F-SECURE POLICY MANAGER 7.0 - Скачать руководство пользователя страница 88 | Manualshive

Страница: 88 / 241

background image

CHAPTER 6

88

Using F-Secure Policy Manager Console

Connection Properties

The link to the data repository is defined as the HTTP URL of the
F-Secure Policy Manager Server.

Figure 6-2 Connection Properties dialog

The

Name

field specifies what the connection will be called in the

Connection:

field in the login dialog. If the

Name

field is left empty, the

URL or the directory path is displayed.

Public Key File and Private Key File paths specify what management
key-pair to use for this connection. If the specified key files do not exist,
F-Secure Policy Manager Console will generate a new key-pair.

Communication Preferences

Select the

Communication

tab to customize communication settings. To

change polling intervals, click

Polling Period Options

.

Host connection status

controls when hosts are considered disconnected

from F-Secure Policy Manager. All hosts that have not contacted
F-Secure Policy Manager Server within the defined interval are
considered disconnected. The disconnected hosts will have a notification

«
...
86
87
88
89
90
...
»

Содержание POLICY MANAGER 7.0 -

Страница 1: ...F Secure Policy Manager 7 0 Administrator s Guide...

Страница 2: ...Corporation will not be liable for any errors or omission of facts contained herein F Secure Corporation reserves the right to modify specifications cited in this document without prior notice Compani...

Страница 3: ...18 1 3 Features 19 1 4 Policy Based Management 20 1 4 1 Management Information Base 22 Chapter 2 System Requirements 24 2 1 F Secure Policy Manager Server 25 2 2 F Secure Policy Manager Console 27 Cha...

Страница 4: ...tion Steps 65 5 3 Uninstalling F Secure Policy Manager Console 83 Chapter 6 Using F Secure Policy Manager Console 84 6 1 Overview 85 6 2 F Secure Policy Manager Console Basics 86 6 2 1 Logging In 87 6...

Страница 5: ...ector Pane 146 6 9 3 Report Pane 147 6 9 4 Bottom Pane 148 6 10 Preferences 149 6 10 1 Connection Specific Preferences 150 6 10 2 Shared Preferences 153 Chapter 7 Maintaining F Secure Policy Manager S...

Страница 6: ...tic Update Agent 179 9 5 Frequently Asked Questions 179 Chapter 10 Web Reporting 184 10 1 Overview 185 10 2 Introduction 185 10 3 Web Reporting Client System Requirements 186 10 4 Generating and Viewi...

Страница 7: ...icy Distribution 209 Appendix A SNMP Support 211 A 1 Overview 212 A 1 1 SNMP Support for F Secure Management Agent 212 A 2 Installing F Secure Management Agent with SNMP Support 213 A 2 1 F Secure SNM...

Страница 8: ...Overview 229 Technical Support 231 Overview 232 Web Club 232 Virus Descriptions on the Web 232 Advanced Technical Support 232 F Secure Technical Product Training 233 Training Program 233 Contact Infor...

Страница 9: ...9 ABOUT THIS GUIDE Overview 10 How This Guide is Organized 11...

Страница 10: ...cy Manager provides tools for administering the following F Secure software products F Secure Client Security F Secure Internet Gatekeeper F Secure VPN F Secure Anti Virus for Workstations Firewalls F...

Страница 11: ...Console Covers the installation of F Secure Policy Manager Console applications on the administrator s workstation Chapter 6 Using F Secure Policy Manager Console Includes an overview setup procedures...

Страница 12: ...he most common error codes and messages that can occur during the Autodiscover Windows Hosts operation Appendix D Remote Installation Support for Windows 98 ME Offers information on requirements for W...

Страница 13: ...s black is used for file and folder names for figure and table captions and for directory tree names Courier New is used for messages on your computer screen WARNING The warning symbol indicates a sit...

Страница 14: ...used for online viewing and printing using Adobe Acrobat Reader When printing the manual please print the entire manual including the copyright and disclaimer statements For More Information Visit F...

Страница 15: ...15 1 INTRODUCTION Overview 16 Installation Order 18 Features 19 Policy Based Management 20...

Страница 16: ...buted mobile workforce F Secure Policy Manager is comprised of F Secure Policy Manager Console and F Secure Policy Manager Server They are seamlessly integrated with the F Secure Management Agent that...

Страница 17: ...cure Policy Manager Reporting Option allows users to generate reports concerning the data from the Communication Directory in F Secure Policy Manager Server by using XSL templates which are like prede...

Страница 18: ...Secure VPN 1 2 Installation Order To install F Secure Policy Manager please follow this installation order unless you are installing F Secure Policy Manager Server and F Secure Policy Manager Console...

Страница 19: ...automatically pushed by F Secure Automatic Update Agent or voluntarily pulled from the F Secure website F Secure Policy Manager Console can be used to export pre configured installation packages which...

Страница 20: ...mum control of security in a corporate environment Policy based management implements many functions Remotely controlling and monitoring the behavior of the products Monitoring statistics provided by...

Страница 21: ...ific host With domain level policies a group of hosts may share the same file A Base Policy file is signed by F Secure Policy Manager Console protecting the file against changes while it is passing th...

Страница 22: ...the manner of an SNMP The managed products must operate within the limits specified here Statistics Delivers product statistics to F Secure Policy Manager Console Operations Operations are handled wit...

Страница 23: ...te administration process etc The following types of traps are sent by most of the F Secure products Info Normal operating information from a host Warning A warning from the host Error A recoverable e...

Страница 24: ...24 2 SYSTEM REQUIREMENTS F Secure Policy Manager Server 25 F Secure Policy Manager Console 27...

Страница 25: ...0 Advanced Server SP 3or higher Windows Server 2003 Standard Edition or Web Edition Windows 2003 Small Business Server Linux Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 3 SUSE Linux 10 0 SUSE...

Страница 26: ...e requirements depend on the size of the installation In addition to this it is recommended to allocate about 1 MB per host for alerts and policies The actual disk space consumption per host is hard t...

Страница 27: ...P3 or higher Windows XP Professional SP2 or higher Windows Server 2003 Standard Edition or Web Edition Windows 2003 Small Business Server Linux Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 3 SU...

Страница 28: ...color display with resolution of 1024x768 32 bit color with 1280x960 or higher resolution recommended Network Ethernet network interface or equivalent 10 Mbit network between console and server is rec...

Страница 29: ...29 3 INSTALLING F SECURE POLICY MANAGER SERVER Overview 30 Security Issues 31 Installation Steps 37 Uninstalling F Secure Policy Manager Server 58...

Страница 30: ...atus information and alerts sent by the managed hosts Communication between F Secure Policy Manager Server and other components can be achieved through the standard HTTP protocol which ensures trouble...

Страница 31: ...packages The Web Reporting component stores statistics and historical trend data about the hosts 3 2 Security Issues F Secure Policy Manager Server utilizes Apache Web Server technology and even thou...

Страница 32: ...licy data More importantly it is impossible to deploy unauthorized changes to managed hosts Both these features rely on a management key pair that is available to administrators only These features ba...

Страница 33: ...e is no way to distribute the changes to managed hosts without the correct original key pair Both of these features may be undesirable in a high security environment where even seeing the management d...

Страница 34: ...ccess from the server machine Allow from 10 128 129 209 Allow access from Administrator s workstation SetHandler fsmsa handler Location VirtualHost After this only the person who has access to the mac...

Страница 35: ...ion scenarios for high security environments 1 Access to Web Reports is limited to localhost only during the installation After this only the person who has physical access to the localhost can use F...

Страница 36: ...t ajp13 ErrorDocument 500 Policy Manager Web Reporting could not be contacted by the Policy Manager Server Location Order Deny Allow Deny from all First deny all Allow from 127 0 0 1 Then allow access...

Страница 37: ...t the F Secure CD in your CD ROM drive 2 Select Corporate Use Click Next to continue 3 Go to the Install or Update Managed Software menu and select F Secure Policy Manager Step 2 Setup begins View the...

Страница 38: ...CHAPTER3 38 Installing F Secure Policy Manager Server Step 3 Read the license agreement information If you agree select I accept this agreement Click Next to continue...

Страница 39: ...the same computer is allowed access to F Secure Policy Manager Server Access to Web Reports is allowed also from other computers Custom This is the default recommended option that lets you specify fo...

Страница 40: ...ect the following components F Secure Policy Manager Server F Secure Policy Manager Update Server Agent automate virus definition database updates F Secure Installation Packages select this option if...

Страница 41: ...tallation directory If you want to install F Secure Policy Manager Server in a different directory you can use the Browse feature WARNING If you have F Secure Management Agent installed in the same ma...

Страница 42: ...munication Directory commdir directory under F Secure Policy Manager Server installation directory and this will be the directory that F Secure Policy Manager Server will use as a repository You can u...

Страница 43: ...figuration file HTTPD conf This option automatically keeps the existing administration host and web reporting ports If you want to change the ports from the previous installation select the Change set...

Страница 44: ...SH or F Secure VPN Web Reporting module is used for communication with F Secure Policy Manager Web Reporting Select whether it should be enabled Web Reporting uses a local socket connection to the Adm...

Страница 45: ...45 Click Next to continue...

Страница 46: ...Installing F Secure Policy Manager Server Step 10 Select to add product installation package s from the list of available packages if you selected F Secure Installation Packages in Step 4 on page 17...

Страница 47: ...47 Step 11 Setup displays the components that will be installed Click Next...

Страница 48: ...CHAPTER3 48 Installing F Secure Policy Manager Server Step 12 When the setup is completed the setup shows whether all components were installed successfully...

Страница 49: ...49 Step 13 F Secure Policy Manager Server is now installed Restart the computer if you are prompted to do so Click Finish to complete the installation...

Страница 50: ...alhost 80 if you used the default port number during the installation and press ENTER If the server installation was successful the following page will be displayed The F Secure Policy Manager Server...

Страница 51: ...path 2 Stop the F Secure Policy Manager Server service 3 Copy the whole directory structure from the old commdir path to the new path 4 Change the value for the CommDir and CommDir2 directives in htt...

Страница 52: ...tens in port 80 You can however define what ports they should listen in if the defaults are not suitable If you want to change the port in which F Secure Policy Manager Server Admin Module listens add...

Страница 53: ...er Configuration Settings This section introduces and explains all the relevant entries present in the F Secure Policy Manager Server configuration file and how they are used ServerRoot This directive...

Страница 54: ...n an absolute path It defines the directory that everyone will be able to access so don t use a path to a directory with sensitive data By default F Secure Policy Manager Server allocates a directory...

Страница 55: ...msa fsmsa dll SetHandler fsmsa handler Location VirtualHost Commdir and Commdir2 These directives define the path to the communication directory or repository This is the directory where F Secure Poli...

Страница 56: ...0 x86 mod_gzip DECHUNK DECLINED TOO_SMALL CR 0pct 10 128 131 224 18 Apr 2002 14 06 36 0300 tells you when the request to the server was made and by which host described by its IP address The fxnext co...

Страница 57: ...a log should be kept 8 days by default and when the files should be rotated e g when the access log is named access log 1 and a new empty access log file is created where the new requests will be log...

Страница 58: ...nents accessing the communication directory concurrently e g F Secure Management Agent RetryFileOperation 10 This setting tells the server how many times it should retry a failed file operation with a...

Страница 59: ...Secure Uninstall dialog box appears Click Start to begin uninstallation 4 When the uninstallation is complete click Close 5 Click OK to exit Add Remove Programs 6 Reboot your computer for changes to t...

Страница 60: ...60 4 COMMDIR MIGRATION Introduction 61 Instructions 61...

Страница 61: ...Step 1 Back Up the Existing System 1 Before you start the back up procedure make sure that F Secure Policy Manager Console is not running 2 Backup the management keys admin pub and admin prv and the e...

Страница 62: ...Connect the F Secure Policy Manager Console to the new F Secure Policy Manager Server 2 Configure the correct F Secure Policy Manager Server address to use Select the Settings tab and open the Centra...

Страница 63: ...ger Server in format http IP address 3 Distribute the policies to the whole managed domain 4 Close F Secure Policy Manager Console Step 5 Wait for the Migration to Complete Wait long enough over a wee...

Страница 64: ...64 5 INSTALLING F SECURE POLICY MANAGER CONSOLE Overview 65 Installation Steps 65 Uninstalling F Secure Policy Manager Console 83...

Страница 65: ...ministrator and Read Only connections The following sections explain how to run the F Secure Policy Manager Console setup from the F Secure CD and how to select the initial operation mode when the con...

Страница 66: ...CHAPTER5 66 Installing F Secure Policy Manager Console Step 2 View the Welcome screen and follow the setup instructions Select the installation language from the drop down menu Click Next to continue...

Страница 67: ...67 Step 3 Read the license agreement information If you agree select I accept this agreement Click Next to continue...

Страница 68: ...Policy Manager Console installed on the same computer is allowed access to F Secure Policy Manager Server Access to Web Reports is allowed also from other computers Custom Select this option that let...

Страница 69: ...69 Step 5 Select the following components to be installed F Secure Policy Manager Console F Secure VPN Certificate Wizard optional required only for F Secure VPN management Click Next to continue...

Страница 70: ...cure Policy Manager Console Step 6 Choose the destination folder Click Next It is recommended to use the default installation directory Use the Browse feature to install F Secure Policy Manager Consol...

Страница 71: ...71 Step 7 Specify F Secure Policy Manager Server address and Administration port number Click Next to continue...

Страница 72: ...CHAPTER5 72 Installing F Secure Policy Manager Console Step 8 Review the changes that setup is about to make Click Next to continue...

Страница 73: ...r Console for the first time immediately after the CD setup has been run It is important to run the console after the setup because some connection properties will be collected during the initial cons...

Страница 74: ...ole F Secure Policy Manager Console When F Secure Policy Manager Console is run for the first time the Console Setup Wizard collects the information needed to create an initial connection to the serve...

Страница 75: ...dministrator features Read Only mode allows you to view administrator data but no changes can be made If you select Read only mode you will not be able to administer hosts To change to Administrator m...

Страница 76: ...CHAPTER5 76 Installing F Secure Policy Manager Console Step 12 Enter the address of the F Secure Policy Manager Server that is used for communicating with the managed hosts...

Страница 77: ...private key files will be stored By default key files are stored in the F Secure Policy Manager Console installation directory Program Files F Secure Administrator Click Next to continue If the key pa...

Страница 78: ...window to initialize the random seed used by the management key pair generator Using the path of the mouse movement ensures that the seed number for the key pair generation algorithm has enough rando...

Страница 79: ...79 Step 15 Enter a passphrase which will secure your private management key Re enter your passphrase in the Confirm Passphrase field Click Next...

Страница 80: ...CHAPTER5 80 Installing F Secure Policy Manager Console Step 16 Click Finish to complete the setup process F Secure Policy Manager Console will generate the management key pair...

Страница 81: ...81 After the key pair is generated F Secure Policy Manager Console will start...

Страница 82: ...e Admin pub key file or access to it If you install the F Secure products on the workstations remotely with F Secure Policy Manager a copy of the Admin pub key file is installed automatically on them...

Страница 83: ...sts Changing the Web Browser Path The F Secure Policy Manager Console acquires the file path to the default Web browser during setup If you want to change the Web browser path open the Tools menu and...

Страница 84: ...ew 85 F Secure Policy Manager Console Basics 86 F Secure Client Security Management 104 Managing Domains and Hosts 104 Software Distribution 115 Managing Policies 134 Managing Operations and Tasks 140...

Страница 85: ...osts under policy domains sharing common attribute values Manage host and domain hierarchies easily Generate signed policy definitions which include attribute values and restrictions Display status Ha...

Страница 86: ...e properties because its installation is user based and modifications cannot affect other users The user cannot do any of the following in Read only mode Modify the domain structure or the properties...

Страница 87: ...lled the program This is not your network administrator password You can start the program in Read Only mode in which case you do not need to enter a passphrase In this case however you will not be al...

Страница 88: ...and Private Key File paths specify what management key pair to use for this connection If the specified key files do not exist F Secure Policy Manager Console will generate a new key pair Communicatio...

Страница 89: ...s less than one day are normally useful only for trouble shooting purposes because in a typical environment some hosts are naturally disconnected from the server every now and then For example laptop...

Страница 90: ...riods dialog See Preferences 149 for more information about other connection specific settings After F Secure Policy Manager Console startup these settings can be edited normally from the Preferences...

Страница 91: ...on the toolbar A new policy domain can be created only when a parent domain is selected Add a new host click the icon Find a host View the properties of a domain or host All hosts and domains should b...

Страница 92: ...tab allows you to use the Product View pane to define settings restrictions and operations for domains or hosts These changes become effective after the policy has been distributed and the Agent has f...

Страница 93: ...alert are displayed in the Product View pane Reports When a report is selected in the Reports tab details of the report are displayed in the Product View pane Installation In the Product View pane you...

Страница 94: ...he Properties Pane F Secure Policy Manager Console will render a Product View in the Product View Pane for your selected product and contains the most commonly used settings and the most often needed...

Страница 95: ...Menu for Policy Settings Most editor fields in the Product View include a context menu activated by right clicking your mouse The context menu contains the following options Go To Clear Value Force Va...

Страница 96: ...ble only if there is a value defined for the currently defined domain or host Force Value This Force Value menu item is available only when a Policy Domain is selected You can enforce the current doma...

Страница 97: ...ab will show the domain level status overview number of hosts in the domain and list of disconnected hosts Figure 6 9 Status tab Click any disconnected host to quickly change the policy domain selecti...

Страница 98: ...ost tree root node context menu Figure 6 10 An example of shortcuts available in the Domain Status View WARNING Deleting all disconnected hosts is potentially a dangerous operation as it is possible t...

Страница 99: ...ou can delete a category in the displayed context menu by right clicking on a tab By right clicking on an individual message a context menu is displayed with cut copy and delete operations By default...

Страница 100: ...host in the domain tree selection history Go to the next domain or host in the domain tree selection history Go to the parent domain Cuts a host or domain Pastes a host or domain Adds a domain to the...

Страница 101: ...domain Green signifies that the host has sent an autoregistration request Displays available installation packages Updates the virus definition database Displays all alerts The icon is highlighted if...

Страница 102: ...olicy files Exit Exits F Secure Policy Manager Console Edit Cut Cuts selected items Paste Pastes items to selected location Delete Deletes selected items New Policy Domain Adds a new domain New Host A...

Страница 103: ...which is the user interface described in this manual Anti Virus Mode Changes to the Anti Virus mode user interface which is optimized for managing centrally F Secure Client Security Refresh Item Manu...

Страница 104: ...Client Security Administrator s Guide 6 4 Managing Domains and Hosts If you want to use different security policies for different types of hosts laptops desktops servers for users in different parts o...

Страница 105: ...n first and create the domain structure later when the need for that arises The hosts can then be cut and pasted to the new domains Figure 6 12 An example of a policy domain structure All domains and...

Страница 106: ...Security 7 x installed into another domain 6 4 1 Adding Policy Domains Figure 6 14 An example of a policy domain with sub domains From the Edit menu select New Policy Domain a parent domain must be s...

Страница 107: ...ain select the target domain and choose Autodiscover Windows hosts from the Edit menu After the autodiscover operation is completed the new host is automatically added to the Policy Domain tree For mo...

Страница 108: ...allation package during installation see step 6 in Using the Customized Remote Installation JAR Package 129 section It is possible to sort autoregistration messages according to the values of any colu...

Страница 109: ...window You can use the following as import criteria in the rules WINS name DNS name Dynamic DNS name Custom Properties These support asterisk as a wildcard can replace any number of characters For ex...

Страница 110: ...property names that are hidden are remembered only until the Console is closed To add a new custom property do as follows 1 Right click a column heading and select Add New Custom Property The New Cust...

Страница 111: ...the Add Host button alternatively press Insert This operation is useful in the following cases Learning and testing You can try out a subset of F Secure Policy Manager Console features without actual...

Страница 112: ...erties clear the Autoupdate Properties check box in the Identities tab of the Host Properties dialog box You can open the Host Properties dialog box by choosing Properties from the Edit menu or by cli...

Страница 113: ...he properties Platform name is the name of the operating system The operating system version numbers are the following An alias for the host can be defined in the Miscellaneous tab If an alias is defi...

Страница 114: ...he Initialize from Status Information check box is selected VPN properties are initialized using the status information sent by the host The following initializations are done If the VPN Identity Type...

Страница 115: ...ages pane of F Secure Policy Manager Console The main difference between autoupdate and automatic initialization is that automatic initialization occurs only once Autoupdate will always update propert...

Страница 116: ...command from the Edit menu in F Secure Policy Manager Console Local Installation and Updates with pre configured packages Instead of using the standard CD ROM setup you can use F Secure Policy Manage...

Страница 117: ...et hosts are selected Autodiscover browses the Windows domains and user can select the target hosts from a list of hosts Push Install to Windows Hosts allows you to define the target hosts directly wi...

Страница 118: ...ck the button 3 From the NT Domains list select one of the domains and click Refresh The host list is updated only when you click Refresh Otherwise cached information is displayed for performance reas...

Страница 119: ...selected by holding down the shift key and doing one of the following clicking the mouse on multiple host rows dragging the mouse over several host rows using the up or down arrow keys Alternatively y...

Страница 120: ...er the target host names of those hosts to which you want to push install and click Next to continue You can click Browse to check the F Secure Management Agent version s on the host s 4 After you hav...

Страница 121: ...e to force reinstallation if applications with the same version number already exist Click Next to continue 3 Choose to accept the default policy or specify which host or domain policy should be used...

Страница 122: ...et host Another Account Enter account and password The administrator can enter any proper Domain Administrator account and password to easily complete the remote installation on selected hosts When co...

Страница 123: ...domain the new hosts should be placed using the import settings Click Finish F Secure Policy Manager Console will place the new hosts in the domain that you selected in Step 1 unless you specified an...

Страница 124: ...ure Management Agent fetches the installation package specified in the task parameters from the server and starts installation program When the installation is complete F Secure Management Agent sends...

Страница 125: ...tion package Installed Version Version number of the product If there are multiple versions of the product installed all version numbers will be displayed For hosts this is always a single version num...

Страница 126: ...r failure Failed The installation or uninstallation operation failed Click the button in the Progress field for detailed status information Completed The installation or uninstallation operation succe...

Страница 127: ...eration In any case it is possible to remove the installation operation from the policy by clicking Stop All This will cancel the installation operations defined for the selected policy domain or host...

Страница 128: ...ement Agent no statistical information will be sent stating that the uninstallation was successful because F Secure Management Agent has been removed and is unable to send any information For example...

Страница 129: ...is explained below You can select the file format for the customized package in the Export Installation Package dialog see step 4 below Login Script on Windows Platforms There are three ways of doing...

Страница 130: ...as an anonymous policy Click Next to continue 7 Select the installation type The default Centrally managed installation is recommended You can also prepare a package for a stand alone host 8 It is pos...

Страница 131: ...iew and after that the hosts from another unit can be imported to their target domain 9 A summary page shows your choices for the installation Review the summary and click Start to continue to the ins...

Страница 132: ...es are displayed even when a fatal error occurs F Forced installation Completes the installation even if F Secure Management Agent is already installed Enter ILAUNCHR at the command line to display co...

Страница 133: ...initial installation package must be transferred to F Secure Policy Manager Server The installation packages are available from two sources The installation CD ROM or The F Secure website Normally ne...

Страница 134: ...IP address Counter incrementing integer Gauge non wrapping integer TimeTicks elapsed time units measured in 1 100s of a second Octet String binary data this type is also used in UNICODE text strings O...

Страница 135: ...values from which the user can choose Additionally the administrator can restrict integer type variables Integer Counter and Gauge to a range of acceptable values An additional restriction the FIXED...

Страница 136: ...icy configuration if needed 6 6 4 Distributing Policy Files After you have finished configuring domains and hosts you must distribute the new configurations to the hosts To do this click in the toolba...

Страница 137: ...fining of a common policy The policy can be further refined for subdomains or even individual hosts The granularity of policy definitions can vary considerably among installations Some administrators...

Страница 138: ...or host values need to be reset to the current domain values the Force Value operation can be used to clean the sub domain and host values You can also use the Reporting Tool to create Inheritance Re...

Страница 139: ...Secure Internet Shield Rules table F Secure Internet Shield Services table F Secure VPN Connections table Please refer to the corresponding product manuals for more information about table behavior i...

Страница 140: ...n the Policy tab of the Properties pane 2 The following pane appears in the Product View pane Click Start to start the selected operation 3 The operation begins on the host as soon as you have distrib...

Страница 141: ...eceived will be displayed in the following format Ack Click the Ack button to acknowledge an alert If all the alerts are acknowledged the Ack button will be dimmed Severity The problem s severity Each...

Страница 142: ...tab in the Properties pane or choose Messages from the Product View menu The Reports tab has the same structure as the Alerts tab Alerts tables and Reports tables can be sorted by clicking on the col...

Страница 143: ...an be F Secure Policy Manager Console the local user interface an alert agent such as the Event Viewer a log file or SMTP or a management extension The Alert Forwarding table has its own set of defaul...

Страница 144: ...example Settings Alerting F Secure Policy Manager Console Retry Send Interval specifies how often a host will attempt to send alerts to F Secure Policy Manager Console when previous attempts have fai...

Страница 145: ...t the domains and or hosts you are interested in from the reporting point of view The domain selected in the Policy Domain pane is selected by default in the Reporting tool By selecting the Recursive...

Страница 146: ...heck box if inheritance information is to be included in the report Inheritance Report Type Export view reports containing values of all policy variables of the selected products from the selected dom...

Страница 147: ...hich information is included to the report to be made Alert report type dependent configurations allows you to sort alerts by all the alert description fields and select by severity which severity ale...

Страница 148: ...og that appears Viewing the Report Click View in the bottom pane to generate a report of the selected report type with selected configurations The report is then viewed in HTML format with default the...

Страница 149: ...149 Figure 6 28 Saving and Exporting a Report 6 10 Preferences Preference settings are either shared or applied to the specific connection...

Страница 150: ...nected hosts will have a notification icon in the domain tree and they will appear in the Disconnected Hosts list in the Domain status view The domain tree notification icons can be switched off from...

Страница 151: ...us polling If necessary you can disable the automatic status polling To do this open the Tools menu and select Preferences Select the Communications tab and click Polling Period options Check the Disa...

Страница 152: ...hese comments are used to make the file more understandable by the users if they want to read the values directly from the file These settings are normally used only for debugging purposes and both in...

Страница 153: ...can choose to display the progress indicator to end users during remote installation Tab Setting Meaning Appearance General Options Language Language selection You can select the local language of yo...

Страница 154: ...space Location Web Club Area Choose your location to connect to the F Secure web server closest to you HTML Browser Path The full path to the HTML browser s executable file The browser is utilized for...

Страница 155: ...155 7 MAINTAINING F SECURE POLICY MANAGER SERVER Overview 156 Backing Up Restoring F Secure Policy Manager Console Data 156 Replicating Software Using Image Files 159...

Страница 156: ...ctory contains both the policy domain structure and all saved policy data It is also possible to back up the entire repository By doing so you will be able to restore not only the policy domain struct...

Страница 157: ...rver s repository Commdir Full Backup 1 Close all F Secure Policy Manager Console management sessions 2 Stop F Secure Policy Manager Server service 3 Back up the Communication Directory 4 Back up the...

Страница 158: ...If you backed up the full content of the communication directory and Console information such as keys and preferences Full Backup restore it as follows 1 Close all F Secure Policy Manager Console man...

Страница 159: ...disk image software is used to install new computers This situation will prevent F Secure Policy Manager from functioning properly Please follow these steps to make sure that each computer uses a per...

Страница 160: ...nique ID in the F Secure Anti Virus installation A new Unique ID is created automatically when the system is restarted This will happen individually on each machine where the image file is installed T...

Страница 161: ...NITION DATABASES Automatic Updates with F Secure Automatic Update Agent 162 Using the Automatic Update Agent 164 Forcing the Update Agent to Check for New Updates Immediately 169 Updating the Database...

Страница 162: ...e agent also downloads Virus News Downloading these can be disabled if so desired You may install and use F Secure Automatic Update Agent in conjunction with licensed F Secure Anti Virus and security...

Страница 163: ...figured to use HTTP Proxy it tries to download the updates through the HTTP Proxy from F Secure Update Server f After that the client tries to download the updates directly from F Secure Update Server...

Страница 164: ...ication is working properly by viewing the log file For more information see How to Read the Log File 165 8 2 1 Configuration Step 1 To configure F Secure Automatic Update Agent open the fsaua cfg con...

Страница 165: ...mmands on command line net stop fsaua net start fsaua 8 2 2 How to Read the Log File The fsaua log file is used to store messages generated by F Secure Automatic Update Agent Some of the messages prov...

Страница 166: ...s downloaded the update name and version are shown 3988 Thu Oct 26 12 40 39 2006 3 Downloaded F Secure Anti Virus Update 2006 10 26_04 DFUpdates version 1161851933 from fsbwserver f secure com 1244545...

Страница 167: ...ere downloaded For a list of update types that you can find in the log see What Updates are Logged in fsaua log 168 Installation of F Secure Anti Virus Update 2006 10 26_04 Success The files were succ...

Страница 168: ...te 2006 10 09_03 avmisc F Secure BlackLight Engine Update 2006 09 15_01 BLENG F Secure Gemini Update 2006 09 05_04 gemdb F Secure HIPS Update 2006 09 01_04 hipscfg F Secure Pegasus Update 2006 09 29_0...

Страница 169: ...stop fsaua net start fsaua This will trigger F Secure Automatic Update Agent to connect to the update server and check for new updates 8 4 Updating the Databases Manually If your computer is not conne...

Страница 170: ...rectly Problem Proxy Authentication failed Reason The password entered for HTTP proxy is incorrect Solution Check and correct the HTTP proxy password in the http_proxies directive in the fsaua cfg fil...

Страница 171: ...171 9 F SECURE POLICY MANAGER ON LINUX Overview 172 Installation 172 Configuration 177 Uninstallation 177 Frequently Asked Questions 179...

Страница 172: ...pported Distributions F Secure Policy Manager supports many of the Linux distributions based on the Debian package management DEB system and on the Redhat Package Management RPM system The commands fo...

Страница 173: ...Secure Automatic Update Agent 1 Log in as root 2 Open a terminal 3 To install type 4 To configure type opt f secure fsaua bin fsaua config and answer the questions Push ENTER to choose the default set...

Страница 174: ...nstall type 4 To configure type opt f secure fspms bin fspms config and answer the questions Push ENTER to choose the default setting shown in square brackets for each of these questions F Secure Poli...

Страница 175: ...r sbin usermod G fspmc groups the user belongs to now as comma separated list user id For example if Tom belongs to the groups normal_users and administrators the command is usr sbin usermod G fspmc n...

Страница 176: ...rting 1 Log in as root 2 Open a terminal 3 To install type 4 To configure type opt f secure fspmwr bin fspmwr config and answer the questions Push ENTER to choose the default setting shown in square b...

Страница 177: ...gent 9 4 1 Uninstalling F Secure Policy Manager Web Reporting 1 Log in as root 2 Open a terminal 3 Type F Secure Policy Manager Component Configuration Command F Secure Policy Manager Server opt f sec...

Страница 178: ...manager console Log files and configuration files are not removed as these are irreplaceable and contain valuable information To remove these type rm rf opt f secure fspmc Debian Based Distributions R...

Страница 179: ...og Q Why doesn t F Secure Policy Manager Server start A Runtime errors warnings and other information are logged to opt f secure fspms logs error_log opt f secure fsaus log fsaus log log opt f secure...

Страница 180: ...and F Secure Automatic Update Agent by typing sudo u fspms opt f secure fspms bin fsavupd debug Q Where are the F Secure Policy Manager Console files located in the Linux version A To list all files a...

Страница 181: ...estart F Secure Policy Manager Server a Log in as root b Type etc init d fspms restart Q How can I get information about how F Secure Policy Manager Server is running A Type etc init d fspms status Q...

Страница 182: ...ecure Automatic Update Agent so that the changes take effect etc init d fsaua restart Q How can I use an HTTP proxy with F Secure Automatic Update Agent A HTTP proxies are set through the file opt f s...

Страница 183: ...183 Q How can I restart F Secure Automatic Update Agent after changing the configuration file A To restart F Secure Automatic Update Agent type etc init d fsaua restart...

Страница 184: ...WEB REPORTING Overview 185 Introduction 185 Web Reporting Client System Requirements 186 Generating and Viewing Reports 186 Maintaining Web Reporting 190 Web Reporting Error Messages and Troubleshooti...

Страница 185: ...on historical trend data using a web based interface You can produce a wide range of useful reports and queries from F Secure Client Security alerts and status information sent by the F Secure Manage...

Страница 186: ...e of the pages Virus Protection Summary Internet Shield Summary Alerts Installed Software and Host Properties in the Web Reporting user interface The starting of F Secure Policy Manager Web Reporting...

Страница 187: ...atically Select this if you want Internet Explorer to check for a new version of the page automatically Cookies It is also a good idea to enable cookies in your browser as this makes for example brows...

Страница 188: ...selected report category Root is selected by default in the Policy Domains pane 3 To view a new report first select the domain subdomain or host for which you want to generate the report 4 Then select...

Страница 189: ...rintable version of the page click the icon in the upper right corner of the page This opens a new browser window with the contents of the main frame in printable format and you can then print the pag...

Страница 190: ...want to monitor separately the next time you want to generate the same report because this information is already included in the report specific URL address You have two possibilities Generate a rep...

Страница 191: ...Manager Web Reporting by using the Service Control Panel as follows 1 Open the Service Control Panel from the Windows Start menu 2 Select F Secure Policy Manager Web Reporting from the list of service...

Страница 192: ...number of hosts defined by their IP addresses Allow Access from Everywhere default By default F Secure Policy Manager Web Reporting can be accessed from any computer that can access the Web Reporting...

Страница 193: ...he Policy Manager Server Location Order Deny Allow Deny from all Allow from ip address 1 Allow from ip address 2 Allow from ip address 3 Location VirtualHost After this only those people who have acce...

Страница 194: ...rting service 2 Copy the file C Program Files F Secure Management Server 5 Web Reporting firebird data fspmwr fdb to the backup media You can also use some compression utility to compress the file Usi...

Страница 195: ...e this time to be longer If you want to keep the trend data for a shorter time you can also configure this time to be shorter 1 Stop the F Secure Policy Manager Web Reporting service 2 Change the maxi...

Страница 196: ...that machine or F Secure Policy Manager Server service is not running Check all of these in this order A firewall may also prevent the connection Error message F Secure Policy Manager Web Reporting co...

Страница 197: ...rting the Web Reporting service If Web Reporting cannot contact the database you should restart the Web Reporting service If this does not help you may wish to reinstall Web Reporting keeping the exis...

Страница 198: ...the database is really broken you can also copy an empty database file on top of the broken one This is done as follows 1 Stop the F Secure Policy Manager Web Reporting service 2 Copy fspmwr fdb empt...

Страница 199: ...199 11 F SECURE POLICY MANAGER PROXY Overview 200 Main Differences between Anti Virus Proxy and Policy Manager Proxy 200...

Страница 200: ...cally from F Secure Policy Manager Proxy Workstations in the remote offices communicate also with the Policy Manager Server in the main office but this communication is restricted to remote policy man...

Страница 201: ...Virus Proxy acts as a standalone server in the network and it can provide updates to hosts without a connection to an upstream server The only upstream server it can connect to is the F Secure Update...

Страница 202: ...202 12 TROUBLESHOOTING Overview 203 F Secure Policy Manager Server and Console 203 F Secure Policy Manager Web Reporting 208 Policy Distribution 209...

Страница 203: ...Server start A Runtime errors warnings and other information can be found in the file F Secure Management Server 5 logs error log If the Application Log in Event Viewer Administrative tools in NT 200...

Страница 204: ...for Management Server 5 directory are automatically set correctly If the directory is copied by hand or for example restored from backup the access rights might be deleted In this case execute the st...

Страница 205: ...ion selected This will recreate the F Secure Policy Manager Server account and reset all file access rights to the correct ones Q Why does F Secure Policy Manager Server use its own account to run ins...

Страница 206: ...can also prevent the F Secure Policy Manager Server service from starting For more information on these please consult the Microsoft Windows Server documentation Q Why am I unable to connect to F Sec...

Страница 207: ...here is a risk that F Secure Policy Manager Server could be under such a heavy network load that it does not have any free network connections available F Secure Policy Manager Console and all hosts a...

Страница 208: ...licy Manager Web Reporting Q Where are the log files and configuration files located for F Secure Policy Manager Web Reporting A The log files are located in F Secure Management Server 5 Web Reporting...

Страница 209: ...he choices on a sub domain or host too high or low values are specified as range restiriction boundaries or an empty choice list is specified When a domain includes hosts that have different product v...

Страница 210: ...reate a sub domains for exceptions This is a good solution if you have only a few hosts with the older software versions installed Reason 2 You entered an integer value that is outside of the range re...

Страница 211: ...211 A SNMP Support Overview 212 Installing F Secure Management Agent with SNMP Support 213 Configuring The SNMP Master Agent 214 Management Information Base 215...

Страница 212: ...X SPX since the SNMP service uses Windows Sockets for network communication The master agent is an extensible SNMP agent which allows it to service additional MIBs The NT SNMP agent itself does not co...

Страница 213: ...alling F Secure Management Agent with SNMP Support A 2 1 F Secure SNMP Management Extension Installation SNMP support for F Secure Management Agent is installed by installing Management Extensions f t...

Страница 214: ...eceives a request for information that does not contain the correct community name and does not match an accepted host name for the Service the SNMP Service can send a trap to the trap destination ind...

Страница 215: ...anized in a tree like structure and the sequence of numbers identifies the various branches of the subtree that a given object comes from The root of the tree is the ISO International Standards Organi...

Страница 216: ...216 B Ilaunchr Error Codes Overview 217 Error Codes 218...

Страница 217: ...example which you can insert into your login script Start Wait ILaunchr exe server share mysuite jar U if errorlevel 100 Go to Some_Setup_Error_occurred if errorlevel 5 Go to Some_Ilaunchr_Error_occur...

Страница 218: ...et disk has insufficient free space for installation 8 File package ini was not found in JAR file 9 File package ini did not contain any work instructions 10 Wrong parameters in command line or ini fi...

Страница 219: ...ted 110 Out of disk space 111 The destination drive is not local 120 The user has no administrative rights to the machine 130 Setup was unable to copy non packed files to the target directory 131 Setu...

Страница 220: ...nt Setup plug in returned error 171 Plug in returned an unexpected code 172 Plug in returned a wrapper code 173 One of the previous install uninstall operations was not completed Reboot is required to...

Страница 221: ...221 C FSII Remote Installation Error Codes Overview 222 Windows Error Codes 222 Error Messages 223...

Страница 222: ...with Domain Administrator privileges With Domain Trusts make sure you have logged on to the F Secure Policy Manager Console using the account from the trusted domain 1069 Logon Failure In most cases t...

Страница 223: ...nt canceled the installation or some conflicting software was found Installation aborted A Management Agent portion of Setup cancels the whole installation in the following situations 1 When it detect...

Страница 224: ...ROR keyword from the fswssdbg log file located in the target Windows directory Q Newer F Secure product detected installation aborted A If the target host has a newer product version already installed...

Страница 225: ...225 D Remote Installation Support for Windows 98 ME Enabling Remote Administration 226...

Страница 226: ...rvices 1 From Control Panel Network click Add 2 In the Select Network Component Type dialog box double click Service 3 In the Select Network Service dialog box click Have Disk 4 In the Install From Di...

Страница 227: ...7 user group names that are not compatible with the English version of Windows NT Server You must verify that the Administrators list contains the administrator group name in pure English Domain Admin...

Страница 228: ...228 E NSC Notation for Netmasks Overview 229...

Страница 229: ...re not contiguous The following table gives the number of bits for each permitted netmask The 0 0 0 0 is a special network definition reserved for the default route Network Address Netmask NSC Notatio...

Страница 230: ...0 17 255 255 255 128 25 255 255 192 0 18 255 255 255 192 26 255 255 224 0 19 255 255 255 224 27 255 255 240 0 20 255 255 255 240 28 255 255 248 0 21 255 255 255 248 29 255 255 252 0 22 255 255 255 25...

Страница 231: ...231 TECHNICAL SUPPORT Overview 232 Web Club 232 Advanced Technical Support 232 F Secure Technical Product Training 233...

Страница 232: ...owser and your location To connect to the Web Club directly from your Web browser go to http www f secure com webclub Virus Descriptions on the Web F Secure Corporation maintains a comprehensive colle...

Страница 233: ...imum effort F Secure Technical Product Training F Secure provides technical product training material and information for our distributors resellers and customers to succeed with F Secure security pro...

Страница 234: ...parts At the end of each course there is a certification exam Contact your local F Secure office or F Secure Certified Training Partner to get information about the courses and schedules Contact Info...

Страница 235: ...235 GLOSSARY...

Страница 236: ...epresent a single character There are 8 bits in a byte Certificate See Public Key Client A program that is used to contact and obtain data from a Server program on another computer Corrupted Data that...

Страница 237: ...s consisting of 4 numeric strings separated by dots This will change in IPv6 IPSec IETF The IP Security Protocol is designed to provide interoperable high quality cryptography based security for IPv4...

Страница 238: ...building Sometimes using a simple network protocol Login noun The account name used to gain access to a computer system Mbit Megabit MD5 Message Digest number 5 a secure hash function published in RFC...

Страница 239: ...y more than one party Public Key The part of the key in a public key system which is widely distributed and not kept secure This key is used for encryption not decryption or for verifying signatures A...

Страница 240: ...nded by the file s creator to be interpreted as a sequence of one or more lines containing ASCII or Latin printable characters URL Uniform Resource Locator The standard way to give the address of any...

Страница 241: ...er Communications The latest real time virus threat scenario news are available at the F Secure Antivirus Research Team weblog at http www f secure com weblog Services for Individuals and Businesses F...

Отзывы:

Нет отзывов

Похожие инструкции для POLICY MANAGER 7.0 -

Бренд: 3M Страницы: 3

Бренд: KIP Страницы: 22

GS110TP - ProSafe Gigabit Smart Switch

Бренд: NETGEAR Страницы: 2

Бренд: PS Audio Страницы: 6

FLASH MX 2004 - FLASH LITE AUTHORING GUIDELINES FOR THE I-MODE...

Бренд: MACROMEDIA Страницы: 48

Бренд: Olympus Страницы: 2

Бренд: Toshiba Страницы: 1

dynadock Drivers

Бренд: Toshiba Страницы: 3

e-STUDIO Printer/Fax/Scanner/Copier

Бренд: Toshiba Страницы: 4

Бренд: Toshiba Страницы: 53

Бренд: National Instruments Страницы: 63

Бренд: Blackberry Страницы: 9

ENHANCED GOOGLE MAIL PLUG IN - LEARN MORE

Бренд: Blackberry Страницы: 16

PRD-10459-003 - Enterprise Server For IBM Lotus Domino

Бренд: Blackberry Страницы: 420

ANTI-VIRUS 2011 - REV 2011.03

Бренд: AVG Страницы: 211

Бренд: Extron electronics Страницы: 124

TWIG CONFIGURATOR

Бренд: Benefon Страницы: 28

Бренд: Texas Instruments Страницы: 37

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды