SonicWALL 4.5 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of SonicWALL 4.5, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of SonicWALL 4.5 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of SonicWALL 4.5. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of SonicWALL 4.5 should contain:
- informations concerning technical data of SonicWALL 4.5
- name of the manufacturer and a year of construction of the SonicWALL 4.5 item
- rules of operation, control and maintenance of the SonicWALL 4.5 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of SonicWALL 4.5 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of SonicWALL 4.5, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the SonicWALL service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of SonicWALL 4.5.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the SonicWALL 4.5 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    02/4%#4)/.!44(%30%%$/&"53).%33 3ONIC7!,,%NFORCED#LIENT !NTI6IRUSAND!NTI3PYWARE 0RODUCT'UIDE 6ERSION[...]

  • Page 2

    Enforced Client Anti-Virus and Anti-Spyware 4.5COPYRIGHT Copyright © 2007 McAfee, Inc. All Rights R eserved. No part of this publi cation may be reprod uced, transmitted, transcribed, st ored in a retrieval system, or translated into any l anguage in any form or by any means without the written permission of NcA fee, Inc., or its suppliers or affi[...]

  • Page 3

    3 Contents 1 Intr oduction 7 What is Enforced Client? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 Select the right version of Enfo rced Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Protect against m any kinds of th reats . . . . . . . . . . . . . . . . . [...]

  • Page 4

    4 Enforced Clie nt Produc t Guide Contents Using VSSETUP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 Completing the installatio n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 7 T e st virus protec tion . . . . . . . . . . . . . . . . . [...]

  • Page 5

    5 Enforced Clie nt Produc t Guide Contents Send email to users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Update user em ail addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Update your acc ount’ s email address . . . . . . . . . [...]

  • Page 6

    6 Enforced Clie nt Produc t Guide Contents V iewing reports for fire wall protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 V iew unrecognized Internet ap plications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 V iew inbound events blocke d by the firewa ll . . . . . . . . . . . [...]

  • Page 7

    7 1 Introduction SonicWALL Enforced Client Anti-Vi rus and Anti-Spyware, referred to in this guide as En forced Client, safeguards your computers automatically , and its advanced feat ures let you customize your business’s security strategy. This section provides an overview of the product, its featur es, and how to use product resour ces for add[...]

  • Page 8

    8 Enforced Clie nt Product G uide Introducti on What is Enfo rced Client ? 1 What is Enforced Client? Enforced Client delivers comprehensive securi ty as a service for all the computers on your account. These services automatically check for threats, in tercept them, take the appropriate action to keep your data and your network safe, and track det[...]

  • Page 9

    9 Enforced Clie nt Product G uide Introducti on What is Enfo rced Client ? 1 Select the right versio n of Enforced Client Select the version that best supports your needs. Enforced Client Anti-V irus and Anti-Spyware Basic Advanced This guide focuses on the Enforced Client servic es fo r desktop computers a nd servers, an d also contains instructio[...]

  • Page 10

    10 Enforced Clie nt Produc t Guide Introducti on What is Enfo rced Client ? 1 The email s erver securit y application i s avai lable with Enforced Cl ient Advanced. Detailed documentation on this appli cation is available on the CD or in the down loadable installer accessible from the Soni cWALL download center. Ensure continuous, automat ic protec[...]

  • Page 11

    11 Enforced Clie nt Produc t Guide Introducti on What is new in this release? 1 What is new in this release? New features Changes in support New feature Description Browser prote ction service Protects client computers against we b-based threats while searching and browsing. Users can display a color-c oded safety rating and detailed report for eac[...]

  • Page 12

    12 Enforced Clie nt Produc t Guide Introducti on How does the software work? 1 How does the software work? Enforced Client impleme nts a thre e-prong approach to security by: 1 Silently monitoring all file input and out put, downloads, program executions, inbound and outbound communications, and othe r system-related activitie s on client computers[...]

  • Page 13

    13 Enforced Clie nt Product G uide Introducti on How does th e software work ? 1 Updates can occur in three wa ys, enabling yo u to use netw ork resources efficiently. Figure 1-2 Methods for updating client computers  In a simple scenario, each client computer on your account has a direct connection to the Internet and checks for new updates. ?[...]

  • Page 14

    14 Enforced Clie nt Product G uide Introducti on How does th e software work ? 1 The detection definition ( DAT ) files on the Internet site are regularly updated to add protection against new threats. When the client software connects to the update site on the Internet, it retrieves:  Regular DAT files, which contain the latest definitions for [...]

  • Page 15

    15 Enforced Clie nt Produc t Guide Introducti on How does the software work? 1  If so, the client computer retr ieves the update from a peer. (Dig ital signatures are checked to verify that the computer is valid.)  If not, the client computer retrieves th e update directly from the update site. 4 On the client computer, the catalog file is ex[...]

  • Page 16

    16 Enforced Clie nt Product G uide Introducti on Managing with the on line SecurityCenter 1 Managing with the on line SecurityCenter To manage your account via the SecurityCenter, use the URL you received in an email message from your service provider. From the SecurityCenter, you can view the status of your protection services, access reports on c[...]

  • Page 17

    17 Enforced Clie nt Produc t Guide Introducti on Managing with the on line SecurityCenter 1 The SecurityCenter’s ma in page shows a status summary for all th e protection services you have purchased (except email server protection):  Security Status — Indicates whether any action is requi red to address security issues, and links you to inst[...]

  • Page 18

    18 Enforced Clie nt Product G uide Introducti on Managing with the on line SecurityCenter 1 User groups Each computer running the client software belongs to a group. A group consists of one or more computers using the same security settings (called po licies ). By default, computers are placed in the Defa ult group. Groups help you manage different[...]

  • Page 19

    19 Enforced Clie nt Product G uide Introducti on Managing with the on line SecurityCenter 1 Customized policies After installation, Enf orced Client protects client com puters from threats immediat ely using default security set tings. Howe ver, you might want to change the way some features are implemented for some or all of your co mputers. For e[...]

  • Page 20

    1 Create a Sales Team group and a Sales polic y. 2 Assign the Sales policy to the Sales Team group. 3 Client software running on computers in the Sa les Team group perform s the tasks defined in the Sales policy: 4 Client software sends security data for each client computer to the SecurityCent er. 5 Administrator checks the secur ity status for th[...]

  • Page 21

    21 Enforced Clie nt Product G uide Introducti on Using this guide 1 Conventions This guide uses the following conven tions: Bold Condensed All words from the user interface, includ ing options, menus, bu ttons, and dialog box names. Example: Type the User name and Password of the desired account. Courier The path of a folder or program; text that r[...]

  • Page 22

    22 Enforced Clie nt Product G uide Introducti on Getting product information 1 Getting product information Several types of information are available to meet the spe cific needs of client computer users and administrators. Online User Help Access online instructions for perfor ming security tasks in two ways: Note: If the product’s built-in help [...]

  • Page 23

    Email security service See Chapter 7, Using the Email Security Service for instructions on setting up and using basic fe atures of the email security service. Links are available from the SecurityCenter website to th e e mail security service’s web portal, where you can configure the service, access its administration guide, and view reports. Ema[...]

  • Page 24

    24 Enforced Clie nt Produc t Guide Introducti on Getting product information 1[...]

  • Page 25

    25 2 Installing Enforced Client This section describes what happens after y ou pur chase the hos ted services in E nforced Client and Enforced Client Advanced, provides system requirements, and ex plains how to install the virus and spyware protection servic e, firewall protection se rvice, and browser protection service. Note  After you place y[...]

  • Page 26

    26 Enforced Clie nt Product G uide Installing Enf orced Client After you place your order 2 After you place your order When you place an order for Enforced Client, you supply an email address, and your account is associated with that email addr ess. After you submit your order: 1 SonicWALL processes your order. 2 You receive three emai ls: Welcome [...]

  • Page 27

    27 Enforced Clie nt Produc t Guide Installing Enf orced Client System requirements 2 System requirements Enforced Client is designed for Microsof t Windows operating systems running on a PC platform. It installs and r uns on co mputers equipped with:  An Intel Pentium processo r or compatible architecture .  Microsoft Internet Explorer 5.5 SP[...]

  • Page 28

    28 Enforced Clie nt Product G uide Installing Enf orced Client System requirements 2 Operating system support ending Support for these Windows operating systems is en d ing with Enforced Cl ient version 4.5.  Windows 95  Windows 98  Windows ME  Windows NT 4.x For more information about support for these operating systems, v isit http://[...]

  • Page 29

    29 Enforced Clie nt Product G uide Installing Enf orced Client System requirements 2 RAM Minimum virus and spyware protection Minimum firewall protection* Recommended Windows 2000 64 MB 256 MB 256 MB Windows XP 128 MB 256 MB 256 MB Windows 2003 256 MB 512 MB 512 MB Windows Vista 512 MB 512 MB 1 GB Servers 256 MB 512 MB 512 MB * Use the value listed[...]

  • Page 30

    30 Enforced Clie nt Produc t Guide Installing Enf orced Client System requirements 2 Terminal servers Enforced Client supports terminal servers and the Windows fast us er switching feature in most scenarios, with these lim itations:  Enforced Client must be installed on the server by someone with local administrator privileges.  When an insta[...]

  • Page 31

    31 Enforced Clie nt Produc t Guide Installing Enf orced Client Before you install 2 Before you install Complete thes e procedures on each computer to prepare for i nstalling th e client soft ware:  Uninstall existing virus protec tion software  Uninstall existing firew all software  Configure your browser  Install the standalone install[...]

  • Page 32

    32 Enforced Clie nt Produc t Guide Installing Enf orced Client Before you install 2 SonicWALL products auto matically detected Non-SonicWALL products au tomatic ally detected SonicWALL Enterprise  Anti-Spyware Enterprise (all editions)  ePO agent  Managed VirusScan (previou s editions)  Enforced Client Enterp rise  VirusScan Enterpri[...]

  • Page 33

    33 Enforced Clie nt Product G uide Installing Enf orced Client Before you install 2 Uninstall existing firewall software Before installing the fi rewall protecti on service, we recommend th at you uninstall any other firewall programs on your computer. Follow your firewall program’s instructions for uninstalling or use the Windows Control Panel. [...]

  • Page 34

    34 Enforced Clie nt Produc t Guide Installing Enf orced Client Before you install 2 Install the standalone installation agent To allow users without administrator rights to install Enforced Client on client computers using the URL method, you must first load a standalone installation agent on their client computers. You can use a deployment tool to[...]

  • Page 35

    35 Enforced Clie nt Produc t Guide Installing Enf orced Client Installing Enfor ced Client 2 Installing Enforced Client Install the client software in any of the following ways: Standard URL installation Use the URL you received in your welcome emai l message to install the software on your computer and access the Secur ityCenter website. Th en ins[...]

  • Page 36

    36 Enforced Clie nt Product G uide Installing Enf orced Client Installing Enfor ced Client 2 Sending an installation URL to users As the administrator, you can obtain the comp any-specific installa tion URL in two ways:  After signing up for Enforced Client, you rece ive an email message containing the URL that has been set up for your company. [...]

  • Page 37

    Figure 2-1 Inte rnet URL installation 37 Enforced Clie nt Product G uide Installing Enf orced Client Installing Enfor ced Client 2 2 Select the services to install if you are prom pted to do so, type your email address in the Email or identifier field, and click Continue . What is the email address used for? The information en tered here identifies[...]

  • Page 38

    38 Enforced Clie nt Product G uide Installing Enf orced Client Installing Enfor ced Client 2 Advanced installation methods Administrators can use the advanc ed installation methods to instal l the Enforced Client client software without user interaction. Figure 2-2 Advanced installation methods Two advanced installation methods are available: Silen[...]

  • Page 39

    39 Enforced Clie nt Product G uide Installing Enf orced Client Installing Enfor ced Client 2 Silent installation VSSETUP is an executable file for installing Enforc ed Client on a client computer with no user interaction. This installation me thod is not network-specific a nd installs the software on any Windows operating system. Figure 2-3 How sil[...]

  • Page 40

    40 Enforced Clie nt Produc t Guide Installing Enf orced Client Installing Enfor ced Client 2  You must know your company key (t he series of characters in the installation URL after the characters CK= ). Installation To install Enforced Client silently: 1 From your web browser, log on to your SecurityCenter. 2 On the Computers page, click Add Co[...]

  • Page 41

    41 Enforced Clie nt Product G uide Installing Enf orced Client Installing Enfor ced Client 2 VSSETUP parameters For a silent installation, use this command li ne and any of the following parameters (which are not case-sensitive): VSSETUP.EX E /CK=<your c ompany key> / <parameters > /CK=XYZ Required . Launches Setup using the company key[...]

  • Page 42

    42 Enforced Clie nt Product G uide Installing Enf orced Client Installing Enfor ced Client 2 Push installation Push means deploying remotely to one or more com puters in a network. Th is method uses the Push Install utility to deploy th e client software directly from your service pr ovider’s website to client computers on your network. Push inst[...]

  • Page 43

    43 Enforced Clie nt Product G uide Installing Enf orced Client Installing Enfor ced Client 2 To perform a push installation: 1 Download the Push Install utility from the SecurityCenter. 2 Initiate a push to one or more client computers. 3 Optional. Initiate a push to one or more relay servers. Note  Requirements  Installation Requirements To [...]

  • Page 44

    44 Enforced Clie nt Product G uide Installing Enf orced Client Installing Enfor ced Client 2 Installation To install Enforced Client u sing the Push Install utility: 1 On the administrative computer, open the web br owser, log on to the SecurityCenter, then click Install Protection . 2 Select the ty pe of computers to install softwa re on, then cl [...]

  • Page 45

    45 Enforced Clie nt Product G uide Installing Enf orced Client Installing Enfor ced Client 2 After installati on is complete, a status for eac h target computer i s displayed. Figure 2-6 Status for target computers 10 Click View Log to open a log file in Microsoft Notepa d that shows the status of the current session, then save the file. The dialog[...]

  • Page 46

    46 Enforced Clie nt Produc t Guide Installing Enf orced Client Completing th e installation 2 You can specify one or more computer s as a relay server in two ways:  Using the Push Install uti lity  Using VSSETUP Using the Push Install utility During the push installatio n proced ure, select Set as Relay Server(s) before clicking Install Enfor[...]

  • Page 47

    47 Enforced Clie nt Product G uide Installing Enf orced Client Completing th e installation 2 Test virus protection Test the virus-detection feature of the virus and spyware protection se rvice at any time by downloading the EICAR Standard An tiVirus Test File at the client computer. Although it is designed to be dete cted as a virus , the EICAR te[...]

  • Page 48

    48 Enforced Clie nt Produc t Guide Installing Enf orced Client Completing th e installation 2 Scan the email Inbox After installing the virus and spyware protec tion service for the fi rst time, we re commend running an on-demand email scan be fore proceeding. This checks fo r threats in email already i n the client’s Microsoft Outlook Inbox. Fut[...]

  • Page 49

    49 Enforced Clie nt Product G uide Installing Enf orced Client What should I do aft er installing? 2 What should I do after installing? After installing E nforced Client, cl ient computer s are protecte d immediately and no further setup is required for the virus and spyware protection se rvice, the firewall prot ecti on service, o r the browser pr[...]

  • Page 50

    50 Enforced Clie nt Produc t Guide Installing Enf orced Client What should I do aft er installing? 2[...]

  • Page 51

    51 3 Using Enforced Client Enforced Client consists of two ma in components for managing security:  The client sof tware: Softwar e installed on each client co mputer. The client software runs in the background to download update s and protect the computer fro m threats. It also provides users access to t he basic functi ons of their SonicWALL p[...]

  • Page 52

    52 Enforced Clie nt Product G uide Using Enforce d Client Using the client software 3 Using the client software After installing Enforced Client , the software runs on each cl ient computer to immediately protect it from threats such as viruses and intrusions. Typically, users have little intera ction with the client software unl ess they want to m[...]

  • Page 53

    53 Enforced Clie nt Product G uide Using Enforce d Client Updating client computers 3 Client menu Click in the system tr ay to access these optio ns:  Scan T asks: Displays a submenu for accessing features of the virus and spyware protection service.  Firewall Settings: Displays the current status, mode, and connection type for the firewall p[...]

  • Page 54

    54 Enforced Clie nt Product G uide Using Enforce d Client Updating client computers 3 Users can check for updates manuall y at any time. In addition, yo u can configure optional policy settings for updating tasks. Note  Update automatically  Update manually  Update during an outbreak  Update computers where no user is logged on Update a[...]

  • Page 55

    55 Enforced Clie nt Produc t Guide Using Enforced C lient Using the Secur ityCenter 3 For maximum protection, configure your policies to check for an outbreak DAT file every hour (see Enable optional protection on page 97 ). This feature is enabled by default. Update computers where no user is logged on In most scenarios, Enforced Client supports t[...]

  • Page 56

    Setting up your account Viewing your security services at-a-glance Managing yo ur computers Creating groups to manage your site Designating group administrators Setting up policies Viewing reports Managing yo ur correspondence Managing yo ur subscriptions Getting assistance 56 Enforced Clie nt Product G uide Using Enforce d Client Using the Secur i[...]

  • Page 57

    57 Enforced Clie nt Product G uide Using Enforce d Client Getting started 3 Getting started The SecurityCenter website help s you locate information easily.  Log on to the SecurityCenter  Access online features and functions  Make the most of your online data  Customize listings and reports  Using the online help Log on to the Securi[...]

  • Page 58

    Figure 3-1 SecurityCenter tabs 58 Enforced Clie nt Product G uide Using Enforce d Client Getting started 3[...]

  • Page 59

    59 Enforced Clie nt Product G uide Using Enforce d Client Getting started 3 Make the most of your online data Each SecurityCenter page incl udes features for displaying the exact data you need and using it efficiently. Figure 3-2 Page controls for listings and reports 1 2 3 4 5 6 7 8 1 Print the current page. Click Print to open the page in a separ[...]

  • Page 60

    60 Enforced Clie nt Product G uide Using Enforce d Client Getting started 3 Customize listings and reports Select the information to display or the order in which it appears. To filter information: At the top of a page, select the information to display (group name , period of time, or type of information). To sort information in listings: Click a [...]

  • Page 61

    61 Enforced Clie nt Product G uide Using Enforce d Client Getting started 3 Using the online help Online help is available fro m any page on the SecurityCent er website by clicking the help ( ? ) link in the top-right corner of the page. The he lp window provides information about the page from which it wa s called. Y ou ca n access additional info[...]

  • Page 62

    62 Enforced Clie nt Product G uide Using Enforce d Client Setting up your a ccount 3 Setting up your account Configure your contact informat ion so that you receive important notices from your service provider.  Set up your profile  Change your SecurityCenter password  Sign up for emai l notifications Set up your profile Your profile conta[...]

  • Page 63

    63 Enforced Clie nt Product G uide Using Enforce d Client Viewing your security services at-a-gla nce 3 Viewing your security services at-a-glanc e The SecurityCenter page is your “home” page on the Se curityCenter website — a graphical overview of your coverage with instant access to summary information about the computers and service subscr[...]

  • Page 64

    64 Enforced Clie nt Product G uide Using Enforce d Client Viewing your security services at-a-gla nce 3 From the SecurityCenter page, you can:  Install protec tion servic es  View and resolve action items  View security coverage for your account  Purchase, add, and renew services  Request a trial subscription Install protection servi[...]

  • Page 65

    65 Enforced Clie nt Product G uide Using Enforce d Client Managing your computers 3 To view instructions for resol ving an action item: On the SecurityCenter page or the Computer Details page, click an action it em. View security covera ge for your account For each protection service, a pi e chart shows the status of c lient computers in your accou[...]

  • Page 66

    Figure 3-4 Computers page 66 Enforced Clie nt Product G uide Using Enforce d Client Managing your computers 3 Select the information th at appears on this page: Groups — Display only the computers in a group or display all computers. Report perio d — Specify the length of time for which to display information. Computer status — Show all compu[...]

  • Page 67

    67 Enforced Clie nt Product G uide Using Enforce d Client Managing your computers 3  View duplicate computers  View computer profiles Search for computers Use this feature to find a pa rticular computer in your listings. Site admini strators can search th e entire account; group administrato rs can search only the groups their site administra[...]

  • Page 68

    Figure 3-5 Computer Details page 1 2 3 4 1 Update the email address. For System email address , type a new email address, then click Save . 2 Move the computer into a new group. For Group , select a group from the list, then click Save . 3 Display instructions for resolving an action item. Click the red action item. 4 Display details about detectio[...]

  • Page 69

    69 Enforced Clie nt Produc t Guide Using Enforced C lient Managing your computers 3 View detections for a computer Use this feature to view all the dete ctions for a single client computer. To view detections: 1 On the Computers page, click a quantity under Detections to display a list of detected items and their status. 2 From the Detection List ,[...]

  • Page 70

    70 Enforced Clie nt Product G uide Using Enforce d Client Creating groups t o manage your site 3 Block computers from receiving updates Use this feature to prevent unauthorized computers that are connecting to your network (sometimes call ed rogue systems ) from receiving service updates. To block computers: On the Computers page, select the co mpu[...]

  • Page 71

    71 Enforced Clie nt Product G uide Using Enforce d Client Creating groups t o manage your site 3 By default, every computer in your ac count is placed into a group called Default . You can create other groups to place them in instead. Why use groups? Groups help you manage large numbers of comput ers or computers that use different security setting[...]

  • Page 72

    72 Enforced Clie nt Product G uide Using Enforce d Client Designating group ad ministrators 3 The Default group uses the SonicWALL Def ault policy, which is configured with settings recommended by SonicWALL to protect most or ganizations. You can as sign a different policy to the De fault group. Create or edit a group Use this procedure to assign a[...]

  • Page 73

    Figure 3-7 Site and group administrators 1 The site administrator communicates direct ly with the SecurityCenter to create policies, check reports, and maintain the Enforced Client account. 2 The site adminis trator creates and manages grou p administrators. 3 Group administrators communicate directly with the SecurityCenter to access security data[...]

  • Page 74

    74 Enforced Clie nt Produc t Guide Using Enforced C lient Designating group ad ministrators 3 What can group administrators do? The access level you assign determines which ta sks group administrators can perform for their groups. You specify the access level when you create the group administrator’s account, and you can edit it at any time.  [...]

  • Page 75

    75 Enforced Clie nt Produc t Guide Using Enforced C lient Setting up policies 3 Your local email applic ation opens a preaddresse d message explaining how to log on to the SecurityCenter, assigned groups, and instruct ions for accessing information about their responsibilities. (You can use th is feature only if you have a local email application i[...]

  • Page 76

    76 Enforced Clie nt Product G uide Using Enforce d Client Setting up policies 3 The SonicWALL Default policy Until you create additional policies, all computers are assigned the SonicWALL Defau lt policy, which is configured with setti ngs recommended by SonicWALL to protect man y environments. You cannot rename or modify the SonicWALL Default poli[...]

  • Page 77

    77 Enforced Clie nt Produc t Guide Using Enforced C lient Setting up policies 3 Create or edit a policy Use this procedure to na me a policy and configure its security settings. To create or edit a policy: 1 On the Groups + Policies page, click Add Policy (or click Edit to modify an existing policy). 2 In the Add Policy window, type a name in the P[...]

  • Page 78

    78 Enforced Clie nt Product G uide Using Enforce d Client Viewing reports 3 Delete a policy Use this procedure to remove a policy you have created from your account. You cannot delete the SonicWALL Default policy. To delete a policy: On the Groups + Policies page, next to a policy name click Delete . Note Viewing reports Whenever a client computer [...]

  • Page 79

    79 Enforced Clie nt Product G uide Using Enforce d Client Viewing reports 3 Why use reports? Reports provide valuable tools for managing your security strategy. On ly the reports available for the installed protection se rvices appear on this page. Detections The types of potentially malicious code or unwanted programs that ha ve been found on your[...]

  • Page 80

    80 Enforced Clie nt Product G uide Using Enforce d Client Viewing reports 3 View duplicate computers Use the Duplicate Computers report to locate compute rs that are listed more than once in your reports. Duplicate listings usually result when the Enforced Client client software has been installed mo re than once on a si ngle computer or when users[...]

  • Page 81

    81 Enforced Clie nt Product G uide Using Enforce d Client Managing your correspondence 3 View computer profiles Use the Computer Profiles report to view the version of the Windows operating system and the Internet Explorer web browser running on client computers. This helps you locate computers for maintenance, such as installi ng Microsoft soft wa[...]

  • Page 82

    82 Enforced Clie nt Produc t Guide Using Enforced C lient Managing your correspondence 3 Send email to users Use email to send important information about corporate security to your users:  Send reports or listings as an attached archived web page in . MHTM format (see Make t he most of your online data on page 59 ).  Send descriptions of sec[...]

  • Page 83

    83 Enforced Clie nt Produc t Guide Using Enforced C lient Managing your subscrip tions 3 If your logo file is not the correct size, the SecurityCenter resizes it to fit the allotted area and displays a preview of how it will appear on reports. Click A pprove to accept th e resized logo, or Delete and Resubmit to select a different file. 6 Click Clo[...]

  • Page 84

    84 Enforced Clie nt Product G uide Using Enforce d Client Managing your subscrip tions 3 Update subscription information Use the Subscription History page to update the contact and ac count information for each of your protection service subscriptions . This is useful for admini strators who manage multiple accounts. Note To update information for [...]

  • Page 85

    85 Enforced Clie nt Produc t Guide Using Enforced C lient Getting assista nce 3 Request a trial subscription To try a protection service free of charge for 30 days, you can reques t a trial subscription. You’ll have the opportunity to try all the features. You ca n then purchase the serv ice and continue using it with no interruption in protectio[...]

  • Page 86

    86 Enforced Clie nt Product G uide Using Enforce d Client Getting assista nce 3 Download utilities Access utilities to assist wi th installing cl ient software and trou bleshooting installati on problems from the Utilities page. To download utilities: On the Help page, click Utilities , then click a link . Silently install client software on indivi[...]

  • Page 87

    87 4 Using the Virus and Spyware Protection Service The virus and spyware protection service in Enforc ed Client safeguards cl ient computers against threats, such as viruses a nd potentially unwanted program s, by scanning files and email messages as they are accessed . This section describes features of th e virus an d spyware protection service:[...]

  • Page 88

    Figure 4-1 Scan Tasks menu Scan... Select a location to scan ( My Computer , My Documents Folder , or Floppy A ). Click Scan Folder... to browse to a folder of y our choice. Quarantine Viewer (administrative menu only) Open the quarantine folder, which contains possible threats detected on the computer (see Manage quarantined files on page 109 ). V[...]

  • Page 89

    89 Enforced Clie nt Produc t Guide Using the Vir us and Spy ware Protec tion Servi ce Scanning client computers 4 Scanning client computers The virus and spyware protection service safegua rds computers by automa tically scanning for viruses and spyware. At any time, users can perform manual scans of f iles, folders, or email, and administrators ca[...]

  • Page 90

    90 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Scanning client computers 4 Scan manually ( on-demand scans) The virus and spyware protection service automatica lly scans most files when they are accessed. However, users can scan a particular drive or fo lder at any time. Thi s is referred to as an on-demand sc[...]

  • Page 91

    91 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Scanning client computers 4 To view results of a manual scan: In the Scan Completed dialog box, click Report to display the Scan Statistics report. What is in a Scan Statis tics report? The Scan Statistics report opens in the default browser a nd displays the foll[...]

  • Page 92

    92 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Scanning client computers 4 Schedule on-demand scans Schedule an on-demand scan to occur at a specif ic date and time, either once or on a recurring basis. For example, you might want to scan client computer s at 11:00 P.M. each Saturday, when it is unlikely to in[...]

  • Page 93

    93 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Scanning client computers 4 2 Select one or more detecti ons, then select an action: Clean Place an encrypted original copy of e ach se lected item in a qu arantine folder, then attempt to clean it. If it cannot be cleaned, delete the item. Approve Add each select[...]

  • Page 94

    94 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Configuring poli cies for virus and sp yware protection 4 Configuring policies for virus and spyware protection Policies define th e operational settings for all your protec tion serv ices. See Setting up policies on page 75 for general inf ormation about using po[...]

  • Page 95

    95 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Configuring poli cies for virus and sp yware protection 4 To schedule an on-demand scan: 1 On the Groups + Policies page, click Add Policy (or click Edit to modify an existing policy). 2 Click the Virus Protection tab. 3 Under On-Demand Scan , click On . 4 Select [...]

  • Page 96

    96 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Configuring poli cies for virus and sp yware protection 4 Set advanced virus protection options On the Groups + Policies page, use the Advanced Settings tab to configure e nhanced protection and safeguard against additional threat s lurking in out-of-the-way locat[...]

  • Page 97

    97 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Configuring poli cies for virus and sp yware protection 4 To specify optional scans: 1 On the Groups + Policies page, click Add Policy (or click Edit to modify an existing policy). 2 Click the Advanced Settings tab, select each scan you wa nt to enable, then click[...]

  • Page 98

    98 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Configuring poli cies for virus and sp yware protection 4 Set basic spyware protection options On the Groups + Policies page, use the Spyware Protection tab to configure ba si c settings for spyware protection. Figure 4-5 Spyware Protection policy tab  Enable s[...]

  • Page 99

    99 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Configuring poli cies for virus and sp yware protection 4 Select a spyware protection mode You can specify how the v irus and spyware protection service r esponds to detections of potentially unwanted program s on client computers.  Protect : It attempts to cle[...]

  • Page 100

    100 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Configuring poli cies for virus and sp yware protection 4 Learn mode Report mode can be used as a “learn mode” to help you determine whic h programs to approve (see Specify ap proved programs on pag e 101 ). In Report mode, the virus and spyware protection se[...]

  • Page 101

    101 Enforced Clie nt Produc t Guide Using the Vir us and Spy ware Protec tion Servi ce Configuring poli cies for virus and sp yware protection 4 To specify programs to detect: 1 On the Groups + Policies page, click Add Policy (or click Edit to modify an existing policy). 2 Click the Advanced Settings tab. 3 Select each type of program you want to d[...]

  • Page 102

    102 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Viewing reports for virus and spyware detections 4 Viewing reports for virus and spyware detections Whenever a client computer chec ks for updates, it also sends da ta to the SecurityCenter in encrypted XML files. You can view th is data in reports accessed from [...]

  • Page 103

    103 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Viewing reports for virus and spyware detections 4 Select the information that appe ars in this report: Groups — Display only the computers in a group or display all computers. Report perio d — Specify the length of time for which to display information. Dete[...]

  • Page 104

    104 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Viewing reports for virus and spyware detections 4 View unrecognized programs Use the Unrecognized Programs report to view a list of unapproved programs that the spyware protection service or firewall protectio n service detected on your network. Figure 4-7 Unrec[...]

  • Page 105

    105 Enforced Clie nt Produc t Guide Using the Vir us and Spy ware Protec tion Servi ce Viewing reports for virus and spyware detections 4 Using the Unrecognized Program s report When you want to.. . Do this... Display computers or detections Click next to a name:  Under a computer name, show which detections were found.  Under a detection nam[...]

  • Page 106

    106 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Viewing reports for virus and spyware detections 4 View your detection history Check the Detection History report for a graphical overview of the number of detections and the number of computers where dete ctions occurred over the past year on your network. This [...]

  • Page 107

    107 Enforced Clie nt Produc t Guide Using the Vir us and Spy ware Protec tion Servi ce Managing detections 4 Managing detections To effectively manage your strategy for virus and spyware protection, we recommend that you proactively track the types of threats bei ng detected and where they are occurring.  Manage your protection stra tegy with be[...]

  • Page 108

    108 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Managing detections 4 Manage quarantined files When the virus and spyware protection service dete cts a threat on a cl ient computer, it atte mpts to clean the item where the threat is dete cted. The item might be a f ile, cookie, or registry key.  If it canno[...]

  • Page 109

    109 Enforced Clie nt Product G uide Using the Vir us and Spy ware Prot ection Servi ce Disabling on-access scanning 4 4 Check the status of each item: Cleaned The rescan action was successful. You can safe ly restore the item. Clean failed The item cannot be cleaned. Delete failed The item cannot be cleaned or deleted. If it is in use, close it and[...]

  • Page 110

    110 Enforced Clie nt Produc t Guide Using the Vir us and Spy ware Protec tion Servi ce Disabling on-access scanni ng 4[...]

  • Page 111

    111 5 Using the Firewall Protection Service The firewall protection service in Enforced Client safeguards against in trusions by monitoring inbound and outbound communications on client computers. It checks:  IP addresses and communicati on ports that attempt to comm unicate with your computer.  Applications that attempt to ac cess the Intern[...]

  • Page 112

    112 Enforced Clie nt Product G uide Using the Fir ewall Protectio n Service Configuri ng policies for fir ewall protecti on 5 Configuring policies fo r firewall p rotection Policies define th e operational settings for all your protec tion serv ices. See Setting up policies on page 75 for general inf ormation about using policies. See The SonicW AL[...]

  • Page 113

    Figure 5-1 Desktop Firewall policy tab 113 Enforced Clie nt Product G uide Using the Fir ewall Protectio n Service Configuri ng policies for fir ewall protecti on 5 Specify who configures fire wall protection settings Configuring settings for the firewall protection servic e enab les you to contro l which applications and communications are allowed[...]

  • Page 114

    114 Enforced Clie nt Produc t Guide Using the Fir ewall Protectio n Service Configuring po licies for fir ewall protecti on 5 How do user settings and admi nistrator settings coexist? When you select Administrator configures firewall , any firewall settings th at users have configured on their computers are saved.  If you also select Promp t mod[...]

  • Page 115

    115 Enforced Clie nt Product G uide Using the Fir ewall Protectio n Service Configuri ng policies for fir ewall protecti on 5 Select a firewall protection mode Specify how the firewall protection service responds to suspici ous activity on cl ient computers.  Protect : It blocks the suspicious activity.  Prompt : It displays a dialog bo x wit[...]

  • Page 116

    116 Enforced Clie nt Product G uide Using the Fir ewall Protectio n Service Configuri ng policies for fir ewall protecti on 5 Specify a connection type The connection type defines the environment wher e client computers are used and determines which IP addresses and ports th e firewall protection service allows t o communicate with them. This optio[...]

  • Page 117

    117 Enforced Clie nt Product G uide Using the Fir ewall Protectio n Service Configuri ng policies for fir ewall protecti on 5  Configure IP addresses for a custom connection Configure system services for a custom connection Certain applications, in cluding web servers and file-sharing server programs, must accept unsolicited connections from oth[...]

  • Page 118

    118 Enforced Clie nt Product G uide Using the Fir ewall Protectio n Service Configuri ng policies for fir ewall protecti on 5  Remote Assistance Y ou can add other service ports as needed. St andard service ports for typical system services are: Figure 5-2 Firewall Custom Settings page  File T ransfer Protocol (FTP) Ports 20-21  Mail Serve[...]

  • Page 119

    119 Enforced Clie nt Produc t Guide Using the Fir ewall Protectio n Service Configuring po licies for fir ewall protecti on 5 T o open a service po rt: 1 On the Groups + Policies page, click Add Policy (or click Edit to modify an existing policy). 2 Click the Desktop Firewall tab. 3 Under Connection Type , s elect Custom settings , then cl ick edit[...]

  • Page 120

    120 Enforced Clie nt Product G uide Using the Fir ewall Protectio n Service Configuri ng policies for fir ewall protecti on 5 Configure IP addresses for a custom connection In addition to accepting co mmunications through the selected service por ts, client computers accept communications originating from desig nated IP addresses. To add one or mor[...]

  • Page 121

    121 Enforced Clie nt Product G uide Using the Fir ewall Protectio n Service Configuri ng policies for fir ewall protecti on 5 2 A list of safe applications that SonicWALL mainta ins on the www.hacker watch.org website. By default, the firewall protection service allows applic ations that appear on this list. If the administrator does not want the f[...]

  • Page 122

    122 Enforced Clie nt Product G uide Using the Fir ewall Protectio n Service Viewing repo rts for firewal l protection 5 Viewing reports for firewall protection Whenever i t checks for upd ates, each client com puter also se nds data to t he Security Center website in encr ypted XML files. You can view this da ta in reports accessed from the Reports[...]

  • Page 123

    123 Enforced Clie nt Product G uide Using the Fir ewall Protectio n Service Viewing repo rts for firewal l protection 5 Using the Unrecognized Program s report View inbound events bl ocked by the firewall Use the Inbound Events Blocked by Firewall report to view a list of programs that the firewall protection service prevented from communicating wi[...]

  • Page 124

    124 Enforced Clie nt Produc t Guide Using the Fir ewall Protectio n Service Managing suspicious activity with best pr actices 5 Using the Inbound Events Blocked by Firewall report Managing suspicious activ ity with best practices To effectively manage your strategy for guardin g against suspicious ac tivity, we recommend that you proactively track [...]

  • Page 125

    125 Enforced Clie nt Produc t Guide Using the Fir ewall Protectio n Service Managing suspicious activity with best pr actices 5  Before install ing the firewall protection servic e on a server, ensure that the server’ s system services and Internet a pplications are configured corre ct ly. If there is a possibility the service might be install[...]

  • Page 126

    126 Enforced Clie nt Produc t Guide Using the Fir ewall Protectio n Service Managing suspicious activity with best pr actices 5[...]

  • Page 127

    127 6 Using the Browser Protection Service The browser protection service in Enforced Client, based on S onicWALL SiteAdvisor ™ , displays information to safe guard client computer users against web-based threats:  A safety rating for each website (see How safety ratings are compiled on page 128 ).  A safety report for each website that inc[...]

  • Page 128

    128 Enforced Clie nt Product G uide Using the Bro wser Prot ection Servi ce Accessing s ite safety infor mation 6 How safety ratings are compiled Safety ratings are derived by test ing criteria for each website and evaluati ng the results to assess whether the site poses a risk a nd, if so, what type of risk. Automated tests compi le safety rati ng[...]

  • Page 129

    129 Enforced Clie nt Product G uide Using the Bro wser Prot ection Servi ce Accessing s ite safety infor mation 6 Staying safe while browsing When users browse to a websit e, the SiteAd visor toolbar displays a color-coded menu button (the location depends on the browser): To display the Si te Advisor toolbar: In Internet Explorer, select View | To[...]

  • Page 130

    130 Enforced Clie nt Produc t Guide Using the Bro wser Protec tion Servi ce Configuring brow ser protection settings 6 Viewing safety reports Users can supplement the color-coded safety information for a site by viewing its detailed safety report. These reports describe specific threats discovered by testing and include feedback submitted by site o[...]

  • Page 131

    131 Enforced Clie nt Product G uide Using the Bro wser Prot ection Servi ce Configuring brow ser protection settings 6 3 Select Automatically install browser protection ser vice on all computers using this policy , then click Save . The browser protection service will be installed on al l computers using this policy the next time they check for an [...]

  • Page 132

    132 Enforced Clie nt Product G uide Using the Bro wser Prot ection Servi ce Submitting feedba ck 6 Submitting feedback SonicWALL encourages feedback about websites:  Users can describe suspicious or dangerous behavior they en counter when visiting a site.  Site owners can provide helpful information or respond to user feedba ck about their si[...]

  • Page 133

    133 7 Using the Email Security Service The email security service in Enforced Clie nt Advanced scans messages be fore they are received by client computers and quarantines detections. Your service checks for spam, phishing scams, viruses, directory harvest atta cks, and other email- borne thre ats in messages and attachments. The email security ser[...]

  • Page 134

    134 Enforced Clie nt Produc t Guide Using the Email Se curity Servi ce Activating th e email sec urity service 7 Activating the email security service Activate your email security service through a unique reg istration webs ite, which you access from the SecurityCente r website. To activate your account: 1 On the SecurityCenter websi te, click the [...]

  • Page 135

    Figure 7-1 Email security service’s portal 135 Enforced Clie nt Product G uide Using the Email Se curity Servi ce Setting up your a ccount 7 Setting up your account When your account is acti vated, you can set it up to filter emai l for users in its activation domain, the domain you specified in the activation wizard.  Update your MX records ?[...]

  • Page 136

    136 Enforced Clie nt Product G uide Using the Email Se curity Servi ce Setting up your a ccount 7 Default settings As soon as your email security service is activated , default functionality and features are configured.  Two users appear on the Users tab:  Your administrator login address.  A default user (whose name begins with pdefault )[...]

  • Page 137

    137 Enforced Clie nt Produc t Guide Using the Email Se curity Servi ce Setting up your a ccount 7 3 Set up your email ser ver to prevent spam and viruses from circumven ting the email security service. Some virus and spam senders specific ally targ et email servers using low-priority DNS MX records or by looking up a server directly with an intuiti[...]

  • Page 138

    138 Enforced Clie nt Product G uide Using the Email Se curity Servi ce Setting up your a ccount 7 4 Do you want to manage a ll users’ quaran tined messages in one central quarantine, rather than separa te user quarantines? Initially, each user’ s detected spam is quarantine d in an i ndividual user quarantine, where you can go to manage that us[...]

  • Page 139

    139 Enforced Clie nt Product G uide Using the Email Se curity Servi ce Viewing your email p rotection status 7 Access basic administration featur es on the Administration page: Summary This chart can be helpful for Help Desk personnel. Viewing your email protection status Once your email security service is running, check the SecurityCenter page of[...]

  • Page 140

    140 Enforced Clie nt Produc t Guide Using the Email Se curity Servi ce Viewing your email p rotection status 7 To view the status of your service: 1 On the SecurityCenter websi te, click the SecurityCenter tab. 2 Under Your email protection , check your emai l statistics. 3 Click the pie chart to open the portal, where you ca n view data for the la[...]

  • Page 141

    141 Enforced Clie nt Produc t Guide Using the Email Se curity Servi ce Configuring a poli cy for email security 7 Configuring a policy for email security Configure security settings for your email securi ty service by setting up a policy. (You can set up only one policy for you r email security service account.) To set up a pol icy for email sec ur[...]

  • Page 142

    142 Enforced Clie nt Produc t Guide Using the Email Se curity Servi ce Managing quarantined emai l 7 Managing quarantined email The email s ecurity servic e quarantines e mail mess ages that contain detect ed spam, phishing, and virus threats. Several tools are av ailable for managi ng these messages:  View and manage quarantined user messages ?[...]

  • Page 143

    143 Enforced Clie nt Product G uide Using the Email Se curity Servi ce Getting more information 7 T o restore quarantined email to an Inbox: Provide these instructions to your users: 1 Open the Quarantine Summary . 2 T o restore a message, click Deliver . View quarantined mail deliveries Administrators can track the number and type of qua rantined [...]

  • Page 144

    144 Enforced Clie nt Produc t Guide Using the Email Se curity Servi ce Getting more information 7[...]

  • Page 145

    145 8 Troubleshooting For help installin g, using, and maintaining Enfo rced Client, refer to fre quently asked questions or specific error messages and their so lutions.  Uninstalling prot ection services  Frequently asked questions (FAQ)  Error messages  Contacting product support Uninstalling protection services For testing purposes [...]

  • Page 146

    146 Enforced Clie nt Produc t Guide Troubleshoo ting Frequently asked questions (FAQ) 8 Frequently asked questions (FAQ) This section includes questions asked by administrators and client computer users.  Installing  Adding, renewing, and moving licenses  Configuring and managing policies  Scanning  Reporting  Updating  Firewal[...]

  • Page 147

    147 Enforced Clie nt Produc t Guide Troubleshoo ting Frequently asked questions (FAQ) 8 Adding, renewing, and moving licenses I purchased li censes for new c omputers, but the new computers don’t show up on my reports. When you purchase additional services or renew se rvices, use the same em ail address that you used when purchasing the original [...]

  • Page 148

    148 Enforced Clie nt Produc t Guide Troubleshoo ting Frequently asked questions (FAQ) 8 Why would I want to specify excluded fi les and folders or approved programs? Specifying excluded files and folders from scanning can be useful if you know a particular type of file is not vulnerable to atta ck, or a particular folder is sa fe. If you use a prog[...]

  • Page 149

    149 Enforced Clie nt Product G uide Troubleshoo ting Frequently asked questions (FAQ) 8 If you upgraded or purchased addi tional services using a new emai l address, you r eceived a new company key and URL for a new account instead of adding licenses to your existing account. (The company key appears aft er the characters CK= in the URL.) Because y[...]

  • Page 150

    150 Enforced Clie nt Produc t Guide Troubleshoo ting Frequently asked questions (FAQ) 8 How can I stop errors from showing up in my re ports when automatic up dates fail on systems where no user is logged on? For certain system configurati ons, automatic updates do not o ccur on systems where no user is logged on. You can prevent these failed updat[...]

  • Page 151

    151 Enforced Clie nt Produc t Guide Troubleshoo ting Frequently asked questions (FAQ) 8 Browser protection Can users run the browser protection service fo r Internet Explorer and Firefox on the same computer? Yes. The browser protection service f or Internet Ex plorer and Firefox are compatible on the same computer . Users can inst all protection f[...]

  • Page 152

    152 Enforced Clie nt Product G uide Troubleshoo ting Error messages 8 I use Windows XP Service Pack 2, and I get a me ssage that my computer may be at risk. What does this mean? This is a known problem with Microsoft Securi ty Center, because Micr osoft cannot determine that Enforced Client is installed and up-to-d ate. If you get this messa ge whe[...]

  • Page 153

    153 Enforced Clie nt Produc t Guide Troubleshoo ting Error messages 8  MyASUtil.SecureObje ctFactory error message  MyINX Error  Unable to connect to the En forced Client update server  Unable to create Cab Installer Object  Your current security settings prohi bit running ActiveX c ontrols on this page A file needed to install the s[...]

  • Page 154

    154 Enforced Clie nt Produc t Guide Troubleshoo ting Error messages 8 The security leve l of th e browser is too high. Set the browser’s s ecurity level to Medium or Medium-h igh (see Configure your browser on page 33 ). Internet Explorer i s blocking ActiveX controls. Click the narrow bar at the top of the Installation Denied page and select Ins[...]

  • Page 155

    155 Enforced Clie nt Produc t Guide Troubleshoo ting Error messages 8 Installation Denied Common causes and solutions:  When you begin the installation, Internet Explorer displays a dialog box asking you to verify that you want to install Enfo rced Client. You must click Yes .  The browser must be able to run ActiveX controls.  Set the bro[...]

  • Page 156

    156 Enforced Clie nt Product G uide Troubleshoo ting Error messages 8  If there is another comment in the Status column, contact product support with that information. MyINX Error The installer has detected other virus protec tion software on the computer, which you must uninstall: 1 From the Windows Control Panel , open Add/Remove Programs . 2 [...]

  • Page 157

    157 Enforced Clie nt Produc t Guide Troubleshoo ting Error messages 8  From Windows Control Panel , open In ternet Options. 2 Under Temporary Internet Files , click the Del ete Files button. 3 Select Delete all offline content , then click OK . An hourglass appears while the files are being deleted. 4 Under Temporary Internet Files , click Setti[...]

  • Page 158

    158 Enforced Clie nt Produc t Guide Troubleshoo ting Contacting product s upport 8 Contacting product support There are three ways to contact product support. By email To contact product support via email, refer to your welcome email for your service provider’s support address. By phone To access a list of current phone num bers for product sup p[...]

  • Page 159

    161 Glossary action item Indicator of a p otential vulnerability in your organization’s security th at re quires attention. Action items appear in red on the Secu rityCenter website in three locations: SecurityCenter page, Computer Details page, and in reports (as dates). action taken How SonicWALL protecti on services handle or respond to detect[...]

  • Page 160

    162 Enforced Client An ti-Virus and Anti -Spyware 4.5 Prod uct Guide Glossary Clean Failed The virus and spyware protection service could not clean or delete the item. This might indicate that the item is in use; if so, cl ose it and attempt t h e clean again. This might also indicate that the item resides on read-only media, such as a CD. If so, n[...]

  • Page 161

    163 Enforced Client An ti-Virus and Anti -Spyware 4.5 Prod uct Guide Glossary email security service A web-based service that safeguards small bu siness computers by automatica lly routing email messages through SonicWALL’s serv ers and scanning for dangerou s and inappropriate content before delivering the messages to the local network. Compare [...]

  • Page 162

    164 Enforced Client An ti-Virus and Anti -Spyware 4.5 Prod uct Guide Glossary outbreak DAT file A special detection definition file marked as Medium or High importance and released by SonicWALL Avert Labs in response to an outbr eak. It is specially en coded to inform the first computer receiving it to share the update immediatel y with other clien[...]

  • Page 163

    165 Enforced Client An ti-Virus and Anti -Spyware 4.5 Prod uct Guide Glossary reports Data uploaded by client co mputers to th e SecurityCenter an d formatted for the administrator; information on the account’s security status for the administrator. response How SonicWALL protection serv ices handle or take action on detections; for example, Clea[...]

  • Page 164

    166 Enforced Client An ti-Virus and Anti -Spyware 4.5 Prod uct Guide Glossary untrusted connection A direct connection to the Internet, such as a wireless network in a public airport or hotel. The firewall protection service blocks comm unications from other de vices on an untrusted network (it considers them to be unsafe). Compare to trusted conne[...]

  • Page 165

    167 A User Interface Definitions Login page Use this page to log on to the SonicWALL Secu rityCenter website, wh ere you can manage your account and view reports.  Log on to the SecurityCenter  Change your SecurityCenter password Email Address Type the e mail address for your accou nt. In most cases, this is the email address you used when re[...]

  • Page 166

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 168 A Computers tab Use this page to manage client computers where Enforced Client is inst alled. You can display all computers or one of the groups you have create d, then select individua l computers to manage or view details. Select a checkbox next to a com puter name to select that com[...]

  • Page 167

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 169 A Item Description Find computers Type a full or partial computer name , email address, IP address, or relay server name in the box, then click Search to display computers matching your s earch criteria. Note: All the client computers in your acc ount are searched. Add Computer Click t[...]

  • Page 168

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 170 A Reports tab Use this page to access ad ministrative reports. T he information in these rep orts is uploaded from client computers hourly.  Viewing reports  View detections  View unrecognized programs  View unrecognized Internet applications  View inbound events blocked[...]

  • Page 169

    Enforced Clie nt Product G uide User Interfa ce Definitions 171 A Groups + Policies tab Use this page to create a nd manage groups and policies:  A group consists of one or more computers that us e the same security se ttings. Create groups to organize computers so that you can manage them more easily. You might create groups based on physical l[...]

  • Page 170

    Enforced Clie nt Product G uide User Interfa ce Definitions 172 A My Account tab Use this page to manage information for your protection services account.  Setting up your account  Change your SecurityCenter password  Managing your subscriptions  Designating group administrators  Sign up for emai l notifications  Add your logo to [...]

  • Page 171

    Add Select this link to create a new group administrator account or edit an existing account. All group administrators Select this link to open a page where you can view and edit all groups administrator accounts for your or ganization. Name Shows the name you entered for identification purp oses when you created the group admi nistrator’s accoun[...]

  • Page 172

    Enforced Clie nt Product G uide User Interfa ce Definitions 174 A Help tab Use this page to access online product documentation and to contact customer support.  View printed and online documents  Download utilities  Contact product support Quick Start Guide Select this link to display a docu ment that describes how to use the basic featur[...]

  • Page 173

    Enforced Clie nt Product G uide User Interfa ce Definitions 175 A  Installing Enforced Client  Standard URL installation  Using the portal Install products onto new computers (not yet managed by SecurityCenter) Select this option to install one or more protectio n services onto on e or more computers where En forced Client is not already i[...]

  • Page 174

    Select Text and Copy to Clipboard To send users a URL they can use to install on their computers, first click this button. Then open a bl ank ema il message, paste the text you copied in to its body, and send it to users who need to install the protection service(s). You will have the opportunity to ed it the instructions in your email message befo[...]

  • Page 175

    Enforced Clie nt Product G uide User Interfa ce Definitions 177 A Install Email Security Service Use this page to reference configuration info rmation for your Mail eXchange (MX) records, contact support, and access the email security se rvice’s portal, where you can manage and view reports for the email security service .  Using the portal ?[...]

  • Page 176

    Enforced Clie nt Product G uide User Interfa ce Definitions 178 A Product Purchase Use this page to purchase new or additional licenses for SonicW ALL protection services or sign up for a trial subscription.  Managing your subscriptions  Purchase, add, and renew services  Request a trial subscription Locate and contact your local SonicWALL[...]

  • Page 177

    Email button Click to open a blank email messa ge addressed to the selected computers. (You must have a clie nt email application ins talled to use this feature.) Delete Click to delete the selected computers from your listing. Use this feature to delete dupli cate and obsolete computers. If you delete a computer where a valid serv ice is installed[...]

  • Page 178

    Computer Details section Lists information abou t the computer and pr otection services. System email address Shows the email address used to contact the user. To change the address, type a new address. Group Shows the group to which this co mputer belongs. To move this computer to another group , select one from the list. (Services) Shows the stat[...]

  • Page 179

    Enforced Clie nt Product G uide User Interfa ce Definitions 181 A  View user-approved applications for a computer  Specify approved programs  Set up allowed Internet applications Name Shows the name of the detected application. For potentially unwanted programs, se lect the name of the detected threat to display a detailed desc ription fro[...]

  • Page 180

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 182 A Detections report (by computer) Use this report to view and ma nage detections and the computers where de tections occurred. You can display all com puters o r a subset, then select i ndividual computers fo r managing or viewing details. To select a computer, select the checkbox next[...]

  • Page 181

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 183 A Detections report (by detection) Use this report to view and ma nage detections and the computers where de tections occurred.  View detections  Make the most of your online data  Customize listings and reports  Manage your protection stra tegy with be st practices Move to[...]

  • Page 182

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 184 A Unrecognized Programs report (by computer ) Use this report to view and manage detected pr ograms that were not recognized by the virus and spyware protection service or firewall protec tion servic e, and the computers where these programs were detected. You can display all com puter[...]

  • Page 183

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 185 A Unrecognized Programs report (by program) Use this report to view and ma nage detected progr ams not rec ognized by the virus and spyware protection service or firewall protection service, and the com puters where these programs were detected. To approve any of these applicat ions fo[...]

  • Page 184

    Enforced Clie nt Product G uide User Interfa ce Definitions 186 A Inbound Events Blocked by Firew all report (by originating computer) Use this report to view and ma nage blocked communications sent to client computers, and the computers where these communicati ons originat ed. Ea ch attempt at co mmunication is reported as a single event .  Vie[...]

  • Page 185

    Enforced Clie nt Product G uide User Interfa ce Definitions 187 A Inbound Event List Use this page to view detail ed information about inbound communi cations that were blocked by the firewall pr otection service. The Computer and Report period selected on the previous page determine the content of th is listing.  View inbound events blocked by [...]

  • Page 186

    Groups Select the group of computer s to display. If you have not created an y groups, this option does no t appear. Email button Click to open a blank email messa ge addressed to the selected computers. (You must have a local email application installed to use this feature.) Delete Click to delete the selected computers from your listing. Block Cl[...]

  • Page 187

    Groups Select the group of computer s to display. If you have not created an y groups, this option does no t appear. Operating system version Select a version to display only th e computers running that ver sion. Only the operating syst ems running on client computers are listed here. Browser version Select a version to display only th e computers [...]

  • Page 188

    Groups Select the group of computer s to display. If you have not created an y groups, this option does no t appear. Display by Select increments in which to display historical information: Detections Found Shows the total numbe r of detectio ns for your account over the past year. Computers with Detections Shows the total number of comput ers wher[...]

  • Page 189

    Name Type a new name for the group if you want to rename it. Policy Select a policy from the list if you want to assign a different one. The current policy is displayed, an d all available policies appear in the list. If you have not cr eated any policies, only th e SonicWALL Default policy appears. Note: You must create a policy before you can ass[...]

  • Page 190

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 192 A  Configuring policies fo r firewall protection  Configuring browser protecti on from the SecurityCenter  The SonicWALL Default policy Item Description Virus Protection Scheduled On-Demand Scan Disabled : No on-demand scan is scheduled. On-access scans still occur every time [...]

  • Page 191

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 193 A Update client computers where users are not logged in Enabled. A utomatic updates occur on comput ers where no user is logged on, for example, terminal servers an d computers where the fast user switching feature is used. Display support notifications on client computers Enabled. Not[...]

  • Page 192

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 194 A Edit Policy: Virus Protection Settings Policies are made up of security set tings for all of your pro tection services . These settings define how your services operate on client computers. Use this page to rename a policy or modify it s virus protection settin gs. Changes do not tak[...]

  • Page 193

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 195 A Edit Policy: Spyware Protection Settings Policies are made up of security set tings for all of your pro tection services . These settings define how your services operate on client computers. Use this page to rename a policy or modify it s spyware protection settin gs. Changes do not[...]

  • Page 194

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 196 A Edit Policy: Desktop Firewall Setting s Policies are made up of security set tings for all of your pro tection services . These settings define how your services operate on client computers. Use this page to rename a policy or modify it s settings for the fire wall protection service[...]

  • Page 195

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 197 A Item Description Policy name Type a new name for the policy if you want to rename it. Firewall Management Select who manages the firewall protection service’s settings for client computers:  Administrator configures firewall : You configure the policy settings that determine how[...]

  • Page 196

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 198 A Firewall Custom Settin gs Use this page to define custom settings for the environment where cl ient comp uters operate. Custom settings are typically re commended when computers using this policy meet one of these criteria:  They should allow communications from system se rvices o[...]

  • Page 197

    Enforced Clie nt Product G uide User Interfa ce Definitions 199 A  Configure IP addresses for a custom connection Allowed Incoming Connections Specifies the system service port s through which comput ers using this policy can communicate. Allow Select the checkbox ne xt to each port you want to enable. The firewall protection service allows comm[...]

  • Page 198

    Enforced Clie nt Product G uide User Interfa ce Definitions 200 A Edit Policy: Browser Protection Settings Policies are made up of security set tings for all of your pro tection services . These settings define how your services operate on client computers. Use this page to rename a policy or modify its settings for the brow ser protection service.[...]

  • Page 199

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 201 A Advanced Virus Protection Settings Select additional protection feat ures for the virus and spyware protection service. If none of these features are selected, the service still detects viruses.  Enable outbreak response : Check for an outbreak de tection definition ( DAT ) file e[...]

  • Page 200

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 202 A Add Policy: Virus Protection Settings Policies are made up of security set tings for all of your pro tection services . These settings define how your services operate on client computers. Use this page to create a pol ic y and configure its virus protecti on settings. Changes do not[...]

  • Page 201

    Policy name Typ e the name of the new policy. On-Demand Scan Regardless of this setting, on-access scans occur every time users run, open, or download files. Excluded Files and Folders Lists files, folders, and file na me extensions that the virus and spyware protection ser vice does not scan for viruses. If you have not designated any files or fol[...]

  • Page 202

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 204 A Add Policy: Desktop Firewall Settin gs Policies are made up of security set tings for all of your pro tection services . These settings define how your services operate on client computers. Use this page to creat e a new pol icy and configure its settings for the firewall protection [...]

  • Page 203

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 205 A Item Description Policy name Typ e a name for the new policy. Firewall Configuration Select who manages the firewall protection service’s settings for client computers:  Administrator configures firewall : You configure the policy settings that determine how the firewall protect[...]

  • Page 204

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 206 A Add Policy: Browser Protection Settings Policies are made up of security set tings for all of your pro tection services . These settings define how your services operate on client computers. Use this page to create a new policy and configur e its settings for the browser protection s[...]

  • Page 205

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 207 A Add Policy: Advanced Settings Policies are made up of security set tings for all of your pro tection services . These settings define how your services operate on client computers. Use this page to create a polic y and configure its advanced viru s and spyware pr o tection settings. [...]

  • Page 206

    Enforced Clie nt Produc t Guide User Interfa ce Definitions 208 A Advanced Virus Protection Settings Select additional protection feat ures for the virus and spyware protection service. If none of these features are selected, the service still detects viruses.  Enable outbreak response : Check for an outbreak de tection definition ( DAT ) file e[...]

  • Page 207

    Enforced Clie nt Product G uide User Interfa ce Definitions 209 A Subscription History Use this page to view all your existing and previous licenses for SonicWALL protection services. Your service provider determines what type of information appears on this page, so you might not see some of the columns described below. Note  Managing your subsc[...]

  • Page 208

    View Cancelled Services Select this link to open a page listing service subscr ipt ions that are no longer current. If you are already viewing a list of cancelled subscriptions, a link to display current subscriptions appears instead. Managed Services Lists the name of the Soni cWALL protection service. Quantity Shows the number of licenses alloca [...]

  • Page 209

    Enforced Clie nt Product G uide User Interfa ce Definitions 211 A Manage Group Administrators Use this page to add a group admi nistrator account or modify the settings for an existing account. You can distribute manage ment tasks within your organizati on by creating group administrators. Group administrators can oversee and manage onl y the group[...]

  • Page 210

    Add Administrator Click to create a group administrator account. Name Shows the name you entered for identification purp oses when you created the group administrator account. Email Address Select an address to open a bla nk email message addressed to the group adminis trator. (You m ust have a local email application installed to use this feature.[...]

  • Page 211

    Enforced Clie nt Product G uide User Interfa ce Definitions 213 A Edit Profile Use this page to modify the information your service provider uses to notify you about issues related to your account. Some fiel ds are optional; fields that you must f ill in are labeled as required.  Set up your profile  Change your SecurityCenter password Your L[...]

  • Page 212

    Enforced Clie nt Product G uide User Interfa ce Definitions 214 A  Install the standalone installation ag ent Silently install protection services on client computers Select the VSSetup link to download the silent installation package, which enables you to remotely depl oy Enforced Client on a client computer with no user interaction. Download t[...]