Secure Computing SSL Scanner User Manual Download Page 72

Page: 72 / 191

Common

3.1

Overview

The following overview shows the sections that are in this chapter:

User’s Guide – Webwasher SSL Scanner

Introduction

Home

Common

Overview

– this section

Quick Snapshot, see

3.2

Policy Settings

Media Type Filters, see

3.3

Document Inspector, see

3.4

Archive Handler, see

3.5

Generic Header Filter, see

3.6

Generic Body Filter, see

3.7

Advertising Filters, see

3.8

Privacy Filters, see

3.9

Text Categorization, see

3.10

HTTP Method Filter List, see

3.11

FTP Command Filter List, see

3.12

Welcome Page, see

3.13

White List, see

3.14

User-Defined Categories, see

3.15

Policy-Independent

Settings

Media Type Catalog, see

3.16

SSL Scanner

3–2

Summary of Contents for SSL Scanner

Page 1: ...USER S GUIDE Webwasher SSL Scanner Version 6 5 www securecomputing com...

Page 2: ...untries McAfee is a business unit of Network Associates Inc CheckPoint OPSEC and FireWall 1 are trademarks or registered trademarks of CheckPoint Software Technologies Ltd or its affiliates Sun and So...

Page 3: ...y 2 8 2 2 2 Traffic Volume 2 11 2 2 3 System 2 13 2 3 Overview Feature 2 18 2 3 1 Overview Feature 2 19 2 4 Support 2 23 2 4 1 Support 2 23 2 5 TrustedSource 2 24 2 5 1 TrustedSource 2 25 2 5 2 Malwar...

Page 4: ...Command Filter List 3 69 3 13 Welcome Page 3 73 3 13 1 Welcome Page 3 74 3 14 White List 3 78 3 14 1 White List 3 79 3 15 User Defined Categories 3 83 3 15 1 User Defined Categories 3 83 3 16 Media Ty...

Page 5: ...to extend your existing Web usage and security policies to the HTTPS protocol and to prevent certificate misuse SSL encrypted content including viruses spyware MP3s pornography and confidential compan...

Page 6: ...o the SSL Scanner and other Webwasher Web Gateway Security products SSL Scanner Describes the filtering features that are specific to the SSL Scanner 1 2 What Else Will You Find in This Introduction I...

Page 7: ...e following sections provide some information to make you familiar with this interface These sections List the first level tabs of this interface and explain their meanings see 1 3 1 Describe a sample...

Page 8: ...sing features media type filters etc SSL Scanner This is the top level tab for configuring the features that are specific to the SSL Scanner The tabs mentioned in the following are not described in th...

Page 9: ...er and let it remove any such images from the filtered objects You also want these settings to be part of your default filtering policy The following overview shows the main steps you need to complete...

Page 10: ...do this because all features that are placed under this main feature like the Animation Filter will only work if it is enabled d From the tabs provided for configuring the Advertising Filters op tions...

Page 11: ...Click History Information Update Logout Main Feature Enabling Search Session Length System Information Apply Changes After modifying the settings in one or more of the sections on a tab you need to cl...

Page 12: ...take you to the tab you invoked before the alert was displayed Clicking on Cancel will make the alert disappear so you can continue your configuration activities on the current tab Click History The...

Page 13: ...n period of time until the update is completed These sections are then updated automatically every three seconds to reflect the status of the update process Logout To logout from a Webwasher session c...

Page 14: ...n a separate window which displays a list of the tabs the search term was found on and the paths leading to them Clicking on any of the entries displayed in the list will take you to the corre spondin...

Page 15: ...er session This information includes Version and build of the Webwasher software Name of the system Webwasher is running on Name of the user logged in for the current session e g Admin Role assigned t...

Page 16: ...er running System Configuration Guide Features for configuring Webwasher within the system environment Advanced Configuration Guide More sophisticated configuration tasks Upgrade Guide What should I k...

Page 17: ...n products Instant Message Filter Documents User s Guide Instant Message Filter Description of features Special Environment Documents Setting Up Webwasher on Microsoft ISA Server Setting up Webwasher...

Page 18: ...pattern updates This combination provides in depth security against a multitude of threats while offering unmatched performance through use of the Anti Virus PreScan technology Webwasher Anti Malware...

Page 19: ...in cache streaming media e mail activity Internet access and content filtering queries all supported by unmatched convenience and performance features Webwasher Instant Message Filter Detects reports...

Page 20: ......

Page 21: ...ome tab of the Web interface These are basic features that are common to the SSL Scanner and other Web washer products e g system alerts contacting the support licensing fea tures etc The upcoming sec...

Page 22: ...Manuals see 2 6 Preferences see 2 7 License see 2 8 Common SSL Scanner 2 2 Dashboard The dashboard is invoked by clicking on the corresponding button under Home After invoking the dashboard the numbe...

Page 23: ...ummary information on a number of Web washer and system parameters at a glance This information is in most cases displayed with regard to a particular time interval e g the number of URLs that were fi...

Page 24: ...You can select the categories you want to have values displayed for with regard to a particular parameter To do this just mark or clear the check boxes next to the categories In the above example onl...

Page 25: ...here may be values in more than six categories for these parameters but only six categories and their values are shown at the same time By default these are the categories with the top six values You...

Page 26: ...as a category The values for five selected categories will then be shown together with Others which means that actually all categories and their values are cov ered Selecting a time interval You can...

Page 27: ...alues within a given time interval but with value areas stacked one on top of the other This means that you are always shown sums of values in this mode For this reason the value scale changes when sw...

Page 28: ...1 Executive Summary The Executive Summary tab looks like this There are three sections on this tab URL Executive Summary Mail Executive Summary Number of Feedbacks Sent They are described in the follo...

Page 29: ...Proactive Scanning Filter Blocked by URL Filter This category is for URLs that were blocked due to the configuration of the Webwasher URL Filter Mail Executive Summary The Mail Executive Summary sect...

Page 30: ...vided in the URL Filter Database Feedback section on the Feedback tab under Home Trust edSource Values are shown for the following feedback categories Malware This category is for feedbacks submitting...

Page 31: ...is subsection for the various policies that have been configured under Webwasher These may be the default poli cies but also policies that you have set up yourself Volumes for policies are displayed a...

Page 32: ...it Binary Value Decimal Value B Byte 20 100 K Kilo KB Kilobyte 210 103 M Mega MB Megabyte 220 106 G Giga GB Gigabyte 230 109 T Tera TB Terabyte 240 1012 P Peta PB Petabyte 250 1015 E Exa EB Exabyte 26...

Page 33: ...Home 2 2 3 System The System tab is shown here in two parts because of its size The upper part of the tab looks like this 2 13...

Page 34: ...part looks like this There are seven sections on this tab Update Status Open Ports CPU Utilization Memory Usage Swap Utilization Filesystem Utilization Network Utilization They are described in the f...

Page 35: ...ate Time when the feature was last updated Open Ports The Open Ports Webwasher Listener section displays the various ports that are currently open with Webwasher listening for requests sent over these...

Page 36: ...Memory section displays the percent ages and absolute values in bytes of free and used physical memory of the system Webwasher is running on within a given time interval Values are shown for the foll...

Page 37: ...following folders Webwasher temp Folder Webwasher log Folder Webwasher mail Folder Webwasher conf Folder Webwasher info Folder Network Utilization The Network Utilization All Interfaces section displa...

Page 38: ...ome 2 3 Overview Feature The Overview options are invoked by clicking on the corresponding button under Home The options are arranged under the following tab They are described in the upcoming section...

Page 39: ...e 2 3 1 Overview Feature The Overview tab looks like this There are four sections on this tab System Alerts System Summary One Click Lockdown Version Information They are described in the following 2...

Page 40: ...tab where you can configure the relevant settings as a measure against the problem that caused the alert So e g the warning There has been no Anti Virus update check for at least 3 days is followed b...

Page 41: ...n list Clicking on the links that are provided here e g on the Proactive Scanning Database link will take you to the corresponding Update Manager tabs where you can configure and manually perform upda...

Page 42: ...e policy that will be used under the emergency mode go to the Mapping Process section on the Web Mapping tab under User Manage ment Policy Management The default policy to be applied under the emergen...

Page 43: ...orresponding button un der Home The options are arranged under the following tab They are described in the upcoming section Support see 2 4 1 2 4 1 Support The Support tab looks like this There is one...

Page 44: ...formation on this page and complete the activities described there in order to get the support you require 2 5 TrustedSource The TrustedSource options are invoked by clicking on the corresponding but...

Page 45: ...dback Queue Spam False Negatives Feedback Queue Malware Feedback Queue URL Feedback They are described in the following Spam False Positives Feedback Queue The Spam False Positives Feedback Queue sect...

Page 46: ...ecting false positives since it will be cleared after e mails have been sent off To see the e mails that are in this queue click on the See Content of Queue link next to the drop down list Send interv...

Page 47: ...settings of this section click on Apply Changes to make these settings effective Use the following items to configure the false negatives feedback SMTP queue to use From this drop down list select an...

Page 48: ...at was classified as spam and contains an attachment where no virus was found will be copied to the malware queue and later be sent to Se cure Computing Small downloads will also be copied to this que...

Page 49: ...See Content of Queue link next to the drop down list On this page click on the button labeled Send All to SecureLabs now to send the e mails URL Feedback The URL Feedback section looks like this Using...

Page 50: ...mails will be sent automatically E mails can be sent manually however using the Queue Management page which is launched after clicking on the See Content of Queue link next to the drop down list On th...

Page 51: ...items when adding a media type Description Input in this field is optional You may enter a description of the media type here Add to Malware Feedback Media Type Black List After selecting a media typ...

Page 52: ...d Filter is applied to outbound user originating files via HTTP HTTPS and FTP Then click on Apply Changes to make these settings effective You can edit more than one entry and make the changes effecti...

Page 53: ...n the following Feedback E Mail Address The Feedback E Mail Address section looks like this Using this section you can send feedback concerning the Webwasher prod ucts to Secure Computing To send your...

Page 54: ...anet After successfully logging in there a Welcome Page is displayed On this page click on the option labeled Feedback system for URL Filter categorization Then follow the instructions given on the UR...

Page 55: ...are three sections on this tab General Documents Product Documents Reference Document They are described in the following General Documents The General Documents section looks like this This section...

Page 56: ...o view user documentation on individual Webwasher products To view any of the documents listed here click on the PDF link in the same line This will open a pdf format version of the document Reference...

Page 57: ...ents Special Environment Documents Appliance Documents They are described in the following Content Reporter Documents The Content Reporter Documents section looks like this This section allows you to...

Page 58: ...f the document Special Environment Documents The Special Environment Documents section looks like this This section allows you to view user documentation on setting up Webwasher or products running wi...

Page 59: ...ike this There is one section on this tab Release Notes It is described in the following Release Notes The Release Notes section looks like this This section allows you to view release notes and other...

Page 60: ...onding button under Home The options are arranged under the following tab They are described in the upcoming section Preferences see 2 7 1 2 7 1 Preferences The Preferences tab looks like this There a...

Page 61: ...ick on Apply Changes to make the new password effective Use the following input fields to change your password Current Password Enter your current Webwasher password here Password Enter the new passwo...

Page 62: ...checkbox is marked if you want to view the e mail related settings Show change warner dialog Make sure this checkbox is marked if you want the change warner dialog to appear whenever you are attemptin...

Page 63: ...is displayed where this administrator is allowed to modify access permissions In this case there are no such sessions because someone with an equal or higher seniority level i e you has already config...

Page 64: ...ccess Check this radio button to deny simultaneous access 2 8 License The License options are invoked by clicking on the corresponding button un der Home The options are arranged under the following t...

Page 65: ...formation The Information tab looks like this There are four sections on this tab License Information Webwasher End User License Agreement Import License Licensed Products They are described in the fo...

Page 66: ...ich the license is valid and other licensing issues Webwasher End User License Agreement The Webwasher End User License Agreement section looks like this This section allows you to view the most recen...

Page 67: ...ment link provided here 2 If you accept the agreement mark the checkbox labeled I have read This will turn the button saying You have to accept the EULA first into one saying Activate License 3 Click...

Page 68: ...stem Notifications Too Many Clients They are described in the following System Notifications The System Notifications section looks like this Using this section you can configure e mail notifications...

Page 69: ...ed Make sure the checkbox provided here is marked if you want to use this option The recipient of this notification will be the one entered in the Recipient input field above To configure the settings...

Page 70: ...be written to the system log Message text In this input field enter the message text The default text is d generated t by o You can use the variable log file parameters appearing in the default text...

Page 71: ...mon tab of the Web interface These are filtering features that are common to the SSL Scanner and other Webwasher products e g media type filters the document inspector the white list etc The upcoming...

Page 72: ...Filters see 3 3 Document Inspector see 3 4 Archive Handler see 3 5 Generic Header Filter see 3 6 Generic Body Filter see 3 7 Advertising Filters see 3 8 Privacy Filters see 3 9 Text Categorization see...

Page 73: ...t The Quick Snapshot for the common filtering functions is invoked by clicking on the corresponding button under Common The following tab is then provided It is described in the upcoming section Quick...

Page 74: ...on 3 2 1 Quick Snapshot The Quick Snapshot tab looks like this There are four sections on this tab Frequent Media Types by Hits Frequent Media Types by Volume Media Types by Hits Media Types by Volume...

Page 75: ...rcentages are calculated for the individual categories which are shown by means of a pie chart on the left side of the corresponding tab section On the right side of a section parameter values are sho...

Page 76: ...reset button After clicking on this button all values in a list are set to zero so the mea surement of values can start all over again A timestamp is also displayed indicating date and time of the la...

Page 77: ...text html text plain image jpeg etc Hits Number of times that this media type was processed by the Media Type Filter Media Types by Volume The Media Types by Hits section displays a list of the top m...

Page 78: ...on Apply Changes to make the modification effective These are policy dependent options i e they are configured for a particular policy When you are configuring these options you need to specify this...

Page 79: ...Common 3 3 1 Actions The Actions tab looks like this There are two sections on this tab Media Type Filter Web Upload Filter They are described in the following 3 9...

Page 80: ...n rich text enriched and tab separated values The actions that you configure here will be executed according to the result achieved by the Media Type Filter for a filtered object You can also configur...

Page 81: ...ing this section you can configure actions e g Block Block log and notify Allow etc for the Web Upload Filter This filter protects corporate privacy and sensitive data by filtering what em ployees sen...

Page 82: ...Mark this checkbox to forbid uploads of all FTP files Default action for unlisted media types Should this filter find a media type that is not currently listed in the Media Type White List or Black Li...

Page 83: ...Common 3 3 2 Media Type Black List The Media Type Black List tab looks like this There is one section on this tab Media Type Black List It is described in the following 3 13...

Page 84: ...sted from the drop down list provided here e g application ace Furthermore use the following items when adding a media type Description Input in this field is optional You may enter a description of t...

Page 85: ...row symbols To sort the list in ascending or descending order click on the symbol next to the Media Type or Description column heading To edit an entry type the appropriate text in the input field of...

Page 86: ...Common 3 3 3 Media Type White List The Media Type White List tab looks like this There is one section on this tab Media Type White List It is described in the following 3 16...

Page 87: ...m the drop down list provided here e g application ace Furthermore use the following items when adding a media type Description Input in this field is optional You may enter a description of the media...

Page 88: ...row symbols To sort the list in ascending or descending order click on the symbol next to the Media Type or Description column heading To edit an entry type the appropriate text in the input field of...

Page 89: ...ting of this checkbox click on Apply Changes to make the modification effective These are policy dependent options i e they are configured for a particular policy When you are configuring these option...

Page 90: ...ector The Document Inspector tab looks like this There are five sections on this tab Document Download Filter Document Upload Filter Document Mail Filter Document Types General Options They are descri...

Page 91: ...mbedded JavaScript This active content may be hostile rather than friendly so for full protection against files that are embedded into Microsoft Office PDF or open format doc uments you should use the...

Page 92: ...d communications protocol for applications These documents may contain active content Word Excel PowerPoint and Microsoft Open XML support ActiveX controls and macros while PDF and the Oasis Open Docu...

Page 93: ...and macros while PDF and the Oasis Open Document Format support embedded JavaScript This active content may be hostile rather than friendly so for full protection against files that are embedded in M...

Page 94: ...cations These documents may contain active content Word Excel PowerPoint and Microsoft Open XML support ActiveX controls and macros while PDF and the Oasis Open Document Format support embedded JavaSc...

Page 95: ...this Using this section you can configure filtering conditions and actions for office documents that will apply to all the filters made accessible over the other sec tions of this tab You can configu...

Page 96: ...lect actions for documents in Web and e mail traffic e g Block or Allow These actions will be executed if the Document Inspector library could not be loaded 3 5 Archive Handler The Archive Handler opt...

Page 97: ...tab They are described in the upcoming section Archive Handler see 3 5 1 3 5 1 Archive Handler The Archive Handler tab looks like this There are two sections on this tab Archive Handling Archive Handl...

Page 98: ...f a virus is contained within an archive that is compressed the virus cannot be detected and prevented from downloading The Archive Handler decompresses the members of an archive one by one and passes...

Page 99: ...ter options are invoked by clicking on the correspond ing button under Common If you want to enable any of these options mark the checkbox that is on this button Then click on Apply Changes to make th...

Page 100: ...Common 3 6 1 Generic Header Filter The Generic Header Filter tab looks like this There is one section on this tab Header Filter List It is described in the following 3 30...

Page 101: ...raffic For e mail traffic there are two options to choose from SMTP and Mail If SMTP is selected the configured settings will operate on the content of internal Webwasher headers such as X WW From X W...

Page 102: ...ges to make this setting effective These are policy dependent options i e they are configured for a particular policy When you are configuring these options you need to specify this policy To do this...

Page 103: ...Common 3 7 1 Generic Body Filter The Generic Body Filter tab looks like this There is this section on this tab Body Filter List It is described in the following 3 33...

Page 104: ...riginates from So you could use the Generic Body Filter e g to block Win32 executables When configuring the filter rules are set up of the following format If the 2nd byte of a file has the value of n...

Page 105: ...y filtering rule 3 8 Advertising Filters The Advertising Filters options are invoked by clicking on the corresponding button under Common If you want to enable any of these options mark the checkbox t...

Page 106: ...Common 3 8 1 Settings The Settings tab looks like this There are six sections on this tab Link Filter Dimension Filter Popup Filter Script Filter Animation Filter 3 36...

Page 107: ...he section heading is marked The checkbox is marked by default All content types are also included in the filtering by default After modifying any of these settings click on Apply Changes to make the...

Page 108: ......

Page 109: ...on Filter The Dimension Filter section looks like this Using this section you can configure a filter to eliminate banner ads and ob jects based on their size To add dimensions to the Dimension Filter...

Page 110: ...this option is enabled objects that have their dimensions not specified will be ignored Filter objects that are located on the same server If this option is enabled objects will also be filtered if t...

Page 111: ...Changes to make these settings effective Use the following checkboxes to configure script filtering Filter scripts that a Web page executes on loading If this option is enabled the filter will suppres...

Page 112: ...or any other setting in this section click on Apply Changes to make these settings effective Use the following radio buttons to configure animation filtering Animated images Use the radio buttons prov...

Page 113: ...replaced with some thing Then check the radio buttons below to specify with what they should be replaced a transparent image Enable this option to replace an animated image with a transparent image an...

Page 114: ...ter ing the same domain Enable this option to exclude objects within the same domain from fil tering Do not reduce filtered frame size Mark this checkbox to prevent filtered frame sizes from being red...

Page 115: ...some countries like Germany Sweden or Japan domain names with non ASCII characters are allowed The IDNA International Domain Names in Applications standard describes how a Web browser should convert s...

Page 116: ...is number the remaining entries are shown on successive pages A page indicator is then displayed where you can select a particular page by clicking on the appropriate arrow symbols To sort the list in...

Page 117: ...Common 3 8 3 Dimension Filter List The Dimension Filter List tab looks like this There is this one section on this tab Dimension Filter List It is described in the following 3 47...

Page 118: ...and plug ins To do this use the area labeled Add new dimension In the input field provided here enter a pair of pixel values to specify the height and width of an object that should be filtered e g 60...

Page 119: ...mber of entries is higher than this number the remaining entries are shown on successive pages A page indicator is then displayed where you can select a particular page by clicking on the appropriate...

Page 120: ...his setting effective These are policy dependent options i e they are configured for a particular policy When you are configuring these options you need to specify this policy To do this select a poli...

Page 121: ...e Settings tab looks like this There are four sections on this tab Web Bug Filter Referer Filter Prefix Filter Cookie Filter They are described in the following Web Bug Filter The Web Bug Filter secti...

Page 122: ...rer Filter section looks like this Using this section you can configure a filter to remove referer strings that report the last page visited by a user If you want to use this filter make sure the chec...

Page 123: ...Webmaster to track user movement through this Web site The information may be useful for adjusting or optimizing the nav igational structure of the site As well some services such as online banking ma...

Page 124: ...istinction between the good and thus necessary cookies and the bad cookies that invade privacy is carried out by Webwasher using an algorithm and the built in filter list depending on the URL of a coo...

Page 125: ...ishing the browser session Check this radio button to let neutral cookies expire when sessions are ended A pop up is a display area usually a small window that suddenly pops up in the foreground of th...

Page 126: ...Common 3 9 2 Cookie Filter List The Cookie Filter List tab looks like this There is one section on the tab Cookie Filter List It is described in the following 3 56...

Page 127: ...e the area labeled Add new cookie In the input field provided here enter the cookie Then classify it by checking of one of these three radio buttons good neutral bad The neutral button is checked by d...

Page 128: ...e changes effective in one go Use the following items to perform other activities relating to the list Filter Type a filter expression in this input field and enter it using the Enter key of your keyb...

Page 129: ...Type Filters button The options are arranged under the following tabs They are described in the upcoming sections Settings see 3 10 1 Categorization List see 3 10 2 3 10 1 Settings The Settings tab l...

Page 130: ...traffic A confidential category is provided here for a start Apart from this you can configure actions for up to six categories of your own The rules for the keywords and combinations that should be...

Page 131: ...Common 3 10 2 Categorization List The Categorization List tab looks like this There is one section on this tab Text Categorization List It is described in the following 3 61...

Page 132: ...keywords that should be filtered and add them to the Text Categorization List To add a text categorization rule to the list use the area labeled Add rule Use the following items to configure a rule an...

Page 133: ...ategorization rule click on this button to add it to the list This addition will be valid only under the policy you are currently con figuring To add a rule to the list for all policies mark the check...

Page 134: ...3 11 HTTP Method Filter List The HTTP Method Filter List options are invoked by clicking on the corre sponding button under Common If you want to enable any of these options mark the checkbox that is...

Page 135: ...Common 3 11 1 HTTP Method Filter List The HTTP Method Filter List tab looks like this There is one section on this tab HTTP Method Filter List It is described in the following 3 65...

Page 136: ...ify the URL it is applied to So you could set up a rule that e g categorizes the GET method when applied to a particular URL as Entertainment and blocks the corresponding request To add a rule to the...

Page 137: ...licies mark the checkbox labeled Add to all policies before clicking on the button The HTTP Method Filter List is displayed at the bottom of the section You can edit list entries change their order or...

Page 138: ...only entries matching the filter Move Up Move Down Select the entry you wish to move by marking the Select checkbox next to it and click on either of these buttons depending on where you want to move...

Page 139: ...m the drop down list labeled Policy which is lo cated above the Media Type Filters button The options are arranged under the following tab They are described in the upcoming section FTP Command Filter...

Page 140: ...could set up a rule that e g categorizes a Server Access command when applied to a particular URL as Chat and blocks the corresponding re quest Note however that rules are not configured here for ind...

Page 141: ...Common To add a rule to the list use the area labeled Add rule Use the following items to configure the rule Command category...

Page 142: ...lowing items to perform other activities relating to the list Filter Type a filtering term in the input field of the URL or Description column or in both or select a command URL filtering category or...

Page 143: ...to make this setting effective These are policy dependent options i e they are configured for a particular policy When you are configuring these options you need to specify this policy To do this sel...

Page 144: ...e Options Manipulate User History Upload They are described in the following Welcome Page Options The Welcome Page Options section looks like this Using this section you can configure options for the...

Page 145: ...ate User History The Manipulate User History section looks like this Using this section you can configure options for the Welcome Page with regard to an individual user You can configure that the Welc...

Page 146: ...wing items to handle the upload of a Welcome Page In this section you configure the actions that should be taken whenever the text categorization filter matches You can configure different actions for...

Page 147: ...here since the file name will be used that is in the archive Add or overwrite content To add the content of the uploaded file to the Welcome Page or have its content overwritten by the uploaded conten...

Page 148: ...ey are configured for a particular policy When you are configuring these options you need to specify this policy To do this select a policy from the drop down list labeled Policy which is lo cated abo...

Page 149: ...Common 3 14 1 White List The White List tab looks like this There is one section on this tab White List It is described in the following 3 79...

Page 150: ...s The objects can be specified using shell expressions Furthermore you can specify the type of object you would like to exclude from filtering e g Web E Mail Media Type etc To specify exactly what the...

Page 151: ...t in question from To do this mark the corresponding check boxes If you would e g like to allow pop up windows from an online banking Web site enter the domain name of the site in the input field prov...

Page 152: ...eld and enter it using the Enter key of your keyboard The list will then display only entries matching the filter Delete Selected Select the entry you wish to delete by marking the Select checkbox nex...

Page 153: ...utton under Common The options are arranged under the following tab They are described in the upcoming section User Defined Categories see 3 15 1 3 15 1 User Defined Categories The User Defined Catego...

Page 154: ...problems until the next OPTIONS request if they rely on previous OP TIONS responses The categories that you configure here will be shown on the Category Actions tab under URL Filter Category Actions...

Page 155: ...to use and the abbreviated formats of these names 3 16 Media Type Catalog The Media Type Catalog options are invoked by clicking on the correspond ing button under Common The options are arranged und...

Page 156: ...Common 3 16 1 Media Type Catalog The Media Type Catalog tab looks like this There is one section on this tab Media Type Catalog It is described in the following 3 86...

Page 157: ...alog section looks like this Using this section you can add a media type to the Media Type Catalog A media content type is a general category of data content such as an ap plication audio content a te...

Page 158: ...in question may have So e g the media type image jpeg can have jpg or jpeg as extensions Options Configure the following options by marking the checkboxes provided for each of them Magic bytes are nec...

Page 159: ...ct a particular page by clicking on the appropriate arrow symbols To view the details of an entry or modify them click on the view details or edit link in the same line This will display the informati...

Page 160: ......

Page 161: ...e Web interface These features allow you to configure the filtering of SSL encrypted traffic thus protecting your network against viruses and other malicious content that may be hidden behind the SSL...

Page 162: ...Encrypted Traffic see 4 4 Certificate List see 4 5 Trusted Certificate Authorities see 4 6 Global Certificate List see 4 7 Policy Independent Settings Global Trusted Certificate Authorities see 4 8 In...

Page 163: ...centages are shown by means of a pie chart on the left side of the tab section On the right side of the section parameter values are shown as they developed in time using either a stacked or a line mo...

Page 164: ...erification Overview section displays the number of times Webwasher has completed a verification process for a certificate The result of the process may be a blocking or an another action that has pre...

Page 165: ...could not be resolved CRL Match The certificate was found on a CRL Certificate Revocation List 4 3 Certificate Verification The Certificate Verification options are invoked by clicking on the corre sp...

Page 166: ...owing tab They are described in the upcoming section Certificate Verification see 4 3 1 4 3 1 Certificate Verification The Certificate Verification tab looks like this At the top of this tab there is...

Page 167: ......

Page 168: ...Certificate is revoked Checks if a certificate has been revoked For this purpose the Certificate Revocation List CRL is used If the certificate has been revoked the configured action will be executed...

Page 169: ...ons are arranged under the following tab They are described in the upcoming section Scan Encrypted Traffic see 4 4 1 4 4 1 Scan Encrypted Traffic The Scan Encrypted Traffic tab looks like this There a...

Page 170: ...specifying the appropriate information click on Apply Changes to make your settings effective Use the items in the following areas to configure tunneling by category Define for which categories sessi...

Page 171: ...ault If you want to enable it mark the checkbox next to the section heading After specifying the appropriate information click on Apply Changes to make your settings effective Use the following radio...

Page 172: ...ke this Using this section you can configure a decryption warning for HTTPS traffic It is inserted whenever a request to a domain without a path is made that involves this kind of traffic The warning...

Page 173: ...nges to make this setting effective These are policy dependent options i e they are configured for a particular policy When you are configuring these options you need to specify this policy To do this...

Page 174: ...n this tab Certificate List It is described in the following Certificate List The Certificate List section looks like this Using this section you can add new exceptions to the list of certificates You...

Page 175: ...the drop down list provided here For the meaning of these actions see the following table by certificate by host Allow The exception is allowed not available Block The exception is blocked The except...

Page 176: ...ssage will then be displayed stating if the exception has been added successfully and providing information on the result of the verification process If the by certificate method has been configured y...

Page 177: ...he filter Delete Selected Select the entry you wish to delete by marking the Select checkbox next to it and click on this button You can delete more than one entry in one go To delete all entries mark...

Page 178: ...rities link A click on this link will take you to the tab with the same name where you can add Certificate Authorities to the list or delete them Furthermore there are two sections on this tab Certifi...

Page 179: ...han three levels to a certificate chain The first known CA to be found in the verification process is then checked as to whether it is trusted or untrusted To be trusted a CA must be included in the l...

Page 180: ...he list at all certificates issued by it may be implicitly forbidden which is also indicated in status messages Note that besides this list which is configured only for a particular policy there is al...

Page 181: ...layed where you can select a particular page by clicking on the appropriate arrow symbols To sort the list in ascending or descending order click on the symbol next to the Certificate Authority column...

Page 182: ...ke sure the checkbox on this button is marked The checkbox is marked by default After modifying the setting of this checkbox click on Apply Changes to make the modification effective The options are a...

Page 183: ...an exception to the list use the area labeled Add new exception In the input field provided here enter the exception you want to add to the global certificate list https has been entered in this field...

Page 184: ...ost you are adding as an exception is decrypted and the exception is allowed by host Enabling the by host method means that the host is checked without a certificate being included in the verification...

Page 185: ...fy a depth 0 certificate and so on The newly added exception will be shown in a list displayed below To display only a particular number of list entries at a time type this number in the input field l...

Page 186: ...SSL Scanner The options are arranged under the following tab They are described in the upcoming section Global Trusted Certificate Authorities see 4 8 1 4 8 1 Global Trusted Certificate Authorities Th...

Page 187: ...ect a CA from the list of known CAs and add it to the list of trusted CAs use the area labeled Select CA Select the CA you want to add to the list of trusted CAs from the drop down list provided here...

Page 188: ...tive You can edit more than one list entry and make the changes effective in one go Use the following items to perform other activities relating to the list Filter Type a filter expression in this inp...

Page 189: ...ection Incident Manager see 4 9 1 4 9 1 Incident Manager The Incident Manager tab looks like this There is one section on this tab Incident Manager It is described in the following Incident Manager Th...

Page 190: ...ing buttons or For a description of this page see the next section Incident Management Using the Incident Management page you can inspect SSL incidents and add them either to the policy dependent or i...

Page 191: ...cy Policy belonging to the certificate list this incident is going to be added to Action Action configured for the policy and host certificate that will apply when the incident is added to a certifica...

Search results

Summary of Contents for SSL Scanner

Reviews:

Related manuals for SSL Scanner

Brands by name

Popular brands

Secure Computing SSL Scanner, User Manual

Search results

Summary of Contents for SSL Scanner

Reviews:

Related manuals for SSL Scanner

Brands by name

Popular brands