M86 Security 700 User Manual Download

Page: 1 / 86

M86 Security Reporter

EVALUATION GUIDE

Models: 300, 500, 700, 705, 730, 735

Software Version: 3.0.00

Document Version: 10.30.10

Summary of Contents for 700

Page 1: ...M86 Security Reporter EVALUATION GUIDE Models 300 500 700 705 730 735 Software Version 3 0 00 Document Version 10 30 10...

Page 2: ...no warranties with respect to this documentation and disclaims any implied warranties of merchantability and fitness for a particular purpose M86 Security shall not be liable for any error or for inci...

Page 3: ...Summary Report 11 How to export a Summary Report 13 Use Drill Down Reports for an investigation 14 How to generate a Summary Drill Down Report 14 Summary Drill Down Report navigation 15 Count columns...

Page 4: ...eports only 33 For pie and bar charts only 33 Hide un Identified IPs checkbox 33 E Mail For e mail output only fields 34 Commonly used reports 35 How to generate a Sample Report 35 Report format 36 Ex...

Page 5: ...he right side of the panel 60 Step D Save the alert 60 SECTION 3 SECURITY REPORTS 61 Understand the most common and useful features 61 Use security reports for a view of network activity 61 How to mod...

Page 6: ...eduling the report 75 Method 1 Use the current report view 75 Method 2 Create a report using the Wizard 76 Step B Fill in the Report Details frame 76 Step C Include the users or group in the Users fra...

Page 7: ...his view can be memorized and saved to a user defined report menu for repetitive scheduled execution and distribution Web Filter logs provide content for dynamic real time graphical snapshots of netwo...

Page 8: ...Web Filter and or M86 Secure Web Gateway SWG appliance s must already be installed Either of these appli ances are required for this software release in order to send logs to the SR NOTE See the M86 W...

Page 9: ...icy After stepping through this section of the Evaluation Guide you will understand how to set up powerful reports that can be e mailed on a regular basis thus mini mizing the effort required for ongo...

Page 10: ...p reduces the time it takes to identify violations of this policy To create edit or delete a Custom Category Group navigate to Administration Custom Category Groups to display the Custom Category Grou...

Page 11: ...p is to create User Groups which are customized groupings of users that reside on the organization s network For example most enterprise customers prefer to set up user groups for each department with...

Page 12: ...one or more patterns in order to narrow the list of users to be included in the new group A pattern consists of a wildcard or a wildcard plus one or more alphanumeric characters 1 To add a pattern to...

Page 13: ...P and Ending IP range in the Starting IP and Ending IP fields below If necessary edits can be made to these fields To add an IP address range without selecting from the Parent Ranges frame a Enter the...

Page 14: ...splay in this list by using the Available Users Filter To use the Available Users Filter 1 Enter filter terms to narrow the selection of Available Users For example Type in 150 to only display results...

Page 15: ...threat For example if there is unusually high page count in the Pornography Adult Content category the administrator can drill down into the Category User section to determine who is viewing this mate...

Page 16: ...width Consumption for SWG only Bar chart depicting each top end user s total Mega Bytes for bandwidth requests Top 20 Users by Virus Hit Count for SWG only Bar chart report depicting each top end user...

Page 17: ...access more detailed information about specified end user activity How to generate a Summary Report 1 To generate a Summary Report go to the navigation panel and click Reports Summary Reports to disp...

Page 18: ...iew 4 To see details for the generated Summary Report view at the bottom of the report view click a Download Report option for PDF CSV or PNG to generate a report in the specified file format pdf csv...

Page 19: ...ed label The body of the pages following the first page of the bar or pie chart report includes the following information Top 20 Users by Blocked Request report User NAME and corresponding BLOCKED REQ...

Page 20: ...user activity IPs Includes Internet activity by user IP address Users Includes Internet activity by username Sites Includes activity on Web sites users accessed Category Groups Includes activity by Ca...

Page 21: ...formation on using the reporting elements described in this sub section 4 The drill down view can be exported saved and or scheduled to run at a spec ified time Summary Drill Down Report navigation Co...

Page 22: ...t but as a page since it comes from a different server By clicking the link in this column the detail report view displays data for all objects accessed including hyperlinks to those objects In the de...

Page 23: ...porting a report only selected records are included To de select a record click the checkbox to remove the check mark from that checkbox To de select all records click Uncheck All at the bottom of the...

Page 24: ...the suspected policy violator To generate a detail drill down report select the record and click the link in the Page Count column of the Summary Drill Down Report Detail Drill Down Report view Detai...

Page 25: ...e time the log file was created Content Displays criteria used for determining the categorization of the record or N A if unclassified Search String Displays the full search string the end user typed...

Page 26: ...g a suspected policy violator s Internet activity in the Detail Drill Down Report the administrator will have firm evidence on the user s intent which is critical forensic information to have in the e...

Page 27: ...thod the productivity Report Wizard How to use the Report Wizard for a single user report The Report Wizard option provides an intuitive setup process for generating custom reports for one time use or...

Page 28: ...e Includes viewed page results Specific User Detail by Object Includes viewed object results 2 Specify at least one of the following filters in the accordions at right to narrow your search for this e...

Page 29: ...y report specify the number of records to be returned in the results Sort by Select column by which the results will be sorted and displayed in the report Order For a detail report indicate whether re...

Page 30: ...ied IPs checkbox is de selected by default if the Hide Unidentified IPs checkbox is de selected in the Default Report Settings panel Output type Choose either E Mail As Attachment or E Mail As Link Fo...

Page 31: ...report Report Wizard s Schedule Report panel a Enter a Name for the event b Select the Report to Run from the list c Select the frequency When to Run from the pull down menu Daily Weekly or Monthly I...

Page 32: ...tries and to email the generated report to the designated recipient s After the report is emailed the Saved Reports panel displays if you need to run this report again or another report Saved Reports...

Page 33: ...eld pull down menu specify the amount of data to be exported For this exercise choose Only selected rows on this page Step C Export data via Email or PDF Download 1 Make selections and or entries in a...

Page 34: ...specified file format The view option lets you make any necessary adjustments to your report file settings prior to printing the report To print the report you must have a printer configured for your...

Page 35: ...columns may display with truncated text but an entire column can be viewed by mani pulating the column width in the generated report file These reports can then be printed at a smaller percentage tha...

Page 36: ...ick this radio button to only include the first set of records returned by the report query 3 Indicate the number of records to be included in a set by making an entry in the blank field represented h...

Page 37: ...are stored on the SR Yesterday This option generates the report view for yesterday only Month to Yesterday This option generates the report view for the range of days that includes the first day of th...

Page 38: ...ke a selection from the pull down menu for one of the available choices for which the summary report results will be limited Top Category Count Top IP Count Top User Count Top Site Count Top Page Coun...

Page 39: ...s Category Group or User Group pie chart or bar chart report and determines by which column the report will be sorted By default the field displays greyed out and becomes activated when a pie or bar c...

Page 40: ...ressee s Specify the following in the E Mail or For E Mail output only fields To Enter the email address of each intended report recipient separating each address by a comma and a space Subject Type i...

Page 41: ...s created 10 different sample report formats to help first time users understand the various types of reports available in the Security Reporter For purposes of this Evaluation Guide only three of the...

Page 42: ...ty Reporter and date range for today s date MM DD YYYY format report name description for that report type including the sort order and Page Count descending The body of the report contains rows of re...

Page 43: ...the categories in the M86 Security library This is a useful tool to quickly scan for excessive use of any category Sample Category Users report Sample Report 2 Top 20 Sites by User Site This report w...

Page 44: ...ple break report that shows all activity on the network broken out by category then user and then site This is a useful report if the administrator is looking for an all encompassing view of Internet...

Page 45: ...our organization s policies and prevent them from continuing to pursue such activities Monitor URL gauges When clicking Gauges in the navigation toolbar the URL Dashboard displays URL dashboard with U...

Page 46: ...of the gauge that is based upon the number of URL page hits see NOTE below that occur in this specific category in a given period of time NOTES In addition to page hits SR also counts blocked object...

Page 47: ...or can react quickly Step B Identify the source of a gauge s activity Each gauge is comprised of one or more gauge components derived from library categories in the Web Filter Sometimes end user activ...

Page 48: ...he Category View User panel showing a list of All Categories accessed by the selected end user for the gauge component View a list of Threats accessed by the user for that gauge Step D View URLs visit...

Page 49: ...by clicking the greyish white Back button at the bottom left of the panel Click the User Name link for that user to display the User Summary panel View the user s gauge activity in the User Summary p...

Page 50: ...o Reports URL Trend Charts to display the URL Trend Charts panel URL Trend Charts panel The pie trend chart is divided into pie slices named for each gauge in which there was activity The size of each...

Page 51: ...g that gauge s activity within the specified time period View activity for a specified gauge TIP You can also go to the bottom of the pie chart and click a tab for a gauge to access the line chart for...

Page 52: ...dle icon at the bottom of the gauge The gauge Trend Charts icon 2 The action of clicking the Trend Charts icon displays a pie Gauge Trend Chart for that gauge Gauge Trend Chart Note the pie slices in...

Page 53: ...urrent end user bandwidth activity on your network To display this panel first select Gauges and then click the Bandwidth tab above the Dashboard Bandwidth gauges Dashboard Default bandwidth gauges in...

Page 54: ...le showing all end user traffic for that protocol View bandwidth used by each end user for the protocol To the right of the User Name column are port numbers that comprise the protocol The number of b...

Page 55: ...idth protocol usage Step C View a user s port usage information Now drill down and view a user s port usage for a particular gauge In the Gauge Readings frame click the Gauge Name to activate the Cate...

Page 56: ...display the BandWidth Trend Charts panel BandWidth Trend Charts panel The pie trend chart is divided into pie slices named for each bandwidth gauge in which there was activity The size of each slice...

Page 57: ...gauge To learn more about the activity for a particular gauge click the pie slice for that gauge to view a line chart depicting that gauge s activity within the specified time period NOTE The score on...

Page 58: ...idth gauge In the bandwidth gauges Dashboard click the Trend Charts icon in the bottom middle of the gauge to display a pie trend chart for that gauge Bandwidth Gauge Trend Chart for a specified proto...

Page 59: ...ws you a list of users affecting URL gauges and Bandwidth gauges all in one panel This ranking table is accessed by navigating to Gauges Overall Ranking Overall Ranking table Note the URL frame to the...

Page 60: ...he panel by that name Select Add Edit Gauges By default the URL Gauges tab displays showing the list of URL gauges in the frame to the left If you wish to create a bandwidth gauge click the Bandwidth...

Page 61: ...he following entries selections in the Gauge Information frame at the left side of the panel Define Gauge Information and Gauge Components in the URL Gauge panel In the URL Gauge panel do the followin...

Page 62: ...Groups list box by selecting each cate gory and then clicking the add button Define Gauge Information and Gauge Components Step D Select users to be monitored by the gauge 1 Click the User Membership...

Page 63: ...time How to create an automated gauge alert This section will step you through the process of creating an automated threshold per user so you can be automatically notified via email and the violating...

Page 64: ...Select the Alerts option sample Alerts panel with Bandwidth Gauges tab selected 3 Choose the Gauge Name from the list in the left side of the panel and then click New Alert to display the next panel...

Page 65: ...heckbox is selected For a URL gauge a Low selection will lock out the user by the categories monitored by the specified URL gauge only For a bandwidth gauge a Low selection will lock out the user by t...

Page 66: ...hen an alert is triggered You can add multiple email addresses Specify email criteria sample Bandwidth Gauges panel For a URL gauge alert if a Low Lockout was specified click the Low Lockout Component...

Page 67: ...ith productivity reports security reports generated in the Security Reporter are easily customizable and can be saved exported or scheduled to run on a regular basis Use security reports for a view of...

Page 68: ...chart displays the name of the record along with the total hit count or bandwidth used in that record The Rule Transactions report also includes Actions and Policies information By default the bottom...

Page 69: ...Y REPORTS FOR A VIEW OF NETWORK ACTIVITY M86 SECURITY EVALUATION GUIDE 63 Click this icon to re display the top six graphs and table of records the default view Click this icon to display the table of...

Page 70: ...ustomized security report One method is by using the Report Settings Run feature and the other method is by generating a report view using the Report Wizard Step A Choose a Run option Option 1 Report...

Page 71: ...ull down menu Today default Month to Date Year to Date Yesterday Month to Yesterday Year to Yesterday Last Week Last Weekend Current Week Last Month Date Range If using the Report Settings Run feature...

Page 72: ...he end user IP address for filtering your results using the wildcard to return multiple IP addresses and then click Preview Users to display query results in the list box below For a Traffic Analysis...

Page 73: ...CUSTOMIZED SECURITY REPORT M86 SECURITY EVALUATION GUIDE 67 Step D Run the report Click Run to generate the security report view Generated Security Report view The report can now be exported by selec...

Page 74: ...he table and then clicking Export Selected Clicking either button opens the Export Report pop up window Export Report pop up window Step B Specify Break Type and URL limitation criteria 1 In the Expor...

Page 75: ...printed saved or emailed Option 2 Email the report To email the report 1 Enter at least one Email address and then click Add to include the email address in the list box below 2 Specify the Delivery...

Page 76: ...Generated by Filter information and Page number and page range The body of the first page of the report includes a bar chart showing the top six graphs with count indicators and the report name The bo...

Page 77: ...SECTION 3 SECURITY REPORTS CAPTURE THE SECURITY REPORT IN PDF FORMAT M86 SECURITY EVALUATION GUIDE 71 Sample PDF for Rule Transaction Security Report page 2...

Page 78: ...generated How to save a security report A security report can be saved only by using the Report Settings Save option Step A Select Report Settings Save option In the current security report view mous...

Page 79: ...top URLs to be exported Step C Select the users or group in the Users frame In the Users frame select one of the accordions and indicate criteria to include in the report to be generated By User Group...

Page 80: ...dress in the list box below 2 Specify the Delivery method for the email address To default Bcc or Cc 3 Type in the Subject for the email message 4 If you wish enter text to be included in the Body of...

Page 81: ...Security Report Wizard Using the former method saves several steps since the panel will be pre populated with data from the current report view How to use Wizard panels for scheduling reports Step A C...

Page 82: ...redefined Ranges If using the Report Wizard to generate and save a report this option is selected by default If choosing this option make a selec tion from the pull down menu Today default Month to Da...

Page 83: ...n the list box below For a Traffic Analysis or Rule Transactions report you can narrow your search result by including filters 1 Click Filters at the bottom right of the panel to display the filter re...

Page 84: ...cheduling 3 Select the frequency When to Run from the pull down menu Daily Weekly or Monthly If Weekly specify the Day of the Week from the pull down menu Sunday Saturday If Monthly specify the Day of...

Page 85: ...o display the Report Schedule panel Report Schedule panel In the Report Schedule panel reports scheduled to be run display as rows of records The following information is included for each record Name...

Page 86: ...the right of the table of report records View report schedule details The following information displays in this frame Name assigned to the scheduled event selected Report to Run interval When to Run...

Search results

Summary of Contents for 700

Reviews:

Related manuals for 700

Brands by name

Popular brands

M86 Security 700, Evaluation Manual

Search results

Summary of Contents for 700

Reviews:

Related manuals for 700

Brands by name

Popular brands