Page 705: ...edures Save the report Navigate to File Save a Copy to open the Save a Copy dialog box and proceed with standard save procedures 2 Click the X in the upper right corner of the PDF file window to close...

Page 706: ...y IPs Includes Internet activity by user IP address Users Includes Internet activity by username Sites Includes activity on Web sites users accessed Category Groups Includes activity by Category Group...

Page 707: ...ge displays After the report has finished being generated if no records are available an alert box opens with a message informing you that no records were returned 2 Once the generated summary drill d...

Page 708: ...g information displays beneath this row of tabs report type Display criteria Date Filter criteria and Sort by criteria Beneath this row a bar chart depicts the first six records for the current report...

Page 709: ...erate another summary drill down report view by clicking that tab Categories IPs Users Sites Category Groups or User Groups Summary Drill Down Report Settings menu Hover over Report Settings to displa...

Page 710: ...after the column containing the record name Clicking a specific link in a record s Count column gives more in depth analysis on a given record displayed in the current view Clicking a link in the Page...

Page 711: ...ys the total number of pages visited A user may visit only one site but visit 20 pages on that site If a user visits a page with pop up ads these items would add to the page count If a page has banner...

Page 712: ...eport See the Optional Features sub section of the System Configuration Section for information about Log Import Settings frame options Time column In a summary drill down report view the Time column...

Page 713: ...Summary Drill Down Record exportation In a summary drill down report view all records are selected for exportation by default Clicking Export All opens the Export pop up window in which you specify cr...

Page 714: ...ill down report view the top portion of the detail drill down report view includes tabs for all produc tivity Report Types followed by a row of criteria about the report view contents By default the f...

Page 715: ...menu of reporting options Run Save see Report View Navigation and Usage Page Object Detail columns By default all Page Object Detail column s display Any of these columns can be hidden from view by cl...

Page 716: ...ter action was unclassified at the time the log file was created Content Type Displays the method used by the Web Filter in creating the record Search KW Search Engine Keyword URL KW URL Keyword URL W...

Page 717: ...ick that column s header Date Category User IP User name Site Filter Action Content Type Content criteria Search String or URL Click the same column header again to sort records for that column in the...

Page 718: ...selected for exportation by default Clicking Export All opens the Export pop up window in which you specify criteria for the report to be generated and distributed see Export a Productivity Report Ot...

Page 719: ...then be exported saved and or scheduled to run at a specified time Navigation Tips Report view breadcrumb trail links When generating a report view and modifying that report view to create another rep...

Page 720: ...be found in Detail Report View Tools and Tips Report Settings menu options Hover over the Report Settings object at the bottom left of the panel to open its menu containing the following selec tions...

Page 721: ...ummary drill down reports if specifying a Sort By the first column summary results must be limited to the top count for another designated column Fig 4 2 5 Summary drill down Run Report pop up box Sel...

Page 722: ...cked will display Fig 4 2 7 Detail drill down Run Report pop up box NOTE After all modifications are made click Run to generate the new report view and to close the pop up box Save report option The S...

Page 723: ...Save Report pop up window Clicking Back closes the pop up window The Advanced Options tab lets you specify additional criteria for the report For a summary drill down report Advanced Options include G...

Page 724: ...modifications are made click one of the save option buttons Save and Schedule to open the Schedule Report pop up window where a schedule can be set up for running the report Fig 4 2 11 Save Report Sc...

Page 725: ...cify the maximum number of records to be included in a detail drill down report view instead of the default number entered in Default Report Settings Fig 4 2 12 Limit Detail Result pop up box NOTE Aft...

Page 726: ...p By and output Format For summary drill down reports if specifying a drill down Group By selection indicate the records to be exported and the Count column to be used for sorting these records Fig 4...

Page 727: ...eport to the email recipient or click Download to launch a separate browser window or tab containing the generated report in the specified format See Export a Productivity Report in this chapter for i...

Page 728: ...owing report types Categories This option performs a query on filter cate gories accessed by end users IPs This option performs a query on Internet activity by end user IP address Users This option pe...

Page 729: ...te This option generates the report view for the range of days that includes the first day of the current month through today Monthly Selecting this option activates the from and to date fields where...

Page 730: ...for all days within the past month For detail reports the following fields are additionally avail able Part of Today This option generates the report view for today within a specified time range Make...

Page 731: ...Configuration from the Report Manager Administration Section for information about the Default Top N Value Filter and Filter String fields The filter fields are used for narrowing results that displa...

Page 732: ...tion Content Type Content Search String URL Limit Detail Result fields Limit Detail Result fields are used for specifying the maximum number of records to be included in the detail report view Select...

Page 733: ...lay for the current report view when exported Choose from the available report selections at the Group By pull down menu Based on the current report view displayed the selections in this menu might in...

Page 734: ...ummary drill down reports and are deactivated by default Number of Records field The Number of Records field is used for specifying the number of records that will display for the selected sort option...

Page 735: ...The Output Type field is used for specifying how the gener ated report will be sent to the recipient s At the Output Type field choose either Email As Attach ment or Email As Link Hide Unidentified I...

Page 736: ...ertinent to the report to be sent to the designated addressee s Specify the following in the Email or For Email output only fields To Enter the email address of each intended report recipient separati...

Page 737: ...hat displays the username Site information Click this checkbox to exclude the column that displays the IP addresses or URLs of sites Filter Action information Click this checkbox to exclude the column...

Page 738: ...rmation Click this checkbox to exclude the column that displays the full search string the end user typed into a search engine text box This column displays pertinent information only if the Search En...

Page 739: ...ress of each intended report recipient separating each address by a comma and a space Subject field optional Type in a brief description about the report Cc field optional Type in the email address of...

Page 740: ...English will display a single row of text for each record Reports generated in all other formats PDF Rich Text Format HTML will display any lengthy string of text wrapped around below View and Print...

Page 741: ...around within the column so all text is captured without displaying truncated Comma Delimited Text and Excel report columns may display with truncated text but an entire column can be viewed by mani...

Page 742: ...f the Category Groups detail report in the MS DOS Text format saved with a txt file extension Fig 4 2 15 Category Groups detail report MS DOS Text file format PDF This is a sample of the Category Grou...

Page 743: ...TER 2 DRILL DOWN REPORTS M86 SECURITY USER GUIDE 715 Rich Text Format This is a sample of the Category Groups detail report in the Rich Text file Format saved with a rtf file extension Fig 4 2 17 Cate...

Page 744: ...detail report in the HTML format saved with a html file extension Fig 4 2 18 Category Groups detail report HTML file format Comma Delimited Text This is a sample of the Category Groups detail report i...

Page 745: ...ups detail report Excel English file format NOTES The Excel English option supports up to 65 000 rows of exported data If exporting more than 65 000 rows of data M86 Security recommends using another...

Page 746: ...this chapter Report Wizard Saved Reports and Report Schedule Report Wizard Report Wizard lets you generate a customized drill down report querying the database for hits pages or objects viewed by end...

Page 747: ...nt and Time This report provides a synopsis of specified end user Internet activity by hit count and time for a designated period Detail Report This report provides information about end user Web page...

Page 748: ...il by Object Includes viewed object results 2 Specify at least one of the following filters in the accordions at right to narrow your search described in Step C Step C Specify Filters This step is opt...

Page 749: ...ge displays at the bottom of this panel NOTE This report is very processor and time intensive and may take several minutes to complete The report must now be saved and run at a later time By Site If s...

Page 750: ...pe to be included in the results NOTE For detail reports if more than one username or if any keyword is entered in this panel the following Date Scope choices are the only choices available Yesterday...

Page 751: ...Generate the Report Indicate the next step in the wizard by selecting one of two choices that specify when the report will be generated Run Click this button to generate and view the drill down report...

Page 752: ...e Report panel Fig 4 3 5 Report Wizard s Save Report panel Basic Options tab This panel is similar in design to the Save Report pop up window that displays when saving a drill down report see Chapter...

Page 753: ...m available output format selec tions in the pull down menu NOTE Any selected filter options display to the right 5 Click the Advanced Options tab for additional options Group By Available selections...

Page 754: ...ies and to go to the Schedule Report panel where you set up a schedule for running the drill down report Fig 4 3 6 Report Wizard s Schedule Report panel a Enter a Name for the event b Select the Repor...

Page 755: ...n to the Report Wizard panel without scheduling a time for running the report Save and Email Click this button to save your entries and to email the generated report to the designated recipient s Afte...

Page 756: ...a report In the navigation toolbar hover over the Reports menu link and select Saved Reports to display the Saved Reports panel that displays any drill down reports or security reports you saved Fig 4...

Page 757: ...n security reports Edit a Report Edit a Drill Down Report 1 To edit a drill down report click Edit to display the Save Report panel where you edit report settings for a saved report Fig 4 3 9 Save Rep...

Page 758: ...you edit report settings for a saved report Fig 4 3 10 Save Report edit Security Report TIP The Copy Ctrl C and Paste Ctrl V functions can be used in the fields in this panel 2 After making your selec...

Page 759: ...Report The copy feature is a great time saver letting you use settings from a saved drill down report 1 In the Saved Reports panel select the report from the list 2 Click Duplicate to display the pan...

Page 760: ...f X in which X represents the report name of the report being copied Edit this text if you wish to modify this report name 3 After making your selections and entries in the panel Click Save Only in th...

Page 761: ...t the report from the list 2 Click Delete to open the Confirmation dialog box with a message asking if you wish to delete the report and noti fying you that in doing so any associated event schedule w...

Page 762: ...Schedule panel reports scheduled to be run display as rows of records The following information is included for each record Name assigned to the scheduled report Interval when the report is scheduled...

Page 763: ...button sub section in Chapter 2 Drill Down Reports To save security reports see the Security Reports Section Save a Security Report in Chapter 1 and Chapter 2 Security Report Wizard To enable or disab...

Page 764: ...report from the Report to Run list go to the Saved Reports panel and delete that report from the list Edit a Scheduled Report Run Event 1 To edit criteria for a report scheduled to run do the followin...

Page 765: ...Fig 4 3 15 Add an event to the schedule 2 Enter a Name for the report run event you are sched uling 3 Select the Report to Run from the list 4 Select the frequency When to Run from the pull down menu...

Page 766: ...saving your edits 6 Click Save to add the scheduled event to the list of reports to run Delete a Scheduled Report Run Event 1 In the Report Schedule panel select the report record from the list and cl...

Page 767: ...ernet Usage Summary option is used for specifying email addresses of users authorized to receive daily weekly and or monthly bar and line chart productivity reports showing activity in library categor...

Page 768: ...Details sub panel Fig 4 4 2 Executive Internet Usage Summary report details The following information displays and can be viewed and edited Report Name Email Subject criteria Deliver report in email...

Page 769: ...to be used in the email To create a custom subject line for the email select the radio button to the left of the blank field below and make an entry in the text box for the subject line to be used in...

Page 770: ...ion in the report In the Category Groups accordion select the category group s from the Available M86 Category Groups and Custom Category Groups and then click Add Cate gory Group to move the selectio...

Page 771: ...he Executive internet Usage Summary report receives an email containing a link to the report and a pdf attachment of the report if specified if the size of the pdf file is within the limits Links are...

Page 772: ...et Usage Summary monthly report page 1 The second page includes a pie chart depicting Total Web Requests for M86 Category Groups Each category group in the chart is represented by a pie slice and show...

Page 773: ...ird page includes a bar chart depicting Top Web Requests By Categories In Group X in which X repre sents the name of the category group The top 15 affected library categories in the group are named in...

Page 774: ...shown to the left of the chart and the days M D YY are shown beneath the chart Fig 4 4 5 Executive Internet Usage Summary monthly report page 3 For Daily reports the bottom half of the third page inc...

Page 775: ...ly reports the fourth page includes the Top 10 Users In Category Group X chart Fig 4 4 6 Executive Internet Usage Summary monthly report page 4 The balance of the report is comprised of statistics for...

Page 776: ...rts option does not display if the Block Request Count feature is disabled in the System Config uration administrator console Refer to the Optional Features screen sub section of the System Configurat...

Page 777: ...h the wildcard in the Specific User sub panel and then click Preview Users to display results in the list box below Select the user and then make a selection from the Date Scope field to display the d...

Page 778: ...r group with existing usernames or IP addresses was added data for that user group will not be available for viewing on the current day Data for the following viewing options are avail able according...

Page 779: ...e body of the report rows of records display beneath the following column headers end user NAME IP address if the report criteria is other than Top 20 Users by Blocked Requests and Blocked Count quant...

Page 780: ...minute of Web time as one minute Using this algorithm an end user could never have more than 24 hours of Web time within a given 24 hour period NOTE The Time Usage Reports option does not display if...

Page 781: ...the wildcard in the Specific User sub panel and then click Preview Users to display results in the list box below Select the user and then make a selection from the Date Scope field to display the dat...

Page 782: ...r group with existing usernames or IP addresses was added data for that user group will not be available for viewing on the current day Data for the following viewing options are avail able according...

Page 783: ...t includes the end user NAME TIME USAGE time totals in days hours and minutes and any other relative criteria such as username path or IP address The Total Records displays at the end of each section...

Page 784: ...c com 12 01 00 www m86security com 12 02 04 www whitepages com 12 05 58 www yellowpages com 12 05 58 www yellowpages com 714 jsp 12 05 59 www yellowpages com phone_number gif 12 07 03 www google com 1...

Page 785: ...to read a gauge and how to perform shortcuts using gauges Chapter 2 Custom Gauge Setup Usage This chapter explains how gauges are configured and monitored Chapter 3 Alerts Lockout Management This chap...

Page 786: ...gauges Either gauge type is referred to as a gauge group if it is comprised of a group of library categories or protocol s port numbers URL gauges A URL gauge is comprised of library categories and m...

Page 787: ...numbers and monitors a targeted user group s inbound outbound network traffic generated for specified protocols port numbers With the URL gauges Dashboard displayed click the Band width tab located be...

Page 788: ...The top portion of the gauge is comprised of three colored sections one in which the gauge s dial is posi tioned green safe section yellow warning section or red network threat section This position...

Page 789: ...sitioned in the green section of the gauge indicating there is no immediate threat for the library categories in this gauge group If the threat level for a gauge is high exceeding 66 percent of the ce...

Page 790: ...port used under the following conditions when running a second Web server on the same machine the other is using port 80 as a Web proxy and caching server or when running a Web server as a non root u...

Page 791: ...1214 TCP UDP port for Kazaa Morpheous Grokster etc 4662 TCP UDP port for eMule eDonkey etc 4665 TCP UDP port for eDonkey 2000 6346 TCP UDP port for Gnutella file sharing Frost Wire LimeWire BearShare...

Page 792: ...nu topic displays the panel that lets you edit the gauge s components This is a shortcut to use instead of going to the Add Edit Gauges panel selecting the gauge and then clicking Edit Gauge See Modif...

Page 793: ...rd Settings selecting the gauge from the list and then clicking the Disable Gauge icon See Hide Disable Delete Rear range Gauges in Chapter 2 Delete Gauge Right clicking a gauge and then selecting thi...

Page 794: ...uges menu link and select Add Edit Gauges to open the Add Edit Gauges panel Fig 5 2 1 Add Edit Gauges panel By default a sub panel containing the URL Gauges and Bandwidth Gauges tabs displays to the l...

Page 795: ...of Gauge Names FTP HTTP IM P2P SMTP For each Gauge Name in this list the following infor mation displays Group Threshold 20 MB Timespan minutes 15 by default NOTE Up to five bandwidth gauges can be us...

Page 796: ...and accordions for Gauge Components and User Membership to the right When adding a new gauge do the following Name the gauge and specify group threshold limits timespan values and the method s to be...

Page 797: ...down arrow buttons to increment decrement the current byte value by one Make a selection from the pull down menu if you need to change the byte unit kB MB GB 3 Use the slider tool to specify the Times...

Page 798: ...Class or library categories ports the end user should not access For bandwidth gauges to modify criteria in the Port Number field type a specific value in the pre populated field and or use the up dow...

Page 799: ...n s back to the Available Cate gories Groups list Assign user groups To assign user groups to be monitored by the gauge 1 Click the User Membership accordion to open it and to display a list of Availa...

Page 800: ...box TIP To remove a user group from the Assigned User Groups list box click the user group to highlight it and then click Remove to move the group back to the Available User Groups list Save gauge se...

Page 801: ...es tab 2 Select the gauge from the list to activate all buttons below and populate the Gauge Components sub panel to the right Fig 5 2 6 Select the gauge to be edited 3 Click Edit Gauge to display the...

Page 802: ...by clicking the Edit Gauge icon at the bottom left of the gauge 4 Edit any of the following criteria as necessary Gauge Information Gauge Name Group Threshold Timespan in minutes Gauge Method see Spe...

Page 803: ...dashboard by right clicking the gauge to display its menu and then choosing the appropriate topic See Gauge Usage Shortcuts in Chapter 1 NOTE If the global administrator hides or disables a gauge thi...

Page 804: ...display in the dashboard This gauge most likely has not been deleted because it will be used on a later occasion NOTE Statistics for gauges that are hidden or disabled will not be included in trend re...

Page 805: ...or Bandwidth Gauges tab 2 In the State column click the icon in the third column Disable Gauge to change the gauge s status to disabled Show a gauge To re display a gauge in the dashboard again 1 Sele...

Page 806: ...to the desired position in the dashboard Delete a gauge To delete a gauge 1 Select the gauge in the URL Gauges or Bandwidth Gauges tab 2 In the Actions column click the X icon in the far right column...

Page 807: ...y the highest to lowest end user score Gauge Ranking Use this option for a snapshot of a specific gauge s end user activity ranked in order by the highest to lowest end user score Either option lets y...

Page 808: ...the Bandwidth tab this score includes the end user s byte total for Inbound Outbound protocols ports 2 To drill down and view additional information about an end user s activity click the User Name i...

Page 809: ...r s Total score for all gauges he she affected End users are ranked in descending order by their Total score 2 Perform one of two drill down actions from here Access the User Summary panel by clicking...

Page 810: ...accordions The Group Membership accordion is expanded by default and displays a list of groups in which the end user belongs Gauge Readings sub panel to the right that includes the URL Gauges and Band...

Page 811: ...Gauge Name with a score to activate the Category View button 2 Click Category View to display the Category View User panel which includes criteria that is based on the type of gauges to be viewed URL...

Page 812: ...IDE Fig 5 2 12 Category View User panel for URL Gauges tab selection For each URL included in the list the Timestamp displays using military time in the YYYY MM DD HH MM SS format 2 Click a URL from t...

Page 813: ...h gauges the Category View User panel contains the Categories sub panel showing the Ports column and corresponding Inbound Outbound bandwidth usage by the end user for that port and the combined Total...

Page 814: ...Unlimited is selected the end user remains locked out of the specified areas on the Internet network until the admin istrator unlocks his her workstation To unlock the end user go to the Gauges Locko...

Page 815: ...ories Groups box displays Do the following If using the URL tab choose the library category catego ries from the list Up to 15 categories or one category group class can be added If using the Bandwidt...

Page 816: ...ers when they are locked out based on the severity of the lockout low medium or high and the gauge type URL or bandwidth Low severity URL medium URL bandwidth lockout In a low or medium severity URL l...

Page 817: ...TE Please refer to the Global Administrator Section of the M86 Web Filter User Guide or M86 IR Web Filter User Guide for information about fields in the block page and how to use them High severity UR...

Page 818: ...e If the end user was locked out of Internet network for an indefinite time period as a result of his her Internet activity the admin istrator can determine when to unlock that end user s work station...

Page 819: ...Gauge Names Shopping Security Illegal Bandwidth Adult Content For each Gauge Name in this list the following infor mation displays Group Threshold 200 Timespan minutes 15 by default Click Bandwidth Ga...

Page 820: ...lays to the left and the greyed out target panel displays to the right containing the Email Addresses and Low Lockout Components accordions 3 In the Alert Information sub panel type in the Alert Name...

Page 821: ...f he she reaches the threshold limit set up in a gauge alert NOTE The System Tray alert feature is only available for an administrator with an Active Directory LDAP account user name and domain and is...

Page 822: ...lert Name alert with a threshold of X in which X represents the alert threshold on the gauge name gauge Beneath this information the date and time YYYY MM DD HH MM SS and clickable URL display for eac...

Page 823: ...Number field and or use the up down arrow buttons to increment decrement the current value by one Click Add for URL gauges or Add Port for band width gauges to move the selection s to the Assigned Ca...

Page 824: ...ns click Save to save your settings View Modify Delete an Alert 1 In the Alerts panel select the URL Gauges or Bandwidth Gauges tab 2 Select the gauge for which an alert will be viewed and or modified...

Page 825: ...stem Tray Lockout Yes No If a Lockout was set up for the alert the following infor mation displays below Lockout Severity Low Medium High Duration minutes To the right of this window the Email Address...

Page 826: ...anel with alerts for that gauge and to activate all buttons beneath the sub panel 3 Click Edit Alert to open the edit Alert panel Fig 5 3 5 Edit an alert 4 The following items can be edited Alert Name...

Page 827: ...ab 2 Select the gauge from the list to populate the Alerts sub panel with alerts for that gauge and to activate all buttons beneath the sub panel 3 Click Delete Alert to open the Confirm dialog box wi...

Page 828: ...to display its contents Fig 5 3 6 Alert Logs panel The alert log contains a list of alert records for the most recent 24 hour time period Each record displays in a separate row For each row in the lis...

Page 829: ...t Alert Action criteria Yes No Email System Tray Lockout Yes No If a Lockout was set up for the alert the following infor mation displays below Lockout Severity Low Medium High Duration minutes To the...

Page 830: ...hover over the Gauges menu link and select Lockouts to open the Lockouts panel 2 Select the URL Gauges or Bandwidth Gauges tab to display its contents Fig 5 3 8 View Lockouts The lockout list contain...

Page 831: ...the larger calendar for the current month with today s date highlighted TIP To view the calendar for the previous month click the left arrow at the top left of the box To view the calendar for the ne...

Page 832: ...Unlock to unlock the end user s and to remove the record s from the list NOTE By unlocking an end user s workstation all records in this list pertaining to that end user are removed from the list Acc...

Page 833: ...d charts help you configure gauges and alerts so you can focus on current traffic areas most affecting the network If more information is required in your analysis the Web Filter application Report Ma...

Page 834: ...Line chart showing details for a pie chart View activity for an individual gauge To view activity for any individual URL or bandwidth gauge 1 If the gauges dashboard does not currently display choose...

Page 835: ...fault each slice of the pie represents the percentage of end user hits in a library category during the last hour the total for all categories in that gauge equaling 100 percent For a Bandwidth gauge...

Page 836: ...d chart that displays in the middle of this panel includes the following information For URL gauges By default each slice of the pie represents that URL gauge s percentage of end user scores during th...

Page 837: ...different time period To view a pie chart showing activity for a different time period of gauge activity click the appropriate tab above the pie chart diagram 1 Hour This selection displays the gauge...

Page 838: ...in a pie chart Once a pie chart displays in the panel its pieces can be analyzed by hovering over that slice of the pie chart The following information displays for that pie slice gauge component name...

Page 839: ...gauge component and the checkbox populated for the selected library category protocol port NOTE See View gauge activity for a different time period for a definition of MINUTES or HOURS included in the...

Page 840: ...pie chart click Back to Pie in the upper right portion of the panel To print this trend chart if using an IE browser see Print a trend chart from an IE browser window View In Outbound bandwidth gauge...

Page 841: ...tities by performing a custom search to identify which users URLs and port are being accessed Perform a Custom Search In the navigation toolbar hover over the Reports menu link and select Real time Ca...

Page 842: ...a category group or protocol that includes as many of categories ports as possible To identify activities for a specific class group Select that class or group For bandwidth gauges to query activitie...

Page 843: ...ecord in the table the following information displays For a URL search User user name IP address Category name and the end user s total Score for that record For a bandwidth search User user name IP a...

Page 844: ...View Details button 2 Click View Details to display a list of URLs and corre sponding Timestamp using the YYYY MM DD HH MM SS format for each URL in the library category accessed by the end user withi...

Page 845: ...ffic Analysis and Rule Transactions Chapter 2 Security Report Wizard This chapter explains how to use the Report Wizard to create your own customized security reports NOTES If the SR is connected to a...

Page 846: ...ach instance in which an end user breached a security policy Traffic Analysis This report shows activity for end user access of objects utilizing an excessive amount of network bandwidth Rule Transact...

Page 847: ...ords for the current report type NOTE Hovering over a bar in the chart displays the name of the record along with the total hit count or bandwidth used in that record The Rule Transactions report also...

Page 848: ...view cannot be re run saved or scheduled to run at a designated time Clicking a link in the Hit Count or Bandwidth column gener ates a detail report view with only a table of records and not a bar cha...

Page 849: ...in the table IP Count and User Count of end users who encountered the blocked virus and the Hit Count for all instances of this blocked virus encounter Click a link in any of these columns to drill d...

Page 850: ...d create a new report view see Drill Down into a Security Report Traffic Analysis report view The Blocked Viruses report view is accessible via Reports Security Reports Traffic Analysis Fig 6 1 4 Traf...

Page 851: ...Rule Transactions record in the table In the Actions column the action performed by the SWG regarding the rule applied to that transaction in the Policies column the policy from the SWG applied to th...

Page 852: ...Date M D YYYY H MM SS AM PM format User IP User name path Site name and URL Clicking a User Count column link displays a report view with columns for Users IP Count and Hit Count From this report view...

Page 853: ...le Transactions display at the top of the panel Click one of these tabs to display the spec ified report view Report Settings menu For basic Security Report types hover over Report Settings at the bot...

Page 854: ...Fig 6 1 6 Sample top six bars view Note that the graph only report view footer does not include the Export Selected button and page navigation field Click this icon to display the top six bars and tab...

Page 855: ...stributed see Export a Security Report After selecting one or more records in the table by clicking the first column to select records click Export Selected to open the Export Report pop up window see...

Page 856: ...ox corresponding to that column TIP After making your modifications click Close to close the Column Visibility pop up window Date Displays the date in the M D YYYY H M S AM PM format User IP Displays...

Page 857: ...that prior report view Column sorting tips To sort report view records in ascending descending order by a specified column click that column s header report type name IP Count User Count Bandwidth Hit...

Page 858: ...at report Fig 6 1 9 Report Settings Run option 2 In the Report Details sub panel a Specify the Report Time Span by choosing one of two options Predefined Ranges If selecting this option make a choice...

Page 859: ...n the report to be generated By User Group If selecting this option choose the User Group for your report query results By Specific User If selecting this option enter the end user name using the wild...

Page 860: ...Assigned list box TIPS Multiple records can be selected by clicking each record while pressing the Ctrl key on your keyboard Blocks of records can be selected by clicking the first record and then pr...

Page 861: ...EPORTS SECTION CHAPTER 1 SECURITY REPORTS M86 SECURITY USER GUIDE 833 Fig 6 1 11 Generated Security Report view The report can now be exported by selecting one of the export options see Export a Secur...

Page 862: ...rt Settings Save option 2 In the Report Details sub panel a Type in the Report Name b Specify the Report Time Span by choosing one of two options Predefined Ranges If selecting this option make a choi...

Page 863: ...RLs Top Specify the number of top URLs to be saved 3 In the Users sub panel select one of the accordions and indicate criteria to include in the report to be generated By User Group If selecting this...

Page 864: ...igned list box and click Remove Click the Assign All checkbox to select all records and grey out the panel c Click Back to return to the Security Report Wizard panel 4 In the Email Settings sub panel...

Page 865: ...Chapter 3 of the Productivity Reports Section Schedule a Security Report to Run 1 In the security report view click Report Settings and choose Schedule to display the Security Report Wizard panel for...

Page 866: ...he Day of the Month from the pull down menu 1 31 5 Select the Start Time for the report 1 12 for the hour 0 59 for the minutes and AM or PM NOTE The default Start Time is 8 00 AM If you wish to run a...

Page 867: ...the pop up window without executing any of the export functions 1 Specify the Group By report type selection from the available choices in the pull down menu 2 At Top Item Limit If the Export All Rec...

Page 868: ...out For all other drill down report views the Export report with URLs checkbox does not display 4 To download the report in the PDF format without emailing it click Download To email the report procee...

Page 869: ...d report includes the date range report type report criteria and report description The footer of the report includes the date and time the report was generated M D YYYY HH MM SS AM PM adminis trator...

Page 870: ...views the body of the report includes columns set up to be visible These columns might include Date M DD YYYY H MM SS AM PM format IP User name path Site bandwidth Size e g kB and URL as in the sample...

Page 871: ...avigation toolbar hover over the Reports menu link choose Security Reports and then select Report Wizard to open the Security Report Wizard panel Fig 6 2 1 Security Report Wizard panel Create a Custom...

Page 872: ...ge 4 Indicate the Top Item Limit to be included in the report by default the Top number of items specified in Default Top N Value from Administration Default Report Settings displays but can be modifi...

Page 873: ...ng the wildcard to return multiple usernames and then click Preview Users to display query results in the list box below By IP If selecting this option enter the end user IP address for filtering your...

Page 874: ...the Available list box and click Add to move the record s to the Assigned list box TIPS Multiple records can be selected by clicking each record while pressing the Ctrl key on your keyboard Blocks of...

Page 875: ...below 2 Specify the Delivery Method for the email address To default Bcc or Cc TIP To remove an email address click the X in the Remove column of the list box NOTE Follow the above procedures for each...

Page 876: ...window see Fig 6 1 14 and follow the procedures in Report Settings Options Schedule a Security Report to Run from Chapter 1 Run Click this button to generate the security report The finished report v...

Page 877: ...and how to register the SR to function in registered mode Report Manager Banner In evaluation mode the Report Manager banner displays EVALUATION MODE beneath the Security Reporter name link Fig A 1 S...

Page 878: ...r the period specified in the pop up box EVALUATION MODE MAX DATA STORAGE X WEEKS in which X represents the maximum number of weeks in the SR s data storage scope You have the option to either use the...

Page 879: ...abase Expiration the Expiration screen displays additional information in evaluation mode Fig A 3 Expiration screen The following message displays beneath the Status bar EVALUATION MAX DATA STORAGE X...

Page 880: ...y default settings Change the Evaluation Mode After the designated evaluation period has expired you may extend your evaluation period or register the unit and use it in the registered mode There are...

Page 881: ...aluation Extension or Full Activation 4 Click Send Information After M86 obtains your informa tion a technical support representative will issue you an activation code 5 Return to the Activation Page...

Page 882: ...ble if using IP groups authentication NOTE In order to use this feature the LDAP Username and Domain set up in the administrator s profile account see Admin Profiles panel from Chapter 1 of the Report...

Page 883: ...GUIDE 853 2 In the Run dialog box type in the path to the scripts folder C WINDOWS sysvol domain scripts 3 Click OK to open the scripts folder Fig B 2 C WINDOWS sysvol domain scripts window 4 Right cl...

Page 884: ...ext Document Fig B 3 New Text Document 6 Type the following text in the blank document file echo off start X X X X win tartrayw32 exe ta X X X X in which X X X X represents the IP address of the SR se...

Page 885: ...o open the Save As window Fig B 4 Save As dialog box 8 In the File name field type in the name for the file using the filename bat format For example tartray21 bat NOTE Be sure that the Save as type f...

Page 886: ...cript to as many administrators as needed 1 From the taskbar of the LDAP server go to Start Programs Administrative Tools Active Directory Users and Computers to open the Active Directory Users and Co...

Page 887: ...sers folder 3 In the Properties dialog box click the Profile tab to display its contents 4 In the Login script field type in the bat filename For example tartray21 bat 5 Click Apply to save your entry...

Page 888: ...oad in the System Tray if the SR server is not actively running Use the System Tray Alert icon s menu When right clicking the System Tray Alert icon the following pop up menu items display SR Admin In...

Page 889: ...pearance from the standard gauge to a yellow gauge pictured to the far left in the image below The following message appears briefly above the yellow gauge New M86 SR Alert The following message displ...

Page 890: ...n displays beneath this message followed by the Close button If more than one alert was triggered the alert box includes the following message and button to the right of the Close button X more alerts...

Page 891: ...ds to be blocked On the SR global adminis trators can create and manage custom library categories and sync them to the source Web Filter detail drill down report One of two types of basic reports the...

Page 892: ...LDAP is a directory service protocol based on entries Distinguished Names The other authentication method that can be used with the SR is IP groups object count The number of objects end users access...

Page 893: ...SR TCP An abbreviation for Transmission Control Protocol one of the core protocols of the Internet protocol suite Using TCP applications on networked hosts can create connections to one another over...

Page 894: ...on the Internet A URL is comprised of two parts The first part of the address specifies which protocol to use such as http The second part specifies the IP address or the domain name where the resourc...

Page 895: ...pported browser types Internet Explorer Firefox Chrome and Safari and the following products Yahoo Toolbar Google Toolbar AdwareSafe and Windows XP Service Pack 2 SP2 Browser Pop up Blockers Internet...

Page 896: ...llowed Sites Pop ups window Google Chrome 13 0 1 In the Chrome toolbar navigate to the wrench icon Options Under the Hood tab 2 Click Content settings Pop ups 3 Choose either Allow all sites to show p...

Page 897: ...hite List If the Client was previously blocked by the Yahoo Toolbar it can be moved from the black list and added to the white list so that it will always be allowed to pass To do this 1 Go to the Yah...

Page 898: ...Up Blocker dialog box Fig I 2 Allow pop ups from source 3 Select the source from the Sources of Recently Blocked Pop Ups list box to activate the Allow button 4 Click Allow to move the selected source...

Page 899: ...White List To add the Client to the white list so that it will always be allowed to pass go to the Google Toolbar and click the Pop up blocker button Fig I 3 Pop up blocker button enabled Clicking thi...

Page 900: ...pop up blocking Popup protection off by clicking the pop up icon 1 In the IE browser go to the SearchSafe toolbar and click the icon for popups blocked to toggle to Popup protec tion off This action t...

Page 901: ...Firefox browser go to the toolbar and select Tools Options to open the Options dialog box 2 Click the Content tab at the top of this box to open the Content section Fig I 5 Mozilla Firefox Pop up Win...

Page 902: ...Fig I 6 Mozilla Firefox Pop up Window Exceptions 4 Enter the Address of the web site to let the client pass 5 Click Allow to add the URL to the list box section below 6 Click Close to close the Allowe...

Page 903: ...king in Windows XP SP2 Set up Pop up Blocking There are two ways to enable the pop up blocking feature in the IE browser Use the Internet Options dialog box 1 From the IE browser go to the toolbar and...

Page 904: ...the IE browser go to the toolbar and select Tools Pop up Blocker Turn On Pop up Blocker Fig I 8 Toolbar setup When you click Turn On Pop up Blocker this menu selec tion changes to Turn Off Pop up Bloc...

Page 905: ...Blocker Pop up Blocker Settings to open the Pop up Blocker Settings dialog box Fig I 9 Pop up Blocker Settings 2 Enter the Address of website to allow and click Add to include this address in the All...

Page 906: ...a pop up is blocked 3 Click Close to close the dialog box Access the Client 1 Click the Information Bar for settings options Fig I 10 Information Bar menu options 2 Select Always Allow Pop ups from T...

Page 907: ...r fans NOTE As part of the ongoing maintenance procedure for your RAID server M86 recommends that you always have a spare drive and spare power supply on hand Contact M86 Technical Support for replace...

Page 908: ...ol panel buttons icons and LED indicators display on the right side of the 500 series model front panel The buttons let you perform a function on the unit while an LED indicator corresponding to an ic...

Page 909: ...ity on LAN1 The LED is a steady green with link connectivity and unlit if there with no link connectivity HDD icon In addition to displaying in the control panel this icon also displays on the front p...

Page 910: ...y first going to the Hardware Failure Detection window in the Web Filter Administrator console WARNING Do not attempt to remove any of the drives from the unit at this time Verification of the failed...

Page 911: ...Failure Detection window on a 500 series model The Hardware Failure Detection window displays the current RAID Array Status for all the hard drives HD at the right side of the window Normally when al...

Page 912: ...s model be sure the carrier is unlocked then press the section on the carrier handle labeled PUSH to release the carrier handle On a 500 series model press the red release button to release the carrie...

Page 913: ...returning your failed hard drive to M86 Power supply failure Step 1 Verify the power supply has failed The administrator of the server is alerted to a power supply failure on the 500 series chassis by...

Page 914: ...ise Authorization number and for instructions on returning the unit to M86 A steady red LED on and not flashing on a 500 series model indicates an overheating condition which may be caused by cables o...

Page 915: ...s panel 604 Administrator window 103 alert box terminology 13 518 Alert Settings window 131 always allowed 34 definition 508 Appliance Watchdog 151 242 Approved Content 390 Real Time Probe 341 343 App...

Page 916: ...etting 34 definition 508 Blocked Request Reports 748 Blocked Searched Keywords 574 Blocked Viruses report view 821 Box Mode screen 538 button terminology 13 518 C calculator in R3000 74 canned report...

Page 917: ...4 417 delete 432 menu 417 Custom Categories menu 414 custom category definition 508 863 Custom Category Groups panel 660 Customer Feedback Module window 303 Customization menu 204 D Daily Peaks usage...

Page 918: ...n 646 E edit Security Report 730 summary or detail report 729 Email fields 708 Emergency Update Log window 297 End User License Agreement 652 environment requirements Mobile Client 464 EULA 229 evalua...

Page 919: ...keyword 262 static profiles 29 URL keyword 263 filtering profile types 27 Firefox 5 464 firewall mode 23 bandwidth module affected in TAR 161 definition 508 For email output only field 708 For multi...

Page 920: ...profile 256 default redirect URL 259 filter options 260 menu 241 override account 264 port profile 258 280 Global Group Profile window 255 Google Chrome 5 Google Web Accelerator 84 Google Bing Yahoo Y...

Page 921: ...om a summary report 683 create a new report from the current report view 701 customize pages 204 display only a specified number of records 703 drill down into a gauge 780 drill down into a Security R...

Page 922: ...set up URL Keywords Custom Categories 427 M86 Supplied Categories 321 set up URLs in categories Custom Categories 419 M86 Supplied Categories 316 set up X Strikes Blocking 188 use count columns and l...

Page 923: ...vidual IP member add to group 399 definition 509 delete 410 profile type 29 Individual IP Profile window 409 Installation Guide 7 instant messaging 38 315 definition 509 864 Internet Explorer 5 464 in...

Page 924: ...stom category 430 search engine keywords M86 supplied category 325 software update 290 update categories 289 update logs 292 URL keywords custom category 427 URL keywords M86 supplied category 321 URL...

Page 925: ...management 802 manual lockout 787 unlock workstations 804 lockout profile 36 log backup restore 179 database status 566 emergency software update 297 in 524 library update 292 out 534 out of the R3000...

Page 926: ...AC address 471 Member window Individual IP 408 Members window 403 mobile mode 468 469 Minimum Filtering Categories categories profile 278 minimum filtering level 33 277 bypass options 281 definition 5...

Page 927: ...s window 98 Number of Records 703 Number of Records field 706 O Object Count 575 object count definition 864 open setting 34 definition 511 Operation Mode window 160 mobile mode 467 Optional Features...

Page 928: ...2 unlock username 111 Password reset 528 Pattern Detection Whitelist window 312 peer to peer 38 definition 511 864 Ping 116 Policy screen 62 pop up blocking disable 451 867 pop up box window terminolo...

Page 929: ...24 Quota Setting window 232 R radio button terminology 15 520 Radius definition 512 Radius Authentication Settings window 181 Radius profile 28 RAID 186 Range to Detect Settings window 151 Range to De...

Page 930: ...Comma Delimited Text 716 sample Excel English 717 sample HTML 716 sample MS DOS Text 714 sample PDF 714 sample Rich Text Format 715 Server Activity 646 summary drill down report 680 Report Configurat...

Page 931: ...513 865 search engine keyword custom category 430 M86 supplied category 325 Search Engine Keyword Filter Control global group filter option 262 search engine keyword filtering 262 Search Engine Keywor...

Page 932: ...h gauge 762 definition 513 865 SMTP Server Settings window 134 SNMP definition 513 SNMP window 184 software 4 emergency update logs 297 update logs 143 software update 290 Software Update Log window 1...

Page 933: ...625 664 add to Device Registry 633 archive logs 568 LDAP Server 637 user group importation 585 SWG Management Console Reference Guide 655 synchronization 148 backup procedures 54 definition 513 865 d...

Page 934: ...dd 381 definition 513 profile type 30 Time Profile window 380 405 409 Time Usage algorithm 756 Time Usage Report count definition 865 Time Usage Reports 752 Time Usage reports 575 time based profile 8...

Page 935: ...load Download IP Profile 395 Upload Download IP Profile window MAC addresses 472 UPS 5 Upstream Failover Detect 242 URL definition 866 gauges 758 URL Keyword Filter Control global group filter option...

Page 936: ...274 508 W Warn Option Setting window 202 Warn Page Customization window 215 warn setting 34 definition 514 Web access logging 38 Web access logging device 581 701 definition 866 Web Filter 11 579 end...

Page 937: ...INDEX M86 SECURITY USER GUIDE 909 Mobile Client 464 X X Strikes Blocking global group filter option 261 X Strikes Blocking window 188...

Page 938: ...INDEX 910 M86 SECURITY USER GUIDE...

Reviews:

No comments