manualshive.com logo in svg

M86 Security MSA, Installation Manual

Share
Download
M86 Security MSA Installation Manual Download Page 72

B

EST

 F

ILTERING

 P

RACTICES

    

T

HREAT

 C

LASS

 G

ROUPS

66

M86 S

ECURITY

 I

NSTALLATION

 G

UIDE

J. Remote Access patterns

Block remote access patterns

. Enable Pattern Blocking for all users. In the 

profile, block Internet Productivity > Remote Access category.

To block remote access patterns, go to:

SYSTEM: System > Control > Filter window

POLICY: Policy > IP > member > member profile > Category tab
or POLICY: Policy > Global Group > Global Group Profile > Category tab

In the IR Web Filter User Guide index, see:
• How to: configure filtering
• How to: use library categories in a profile

K. HTTPS settings

Establish the security level for HTTPS site access

. Configure HTTPS filter 

settings in the Filter window. Choose “None” if you do not want the Web Filter to 
filter HTTPS sites, “Low” if you want the Web Filter to filter HTTPS sites without 
having the Web Filter communicate with IP addresses or hostnames of HTTPS 
servers, “Medium” if you want the Web Filter to communicate with HTTPS servers 
in order to get the URL from the certificate for URL validation only (this is the 
default setting), or “High” if you want the Web Filter to communicate with HTTPS 
servers to obtain the certificate with a very strict validation of the return URL.

To configure HTTPS settings, go to:

SYSTEM: System > Control > Filter window

In the IR Web Filter User Guide index, see:
• How to: configure filtering

L. Category block

Block the Bandwidth category

. Set the Bandwidth category to be blocked in 

pertinent profiles.

To block the Bandwidth category, go to:

POLICY: Policy > IP > member > member profile > Category tab
or POLICY: Policy > Global Group > Global Group Profile > Category tab

In the IR Web Filter User Guide index, see:
• How to: use library categories in a profile

Summary of Contents for MSA

Page 1: ...M86 IR INSTALLATION GUIDE Model MSA Software Versions Web Filter 5 0 00 ER 6 0 10 Document Version 02 01 12 ...

Page 2: ...spect to this documentation and disclaims any implied warranties of merchantability and fitness for a particular purpose M86 Security shall not be liable for any error or for incidental or consequential damages in connec tion with the furnishing performance or use of this manual or the examples herein Due to future enhancements and modifications of this product the information described in this do...

Page 3: ...ly Precautions 15 General Safety Information 16 Server Operation and Maintenance Precautions 16 AC Power Cord and Cable Precautions 17 Electrical Safety Precautions 17 Motherboard Battery Precautions 18 INSTALL THE SERVER 19 Step 1 Setup Procedures 19 Quick Start Setup Requirements 19 Administrator Console Setup Requirements 19 Step 1A Quick Start Setup Procedures 20 Link the Workstation to the IR...

Page 4: ...ertificate in IE 40 Windows XP or Vista with IE 8 or 9 40 Windows 7 with IE 8 or 9 44 Map the IR s IP Address to the Server s Host Name 45 Step 3 Test Filtering 47 Step 4 Set Library Updates 48 Activate and Register the Web Filter 48 Perform a Complete Library Update 48 Monitor the Library Update Process 50 Step 5 Change the ER Admin User Name and Password Set Self Monitoring 51 Log in to the ER A...

Page 5: ...ion bypass 72 BEST REPORTING PRACTICES 73 Reporting Scenarios 74 I Executive Report and Drill Down Report exercise 74 Step A Start with the dashboard for a high level activity overview 74 Step B Further investigate using a Summary Drill Down Report 75 Step C Create a New Report using yesterday s date scope 75 Step D Create a double break report with two sets of criteria 76 Step E Create a Detail D...

Page 6: ...Industry Canada Equipment Standard for Digital Equipment ICES 003 91 Bureau of Standards Metrology and Inspection BSMI Taiwan 91 EC Declaration of Conformity 92 European Community Directives Requirement CE 92 APPENDIX CONSOLE SETUP PROCEDURES 93 Preliminary Setup 93 Workstation Configuration 93 Link the Workstation to the IR 94 The Boot Up Process 94 Security Certificate Acceptance Procedures 95 A...

Page 7: ...equency of these visits The client gives the administrator the ability to interrogate massive datasets through flexible drill down technology until the desired view is obtained and then memorize and save the view to a user defined report menu for repetitive scheduled execution and distribution Quick setup procedures to implement the best filtering practices for the scenarios described in the secon...

Page 8: ...crossover cable Index An alphabetized list of some topics included in this document Conventions Used in this Document The following icons are used throughout this document to call attention to impor tant information pertaining to handling operation and maintenance of the server safety and preservation of the equipment and personal safety NOTE The note icon is followed by additional information to ...

Page 9: ...port representative For technical assistance or warranty repair please visit http www m86security com support M86 Technical Support Call Procedures When calling M86 Security regarding a problem please provide the representative the following information Your contact information Serial number or original order number Description of the problem Network environment in which the unit is used State of ...

Page 10: ... 1 IR unit 1 AC Power Cord 1 Serial Port Cable User guides can be obtained at http www m86security com support R3000 documentation asp and http www m86security com support Enterprise Reporter documentation asp For troubleshooting tips to assist you during the installation process visit http www m86security com software 8e6 ts r3000 html NOTE Rack mount brackets 2 also may be included for installin...

Page 11: ...ources of vibration or physical shock Isolated from strong electromagnetic fields and noise caused by electrical devices such as elevators copy machines air conditioners large fans large electric motors radio and TV transmitters and high frequency security devices Access space provided so the server power cord can be unplugged from the power supply or the wall outlet this is the only way to remove...

Page 12: ...nnection of the server to the power supply will not overload any circuits Consideration should be given to the connection of the equipment to the supply circuit and the effect that overloading of the circuits might have on overcurrent protection and supply wiring Appropriate consideration of equipment name plate ratings should be used when addressing this concern The server is only connected to a ...

Page 13: ...chassis into the rack To avoid personal injury and property damage please carefully follow all the safety steps listed below Before installing the chassis rails Close the chassis using the chassis cover Unplug the AC power cord s Remove all external devices and connectors 1 Included in the shipping package are a pair of rail assemblies In each rail assembly locate the inner rail and the outer rail...

Page 14: ...orre sponding holes on each of the inner rail 4 Attach an inner rail to each side of the chassis and secure the inner rail to the chassis by inserting three Type G screws through the holes on each side of the chassis and the inner rail See the diagram below for a description of the Type G screw 5 Repeat the above steps to install the other rail on the chassis ...

Page 15: ...ear 2 Secure the front short bracket marked with the Up Front arrows to the outer rail with two Type G screws See the previous page for a description of the Type G screw 3 Attach the rear long bracket to the other end of the outer rail and secure the rear long bracket to the outer rail with a Type G screw as shown below 4 Measure the depth of your rack and adjust the length of the rails accordingl...

Page 16: ...NARY SETUP PROCEDURES RACK MOUNT THE SERVER 10 M86 SECURITY INSTALLATION GUIDE 8 You will need to release the safety taps on both sides of the chassis in order to completely remove the chassis out of the rack ...

Page 17: ...e racks with the depth of 28 to 33 Determine the placement of each component in the rack before you install the rails Install the heaviest server components on the bottom of the rack first and then work up 1 In the package locate a pair of front short and rear long brackets Please note that the brackets are marked with Up Front Arrows front and Up Rear arrows rear 2 Secure the front short bracket ...

Page 18: ...e the previous page for descriptions of Type H and Type I hardware components 4 Attach the rear long bracket to the rear end of the rack and secure it to the rack with two Type H screws and Type I washers as shown below Repeat the same steps to install the other outer rail to the other side of rack 5 Measure the depth of your rack and adjust the length of the rails accordingly Then secure the rail...

Page 19: ...PRELIMINARY SETUP PROCEDURES RACK MOUNT THE SERVER M86 SECURITY INSTALLATION GUIDE 13 6 Slide the inner rails which are attached to the chassis into the outer rails on the rack ...

Page 20: ...em is adequately supported Make sure that all the components are securely fastened to the chassis to prevent components falling off from the chassis The rack assembly should be properly grounded to avoid electric shock The rack assembly must provide sufficient airflow to the chassis for proper cooling Please make sure that all components and all chassis covers are properly installed in the chassis...

Page 21: ...erican and Pacific Rim countries Power Supply Precautions WARNING Use a regulating uninterruptible power supply UPS to protect the server from power surges voltage spikes and to keep the server operating in case of a power failure In geographic regions that are susceptible to electrical storms M86 Security highly recommends plugging the AC power cord for the server into a surge suppressor Use appr...

Page 22: ...N There are no user serviceable components inside the chassis The chassis should only be opened by qualified service personnel Never disassemble tamper with or attempt to repair the server Doing so may cause smoke fire electrical shock serious physical injury or death WARNING In HL servers multiple sources of supply exist Be sure to disconnect all sources before servicing Do not insert objects thr...

Page 23: ...g Electrical Safety Precautions WARNING Heed the following safety precautions to protect yourself from harm and the server from damage CAUTION Dangerous voltages associated with the 100 240 V AC power supply are present inside the unit To avoid injury or electrical shock do not touch exposed connec tions or components while the power is on To prevent damage to the server read the information in th...

Page 24: ...There is a danger of explosion if the battery on the motherboard is installed upside down which will reverse its polarities CAUTION DANGER OF EXPLOSION IF BATTERY IS INCORRECTLY REPLACED REPLACE ONLY WITH THE SAME OR EQUIVALENT TYPE RECOMMENDED BY THE MANUFACTURER DISPOSE OF THE USED BATTERIES ACCORDING TO THE MANUFACTURER S INSTRUCTIONS ATTENTION IL Y A DANGER D EXPLOSION S IL Y A REPLACEMENT INC...

Page 25: ... used for the Quick Start setup procedures IR with AC power cord either one of two options PC monitor with AC power cord and keyboard or PC laptop computer with HyperTerminal and serial port cable and USB DB9 serial adapter if there is no serial port on your laptop Go to Step 1A to execute Quick Start Setup Procedures Administrator Console Setup Requirements The following hardware is required for ...

Page 26: ...right of the front panel see Fig 2 Once the IR is powered up proceed to the Login screen instructions Serial Console Setup A Using the serial port cable and USB DB9 serial adapter if necessary connect the laptop to the rear of the chassis see Fig 1 B Power on the laptop C Connect the AC power cord to the back of the chassis and plug the cord into a UPS power supply unit D Power on the IR by droppi...

Page 27: ...e to conduct these quick start setup procedures and do not have an equivalent type of terminal emulator program installed on your workstation Hilgraeve Inc the maker of HyperTerminal offers HyperTerminal Private Edition for Windows Vista and Windows 7 The following information is included on Hilgraeve s Web page at http www hilgraeve com hyperterminal html accessed August 16 2011 HyperTerminal Pri...

Page 28: ...o dialog box C At the Connect using field select the COM port assigned to the serial port on the laptop probably COM1 and then click OK to open the Properties dialog box displaying the Port Settings tab D Specify the following session settings Bits per second 9600 Data bits 8 Parity None Stop bits 1 Flow control Hardware VT100 emulation settings E Click OK to connect to the HyperTerminal session ...

Page 29: ...ION GUIDE 23 F In the HyperTerminal session window go to File Properties to open the Prop erties dialog box displaying the Connect To and Settings tabs G Click the Settings tab and at the Emulation menu select VT100 H Click OK to close the dialog box and to go to the login screen ...

Page 30: ...tly displays on your screen press the Enter key to display the login screen A At the login prompt type in menu B Press the Enter key to display the Password prompt C At the Password prompt type in the following s3tup r3k D Press Enter to display the Quick Start menu screen Quick Start menu screen A At the Press the number of your selection prompt press 2 to select the Quick Start setup process B A...

Page 31: ...ervers Configure host name Time Zone regional setting B After making all entries using the Quick Start setup procedures press X to return to the Quick Start menu screen Or to verify the status of the IR and review the entries you made using the Quick Start setup press 1 to view the System Status screen NOTES Changing your password using option C Change Quick Start password will change the password...

Page 32: ...Start menu press 5 to go to the Configure Network Interface screen for LAN2 B At the Enter interface LAN2 IP address prompt type in the LAN2 IP address and press Enter C At the Enter interface LAN2 netmask prompt type in the netmask for the LAN2 IP address and press Enter D Press Y to confirm or press any other key to cancel this change Configure default gateway A From the Quick Start menu press 6...

Page 33: ...is change Time Zone regional setting A From the Quick Start menu press 9 to go to the Time Zone regional configura tion screen B Select a region using up arrow and down arrow Press Y when you have selected the appropriate region or Press Esc to cancel this change NOTE If this server is located in the USA please select US and not America C After you select the region you may be prompted to select t...

Page 34: ...ting the Web Filter Administrator console username and password to the factory default admin user3 and for unlocking all IP addresses currently locked B At the Enter the new administrator password prompt type in the new pass word to be used for accessing the Quick Start menu and press Enter C At the Re enter the new administrator password prompt re type the pass word you just entered and press Ent...

Page 35: ... current status Active or Inactive Default gateway IP address specified in screen 6 Configure default gateway Web Filter host name specified in screen 8 Configure host name DNS server IP address es specified in screen 7 Configure DNS servers Regional timezone setting specified in screen 9 Time Zone regional setting Current status of the Web Filter Current Web Filter software Version installed Libr...

Page 36: ... reset buttons i From the navigation panel of the System section of the Web Filter console click Control and select Reboot from the menu to display the Reboot window ii Click the Reboot button iii From the time you click Reboot you have approximately 2 minutes to perform sub steps B through E while the IR goes through the reboot process B If you used a crossover cable for the quick start setup pro...

Page 37: ...If using Safari proceed to Accept the Security Certificate in Safari If using Google Chrome proceed to Accept the Security Certificate in Chrome If the security issue page does not display in your browser verify the following The IR is powered on The IR is connected to the same hub as your router firewall Can the administrator workstation normally connect to the Internet Is the IR plugged into a s...

Page 38: ...UIDE Accept the Security Certificate in Firefox A If using a Firefox browser in the page This Connection is Untrusted click the option I Understand the Risks B In the next set of instructions that display click Add Exception Clicking Add Exception opens the Add Security Exception window ...

Page 39: ...se Reporter Administration Module when you attempt to access each of these applications for the first time On a newly installed unit the ER Web Client will remain inaccessible until logs are transferred to the ER Administration Module and the ER s database is built When attempting to access the Web Filter user interface for the first time the Security warning dialog box shown in the sample image a...

Page 40: ... an IE browser in the page There is a problem with this website s secu rity certificate click Continue to this website not recommended Selecting this option displays the IR splash page with the address field and the Certificate Error button to the right of the field shaded a reddish color B Proceed to Step 2 Log in Web Filter Generate SSL Certificate ...

Page 41: ...ari can t verify the identity of the website opens Click Show Certificate to open the certificate information box at the bottom of this window B Click the Always trust checkbox and then click Continue C You will be prompted to enter your password in order to install the certificate After the security certificate is installed proceed to Step 2 Log in Web Filter Generate SSL Certificate ...

Page 42: ...n Chrome A If using a Chrome browser in the page This is probably not the site you are looking for click the button Proceed anyway Clicking this button launches the IR splash page NOTE The Security Certificate must be accepted each time a new browser is launched B Proceed to Step 2 Log in Web Filter Generate SSL Certificate ...

Page 43: ...ce and your browser If using an IE browser you will need to complete the security certificate acceptance procedures Log in to the Web Filter A From the IR splash page click WF This action opens the Web Filter Administrator console login window NOTE You will need to follow the procedures for accepting the security certificate and or acknowledging the security warning for the Web Filter B Type in th...

Page 44: ...TALLATION GUIDE Generate SSL Certificate A Navigate to System UI SSL Certificate to open the SSL Certificate window B Click Generate Certificate to open the box that asks if you wish to continue which would restart your server C Click Yes to generate the SSL certificate and restart the IR ...

Page 45: ... is generated you will be prompted to click OK and close your browser Wait a few minutes before attempting to access the user inter face If using an IE browser proceed to IE Security Certificate Installation Proce dures If using a Firefox Safari or Chrome browser proceed to Step 3 Test Filtering or the Mobile Client Connection ...

Page 46: ...cept the Security Certificate in IE Go to the appropriate sub section if using the following Windows operating system and IE browser Windows XP or Vista with IE 8 or 9 Windows 7 with IE 8 or 9 Windows XP or Vista with IE 8 or 9 A If using an IE 8 or 9 browser on a Windows XP or Vista machine in the page There is a problem with this website s security certificate click Continue to this website not ...

Page 47: ...IFICATE M86 SECURITY INSTALLATION GUIDE 41 Figure A2 Windows XP IE 8 B Click Certificate Error to open the Certificate Invalid box Figure B Windows XP IE 8 C Click View certificates to open the Certificate window that includes the host name you assigned to the IR ...

Page 48: ...RATE SSL CERTIFICATE 42 M86 SECURITY INSTALLATION GUIDE Figure C Windows XP IE 8 D Click Install Certificate to launch the Certificate Import Wizard Figure D Windows XP IE 8 E Click Next to display the Certificate Store page Figure E Windows XP IE 8 ...

Page 49: ...lick OK to close the box H Click Next to display the last page of the wizard Figure H Windows XP IE 8 I Click Finish to close the wizard and to open the Security Warning dialog box asking if you wish to install the certificate Figure I Windows XP IE 8 J Click Yes to install the certificate and to close the dialog box When the certifi cate is installed the alert window opens to inform you the certi...

Page 50: ... address field and the Certificate Error button to the right of the field shaded a reddish color see Figure A2 Click Certificate Error to open the Certificate Invalid box see Figure B Click View certificates to open the Certificate window that includes the host name you assigned to the IR see Figure C Click Install Certificate to launch the Certificate Import Wizard see Figure D Click Next to disp...

Page 51: ...IR s IP Address to the Server s Host Name Map the IR s IP Address to the Server s Host Name A From your workstation launch Windows Explorer and enter C WINDOWS system32 drivers etc in the address field to open the folder where the hosts file is located B Double click hosts to open a window asking which program you wish to use to open the file Double click Notepad or TextPad to launch the hosts fil...

Page 52: ...n of the Quick Start Setup Procedures Step 1A or the Network LAN Settings steps from the Console Setup Procedures in the Appendix and then save and close the file D In the address field of your newly opened IE browser from now on you will need to use the IR s host name instead of its IP address that is https host name 1443 would be used instead of https x x x x 1443 Click Go to open the IR splash ...

Page 53: ...trator console you should test filtering A Test the IR s filtering by opening a browser window on a network workstation and then going to the following empty sites to test pornography filtering http test 8e6 net http test marshal8e6 com tw http testsite marshal com B You should receive a block page for each URL tested If you do not contact an M86 Security solutions engineer or technical support re...

Page 54: ... your activation code D Click Submit to go to the Web Filter Activation and Registration page E Verify that your serial number and activation code are the same as shown on this registration page F Fill out the information on this page including the host name for the public DNS server The entry of the unique host name you ve chosen is mandatory in order to receive library updates G After all inform...

Page 55: ... 4 SET LIBRARY UPDATES M86 SECURITY INSTALLATION GUIDE 49 C In the Manual Update to M86 Supplied Categories window click the radio button corresponding to Full URL Library Update D Click Update Now to begin the update process ...

Page 56: ...ork traffic associated with the hub to which it is connected Now that the Web Filter is filtering your network the next step is to set up groups and create filtering profiles for group members To activate a default filter profile more appropriate for your operations or to specify a more limited IP range to filter consult Chapter 2 Group screen in the Global Administrator Section of the M86 IR Web ...

Page 57: ...o the ER Admin istrator console and make some changes to settings in screens Log in to the ER Administrator Console A From the IR splash page click the button corresponding to Enterprise Reporter Administration Module This action opens the ER Administrator console login window NOTE You will need to follow the procedures for accepting the security certificate for the ER Administrator Console B In t...

Page 58: ... the Server Status screen See the M86 IR Enterprise Reporter Administrator User Guide for information about the Evaluation Mode Change User Name and Password A Set up a new administrator user name and password by clicking on the Network pull down menu and choosing Administrators to display the Add Edit Delete Administrators screen B Select New Administrators from the pull down menu C Enter a User ...

Page 59: ... Monitoring screen B Choose YES to activate monitoring C Enter the Master Administrator s E Mail Address D Click Choice one and enter an e mail address of an individual in your organiza tion that you would like notified if the ER detects any problems when processing data This can be the same e mail address entered in the previous field Enter up to four e mail addresses E Click Save Now that the ER...

Page 60: ... NOTE You will need to follow the procedures for accepting the security certificate for the ER Web Client B Enter your Username and Password and then click Login to access the main screen of the client NOTE If you do not have your own Username and Password set up in the ER client the default Username is manager and the default Password is 8e6ReporT C In the navigation panel select Settings and the...

Page 61: ...rname F Enter the Password and Confirm Password G Select the User Type Admin or Sub Admin H Click Save to close the dialog box and to add the username to the user list I Exit the client You can now launch the client and enter the password you just set up NOTE For instructions on logging into the client after initial set up refer to the ER Web Client User Guide ...

Page 62: ...ting please consult the M86 IR Enterprise Reporter Administrator User Guide Refer to the ER Web Client User Guide for information on generating reports NOTE If you cannot view reports or if your specific environment is not covered in the ER Administrator User Guide contact an M86 Security solutions engineer or technical support representative Port 22 SSH and Port 3306 SQL must be open on your netw...

Page 63: ...Filter User Guide for pages containing detailed step by step instructions on configuring and or using the tools and features described in that scenario In this section you will learn how to block user access to filtering categories URL and search engine keywords and various pattern types and file types set up user profiles or accounts to bypass blocked filtering categories create a custom category...

Page 64: ...tics Health Fitness Illegal Question able Information Technology Internet Communication Internet Productivity Internet Intranet Misc News Reports Religion Beliefs Security Shopping Society Lifestyles Travel Events and Custom Categories Outside of the interface we have also grouped these library categories into four Threat Class Groups based on the type of security level that best defines them Thre...

Page 65: ... a profile go to POLICY Policy Global Group Rules Policy IP member member profile Category tab or Policy Global Group Global Group Profile Category tab In the IR Web Filter User Guide index see How to use rules How to use library categories in a profile C X Strike on blocked categories Lock out users from workstations after X number of attempts are made to access content that could endanger your n...

Page 66: ...e blocked go to LIBRARY Library Category Groups category URL Keywords POLICY Policy IP member member Profile Filter Options tab URL Keyword Filter Control enabled or POLICY Policy Global Group Global Group Profile Filter Options tab URL Keyword Filter Control enabled In the IR Web Filter User Guide index see How to set up URL Keywords How to set up profile options F Search Engine Keywords Block ac...

Page 67: ...icy Global Group Minimum Filtering Level Policy Global Group Global Group Profile Category tab In the IR Web Filter User Guide index see How to configure the Minimum Filtering Level How to use library categories in a profile Global Group Profile I Override Account bypass Use an Override Account to grant a user access to categories blocked at the root level To grant designated users access to globa...

Page 68: ... tab In the IR Web Filter User Guide index see How to configure filtering How to use library categories in a profile L File type blocking Prevent users from downloading and using executable files that may threaten your network security Create a custom category for file extensions and add exe to the URL Keyword list Other files you might include in the list are dll ocx scr bat pif cpl cmd hta lnk i...

Page 69: ... profile B Overall Quota Restrict all quota time in a profile to improve bandwidth usage and produc tivity Cap the amount of time a user spends in all quota marked categories by enabling the Overall Quota option and specifying the number of minutes the end user can visit quota marked categories before being notified and then locked out of these categories To set up the quota option and configure p...

Page 70: ... along with X Strikes Blocking After the end user is warned for the designated number of times defined in X Strikes Blocking that user is locked out of all Internet intranet access To set up and use the warn option with X Strikes Blocking go to SYSTEM System X Strikes Blocking window System Warn Option Setting window POLICY Policy IP member member profile Category Profile tab Warn column and Filte...

Page 71: ...s In the profile block Entertainment Games category To block game patterns go to SYSTEM System Control Filter window POLICY Policy IP member member profile Category tab or POLICY Policy Global Group Global Group Profile Category tab In the IR Web Filter User Guide index see How to configure filtering How to use library categories in a profile I Streaming Media patterns Block streaming media patter...

Page 72: ... if you want the Web Filter to filter HTTPS sites without having the Web Filter communicate with IP addresses or hostnames of HTTPS servers Medium if you want the Web Filter to communicate with HTTPS servers in order to get the URL from the certificate for URL validation only this is the default setting or High if you want the Web Filter to communicate with HTTPS servers to obtain the certificate ...

Page 73: ...brary Category Groups category group category Search Engine Keywords POLICY Policy IP member member Profile Filter Options tab Search Engine Keyword Filter Control enabled or POLICY Policy Global Group Global Group Profile Filter Options tab Search Engine Keyword Filter Control enabled In the IR Web Filter User Guide index see How to set up Search Engine Keywords How to set up profile options O UR...

Page 74: ...porting go to REPORTING Report Real Time Probe Configuration tab Real Time Probe Go to Real Time Probe Reports GUI link Real Time Probe Reports Create tab In the IR Web Filter User Guide index see How to set up Real Time Probes III General Productivity A Warn Feature with higher thresholds Warn users before they access unacceptable content Set HTTPS filtering at the high level to block certificate...

Page 75: ... tab X Strikes Blocking enabled In the IR Web Filter User Guide index see How to configure filtering How to set up X Strikes Blocking How to configure the Warn Option Setting How to use library categories in a profile How to set up profile options C Time Quota Hit Quota Limit time spent in PASSED categories to increase productivity Enable the Quota Settings feature and configure the Seconds Per Hi...

Page 76: ...ent to your organization or region that should be blocked Apply this category to a profile To customize and use an M86 Supplied Category in a profile go to LIBRARY Library Category Groups category group category add delete URLs URL Keywords Search Engine Keywords POLICY Policy IP member member profile Category tab or POLICY Policy Global Group Global Group Profile Category tab In the IR Web Filter...

Page 77: ...n the Minimum Filtering Level the Minimum Filtering Level setting will override the entry in the Always Allow custom category To create a white list custom category and use it in a profile go to LIBRARY Library Category Groups Custom Categories Add Category add URLs URL Keywords Search Engine Keywords POLICY Policy IP member member profile Category tab or POLICY Policy Global Group Global Group Pr...

Page 78: ...lly blocked categories set up an Override Account at the Global Group level or enable the option to allow the Minimum Filtering Level to be bypassed with an Override Account and then set up the Override Account at the member level To set up an override account at the Global Group level go to POLICY Policy Global Group Override Account window To configure the bypass feature and set up a group level...

Page 79: ...ary report view and a detail report view create a new report view export a report view to an output format save a report schedule a report to run on a regular basis to capture Internet activity at set intervals of time create a custom category group generate a summary report and a detail report for a custom category group create a custom user group generate a summary report and a detail report for...

Page 80: ...ypes of Drill Down Reports summary and detail reports and various types of reports you can generate for each of these two basic drill down report types Step A Start with the dashboard for a high level activity overview By default the panel in the middle of the screen displays yesterday s Executive Report containing pre generated data Since the data has already been captured from the previous day t...

Page 81: ...rder by the most visited Note that this drill down report view has been generated for today s activity by default To continue this investigation using data from yesterday s Executive Report you must create a New Report from this current report view and change the date scope In the ER Web Client User Guide index see How to generate a Drill Down Report Step C Create a New Report using yesterday s da...

Page 82: ...need to identify the user s Since there are two sets of criteria you need for this exercise you must drill down into the selected category and also specify that you wish to view user IP addresses By specifying two sets of criteria you create a double break report view Note the columns of filter buttons to the right of the Categories column Click the Category IPs button corresponding to the targete...

Page 83: ...lickable links to access pages the user viewed 2 In this report view click any URL link to open the page for that URL In the ER Web Client User Guide index see How to create a detail Page Count report from a summary report See also How to create a detail Object Count report from a summary report You have now learned how to access Executive Reports and to use Drill Down Reports to conduct an invest...

Page 84: ...wn to view the most visited sites in a category 1 From the top panel go to Drill Down Reports Categories to generate a Summary Drill Down Report view ranking categories in order by the most visited to the least visited 2 To find out which sites were visited in a popular category target the category and then click the Category Sites filter button corresponding to that category to create a double br...

Page 85: ...y click Modify Report to open the Drill Down Report window where you make customizations to the current report view NOTE Notice that by default the report will be set to Sort by Page Count 2 Select Top IP Count from the Display drop down menu and type in 10 in the Records field 3 Click Apply to close the window and to display the report view showing only the top 10 site records for the selected ca...

Page 86: ...he exportation process When this process has been completed the PDF file opens in a separate browser window The generated PDF file for the report includes a list of the top 10 Sites records for the selected category as well as the following counts for each record in the report IP User Page Object Time HH MM SS Hit and Blocked Hits The Grand Total and total Count display at the end of the report NO...

Page 87: ... a Web Client report See also How to export a detail Custom Report How to email a report You have now learned how to modify a double break Summary Drill Down Report view to include only the top 10 records and then export that content for viewing in the PDF format Variations of this exercise can be performed to generate and export countless reports using criteria of your specifications ...

Page 88: ... view to open the Save Custom Report window Note that this window is populated with specifications used in the current report view 2 For this exercise make entries in the following fields Save Name Descrip tion and For E Mail output only To and Subject fields 3 Choose the Save and Schedule option from the Save options at the bottom of the window The three Save options are as follows Save and Sched...

Page 89: ...o run Now that you ve saved the report you must schedule a time for the report to run 1 When clicking Save and Schedule an alert box opens to let you know the Custom Report has been saved 2 Click OK to close this alert box and to display the Event Schedules panel and also open the Add to Event Schedule window 3 In the Add Event to Schedule window enter a Name for this event select the run frequenc...

Page 90: ...vity as necessary IV Create a custom category group and generate reports After you ve run a few summary and detail reports for the top visited categories you might want to generate reports targeting specified categories only To do so you must first create a custom category group Step A Create a custom category group 1 To create a category group choose Settings from the top panel 2 Select Category ...

Page 91: ...om category groups you might want to create one or more custom user groups and run reports for these user groups NOTE In order to generate reports for a custom user group the user group must be created a day in advance since the list of users is updated each day automatically based on group definitions and latest usage data Step A Create a custom user group 1 To create a user group choose Settings...

Page 92: ...pe for the results Categories IPs Users or Sites select the User Group name and then click the View Drill Down Results button to generate the report Single User Group Drill Down Report To use this option choose Drill Down Reports from the top panel select Single User Group and then specify Single User Group Report criteria for the User Group you select from the menu Click Apply to generate the rep...

Page 93: ...In the ER Web Client user interface the following alert pop up box opens when navigating to Settings Server Statistics and accessing the ER Server Informa tion window Click OK to close this alert pop up box These two pop up boxes will continue to open in the user interfaces until the ER is in the activated mode NOTE See Appendix A in the ER Administrator User Guide for information about changing t...

Page 94: ... Window In the ER Server Information window the note Evaluation Mode Enabled displays above the ER Activity frame To the right of this note the Server Info button displays When this button is clicked an alert box opens with the message Evaluation Mode Max Data Storage X Weeks in which X represents the maximum number of weeks in the data storage scope Click OK to close the box ...

Page 95: ...ert you to the status of a feature on the unit while buttons let you perform a function on the unit LED Indicator Color Condition Description Power Green On System On Off System Off HDD Amber Blinking HDD Activity Off No HDD Activity LAN 1 LAN 2 Green On Link Connected Blinking LAN Activity Off Disconnected Overheat Red On System Overheated Off System Normal Chassis control panel LED Indicator Key...

Page 96: ...ironment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instruction manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interfer ence in which case the user will be required to correct the interference at his own expense FCC Declaration o...

Page 97: ...ECLARATION OF THE MANUFACTURER OR IMPORTER M86 SECURITY INSTALLATION GUIDE 91 Electromagnetic Compatibility Class A Notice Industry Canada Equipment Standard for Digital Equipment ICES 003 Bureau of Standards Metrology and Inspection BSMI Taiwan ...

Page 98: ...REGULATORY SPECIFICATIONS AND DISCLAIMERS DECLARATION OF THE MANUFACTURER OR IMPORTER 92 M86 SECURITY INSTALLATION GUIDE EC Declaration of Conformity European Community Directives Requirement CE ...

Page 99: ... Panel Open Network Connections Right click the link for LAN or High Speed Internet and choose Properties Windows Vista Go to the start icon Control Panel Network and Internet Network and Sharing Center Manage network connections Right click the Local Area Connection you want to change then choose Properties Windows 7 Go to the start icon Control Panel In the search box type adapter Under Network ...

Page 100: ...g the cord into a UPS power supply unit D Power on the server by lowering the bezel and pressing the large button at the right of the front panel Diagram of MSA chassis front panel power button at far right The Boot Up Process The boot up process may take 5 10 minutes When the drive light remains off for 30 seconds the system is booted up See the LED Indicators and Buttons section for a descriptio...

Page 101: ...ck Go to display the security issue page If using Firefox proceed to Accept the Security Certificate in Firefox If using IE proceed to Temporarily Accept the Security Certificate in IE If using Safari proceed to Accept the Security Certificate in Safari Accept the Security Certificate in Firefox A If using a Firefox browser in the page This Connection is Untrusted click the option I Understand the...

Page 102: ...se Reporter Web Client and Enterprise Reporter Administration Module when you attempt to access each of these applications for the first time On a newly installed unit the ER Web Client will remain inaccessible until logs are transferred to the ER Administration Module and the ER s database is built When attempting to access the Web Filter user interface for the first time the Security warning dia...

Page 103: ...pt the Security Certificate in IE If using an IE browser in the page There is a problem with this website s security certificate click Continue to this website not recommended Selecting this option displays the IR splash page with the address field and the Certificate Error button to the right of the field shaded a reddish color ...

Page 104: ...in Safari A If using a Safari browser the window explaining Safari can t verify the identity of the website opens Click Show Certificate to open the certificate information box at the bottom of this window B Click the Always trust checkbox and then click Continue C You will be prompted to enter your password in order to install the certificate ...

Page 105: ...ver Later you will configure the ER server Access the Web Filter Administrator Console A From the IR Welcome window click the WF button to open the Web Filter login window NOTE You will need to follow the procedures for accepting the security certificate and or acknowledging the security warning for the Web Filter B In the Username field type in admin C In the Password field type in user3 D Click ...

Page 106: ...g traffic Configure LAN settings the Web Filter will use on your network Select NTP servers the Web Filter will use for time synchronization with Internet clocks Indicate the region in which the Web Filter is geographically located NOTE After saving your entries in each of these windows Operation Mode LAN Settings NTP Servers Regional Setting you may be prompted to restart or reboot the server Cli...

Page 107: ...e option with the Mobile Client B In the Listening Device frame select the device for listening to traffic For the invisible mode LAN1 is generally used as the default listening device For the router or firewall mode Select the network card that will be used to listen to as opposed to send traffic on the network C In the Block Page Device frame select the device for sending block pages to client P...

Page 108: ...bnet for LAN 1 the Web Filter s first Ethernet Network Interface Card NIC For the invisible mode you may use a non routeable IP address for the listening interface and a subnet mask of 255 255 255 255 32 bites C Enter the LAN2 IP address and subnet for LAN 2 the Web Filter s second Ethernet NIC The subnet selection is usually 255 255 0 0 16 bites or 255 255 255 0 24 bites but cannot be 255 255 255...

Page 109: ...servers to be used by the Web Filter so that the Web Filter is synchronized with computer clocks on the Internet Note that the following server IP addresses display in the Servers list box 128 59 35 142 142 3 100 15 129 132 98 11 If necessary any of these servers can be deleted by selecting the IP address and clicking Delete NOTE If you need to find another NTP server to use most university Web si...

Page 110: ...ting from the menu Make the following selections in the Regional Setting window A At the Region pull down menu select your country from the available choices B At the Location pull down menu select the time zone for the specified region If necessary select a language set from the Language pull down menu to display that text in the console C Click Apply to apply your settings and to reboot the Web ...

Page 111: ...the System section of the Web Filter console click Control and select Reboot from the menu to display the Reboot window ii Click the Reboot button iii From the time you click Reboot you have approximately 2 minutes to perform sub steps B through E while the IR goes through the reboot process B Disconnect the crossover cable from the IR C Plug one end of a standard CAT 5E cable into the IR s LAN 1 ...

Page 112: ...rname and Password If you can access the IR splash page the IR is functioning on your network and you should proceed to Step 3 Log in Generate SSL Certificate from the Install the Server portion of this Installation Guide If you cannot access the IR splash page please verify the status of the LAN connection in Windows on the network workstation and then try enabling disabling the LAN connection If...

Page 113: ...s 68 71 Custom Category blocked 61 custom category group 73 84 Custom Lock Block Warn X Strikes Quota pages 60 custom user group 73 85 Customize an M86 Supplied Category 70 D Detail Drill Down Report 77 82 Double break Report 78 double break report 73 76 E EMC 90 ER Client 54 ER Server Information 88 Evaluation Mode 87 88 Exception URL bypass 62 Executive Reports 73 74 Expiration 87 Export Report ...

Page 114: ...Quota 63 70 Overheat 89 Override Account bypass 61 Override Accounts 72 P P2P patterns 64 Pass Allow 71 Pattern detection bypass 72 Physically Connect the Web Filter to the Network 30 105 Power Supply Precautions 15 Proxy Patterns 62 Q Quick Start menu 24 R Rack Setup Precautions 6 Real Time Probe information 68 reboot 28 30 105 Remote Access patterns 66 report for a custom user group 86 Reset Adm...

Page 115: ... Media patterns 65 Summary Drill Down Report 75 77 78 81 82 T Threats Liabilities 59 Time Based Profiles 63 69 Time Quota Hit Quota 63 69 U UL 90 URL exceptions 71 URL Keywords 60 67 W Warn Feature with higher thresholds 68 Warn option with low filter settings 64 Warn strike 64 Warn strike with higher thresholds 69 X X Strike on blocked categories 59 ...

Page 116: ...INDEX 110 M86 SECURITY INSTALLATION GUIDE ...

Page 117: ......

Page 118: ...M86 Security Corporate Headquarters USA 8845 Irvine Center Drive CA 92618 Tel 949 932 1000 or 888 786 7999 Fax 949 932 1086 ...

Reviews:

No comments

Brands by name

Popular brands

Load more brands