background image

• www.example.com

• example.net

• www.example.net

• example.org

• www.example.org
The URL used to reach a particular domain site and the domain's domain name are tracked.
For example, if user A goes to www.google.com to search for fishing in Alaska, and user B goes
to maps.google.com to search for Vermont, the following are reported:

URL

Domain

Time

www.google.com/search/keyword?alaska%20sfishing

www.google.com

<time>

maps.google.com/search/gps?vermont

maps.google.com

<time>

Because the domain for both visits is the same, two visits to a single domain (google.com) are
reported.

By default, visits to private domains on your local intranet are not tracked. These internal intranet
sites are likely accessed often, and are thus excluded to save processing time and to avoid
wasting log file space. The following IP ranges and URLs are always treated as private domains:

• 10.0.0 - 10.255.255.255

• 172.6.0.0 - 172.31.255.255

• 192.168.0.0 - 192.168.255.255

• Localhost or 127.0.0.1

You have the option to force tracking of all private domains at all times, or to force tracking if
the client is disconnected from the corporate network. Tracking visits to private domains can
greatly increase the size of log files and the ePO server database, where this information is
stored.

NOTE:

If you installed the Web Filtering for Endpoint extension, additional options appear in

this policy. See the

Web Filtering for Endpoint and Web Reporter Appendix for details.

The Authorize List policy also has a tracking option, which takes precedence over the tracking
options in this policy. See

Turning off tracking for visits to authorized sites for details.

Tracking visits to domains and downloads

Use this task to enable the tracking of visits to domains and domain resources such as downloads.
Information on the domains visited and the files downloaded from the domains are sent to the
ePO database for queries and reports. By, default, no visits to private domains are tracked.

Task

For option definitions, click in the interface.

1

Do one of the following:

• ePolicy Orchestrator 4.0 — Go to Systems | Policy Catalog.

• ePolicy Orchestrator 4.5 — Click Menu | Policy | Policy Catalog.

2

From the Product list, select SiteAdvisor Enterprise Plus 3.0.0; from the Category
list, select Event Tracking.

3

For the policy you want to edit, click Edit.

Configuring Policies
Track events for reports

McAfee SiteAdvisor Enterprise Plus 3.0 Product Guide

40

Содержание MSA09EMB1RAA - Site Advisor Plus 2009

Страница 1: ...McAfee SiteAdvisor Enterprise Plus 3 0 Product Guide...

Страница 2: ...ed trademarks herein are the sole property of their respective owners LICENSE INFORMATION License Agreement NOTICE TO ALL USERS CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICE...

Страница 3: ...olicy options and features 14 Information that SiteAdvisor Enterprise Plus sends 15 Configuring Policies 16 How policies work 16 Types of policy categories 17 Default policy settings 17 Creating and e...

Страница 4: ...reate reports 43 Creating reports 44 Running a purge task 45 Use dashboards and monitors 45 Creating monitors 46 Reference 47 Frequently Asked Questions 47 Where to find more information 50 Web Filter...

Страница 5: ...threats they might encounter when searching or browsing websites by displaying the following Safety rating for each site When searching safety ratings of green yellow red and gray icons appear next t...

Страница 6: ...team assimilates test results into a safety report that can also include Feedback submitted by site owners which might include descriptions of safety precautions used by the site or responses to user...

Страница 7: ...ton The site is safe Green checkmark There might be some issues with the site Yellow exclamation point There might be some serious issues with the site Red x No rating is available for the site Gray q...

Страница 8: ...res on managed systems Task 1 Click the down arrow on the SiteAdvisor menu button to view the SiteAdvisor menu and do any of the following To do this Select this command Display the safety report for...

Страница 9: ...of your country of residence The level of how popular the website is Don t assume however that popularity always goes hand in hand with Popularity safety For example some very popular prize sites send...

Страница 10: ...hat can leave a computer essentially unusable Reviewers and site owners can provide additional information and commentary to supplement SiteAdvisor s automated test results Reviewer and Site Owner Com...

Страница 11: ...or a particular group or all groups Instead of updating the entire list with the new entries you can create a second policy instance for the new entries and apply it and the default list together The...

Страница 12: ...e Plus Create a list of blocked sites that users cannot access Prohibit List A multiple instance policy Rating Actions Assign actions warn block or allow to sites or site resources such as file downlo...

Страница 13: ...t policy but tracks browsing behavior data that you can retrieve in reports See Evaluate policy settings with Observe mode under Configuring Policies 2 Evaluate browsing traffic and usage patterns Rep...

Страница 14: ...t your goals Use this feature If this is your security or productivity goal Rating Actions policy Use SiteAdvisor ratings to control access to sites download files or phishing pages Prohibit List poli...

Страница 15: ...n or block taken by SiteAdvisor Enterprise Plus Observe mode status on or off SiteAdvisor Enterprise Plus sends the following information to the SiteAdvisor website s servers Version of the SiteAdviso...

Страница 16: ...lt policy is installed in the repository You cannot change this default policy but you can create a duplicate of this policy with a different name and configure it to meet your needs TIP Before deploy...

Страница 17: ...assigned this policy and whether it can be disabled on individual systems General Settings required for managed systems to access the Internet through a proxy server to turn on Observe mode to tune e...

Страница 18: ...rve mode Enable Not selected Options configured for blocking or warning are enforced Control Panel Option Enable Not selected to have SiteAdvisor Enterprise Plus appear in the client system Add or Rem...

Страница 19: ...new policy or select Edit to change settings for an existing policy 5 Click Save Run an agent wake up call to apply the setting immediately or wait for the next automatic agent server communication A...

Страница 20: ...browsing patterns are adversely affected by any current settings adjust them before disabling observe mode Policy settings are enforced when observe mode is disabled Control panel option You can allow...

Страница 21: ...For the policy you want to edit click Edit 4 Click the Action Enforcement tab 5 Select Enable 6 Click Save Setting the control panel option Use this task to allow SiteAdvisor Enterprise Plus to appea...

Страница 22: ...low access This enables a greater level of granularity in protecting users from pages that employ phishing techniques on a site with an overall green rating To block file downloads and phishing pages...

Страница 23: ...ed in downgrading reactions for red and yellow sites NOTE Use the Enforcement Messaging policy options to customize the message that is displayed to users for blocked and warned sites Task For option...

Страница 24: ...he message that displays to users for blocked phishing pages Task For option definitions click in the interface 1 Do one of the following ePolicy Orchestrator 4 0 Go to Systems Policy Catalog ePolicy...

Страница 25: ...to specify a range of sites affected by enforcement rules This enables you to apply enforcement rules to particular domains or to a range of similar sites without entering each URL separately When a m...

Страница 26: ...http acme com 9090 downloads must have a domain that ends with acme com 9090 and a path that begins with downloads https news acme com 9090 downloads Does not match http www myacme com 9090 downloads...

Страница 27: ...ns click in the interface 1 Do one of the following ePolicy Orchestrator 4 0 Go to Systems Policy Catalog ePolicy Orchestrator 4 5 Click Menu Policy Policy Catalog 2 From the Product list select SiteA...

Страница 28: ...enu Policy Policy Catalog 2 From the Product list select SiteAdvisor Enterprise Plus 3 0 0 from the Category list select Authorize List 3 For the policy you want to edit click Edit 4 On the Manage Aut...

Страница 29: ...criteria and again display the contents of the list click Clear Testing an Authorize list Use this task to test whether specific sites or site patterns are included in an Authorize list When Authoriz...

Страница 30: ...te with an overall rating of green can contain individual download files rated yellow or red To protect users specify an action that is specific to the rating for an individual file Use this task to b...

Страница 31: ...ested Phishing page blocking and download rating actions are also disabled only when this option is disabled McAfee recommends using this procedure to prevent private information about intranet sites...

Страница 32: ...t select Authorize List 3 For the policy you want to edit click Edit 4 On the Advanced Options tab select Track events and request information from the SiteAdvisor server 5 Select Give this Authorize...

Страница 33: ...Manage Prohibited Sites tab click Add Multiple 5 Type a URL or partial URL called a site pattern then type a space or tab followed by a comment URLs or site patterns must be at least six characters in...

Страница 34: ...useful for finding sites in large lists Task For option definitions click in the interface 1 Do one of the following ePolicy Orchestrator 4 0 Go to Systems Policy Catalog ePolicy Orchestrator 4 5 Clic...

Страница 35: ...site rated red yellow or green Safety balloons Warn or block pages Short message to display when users attempt to download files or access blocked phishing pages Safety balloons Warn or block pages S...

Страница 36: ...ou have configured as Block Block message A site you have configured as Allow Allow message 7 Click Save Creating a message for phishing pages Use this task to customize the message that is displayed...

Страница 37: ...g You can explain why users should be cautious Warn message Blocked download files You can explain why the file is blocked Block message 7 Click Save Creating a message for sites on Authorize or Prohi...

Страница 38: ...s to have SiteAdvisor Enterprise Plus enabled Allow users to disable and then re enable the software from the SiteAdvisor Enterprise Plus menu in the browser or to do so only with a password The defau...

Страница 39: ...rom the Product list select SiteAdvisor Enterprise Plus 3 0 0 from the Category list select Enable Disable 3 For the policy you want to edit click Edit 4 For SiteAdvisor menu option selectEnable 5 Sel...

Страница 40: ...rporate network Tracking visits to private domains can greatly increase the size of log files and the ePO server database where this information is stored NOTE If you installed the Web Filtering for E...

Страница 41: ...o Systems Policy Catalog ePolicy Orchestrator 4 5 Click Menu Policy Policy Catalog 2 From the Product list select SiteAdvisor Enterprise Plus 3 0 0 from the Category list select Event Tracking 3 For t...

Страница 42: ...e of the following ePolicy Orchestrator 4 0 Go to Systems Policy Catalog ePolicy Orchestrator 4 5 Click Menu Policy Policy Catalog 2 From the Product list select SiteAdvisor Enterprise Plus 3 0 0 from...

Страница 43: ...ery or create a brand new query See Querying the Database in the ePolicy Orchestrator Product Guide for more information Access queries by going to the Queries pane under Reporting All predefined Site...

Страница 44: ...then proceeded with their visit Top 100 Warned Continued Sites List of 100 yellow files that users downloaded most frequently over the last 30 days Top 100 Yellow Downloads List of 100 yellow sites v...

Страница 45: ...stems For details about these features see the ePolicy Orchestrator documentation Dashboards consist of monitors and monitors are based on queries To monitor browser activity on your network use one o...

Страница 46: ...ng Dashboards 2 Select Options then New Dashboard 3 In the Name field type a descriptive name 4 From the Size list select a dashboard layout 5 For each dashboard panel click New Monitor 6 For the Cate...

Страница 47: ...tent of a frame loads websites Disabling the SiteAdvisor Enterprise Plus client software by using the Add ons feature through the browser s Tools menu Can users circumvent SiteAdvisor Enterprise Plus...

Страница 48: ...llect information when users navigate to intranet sites By default no However you can change this by adding your intranet domain to an Authorize list then deselecting the Track events option in the Au...

Страница 49: ...isor Enterprise Plus has been modified for management by an administrator with ePolicy Orchestrator In addition the automatic update feature has been removed to ensure that administrators control the...

Страница 50: ...ation 2 Click ePolicy Orchestrator then ePolicy Orchestrator 4 0 or ePolicy Orchestrator 4 5 SiteAdvisor Enterprise Plus website For the latest information about SiteAdvisor Enterprise Plus and releva...

Страница 51: ...security ratings and the settings in the Content Actions policy to block warn or allow the site based on content type are applied on client systems The approximately 100 site content categories are g...

Страница 52: ...database After the log file data is transferred to the database reports are generated Log files are generated by running a SiteAdvisor Enterprise Plus client task from the ePO server on all managed s...

Страница 53: ...cause of the amount of data that can be transferred when the logs are sent setting the client task to run on a randomized schedule is highly recommended Before you begin The client task to send Web Re...

Страница 54: ...tegories 4 Select a content category and click Warn or Block to set the action for it The default is Allow 5 Click Save Working with the Web Reporter Refer to the Web Reporter Installation and Configu...

Страница 55: ...eat factors 23 track allowed green sites 41 track domain page views 41 configuration SiteAdvisor Enterprise Plus continued track visits to domains 40 consumer version SiteAdvisor See SiteAdvisor Enter...

Страница 56: ...visor Enterprise Plus 20 47 purge task SiteAdivsor Enterprise Plus running 45 Q queries SiteAdvisor Enterprise Plus creating reports 43 creating reports for web filtering 52 information sent for 15 R...

Страница 57: ...ditional policy options 51 explanation 51 website access adding a logo to messages for sites 38 authorized sites blocking exploits 30 controlling by safety ratings 22 creating messages for sites 37 fi...

Страница 58: ...McAfee SiteAdvisor Enterprise Plus 3 0 Product Guide 58 Index...

Отзывы: