background image

12

ZENworks Endpoint Security Client 4.0 User Guide

no

vd

ocx 

(e

n)

  

13

 Ma
y 20

09

Firewall Settings: 

Firewall settings control the connectivity of all networking ports (1-65535), 

network packets (ICMP, ARP, etc.), network addresses (IP or MAC), and which network 
applications (file sharing, instant messenger software, etc.) are permitted to get a network 
connection when the setting is applied. Three firewall settings are included as defaults for ESM, and 
can be implemented at a location. The ESM Administrator can also create specific firewall settings, 
which cannot be listed here.

Š

All Adaptive: 

This firewall setting sets all networking ports as stateful (all unsolicited inbound 

network traffic is blocked; all outbound network traffic is allowed). ARP and 802.1x packets 
are permitted, and all network applications are permitted a network connection.

Š

All Open: 

This firewall setting sets all networking ports as open (all network traffic is 

allowed). All packet types are permitted. All network applications are permitted a network 
connection.

Š

All Closed: 

This firewall setting closes all networking ports, and restricts all packet types. 

Adapters: 

Refers to three communication adapters normally found on an endpoint:

Š

Wired Adapters (LAN connections)

Š

Wi-Fi Adapters (PCMCIA Wi-Fi cards, and built-in Wi-Fi radios)

Also refers to other communication hardware that might be included on a computer, such as 
infrared, Bluetooth*, FireWire*, and serial and parallel ports. 

Storage Devices: 

Refers to external storage devices that can pose a security threat when data is 

copied to, or introduced from, these devices on an endpoint. USB thumb drives, flash memory cards, 
and SCSI PCMCIA memory cards, along with traditional Zip*, floppy, and external CDR drives and 
the installed CD/DVD drives (including CD-ROM, CD-R/RW, DVD, DVD R/RW), can all be 
blocked, permitted, or rendered to Read-Only at a single location. 

Network Environments: 

A network environment is the collection of network services and service 

addresses required to identify a network location. 

2.2  Logging In to the Endpoint Security Client 4.0

If you are a member of the corporate Active Directory domain, the Endpoint Security Client 4.0 uses 
your Windows* username and password to log you in to the Policy Distribution Service (no pop-up 
window displays). If you are member of a Novell eDirectory tree, the Endpoint Security Client 4.0 
prompts you for your username and password for the tree (see 

Figure 2-2

).

NOTE: 

With Novell eDirectory, the user receives a pop-up login window once after the Endpoint 

Security Client 4.0 installs. This allows you to provide your username and password for the tree.

If you are not a member of the domain that the Policy Distribution Service is hosted on, the 
Endpoint Security Client 4.0 prompts you for your username and password for that domain (see 

Figure 2-2

).

Содержание ZENworks Endpoint Security Client 4.0

Страница 1: ...www novell com novdocx en 13 May 2009 AUTHORIZED DOCUMENTATION ZENworks Endpoint Security Client 4 0 User Guide ZENworks Endpoint Security Management 4 0 March 31 2009 Endpoint Security Client 4 0 Use...

Страница 2: ...r re export to entities on the current U S export exclusion lists or to any embargoed or terrorist countries as specified in the U S export laws You agree to not use deliverables for prohibited nuclea...

Страница 3: ...Trademarks For Novell trademarks see the Novell Trademark and Service Mark list http www novell com company legal trademarks tmlist html Third Party Materials All third party trademarks are the proper...

Страница 4: ...4 ZENworks Endpoint Security Client 4 0 User Guide novdocx en 13 May 2009...

Страница 5: ...entation or go to the Novell Documentation Feedback site http www novell com documentation feedback html and enter your comments there Additional Documentation ZENworks Endpoint Security Management is...

Страница 6: ...6 ZENworks Endpoint Security Client 4 0 User Guide novdocx en 13 May 2009...

Страница 7: ...iew 11 2 1 ESM Terminology 11 2 2 Logging In to the Endpoint Security Client 4 0 12 3 Using the Endpoint Security Client 4 0 15 3 1 Moving Among Network Environments 15 3 2 Changing Locations 16 3 3 D...

Страница 8: ...8 ZENworks Endpoint Security Client 4 0 User Guide novdocx en 13 May 2009...

Страница 9: ...ections contain additional information Section 1 1 Security Enforcement for Mobile Computers on page 9 Section 1 2 NDIS Layer Firewall Protection on page 10 1 1 Security Enforcement for Mobile Compute...

Страница 10: ...illustrated in Figure 1 2 Effectiveness of an NDIS Layer Firewall on page 10 Figure 1 2 Effectiveness of an NDIS Layer Firewall Security decisions and system performance are optimized when security i...

Страница 11: ...ontain additional information Section 2 1 ESM Terminology on page 11 Section 2 2 Logging In to the Endpoint Security Client 4 0 on page 12 2 1 ESM Terminology The following terms are frequently used i...

Страница 12: ...her communication hardware that might be included on a computer such as infrared Bluetooth FireWire and serial and parallel ports Storage Devices Refers to external storage devices that can pose a sec...

Страница 13: ...k OK The Directory Service Configuration Name needs to match the directory services you are authenticating to Use the drop down menu to see if you have more than one service available NOTE It is not n...

Страница 14: ...14 ZENworks Endpoint Security Client 4 0 User Guide novdocx en 13 May 2009...

Страница 15: ...nt parameters and switches to the appropriate location applying the needed protection levels according to the current security policy Network environment information is either stored or preset within...

Страница 16: ...ill assist you in using ZENworks Endpoint Security on the endpoint Section 3 3 1 Managing Files on Non System Volumes on page 16 Section 3 3 2 Managing Files on Removable Storage on page 16 3 3 1 Mana...

Страница 17: ...18 However files added to an encrypted removable storage device on another machine are not encrypted and must be encrypted manually The following sections contain more information Encrypting Files on...

Страница 18: ...nds upon the amount of data stored on the device What If I Don t Want the Device Encrypted When you insert a removable storage device the Endpoint Security Client prompts asking if you want the drive...

Страница 19: ...ut your home computer does not have the Security client installed You copy the files to the Password Encrypted Files folder on your USB thumb drive take the files home then access them using the ZENwo...

Страница 20: ...ce panel click Browse navigate to the storage device s Password Encrypted Files directory select the desired file then click Save or To decrypt the entire Password Encrypted Files directory rather tha...

Страница 21: ...display the menu 2 Click Check for Policy Update NOTE Automatic updates and checking for policy updates are not available features when the Endpoint Security Client is running as standalone The ESM A...

Страница 22: ...bably caused by the security policy the Endpoint Security Client 4 0 is enforcing Changing locations or firewall settings usually lifts these restrictions and restores the interrupted functionality Ho...

Страница 23: ...r the designated time Clicking Load Policy which replaces the Password Override button in the About window restores the previous policy If your administrator has updated your policy to resolve existin...

Страница 24: ...y Client icon in the taskbar to display the menu then click About or double click the Endpoint Security Client icon 2 Click the Diagnostics button 3 Check everything in the Diagnostics Package pane or...

Отзывы: