TREND MICRO
TM
InterScan
TM
Web Security Appliance 2500
Quick Start Guide
Quick Start Guide
7.
When prompted to
Enable TMCM?
, choose
Yes
if you are running Trend Micro Control
Manager version 3.0 with Service Pack 5 and want to manage the IWSA server with it.
Choose
No
if you are not using TMCM or have a different version.
To configure the TMCM connection, provide the IP address of the TMCM server and an
account name IWSA can use to log on to the TMCM server.
To activate the IWSA module(s):
1.
From the main IWSA menu, click
Administration > Product License
. The Product
License screen appears.
2.
Click the
Enter New Code
link for InterScan Web Security Appliance and then, in the
Enter A New Code screen that appears, type the Activation Code you received after registering.
3.
Click the
Activate
button. Scanning and/or content filtering automatically begins for
each module you activated.
3.
Hardware configuration is now complete. To test the hardware setup and complete the IWSA
configuration, relocate to a computer with access to the IWSA server and open a Web
browser. Enter the URL for the IWSA console:
http://[IP Address]:1812
Notes:
●
If the management IP is bound to a specific VLAN, the IWSA console will only be connected with this
specific VLAN tagged.
●
If IWSA and the client/server are on different network segments, or if there is a router/gateway
(not the default gateway) between IWSA and the client/server, configure static route settings
in the IWSA console. See the IWSA Solutions CD or online help for details.
Returning to the configuration menu...
After the initial configuration, you can re-enter the menu at any time:
1.
Press to open the menu, and then ▼.
2.
Choose
Configure Device
, and then press .
3.
Choose
Yes
to
Modify Settings?
, and then press to review or navigate through the settings.
a.
To fix an incorrect value, use ◄ to return to the error and then ▲ or ▼ to correct it.
b.
Press to navigate past the settings you do not want to change until you reach the
Save
changes?
prompt. Press to accept the changes.
IWSA contains three modules, two of which are optional. To begin scanning after installation,
each module must be individually activated.
●
InterScan Web Security Appliance (main program)
●
URL Filtering (optional, Web content control)
●
Malicious Mobile Code
(optional, protection against malicious JavaScript and ActiveX)
You must register IWSA to receive your Activation Code(s), which will be sent to the email
address specified during registration.
Upon activation, IWSA begins processing traffic using the following default settings:
●
Scans all HTTP and FTP uploads and downloads for viruses (does not scan HTTPS traffic)
●
Scans downloads/uploads of files not exceeding 2048MB (HTTP) and 1024MB (FTP)
●
Cleans infected files, deletes uncleanable ones (such as Trojans and worms), and skips
password-protected or encrypted files
●
Encrypts quarantined files
●
Does not scan traffic for spyware/grayware
●
Blocks access to known phish sites
●
Checks Web traffic for malicious JavaScript and ActiveX code
●
Identifies users by IP address in logs and reports
If you have cabled IWSA in your network to work with an HTTP proxy or ICAP server, you need
to configure the IWSA software to support that configuration before activating the product. Once
activated, IWSA will automatically begin to scan Web traffic using a default set of robust settings.
To modify the IWSA proxy mode:
1.
From the IWSA menu, click
HTTP > Configuration > Proxy Scan Settings
.
2.
Choose how you want IWSA to process traffic:
●
Network bridge
— IWSA acts as a network bridge, scanning all HTTP and FTP traffic routed through it.
●
HTPP proxy
— IWSA works with an upstream or downstream proxy server.
●
ICAP Server
— IWSA scans all Web traffic to and from the LAN as it is proxied by an ICAP
server (which then acts as a client) already on the network.
3.
The remaining options on the Proxy Scan Settings page are explained in the online help.
From any IWSA console screen, click the help icon in the upper right corner for information
on how (and why) to configure the rest of the settings on the page.
Item Code: IHEQ02872/60928
You can configure network settings using HyperTerminal or the LCD panel and navigation keys
on the front of the device.
To configure network settings using HyperTerminal:
1.
Check that the computer you are using for preconfiguration has HyperTerminal.
2.
Connect one end of the included console cable to the CONSOLE port on the back panel of the
device and the other end to the serial port (COM1, COM2 or other COM port) on a computer.
3.
Click
Start
>
Programs
>
Accessories
>
Communications
>
HyperTerminal
.
4.
Specify a name for the connection. In the next screen, specify the communications port where
the cable is connected.
5.
To prepare HyperTerminal for optimal use, set the following properties:
Bits per second: 115200
Data Bits: 8
Parity: None
Stop bits: 1
Flow control: None
Emulation: VT100 (You can set this value by selecting
File > Properties | Settings
tab.)
6.
Press
Enter
. The User name logon prompt displays.
7.
Type the default administrator user name and password.
User name: root
Password: iwsa
8.
Access the preconfiguration screen, and select
System Configuration
.
9.
Select
Configure Device Settings
, and then select
Change Device Network Settings
.
10.
Specify all the required network settings.
Note
: If IWSA will be deployed to an environment with a specific VLAN, the management IP
should be bound to the specific VLAN. Specify the VLAN ID to which the Management
IP address will bind. Consult the Administrator’s Guide for a discussion of the different
scenarios when deploying IWSA to a VLAN environment.
11.
Select
Back to Top
to save the settings.
To configure network settings using the LCD panel and navigation keys:
1.
With the IWSA server powered on, press any of the navigation buttons to enable the LCD.
2.
Press to see Configure Device.
3.
Press ▼ to move from "Go Back" to Configure Device,
and then press again.
4.
When prompted to
Modify Settings?
, press for
Yes
.
5.
Use the navigation buttons on the front of the IWSA server to assign an IP address and provide the other
required network settings.
●
Press ▲ or ▼ to navigate to the correct number
●
Press ▼ once to get the dot ( . ) used between numbers
●
Press ► to move to the next number
●
Press ◄ to erase a number
●
Press to accept the settings and move to the next
6.
Next, follow the same procedure to configure the following:
●
Host name (supports a-z, 0-9, - , and . )
●
Netmask, gateway, primary and secondary DNS
Configure the network settings
6
6
When powered on, IWSA begins proxying Web traffic as soon as the cables are connected.
Scanning will not begin, however, until you activate the IWSA software as explained in task 11.
To connect the IWSA server to your network:
1.
Connect an Ethernet cable to the internal IWSA port (port 1) and to the device from which IWSA will
receive Web traffic (such as a firewall).
2.
If you are setting up IWSA in bridge mode, use a second Ethernet cable to connect the device to which
IWSA will deliver scanned Web traffic (such as a proxy server) to the external IWSA port (port 2).
Connect IWSA to your network
7
7
To register IWSA and receive an Activation Code:
1.
Using a desktop or other machine with access to the Internet, enter the following URL in a
Web browser to access Online Registration:
https://olr.trendmicro.com/registration
Already registered
●
Enter your Logon ID and password if you already have a registration account, and follow the
on-screen instructions.
©2002 - 2006 by Trend Micro Incorporated. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval
system, or transmitted without the prior written consent of Trend Micro Incorporated. Trend Micro, InterScan, Control Manager, and the t-ball logo are
trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered
trademarks of their owners. Information contained in this document is subject to change without notice.
First visit
●
Choose your location and click
Continue
if you have previously registered with Trend Micro.
2.
In the Web page that appears, enter your Registration Key and click
Continue
.
3.
Select the product(s) that you will register and click
Continue
. IWSA includes basic scanning
(viruses, spyware, and other Internet threats), an optional Web filtering module, and optional
ActiveX and JavaScript protection.
4.
In the License Agreement screen that appears, select
I accept...
and then click
Submit
.
5.
Fill out the requested information and follow the on-screen instructions to complete the
process and receive your Activation Code online.
6.
Save the Activation Code or codes you receive.
Open the IWSA console from a desktop or laptop on the network that can access the IWSA
server (and is running Internet Explorer version 6.0 or later).
To open the IWSA console:
●
Enter the following URL in your Web browser’s address field:
http://[IP Address]:1812
To log on to the IWSA console:
●
In the
Password
field that appears, enter the following:
adminIWSS85
To change the default password:
●
From the main IWSA menu, click
Administration > Password
.
To enable virus pattern file and other updates, you need to access the Trend Micro Web site,
register IWSA, and activate it using the key you receive after registering.
Register IWSA
8
8
Log on and change the IWSA password
9
9
Specify the proxy mode
10
10
Activate IWSA and start scanning
11
11
Default scan settings
12
12
Trend Micro recommends that you update the IWSA pattern files, specify an email server and
address for automatic notifications (the default is “root”), and test your installation to confirm
that it works. Instructions for these and other important first-use tasks are described in the
online help.
●
Using HyperTerminal to access all the IWSA hardware settings, including the server password
●
Securing the IWSA console using HTTPS
●
Configuring notification messages
For additional Trend Micro recommendations, various best practices, tips on optimizing
performance, troubleshooting tips, and error messages see the online help and
Administrator’s Guide.
Test and finish setting up IWSA
13
13
Bridge Mode
From internal
network
To external
network
For updates and
system recovery
