M86 Security M86 User Manual

Manual is about: Web Filtering and Reporting Suite

Page of 938

Download

Print this page

Bookmark us

M86 Web Filtering and Reporting Suite

USER GUIDE

Software Version: 4.2.00

Document Version: 10.10.11

1 2 3 4 5 6 7 Next › »

Summary of M86

Page 1
M86 web filtering and reporting suite user guide software version: 4.2.00 document version: 10.10.11.
Page 2: M86 S
Ii m86 s ecurity u ser g uide m86 s ecurity w eb f iltering and r eporting s uite u ser g uide © 2011 m86 security all rights reserved. Version 1.01, published october 2011 for software release 4.2.00 printed in the united states of america this document may not, in whole or in part, be copied, phot...
Page 3: Ontents
M86 s ecurity u ser g uide iii c ontents wfr s uite o verview ..................................................... 1 how to use this user guide ....................................................... 2 organization .......................................................................................
Page 4
C ontents iv m86 s ecurity u ser g uide global group ............................................................................ 25 ip groups . ................................................................................ 26 filtering profile types ..................................................
Page 5: Wf G
C ontents m86 s ecurity u ser g uide v library synchronization process .............................................. 47 delays in synchronization ............................................................... 48 synchronized, non-synchronized items ......................................... 49 sync...
Page 6
C ontents vi m86 s ecurity u ser g uide local filtering...................................................................... 81 http filtering ..................................................................... 82 https filtering .................................................................. ...
Page 7
C ontents m86 s ecurity u ser g uide vii view log file window . ............................................................ 120 view log results .............................................................. 120 troubleshooting mode window ............................................... 122 use the...
Page 8
C ontents viii m86 s ecurity u ser g uide apply operation mode settings ........................................ 165 proxy environment settings window ...................................... 165 use a local proxy server ................................................. 166 use proxy port 80 ............
Page 9
C ontents m86 s ecurity u ser g uide ix common customization window . ........................................... 205 enable, disable features ................................................. 206 lock page customization window . ......................................... 208 edit entries, setting .....
Page 10
C ontents x m86 s ecurity u ser g uide view criteria for a rule ..................................................... 251 add a rule ........................................................................ 252 modify a rule .................................................................... 254 cop...
Page 11
C ontents m86 s ecurity u ser g uide xi download log, view, print contents ................................ 293 emergency update log window . ............................................ 297 view the emergency software update process ............... 297 download the software update log file ...........
Page 12: Wf G
C ontents xii m86 s ecurity u ser g uide chapter 4: reporting screen .................................................. 329 report configuration ..................................................................... 330 report configuration window ................................................. 330...
Page 13
C ontents m86 s ecurity u ser g uide xiii exception url window ........................................................... 374 valid url entries ............................................................. 375 add urls to block url or bypass url frame ............... 376 remove urls from block url ...
Page 14
C ontents xiv m86 s ecurity u ser g uide time profile window ............................................................... 409 approved content settings window ........................................ 410 delete individual ip ................................................................. 410 de...
Page 15
C ontents m86 s ecurity u ser g uide xv appendix b .............................................................................. 437 create a custom block page ........................................................ 437 part i: modify the web filter ...................................................
Page 16: Sr I
C ontents xvi m86 s ecurity u ser g uide remote filtering components .......................................... 465 work flow overview ............................................................... 465 mobile client installed on a mobile pc ............................. 465 network operations overv...
Page 17: Sr S
C ontents m86 s ecurity u ser g uide xvii re-login............................................................................. 526 expired passwords .......................................................... 527 forgot your password ..................................................... 528 user int...
Page 18: Sr R
C ontents xviii m86 s ecurity u ser g uide shut down screen . ................................................................. 553 sr action selections......................................................... 553 perform a server action ................................................... 554 report...
Page 19
C ontents m86 s ecurity u ser g uide xix user group status key ....................................................... 586 view a list of members in a user group ............................. 586 add a user group ................................................................... 588 patterns sub-pa...
Page 20
C ontents xx m86 s ecurity u ser g uide add a web filter to the device registry ............................. 627 view, edit web filter device criteria .................................. 627 delete a web filter from the device registry ..................... 628 security reporter maintenance ...........
Page 21: Sr P
C ontents m86 s ecurity u ser g uide xxi chapter 3: report configuration ........................................... 657 default report settings panel ....................................................... 657 set new defaults . ................................................................... 65...
Page 22
C ontents xxii m86 s ecurity u ser g uide report type tabs............................................................... 687 detail drill down report settings menu ............................ 687 page/object detail columns.............................................. 687 column sorting tips ........
Page 23
C ontents m86 s ecurity u ser g uide xxiii excel (english) ................................................................. 717 chapter 3: customize, maintain reports .............................. 718 report wizard ............................................................................... 718...
Page 24
C ontents xxiv m86 s ecurity u ser g uide chapter 1: gauge components ............................................. 758 types of gauges ........................................................................... 758 url gauges ............................................................................
Page 25
C ontents m86 s ecurity u ser g uide xxv system tray alert function ...................................................... 794 lockout function . .................................................................... 795 view, modify, delete an alert ......................................................
Page 26: Sr A
C ontents xxvi m86 s ecurity u ser g uide security report type tabs ...................................................... 825 report settings menu ............................................................. 825 report view icons ................................................................... ...
Page 27: Wfr A
C ontents m86 s ecurity u ser g uide xxvii view system tray alert messages .................................... 862 appendix c .............................................................................. 863 glossary ....................................................................................
Page 28
C ontents xxviii m86 s ecurity u ser g uide i ndex ........................................................................... 887.
Page 29: Wfr S
Wfr s uite o verview m86 s ecurity u ser g uide 1 wfr s uite o verview the m86 security web filtering and reporting suite (wfr) consists of the m86 web filter and m86 security reporter, consolidated into one unit. M86 web filter offers an enhanced solution for internet filtering on a network. The we...
Page 30: How to Use This User Guide
Wfr s uite o verview h ow to u se this u ser g uide 2 m86 s ecurity u ser g uide how to use this user guide organization this user guide is organized into the following portions: • wfr suite overview - this portion introduces the wfr product and explains how to use the wfr console and this user guid...
Page 31: Conventions
Wfr s uite o verview h ow to u se this u ser g uide m86 s ecurity u ser g uide 3 conventions the following icons are used throughout this user guide: note: the “note” icon is followed by italicized text providing additional information about the current topic. Tip: the “tip” icon is followed by ital...
Page 32: Components And Environment
Wfr s uite o verview c omponents and e nvironment 4 m86 s ecurity u ser g uide components and environment components hardware • high performance server equipped with raid • two or four high-capacity hard drives • optional: one or more attached “nas” storage devices (e.G. Ethernet connected, scsi/fib...
Page 33: Environment
Wfr s uite o verview c omponents and e nvironment m86 s ecurity u ser g uide 5 environment network requirements • power connection protected by an uninterruptible power supply (ups) • https connection to m86 security’s software update server • sr must be be fully configured, and the structured query...
Page 34
Wfr s uite o verview c omponents and e nvironment 6 m86 s ecurity u ser g uide • safari 5.1 • macintosh os x version 10.6 or 10.7 running: • safari 5.1 • firefox 6.0 • javascript enabled • java virtual machine • java plug-in • pop-up blocking software, if installed, must be disabled • session cookie...
Page 35: Initial Setup
Wfr s uite o verview h ow to u se the wfr on the w eb m86 s ecurity u ser g uide 7 how to use the wfr on the web initial setup to initially set up your m86 web filter and reporter (wfr) server, the administrator installing the unit should follow the instructions in the m86 wfr installation guide, th...
Page 36
Wfr s uite o verview h ow to u se the wfr on the w eb 8 m86 s ecurity u ser g uide example, if the host name is logo.Com, type in https:// logo.Com:1443. With a secure connection, the first time you attempt to access the wfr’s user interface in your browser you will be prompted to accept the securit...
Page 37: Single Sign-On Access
Wfr s uite o verview h ow to u se the wfr on the w eb m86 s ecurity u ser g uide 9 single sign-on access access all applications from the sr ui single sign-on (sso) access eliminates the process of choosing either the web filter or sr application from the wfr welcome window, and then logging in to e...
Page 38
Wfr s uite o verview h ow to u se the wfr on the w eb 10 m86 s ecurity u ser g uide default usernames and passwords without setting up single sign-on access for the global administrator account, default usernames and passwords for wfr applications are as follows: note that since the default username...
Page 39: Ilter
W eb f ilter i ntroductory s ection w eb f ilter m86 s ecurity u ser g uide 11 w eb f ilter i ntroductory s ection web filter m86 security’s web filter tracks each user’s online activity, and can be configured to block specific web sites, service ports, and pattern and file types, and lock out an en...
Page 40
W eb f ilter i ntroductory s ection a bout this p ortion of the u ser g uide 12 m86 s ecurity u ser g uide • web filter introductory section - this section is comprised of an overview on filtering, web access logging, instant messaging and peer-to-peer blocking, and synchronizing multiple web filter...
Page 41: Terminology
W eb f ilter i ntroductory s ection a bout this p ortion of the u ser g uide m86 s ecurity u ser g uide 13 terminology the following terms are used throughout this user guide. Sample images (not to scale) are included for each item. • alert box - a message box that opens in response to an entry you ...
Page 42
W eb f ilter i ntroductory s ection a bout this p ortion of the u ser g uide 14 m86 s ecurity u ser g uide • frame - a boxed-in area in a dialog box, window, or screen that includes a group of objects such as fields, text boxes, list boxes, buttons, radio buttons, check- boxes, and/or tables. Object...
Page 43
W eb f ilter i ntroductory s ection a bout this p ortion of the u ser g uide m86 s ecurity u ser g uide 15 • pop-up box or pop-up window - a box or window that opens after you click a button in a dialog box, window, or screen. This box or window may display infor- mation, or may require you to make ...
Page 44
W eb f ilter i ntroductory s ection a bout this p ortion of the u ser g uide 16 m86 s ecurity u ser g uide • sub-topic - a subset of a main topic that displays as a menu item for the topic. The menu of sub-topics opens when a perti- nent topic link in the left panel—the navigation panel—of a screen ...
Page 45
W eb f ilter i ntroductory s ection a bout this p ortion of the u ser g uide m86 s ecurity u ser g uide 17 • tree - a tree displays in the naviga- tion panel of a screen, and is comprised of a hierarchical list of items. An entity associated with a branch of the tree is preceded by a plus (+) sign w...
Page 46: Overview
W eb f ilter i ntroductory s ection o verview 18 m86 s ecurity u ser g uide overview the web filter’s administrator console is used by the global administrator—and group administrator, as required—to configure the web filter to perform the following basic func- tions: •filter urls (web addresses) on...
Page 47: Operational Modes
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations m86 s ecurity u ser g uide 19 chapter 1: filtering operations operational modes based on the setup of your network, the web filter can be configured to use one of these operational modes for filtering the network: • invisible mod...
Page 48: Invisible Mode
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations 20 m86 s ecurity u ser g uide invisible mode if the web filter is set up in the invisible mode, the unit will filter all connections on the ethernet between client pcs and the internet, without stopping each ip packet on the same...
Page 49
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations m86 s ecurity u ser g uide 21 when users (client pcs) make internet requests, the traffic flows (1) through the network path without interruption. The web filter captures the request as the user’s request (2) leaves the network. ...
Page 50: Router Mode
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations 22 m86 s ecurity u ser g uide router mode if the web filter is set up in the router mode, the unit will act as an ethernet router, filtering ip packets as they pass from one card to another. While all original packets from client...
Page 51: Firewall Mode
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations m86 s ecurity u ser g uide 23 warning: m86 recommends contacting one of our solutions engineers if you need assistance with router mode setup proce- dures. Firewall mode the firewall mode is a modification of the router mode. Wit...
Page 52
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations 24 m86 s ecurity u ser g uide the firewall mode cannot be used with any other mode (invisible or router). Figure 1:1-4 illustrates an example of a firewall mode setup in which requests are never sent to the caching server. In thi...
Page 53: Group Types
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations m86 s ecurity u ser g uide 25 group types after the operational filtering mode is configured on the web filter, the group type(s) that will be used on the web filter must be set up so that filtering can take place. In the policy ...
Page 54: Ip Groups
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations 26 m86 s ecurity u ser g uide ip groups the ip group type is represented in the tree by the ip icon . A master ip group is comprised of sub-group members and/or individual ip members . The global administrator adds master ip grou...
Page 55: Filtering Profile Types
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations m86 s ecurity u ser g uide 27 filtering profile types a filtering profile is used by all users who are set up to be filtered on the network. This profile consists of rules that dictate whether a user has access to a specified web...
Page 56
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations 28 m86 s ecurity u ser g uide • override account profile - set up in either the global group section or the master ip group section of the console. • lock profile - set up under x strikes blocking in the filter options section of...
Page 57: Static Filtering Profiles
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations m86 s ecurity u ser g uide 29 static filtering profiles static filtering profiles are based on fixed ip addresses and include profiles for master ip groups and their members. Master ip group filtering profile the master ip group ...
Page 58: Active Filtering Profiles
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations 30 m86 s ecurity u ser g uide active filtering profiles active filtering profiles include the global group profile, override account profile, time profile, and lock profile. Note: for information about authentication filtering pr...
Page 59: Filtering Profile Components
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations m86 s ecurity u ser g uide 31 filtering profile components filtering profiles are comprised of the following compo- nents: • library categories - used when creating a rule, minimum filtering level, or filtering profile for the gl...
Page 60: Library Categories
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations 32 m86 s ecurity u ser g uide library categories a library category contains a list of web site addresses and keywords for search engines and urls that have been set up to be blocked or white listed. Library categories are used w...
Page 61: Service Ports
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations m86 s ecurity u ser g uide 33 service ports service ports are used when setting up filter segments on the network (the range of ip addresses/netmasks to be detected by the web filter), the global (default) filtering profile, and ...
Page 62: Filter Settings
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations 34 m86 s ecurity u ser g uide note: if the minimum filtering level is not set up, global (default) filtering settings will apply instead. If an override account is established at the ip group level for a member of a master ip gro...
Page 63: Filtering Rules
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations m86 s ecurity u ser g uide 35 • filter - if a service port is given a filter setting, that port will use filter settings created for library categories (block or open settings) to determine whether users should be denied or allow...
Page 64
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations 36 m86 s ecurity u ser g uide b. An individual ip member time profile takes precedence over the individual ip member profile. 6. An authentication (ldap) profile—this includes a work- station profile—takes precedence over an indi...
Page 65
W eb f ilter i ntroductory s ection c hapter 1: f iltering o perations m86 s ecurity u ser g uide 37 fig. 1:1-7 sample filtering hierarchy diagram.
Page 66: Web Access Logging
W eb f ilter i ntroductory s ection c hapter 2: l ogging and b locking 38 m86 s ecurity u ser g uide chapter 2: logging and blocking web access logging one of the primary functions of the web filter is to log the activity of users on the internet. Information captured in the log can be transferred t...
Page 67: P2P Blocking
W eb f ilter i ntroductory s ection c hapter 2: l ogging and b locking m86 s ecurity u ser g uide 39 service should be blocked, and then performs the appro- priate action. Warning: the following items are known issues pertaining to the im module: • im can only block by destination ip address if netw...
Page 68: Setting Up Im and P2P
W eb f ilter i ntroductory s ection c hapter 2: l ogging and b locking 40 m86 s ecurity u ser g uide setting up im and p2p im and p2p are set up in the system and library sections of the administrator console. 1. In the system section, activate pattern blocking in the filter window. 2. In the librar...
Page 69: Block Im, P2P For All Users
W eb f ilter i ntroductory s ection c hapter 2: l ogging and b locking m86 s ecurity u ser g uide 41 block im, p2p for all users block im for all users to block im for all users on the network: • the pattern blocking option in the filter window must be activated • the global filtering profile must h...
Page 70
W eb f ilter i ntroductory s ection c hapter 2: l ogging and b locking 42 m86 s ecurity u ser g uide block specified entities from using im, p2p block im for a specific entity to block im for a specified group or user: • the pattern blocking option in the filter window must be activated • the chat a...
Page 71: Web Filter Synchronization
W eb f ilter i ntroductory s ection c hapter 3: s ynchronizing m ultiple u nits m86 s ecurity u ser g uide 43 chapter 3: synchronizing multiple units web filter synchronization the web filter can function in one of three modes—“stand alone” mode, “source” mode, or “target” mode—based on the setup wi...
Page 72: Unctional
W eb f ilter i ntroductory s ection c hapter 3: s ynchronizing m ultiple u nits 44 m86 s ecurity u ser g uide f unctional m odes stand alone mode in the stand alone mode, the web filter functions as the only internet filter on the network. This mode is used if there is only one web filter on the net...
Page 73: Synchronization Setup
W eb f ilter i ntroductory s ection c hapter 3: s ynchronizing m ultiple u nits m86 s ecurity u ser g uide 45 synchronization setup to set up synchronization on a web filter, a selection must be made in setup window from the system section of the web filter console to specify whether the web filter ...
Page 74
W eb f ilter i ntroductory s ection c hapter 3: s ynchronizing m ultiple u nits 46 m86 s ecurity u ser g uide should receive its running filter configuration in the event of a reboot. Warning: if a web filter server is set up in the target mode with a nat device between the target and source server,...
Page 75
W eb f ilter i ntroductory s ection c hapter 3: s ynchronizing m ultiple u nits m86 s ecurity u ser g uide 47 if the target server is rebooted for any reason (loss of power etc.) upon bootup, the target server will actively download and apply the current running configuration from the source server....
Page 76: Delays In Synchronization
W eb f ilter i ntroductory s ection c hapter 3: s ynchronizing m ultiple u nits 48 m86 s ecurity u ser g uide delays in synchronization when a filtering profile is applied to the source server, there is a slight delay in the time it takes to apply the profile to the target server. This delay is caus...
Page 77
W eb f ilter i ntroductory s ection c hapter 3: s ynchronizing m ultiple u nits m86 s ecurity u ser g uide 49 synchronized, non-synchronized items it is important to note that while some items are synchro- nized to the target web filters, they do not become perma- nent configurations on the target w...
Page 78: Synchronize All Items
W eb f ilter i ntroductory s ection c hapter 3: s ynchronizing m ultiple u nits 50 m86 s ecurity u ser g uide synchronize all items the following lists show which items will be synchronized when the option to synchronize all items is selected. Synchronized items (all) • m86 library additions/deletio...
Page 79: Non-Synchronized Items
W eb f ilter i ntroductory s ection c hapter 3: s ynchronizing m ultiple u nits m86 s ecurity u ser g uide 51 • quota setting non-synchronized items • filter control settings • virtual ip and authentication ip addresses • ip addresses • default routes • software update application • synchronization ...
Page 80: Non-Synchronized Items
W eb f ilter i ntroductory s ection c hapter 3: s ynchronizing m ultiple u nits 52 m86 s ecurity u ser g uide synchronize only library items the following lists show which items will be synchronized when the option to synchronize only library items is selected. Synchronized items (library only) • m8...
Page 81
W eb f ilter i ntroductory s ection c hapter 3: s ynchronizing m ultiple u nits m86 s ecurity u ser g uide 53 • ldap user/group: additions/deletions, changes, filter changes, profile activation/deactivation • filter control settings • virtual ip and authentication ip addresses • ip addresses • defau...
Page 82: Establish Backup Procedures
W eb f ilter i ntroductory s ection c hapter 3: s ynchronizing m ultiple u nits 54 m86 s ecurity u ser g uide server maintenance procedures source server failure scenarios in the event that the source web filter unit should fail, the target servers will continue to run using the last known configura...
Page 83
W eb f ilter i ntroductory s ection c hapter 3: s ynchronizing m ultiple u nits m86 s ecurity u ser g uide 55 use a backup file to set up a source server in the event of a source server failure, the global adminis- trator should designate a target server as the new source server. Set up a target ser...
Page 84
W eb f ilter i ntroductory s ection c hapter 3: s ynchronizing m ultiple u nits 56 m86 s ecurity u ser g uide set up a replacement target server once the original source server is replaced or repaired, it can then be configured to replace the empty spot created by the movement of the target server t...
Page 85: Chapter 4: Getting Started
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted m86 s ecurity u ser g uide 57 chapter 4: getting started using the administrator console access the web filter login window the web filter user interface is accessible in one of two ways: • by clicking the wf icon in the wfr welcome w...
Page 86
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted 58 m86 s ecurity u ser g uide enter web filter’s url in the address field 1. Launch an internet browser window supported by the web filter. 2. In the address line of the browser window, type in “https://” and the web filter server’s i...
Page 87: Log In
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted m86 s ecurity u ser g uide 59 log in 1. In the login window, enter your username and pass- word: fig. 1:4-2 web filter login window tip: the default username is admin and the password is user3. To change this username and password, go...
Page 88: Last Library Update Message
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted 60 m86 s ecurity u ser g uide fig. 1:4-3 welcome screen on this screen, the web filter version number displays in the product frame, and dates for the last software update and last library update display in the web filter status frame...
Page 89
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted m86 s ecurity u ser g uide 61 after the libraries are updated, today’s date will appear as the last library update on the welcome screen. Note: refer to the library screen’s manual update to m86 supplied categories window—in the web f...
Page 90: Navigation Tips
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted 62 m86 s ecurity u ser g uide navigation tips access main sections the administrator console is organized into six sections, each accessible by clicking the corresponding link in the navigation toolbar at the top of the screen: • home...
Page 91
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted m86 s ecurity u ser g uide 63 • help - clicking this link displays the help screen that includes navigation tips. Links in the left panel provide access to software and appliance information, and a page for downloading the latest docu...
Page 92: Help Features
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted 64 m86 s ecurity u ser g uide help features help features provide information about how to use windows in the administrator console. Such features include help topics and tooltips. Access help topics each of the main section screens c...
Page 93: Tooltips
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted m86 s ecurity u ser g uide 65 tooltips in any window that features the icon in the navigation path bar beneath the banner, additional information about that window can be obtained by hovering over that icon with your mouse, or by pres...
Page 94
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted 66 m86 s ecurity u ser g uide • help pop-up box the help pop-up box opens when you press the f1 key on your keyboard: fig. 1:4-8 help pop-up box click ok to close the pop-up box..
Page 95: Topic Links
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted m86 s ecurity u ser g uide 67 screen and window navigation all screens are divided into two panels: a navigation panel to the left, and a window in the panel to the right. Windows display in response to a selection made in the navigat...
Page 96: Select Sub-Topics
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted 68 m86 s ecurity u ser g uide select sub-topics some topics in library and system screens consist of more than one window. For these topics, clicking a topic link opens a menu of sub-topics: fig. 1:4-10 sub-topics menu when a sub-topi...
Page 97: Navigate A Tree List
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted m86 s ecurity u ser g uide 69 navigate a tree list tree lists are included in the navigation panel of policy and library screens. Fig. 1:4-11 tree menu a tree is comprised of a hierarchical list of items. An entity associated with a b...
Page 98
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted 70 m86 s ecurity u ser g uide tree list topics and sub-topics policy and library tree lists possess a menu of topics and sub-topics. Topics in the tree list display by default when the tree is opened. Examples of tree list topics are ...
Page 99: Navigate A Window With Tabs
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted m86 s ecurity u ser g uide 71 navigate a window with tabs in each section of the console, there are windows with tabs. When selecting a window with tabs from the navigation panel, the main tab for that window displays. Entries made in...
Page 100: Console Tips And Shortcuts
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted 72 m86 s ecurity u ser g uide console tips and shortcuts the following list of tips and shortcuts is provided to help you use windows in the administrator console with greater efficiency. Navigation path the navigation path displays a...
Page 101: Select Multiple Items
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted m86 s ecurity u ser g uide 73 select multiple items when moving several items from one list box to another, or when deleting several items, the ctrl and shift keys can be used to expedite this task. • ctrl key to select multiple items...
Page 102
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted 74 m86 s ecurity u ser g uide calculate ip ranges without overlaps the calculator button displays on windows in which ip ranges are entered. These windows include: range to detect and members windows from the policy section, and block...
Page 103: Re-Size The User Interface
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted m86 s ecurity u ser g uide 75 2. After making a note of the information in this pop-up window, click close to close the ip calculator. Re-size the user interface for greater ease in viewing content in any screen, re-size the browser w...
Page 104: Log Out
W eb f ilter i ntroductory s ection c hapter 4: g etting s tarted 76 m86 s ecurity u ser g uide log out to log out of the web filter administrator console: 1. Click the logout button in the navigation toolbar at the top of the screen. This action opens the quit dialog box: fig. 1:4-16 quit dialog bo...
Page 105: Wf G
Wf g lobal a dministrator s ection i ntroduction m86 s ecurity u ser g uide 77 wf g lobal a dministrator s ection introduction the wf global administrator section of this portion of the user guide is comprised of four chapters, based on the layout of the administrator console. This section is used b...
Page 106: Chapter 1: System Screen
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 78 m86 s ecurity u ser g uide chapter 1: system screen the system screen is comprised of windows used for configuring and maintaining the server to authenticate users, and to filter, log, or block specified internet content for each user ...
Page 107
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 79 notes: if the synchronization feature is used and a web filter is set up in the source mode, the cmc management topic and associated sub-topics are also available. If the synchronization feature is used and a...
Page 108: Control
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 80 m86 s ecurity u ser g uide control control includes options for controlling basic web filter server functions. Click the control link to view a menu of sub-topics: filter, block page authentication, shutdown, and reboot. Filter window ...
Page 109: Local Filtering
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 81 clients such as google web accelerator and proxy patterns that bypass filtering (see http://www.M86security.Com/ software/8e6/hlp/ifr/files/1system_proxy_block .Html for a list of proxy pattern types set up t...
Page 110: Http Filtering
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 82 m86 s ecurity u ser g uide enable local filtering options to enable local filtering, click “on”. The server will filter the specified range to detect on the network. To enable the detection of vlan traffic on the network, at vlan detec...
Page 111: Https Filtering
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 83 https filtering specify your preference for filtering https sites in the https filtering frame. Select from the following settings for the https filtering level: • “none” - if you do not want the web filter t...
Page 112: Service Control
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 84 m86 s ecurity u ser g uide note: after making all entries in this window, click apply. Service control in the service control frame, indicate whether or not pattern blocking with be enabled or disabled. Enable pattern blocking by defau...
Page 113: Disable Pattern Blocking
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 85 to create a whitelist of pattern ip addresses, see the pattern detection whitelist window in chapter 3: library screen. Disable pattern blocking click “off” to disable pattern blocking. Note: after making all...
Page 114
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 86 m86 s ecurity u ser g uide block page authentication window the block page authentication window displays when block page authentication is selected from the control menu. This feature is used for entering criteria the web filter will ...
Page 115
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 87 enter, edit block page options note: if you are not using authentication, and/or if your users do not have override accounts set up, you do not need to select any option at the re-authentication options field...
Page 116: Block Page
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 88 m86 s ecurity u ser g uide 2. If the re-authentication option was selected, in the logon script path field, \\pdcshare\scripts displays by default. In this field, enter the path of the logon script that the web filter will use when re-...
Page 117
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 89 by default, the following data displays in the user/machine frame of the block page: • user/machine field - the username displays for the ldap user. This field is blank for the ip group user. • ip field - the...
Page 118: Options Page
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 90 m86 s ecurity u ser g uide email address field populates the “to” field. The user’s message is submitted to the global administrator. Options page the options page displays when the user clicks the following link in the block page: for...
Page 119: Option 2
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 91 the frame beneath the user/machine frame includes infor- mation for options (1, 2, and/or 3) based on settings made in this window and the common customization window. Note: information about option 1 is incl...
Page 120: Option 3
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 92 m86 s ecurity u ser g uide notes: see profile control window for information on custom- izing the content in the profile control pop-up window. See appendix c: override pop-up blockers for information on how a user with an override acc...
Page 121: Shutdown Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 93 the user should click the logon.Bat icon to run a script that will re-authenticate his/her profile on the network. Note: if the end user is using a non-ie browser type (i.E. Firefox, safari, or chrome) he/she...
Page 122: Reboot Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 94 m86 s ecurity u ser g uide reboot window the reboot window displays when reboot is selected from the control menu. This window is used for reconnecting the server on the network. Fig. 2:1-9 reboot window reboot the server 1. In the reb...
Page 123
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 95 the server connected alert box also opens, informing you that the server is connected, and that you must restart the server. 3. Click ok to close the web filter ready alert box. 4. Click ok to close the serve...
Page 124: Network
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 96 m86 s ecurity u ser g uide network network includes options for configuring the web filter on the network. Click the network link to view a menu of sub- topics: lan settings, ntp servers, regional setting, and block page route table. L...
Page 125: Specify Lan Settings
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 97 specify lan settings 1. In the host name field, enter up to 50 alphanumeric characters for the name of the host for this server, such as wfr.Logo.Com. 2. Specify the following information, as necessary: • in ...
Page 126: Ntp Servers Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 98 m86 s ecurity u ser g uide ntp servers window the ntp servers window displays when ntp servers is selected from the network menu. This window is used for specifying ip addresses of servers running network time protocol (ntp) software. ...
Page 127: Add An Ntp Server
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 99 specify network time protocol servers in the details frame, three ntp server ip addresses display by default in the servers list box. These ip addresses are: 128.59.35.142, 142.3.100.15, and 129.132.98.11. No...
Page 128: Regional Setting Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 100 m86 s ecurity u ser g uide regional setting window the regional setting window displays when regional setting is selected from the network menu. This window is used for specifying the time zone to be used by the web filter and the lan...
Page 129
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 101 block page route table window the block page route table window displays when block page route table is selected from the network menu. This window is used for building and maintaining a list of destina- tio...
Page 130: Add A Router
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 102 m86 s ecurity u ser g uide add a router in the route table frame: 1. Enter the ip address. 2. Select the network subnet mask from the pull-down menu. 3. In the gateway field, enter the ip address of the portal to which packets will be...
Page 131: Administrator
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 103 administrator administrator window the administrator window displays when administrator is selected from the navigation panel. This window is used for adding and maintaining global administrator (admin), gro...
Page 132: View Administrator Accounts
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 104 m86 s ecurity u ser g uide tip: the default username is admin and the password is user3. M86 recommends that you retain this default account and pass- word in the event that the web filter unit cannot be accessed. An authorized m86 se...
Page 133
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 105 edit an administrator account to change an administrator’s password and/or account type: 1. Select the username from the current user list box; this action populates the account details frame with data. 2. I...
Page 134: Secure Logon
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 106 m86 s ecurity u ser g uide secure logon secure logon includes options for setting user passwords to expire after a designated number of days, and/or locking out users from the web filter after unsuccessfully attempting to log in for t...
Page 135
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 107 enable, disable password expiration in the logon expiration frame, at the number of days prior to expiration [1-365] field, specify the number of days logon passwords will be effective by doing one of the fo...
Page 136
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 108 m86 s ecurity u ser g uide enable, disable account lockout 1. In the logon options frame, enable any of the following options: • at the lockout by username field, click the radio button corresponding to either of the following options...
Page 137
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 109 • at the failed password attempts timespan (in minutes) [1-1440] field—with the lockout by user- name and/or lockout by ip address option(s) enabled—enter the number of minutes that defines the interval in w...
Page 138: Logon Management
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 110 m86 s ecurity u ser g uide logon management the logon management window displays when logon management is selected from the secure logon menu. This window is used for viewing the status of user accounts— including the date passwords w...
Page 139: View Account Status
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 111 view user account status, unlock username view account status the all accounts status frame displays password statuses of current login accounts set up in this web filter being configured, including: • accou...
Page 140: Unlock A Username
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 112 m86 s ecurity u ser g uide unlock a username to unlock a username: 1. Select the account name from the all accounts status frame by clicking on it to highlight it. 2. Click unlock to open the dialog box asking if you wish to proceed w...
Page 141
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 113 view admin, sub admin user interface access to view the areas of the user interface accessible by a global administrator, ldap group administrator, or help desk administrator: 1. Select the admin, sub admin,...
Page 142: Diagnostics
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 114 m86 s ecurity u ser g uide diagnostics diagnostics includes options for setting up or running processes for maintaining the server. Click the diagnostics link to view a menu of sub-topics: system command, view log file, troubleshootin...
Page 143
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 115 perform a diagnostic test, view data 1. Select a diagnostic tool from the command pull-down menu: ping(ping), traceroute(trace route), ps(process list), top(top cpu processes), ifconfig(nic configura- tion),...
Page 144: Command Selections
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 116 m86 s ecurity u ser g uide command selections ping the ping diagnostic tool is used for verifying whether the web filter can communicate with a machine at a given ip address within the network, and the speed of the network connection....
Page 145: Top Cpu Processes
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 117 top cpu processes the top cpu processes diagnostic tool is used for analyzing how much memory and cpu power is being consumed by which processes. When execute is clicked, the pop-up window displays the follo...
Page 146: Current Memory Usage
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 118 m86 s ecurity u ser g uide current memory usage when current memory usage is selected and execute is clicked, the pop-up window shows the amount of memory being used, and the amount of memory available for three intervals of one secon...
Page 147: System Uptime
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 119 system uptime the system uptime diagnostic tool is used for showing the amount of time the wfr has been "up" and running. When execute is clicked, the pop-up window displays a row of data showing the current...
Page 148: View Log File Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 120 m86 s ecurity u ser g uide view log file window the view log file window displays when view log file is selected from the diagnostics menu. This window is used for viewing the most recent log file results of various activi- ties and f...
Page 149
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 121 • “error log (error.Log)” - used only if an alternate ip address is being used in the block page route frame of the operation mode window. This log only displays information if the ip address used for sendin...
Page 150: Troubleshooting Mode Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 122 m86 s ecurity u ser g uide troubleshooting mode window the troubleshooting mode window displays when trouble- shooting is selected from the diagnostics menu. This window is used if the server is not sending or receiving packets as nor...
Page 151: Use The Troubleshooting Mode
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 123 use the troubleshooting mode 1. Click enable to begin working in the troubleshooting mode. 2. In the packet logging frame, select the packet logging time from the available selections (10 seconds, 30 seconds...
Page 152
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 124 m86 s ecurity u ser g uide 8. After performing the fixes on the web filter, return to this window and click disable to resume filtering the network. Active profile lookup window the active profile lookup window displays when active pr...
Page 153
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 125 verify whether a profile is active 1. In the user ip/mac address field, enter the ip address or mac address of the end user. 2. Click lookup to verify whether or not a profile is active for that ip/mac addre...
Page 154
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 126 m86 s ecurity u ser g uide • global profile - global group profile • override profiles - override account profile • lock profiles - x strikes blocking lock out profile • time profiles - time profile • tar profile - threat analysis rep...
Page 155
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 127 message and agreeing to its terms. • block- urls in this category will be blocked. • quota - if a number displays in this column, the corresponding category group/library category was set up as passed but wi...
Page 156: Admin Audit Trail Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 128 m86 s ecurity u ser g uide • filter options (optional) - filter options to be used in the user’s profile: “x strikes blocking”, “google/bing/ yahoo!/youtube/ask/aol safe search enforcement”, “search engine keyword filter control”, and...
Page 157: Specify Ftp Criteria
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 129 specify ftp criteria 1. Enter the ip address of the ftp server. 2. The log will be sent to the current default directory, unless a remote directory is specified. 3. At the transfer mode field, “passive” is s...
Page 158: View
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 130 m86 s ecurity u ser g uide view view the log of administrator changes to view the log, click the view tab: fig. 2:1-27 admin audit trail window, view tab click view log to display data on recent activity. For each change made on the s...
Page 159: Alert
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 131 alert alert includes options for setting up alert emails that notify designated individuals of problems on the network. Click the alert link to view a menu of sub-topics: alert settings, and smtp server sett...
Page 160
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 132 m86 s ecurity u ser g uide troubleshooting the problem. In most cases, the reload procedure will fix the error, and no futher intervention will be required. However, if the error is not fixed—such as if a misconfiguration was made tha...
Page 161: Enable The Alert Feature
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 133 enable the alert feature by default, the “disable” radio button is selected. To enable the feature for sending automated email notifications: 1. Click the “enable” radio button to activate all elements in th...
Page 162: Smtp Server Settings Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 134 m86 s ecurity u ser g uide smtp server settings window the smtp server settings window displays when smtp server settings is selected from the alert menu. This window is used for entering settings for the simple mail transfer protocol...
Page 163: Verify Smtp Settings
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 135 4. By default, authentication is disabled. Click “enable” if a username and password are required for logging into the smtp server. This action activates the fields below. Make the following entries: a. Ente...
Page 164: Software Update
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 136 m86 s ecurity u ser g uide software update software update includes options for uploading software updates. Click the software update link to view a menu of sub-topics: local software update, and software update log. Local software up...
Page 165
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 137 tip: click the link (“here”) at the bottom of the window to go to the web page at m86 security’s public site (http:// www.M86security.Com/support/wfr/documentation.Asp) where release notes about software upd...
Page 166
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 138 m86 s ecurity u ser g uide select and apply a software update notes: software updates must be applied to the server in sequential order. Be sure port 8082 is open on your network. General software installation procedures these instruc...
Page 167
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 139 fig. 2:1-34 eula dialog box 4. After reading the contents of the end user license agreement, click yes if you agree to its terms. This action closes the eula dialog box and opens the alert box veri- fying th...
Page 168
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 140 m86 s ecurity u ser g uide fig. 2:1-36 connection failure alert box 6. Click ok to close the alert box. 7. In the navigation toolbar, click quit to exit the web filter console. 8. Wait a few minutes, and then log back into the web fil...
Page 169
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 141 first time la/beta software install procedures the steps in this sub-section pertain to the first acceptance and installation of limited availability or beta software updates. 1. In the available software up...
Page 170
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 142 m86 s ecurity u ser g uide fig. 2:1-38 la software acceptance box fig. 2:1-39 beta software acceptance box 4. Read the description for the software type to be installed (la or beta), and then click yes to close the software acceptance...
Page 171: Software Update Log Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 143 to unapply a software update: 1. Go to the history of software updates frame and select the software update to be unapplied. 2. Click undo. Software update log window the software update log window displays ...
Page 172: Download The Log
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 144 m86 s ecurity u ser g uide download log, view, print contents download the log 1. Click download log to open the alert box containing a message on how to download the log file to your worksta- tion, if using windows xp. 2. Click ok to...
Page 173: View The Contents of The Log
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 145 view the contents of the log once the software update log file has been downloaded to your workstation, you can view its contents. 1. Find the log file in the folder, and right-click on it to open the pop-up...
Page 174
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 146 m86 s ecurity u ser g uide 3. If using winzip, click i agree to open the window containing the zip file: fig. 2:1-43 winzip window 4. Right-click the zip file to open the pop-up menu, and choose “view” to open the view dialog box: fig...
Page 175
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 147 save, print the log file contents with the log file displaying correctly formatted in winzip’s view window, if you wish to save or print the contents of this file: 1. Click clipboard copy, wait for the dialo...
Page 176: Synchronization
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 148 m86 s ecurity u ser g uide synchronization by default, the synchronization pop-up menu includes the setup option that lets you specify the web filter’s function on the network: whether it will be a stand alone unit, or whether it will...
Page 177: Setup Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 149 setup window the setup window displays when setup is selected from the synchronization menu. This window is used for establishing the function of the web filter, especially if there is more than one web filt...
Page 178
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 150 m86 s ecurity u ser g uide using more than one web filter on the network using the synchronization process, all target servers are updated with profile/library setting changes, so that no matter which web filter the user’s client pc a...
Page 179
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 151 2. At the selective synchronization field, by default “all” is selected. This choice includes both profile and library setting changes. Choose “library” if only library category additions/deletions (includin...
Page 180
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 152 m86 s ecurity u ser g uide note: lan 1 and lan 2 ip addresses that display in this menu were previously entered in the lan settings window on this server. 5. In the target ips frame, enter the target ip address of the web filter that ...
Page 181
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 153 sync all target servers with the same settings if all target servers have been configured and now need to be set with the same settings, click sync all from the source server. This action should only be perf...
Page 182
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 154 m86 s ecurity u ser g uide for the target mode setting: 1. In the mode frame, click “target” to display the target mode view: fig. 2:1-48 setup window, target mode in the ip to send frame, the lan1 and lan2 ip addresses set up in the ...
Page 183: Status Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 155 6. Click apply after all settings have been made. Note: this test only verifies whether this server can contact the source server. In order for synchronization to be operable on the network, the source serve...
Page 184: View Items In The Queue
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 156 m86 s ecurity u ser g uide view the sync status of targets from the source if the server is set up in the source mode, the web filter system time displays at the top of the target(s) status frame. This is the current date and time fro...
Page 185
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 157 fig. 2:1-50 queue of target pop-up window 2. Click close to close the pop-up window. View items previously synced to the server to view items previously synced to a specified target server: 1. In the history...
Page 186
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 158 m86 s ecurity u ser g uide place items in queue for syncing to place new sync items in queue for the target server(s), click test sync. View the sync status of the target server if the server is set up in the target mode, the web filt...
Page 187
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 159 • last successful sync - the date and time of the last successful synchronization displays, using the yyyy/ mm/dd and hh:mm:ss format. • history log - click the details button to open the history of target p...
Page 188: Mode
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 160 m86 s ecurity u ser g uide mode mode includes options for configuring the web filter to filter the network. Click the mode link to view a menu of sub- topics: operation mode and proxy environment settings. Operation mode window the op...
Page 189: Set The Operation Mode
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 161 set the operation mode the default mode setting is “invisible”. To change this setting, click the radio button corresponding to “router”, “firewall”, “icap”, or “mobile only”. Selecting icap would make the w...
Page 190
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 162 m86 s ecurity u ser g uide if using the router or firewall mode, at the device to send block page pull-down menu, you may need to choose the network card that will be used to send the block page to client pcs. Notes: after making all ...
Page 191
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 163 notes: the current mac address displays if there is a resolu- tion between the ip address and the mac address of the router or device used for serving block pages. If an alternate ip address is used, that ad...
Page 192
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 164 m86 s ecurity u ser g uide 2. In the uri field, enter the uniform resource identifier that must specify the complete hostname and path of the resource being requested. For example: icap:// icap.Logo.Com:1344/services/icap-services not...
Page 193
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 165 mobile option: specify the mobile client control the mobile client control frame displays if the mobile only operational mode or the mobile option is selected. Either selection should be made if this web fil...
Page 194: Use A Local Proxy Server
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 166 m86 s ecurity u ser g uide note: basic proxy authentication must be used if using https in a proxy environment. The web filter has been tested with isa, blue coat, and squid proxies. Use a local proxy server in the proxy setting frame...
Page 195: Authentication
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 167 authentication authentication includes options for configuring the web filter to authenticate and re-authenticate users on the network. Click the authentication link to view a menu of sub- topics: enable/dis...
Page 196: Backup/restore
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 168 m86 s ecurity u ser g uide backup/restore backup/restore window the backup/restore window displays when backup/ restore is selected from the navigation panel. This window is used for saving configuration settings and/or custom library...
Page 197: Backup Procedures
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 169 tips: the order in which columns display in the grid can be changed by clicking the column header and sliding the column to another position in the grid. To change the sort order, click the header of a colum...
Page 198: Perform A Backup On Demand
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 170 m86 s ecurity u ser g uide perform a backup on demand 1. In the manual backup frame on the backup tab, click backup to open the web filter backup dialog box: fig. 2:1-56 web filter backup dialog box 2. Type in the filename for the bac...
Page 199: Schedule A Backup
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 171 schedule a backup configure ftp server settings 1. In the server configuration section of the scheduled backup frame, enter the ip address of the remote server. 2. In the ftp directory field, enter the path ...
Page 200: Create A Backup Schedule
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 172 m86 s ecurity u ser g uide create a backup schedule 1. In the recurrence schedule section of the scheduled backup frame, click schedule to open the scheduled backup pop-up box: fig. 2:1-57 scheduled backup pop-up box 2. In the recurre...
Page 201
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 173 in this pop-up box you can do the following: • click the left or right arrow at the top of this box to navigate to the prior month or the next month. • double-click a date to select it and to close this box,...
Page 202
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 174 m86 s ecurity u ser g uide • monthly - if this selection is made, first enter the interval for the months this time profile will be used, and next specify which day of the month: • if day is chosen, select from “1” - “31”. • if a non-...
Page 203: Remove A Backup Schedule
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 175 “weekday”, “weekend” - month: “january” - “december”. By default, the “first” “sunday” of “january” are selected. If 2 is entered and the “first” “monday” of “june” are selected, this profile will be used ev...
Page 204: Download A File
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 176 m86 s ecurity u ser g uide download a file to download a file to your machine: 1. In the restore tab, select the file from the backup config- urations grid: fig. 2:1-58 backup/restore window, restore tab 2. Click download to open the ...
Page 205: Perform A Restoration
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 177 perform a restoration to restore backup data to the server, the backup file must be listed in the backup configurations grid in the restore tab, and the restoration function must be executed. If the backup f...
Page 206: Remove A Backup File
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 178 m86 s ecurity u ser g uide 2. Click browse... To open the choose file window. 3. Select the file to be uploaded. After the file is selected, the choose file window closes. 4. In the pop-up window, type in a comment about the file. 5. ...
Page 207
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 179 view backup and restoration details to view details on backup and/or restoration activities: 1. Click log to open the backup/restore log pop-up box: fig. 2:1-60 backup/restore pop-up box the pop-up box inclu...
Page 208: Reset
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 180 m86 s ecurity u ser g uide reset reset window the reset window displays when reset is selected from the navigation panel. This function, used for resetting the server to factory default settings, is not available in wfr. Fig. 2:1-61 r...
Page 209
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 181 radius authentication settings radius authentication settings window the radius authentication settings window displays when radius authentication settings is selected from the naviga- tion panel. This windo...
Page 210: Enable Radius
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 182 m86 s ecurity u ser g uide enable radius the radius mode is “off” by default. To use radius, click the “on” radio button. This action displays the radius authentication settings frame. Specify radius authentication settings 1. In the ...
Page 211: Apply Settings
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 183 to disable the forward mode option, click the “off” radio button. This action causes the use web filter ip as source ip field to display greyed out. 5. In the reply mode field, specify whether the server tha...
Page 212: Snmp
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 184 m86 s ecurity u ser g uide snmp snmp window the snmp window displays when snmp is selected from the navigation panel. This feature lets the global adminis- trator use a third party simple network management protocol (snmp) product for...
Page 213: Specify Monitoring Settings
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 185 specify monitoring settings set up community token for public access enter the password to be used as the community token for public access. This is the password that the manage- ment web filter console woul...
Page 214: Hardware Failure Detection
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 186 m86 s ecurity u ser g uide hardware failure detection hardware failure detection window the hardware failure detection window displays when hardware failure detection is selected from the navigation panel. This feature shows the statu...
Page 215
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 187 view the status of the hard drives the hardware failure detection window displays the current raid array status for each of the hard drives (hd 1 and hd 2 for 300 series hardware models, and hd 1 through hd ...
Page 216: X Strikes Blocking
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 188 m86 s ecurity u ser g uide x strikes blocking x strikes blocking window the x strikes blocking window displays when x strikes blocking is selected from the navigation panel. This feature lets a global administrator set criteria for bl...
Page 217: Configuration
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 189 configuration set up blocking criteria 1. At reset the x-strike count upon authentication, “off” is selected by default. To have all strikes reset before an end user is authenticated, click “on”. 2. Enter th...
Page 218: Reset All Workstations
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 190 m86 s ecurity u ser g uide to specify a different page, click “custom url” and enter the url in the text box. 7. Click save to save your configuration settings. Reset all workstations the following buttons can be clicked to reset work...
Page 219
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 191 the following information might also display in the lock page: “you have been denied access according to your organization's internet usage policy. As a result, your internet privileges were temporarily susp...
Page 220
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 192 m86 s ecurity u ser g uide her workstation for five minutes. However, since the toler- ance timer is set at four seconds, a user could potentially receive five strikes within 16 seconds if he/she accesses a page with multiple, inappro...
Page 221: Email Alert
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 193 email alert click the email alert tab to display email alert: fig. 2:1-68 x strikes blocking window, email alert tab set up email alert criteria 1. In the minutes past midnight before starting time interval ...
Page 222
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 194 m86 s ecurity u ser g uide fig. 2:1-69 the daily schedule pop-up window click close to close the pop-up window. 3. Click save to save the field entries. Set up email alert recipients 1. Enter the email address of an individual who wil...
Page 223: Logon Accounts
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 195 logon accounts click the logon accounts tab to display logon accounts: fig. 2:1-70 x strikes blocking window, logon accounts tab set up users authorized to unlock workstations 1. Enter the username of a staf...
Page 224: Delete A Logon Account
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 196 m86 s ecurity u ser g uide deactivate an authorized logon account to deactivate an authorized user’s account: 1. Select the username from the current accessible users list box. 2. Click disable to move the username to the current un- ...
Page 225: Categories
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 197 categories click the categories tab to display categories: fig. 2:1-71 x strikes blocking window, categories tab set up categories to receive strikes or no strikes 1. Select library categories from the “no s...
Page 226: Re-Login Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 198 m86 s ecurity u ser g uide go to x strikes unlock workstation gui when any administrator clicks the x strikes blocking icon or go to x strikes unlock workstation gui, either the re-login window or the x strikes unlock workstation pop-...
Page 227: X Strikes Unlock Workstation
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 199 x strikes unlock workstation the following information displays in the x strikes unlock workstation pop-up window: ip address, user name, and expire date/time of currently locked workstations. Fig. 2:1-73 x ...
Page 228
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 200 m86 s ecurity u ser g uide fig. 2:1-74 login window enter the username and password and click ok to open the x strikes unlock workstation pop-up window (see fig. 2:1- 70). • the web filter introductory window for x strikes simultaneou...
Page 229: Close The Pop-Up Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 201 set up an email address to receive alerts to send locked workstation information to a designated administrator: 1. Enter the email address in the email address to be subscribed/unsubscribed text box. 2. Clic...
Page 230: Warn Option Setting
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 202 m86 s ecurity u ser g uide warn option setting warn option setting window the warn option setting window displays when warn option setting is selected from the navigation panel. This feature lets a global administrator specify the num...
Page 231
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 203 notes: if using the synchronization feature, the warn option setting window is available in the stand alone and source mode. This topic does not display if this server being configured is set up in the targe...
Page 232: Customization
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 204 m86 s ecurity u ser g uide customization customization includes options to customize settings for html pages that display for end users who execute a command that triggers the associated pop-up window to open. Click the customization ...
Page 233: Common Customization Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 205 common customization window the common customization window displays when common customization is selected from the customization menu. This window is used for specifying elements to be included in block, lo...
Page 234: Enable, Disable Features
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 206 m86 s ecurity u ser g uide enable, disable features 1. Click “on” or “off” to enable or disable the following elements in the html pages, and make entries in fields to display customized text, if necessary: • username display - if ena...
Page 235
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 207 • help link url - by default, http:// www.M86security.Com/support/r3000/accessde- nied.Asp displays as the help link url. Enter the url to be used when the end user clicks the help link text (specified in th...
Page 236
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 208 m86 s ecurity u ser g uide lock page customization window the lock page customization displays when lock page is selected from the customization menu. This window is used with the x strikes blocking feature, and lets you customize tex...
Page 237: Edit Entries, Setting
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 209 edit entries, setting 1. Make an entry in any of the following fields: • in the header field, enter a static header to be displayed at the top of the lock page. • in the description field, enter a static tex...
Page 238: Preview Sample Lock Page
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 210 m86 s ecurity u ser g uide preview sample lock page 1. Click preview to launch a separate browser window containing a sample customized lock page, based on entries saved in this window and in the common customization window: fig. 2:1-...
Page 239
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 211 • m86 security - clicking this link takes the user to m86’s web site. 2. Click the “x” in the upper right corner of the window to close the sample customized lock page. Tip: if necessary, make edits in the l...
Page 240: Add, Edit Entries
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 212 m86 s ecurity u ser g uide tip: an entry in any of the fields in this window is optional, but if an entry is made in the link text field, a corresponding entry must also be made in the link url field. Add, edit entries 1. Make an entr...
Page 241: Preview Sample Block Page
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 213 preview sample block page 1. Click preview to launch a separate browser window containing a sample customized block page, based on entries saved in this window and in the common customization window: fig. 2:...
Page 242
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 214 m86 s ecurity u ser g uide by default, the following standard links are included in the block page: • help - clicking this link takes the user to m86’s tech- nical support page that explains why access to the site or service may have ...
Page 243
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 215 warn page customization window the warn page customization window displays when warn page is selected from the customization menu. This window is used with the warn option setting feature, and lets you custo...
Page 244: Add, Edit Entries
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 216 m86 s ecurity u ser g uide add, edit entries 1. Make an entry in any of the following fields: • in the header field, enter a static header to be displayed at the top of the warning page. • in the description field, enter a static text...
Page 245: Preview Sample Warning Page
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 217 preview sample warning page 1. Click preview to launch a separate browser window containing a sample customized warning page, based on entries saved in this window and in the common customization window: fig...
Page 246
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 218 m86 s ecurity u ser g uide by default, the following standard links are included in the warning page: • help - clicking this link takes the user to m86’s tech- nical support page that explains why access to the site or service may hav...
Page 247: Profile Control Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 219 2. Click the “x” in the upper right corner of the window to close the sample customized warning page. Tip: if necessary, make edits in the warn page customization window or the common customization window, a...
Page 248: Edit Entries
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 220 m86 s ecurity u ser g uide tip: an entry in any of the fields in this window is optional. Edit entries 1. Make an entry in any of the following fields: • in the header field, enter a static header to be displayed at the top of the pro...
Page 249: Add, Edit Entries
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 221 quota block page customization window the quota block page customization window displays when quota block page is selected from the customization menu. This window is used for making customizations to the qu...
Page 250
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 222 m86 s ecurity u ser g uide • in the link text field, enter text for the link's url, and in the link url field, enter the corresponding hyper- link in plain text using the http:// or https:// syntax. Any entries made in these fields wi...
Page 251
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 223 • requested url field - the url the user attempted to access displays. • ip field - the user’s ip address displays. • user/machine field - the username displays for the ldap user. This field is blank for the...
Page 252: Add, Edit Entries
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 224 m86 s ecurity u ser g uide quota notice page customization window the quota notice page customization window displays when quota notice page is selected from the customiza- tion menu. This window is used for making customizations to t...
Page 253
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 225 • in the link text field, enter text for the link's url, and in the link url field, enter the corresponding hyper- link in plain text using the http:// or https:// syntax. Any entries made in these fields wi...
Page 254
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 226 m86 s ecurity u ser g uide by default, the following data displays in the category frame: • category field - the name of the library category containing a url the user accessed—that triggered the quota notice—displays. • requested url...
Page 255: Cmc Management
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 227 cmc management cmc management displays on a web filter set up in the source mode, and includes centralized management console options for viewing the filtering statuses of this source server and its target s...
Page 256
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 228 m86 s ecurity u ser g uide window for the source server's hostname, or the information entered for the target server in the target location field in the setup window); applied date (date the software update was applied to the server, ...
Page 257
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 229 apply or undo a software update to apply a software update: 1. Click to select the row(s) corresponding to the servers to be updated. 2. Click apply. Notes: if the source server is selected for a software up...
Page 258: Status Window
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 230 m86 s ecurity u ser g uide status window the status window displays when status is selected from the cmc management menu. This window is used for viewing the filtering status of the source and target server(s) for troubleshooting purp...
Page 259
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 231 • last library update - most recent date the library was updated on the server, using the yyyy/mm/dd format, if this information is available. Tips: the order in which columns display in the grid can be chan...
Page 260: Quota Setting
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 232 m86 s ecurity u ser g uide quota setting quota setting window the quota setting window displays when quota setting is selected from the navigation panel. This window lets a global administrator configure url hits that—along with quota...
Page 261: Configure Quota Hit Settings
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 233 configure quota hit settings 1. Enter the number of seconds per hit to indicate how much time will be applied towards a “hit” (url access) in any category with a quota. The default is 10 seconds per hit. The...
Page 262: Reset Quotas
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 234 m86 s ecurity u ser g uide reset quotas quotas are automatically reset at midnight, but also can be manually reset on demand or scheduled to be reset at specific times each day. Reset quotas now click reset now to reset all quotas to ...
Page 263: Quota Notice Page
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 235 delete a quota reset time from the schedule 1. Select the quota reset time from the current reset time(s) list box. 2. Click remove to remove the quota reset time from the list box. Tip: after making all con...
Page 264
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 236 m86 s ecurity u ser g uide • requested url field - the url that triggered the quota notice page. • ip field - the end user’s ip address. • user/machine field - the username displays for the ldap user. This field is blank for the ip gr...
Page 265: Quota Block Page
Wf g lobal a dministrator s ection c hapter 1: s ystem screen m86 s ecurity u ser g uide 237 quota block page when the end user has spent 100 percent of time in a quota-restricted library group/category, the quota block page displays: fig. 2:1-93 sample quota block page once receiving a quota block ...
Page 266: Ssl Certificate
Wf g lobal a dministrator s ection c hapter 1: s ystem screen 238 m86 s ecurity u ser g uide by default, the following standard links are included in the quota block page: • help - clicking this link takes the user to m86’s tech- nical support page that explains why access to the site or service may...
Page 267: Chapter 2: Policy Screen
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 239 chapter 2: policy screen the policy screen is comprised of windows and dialog boxes used for adding ip groups and/or ldap domains, and for creating filtering profiles for ip/ldap groups and their members. Fi...
Page 268
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 240 m86 s ecurity u ser g uide double-click the branch of your selection to display the list of groups/domains previously added to that branch. Keep double-clicking items in the tree list to view additional items. Click an entity in the t...
Page 269: Global Group
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 241 global group global group includes options for creating and maintaining groups. Click the global group link to view a menu of sub- topics: range to detect, rules, global group profile, over- ride account, ap...
Page 270: Add A Segment to The Network
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 242 m86 s ecurity u ser g uide note: segments of network traffic should not be defined if using the firewall mode. The main window (fig. 2:2-2) lets you add segments to the network, or modify or remove existing segments. The current range...
Page 271
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 243 fig. 2:2-4 range to detect settings, second window 2. Click one of the following buttons to select the procedure for adding the segment: • start the setup wizard - clicking this button takes you to the range...
Page 272: Range to Detect Setup Wizard
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 244 m86 s ecurity u ser g uide range to detect setup wizard click the start the setup wizard button to display step 1 of the range to detect setup wizard. The wizard is comprised of six steps. An entry is required in step 1, but not in st...
Page 273
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 245 2. Click add to include the segment in the list box above. Note: to modify the segment, select it from the list box and click modify to move the segment to the field(s) below for editing. To remove the segme...
Page 274
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 246 m86 s ecurity u ser g uide step 3: optional in this step you define the source ip address(es) to be excluded from filtering. Fig. 2:2-7 range to detect setup wizard window, step 3 step 4: optional in this step you define the destinati...
Page 275
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 247 fig. 2:2-8 range to detect setup wizard window, step 4 step 5: optional in this step you enter destination port numbers to be excluded from filtering. Fig. 2:2-9 range to detect setup wizard window, step 5.
Page 276
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 248 m86 s ecurity u ser g uide 1. In the individual port field, enter the port number to be excluded from filtering. 2. Click add to include the entry in the list box above. Note: to remove the port number, select it from the list box and...
Page 277
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 249 • click finish to accept all your entries. This action takes you to the main range to detect settings window where the segment you entered now displays in the current ranges list box. Range to detect advance...
Page 278
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 250 m86 s ecurity u ser g uide modify a segment of the network to modify a segment: 1. In the main range to detect settings window (see fig. 2:2-2), select the segment from the current ranges list box. 2. Click modify to go to the second ...
Page 279: Rules Window
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 251 rules window the rules window displays when rules is selected from the global group menu. This window is used for adding a filtering rule when creating a filtering profile for an entity. Fig. 2:2-12 rules wi...
Page 280: Add A Rule
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 252 m86 s ecurity u ser g uide add a rule to create a new rule: 1. Click new rule to populate the rule # field with the next consecutive rule number available. 2. Enter up to 20 characters for a unique rule description that describes the ...
Page 281
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 253 note: if a category group does not display any filter setting (i.E. The check mark does not display in any column for the category group), one or more library categories within that group has a filter settin...
Page 282: Modify A Rule
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 254 m86 s ecurity u ser g uide • the overall quota field becomes enabled if a quota is entered for any library group/category. By default, the enabled overall quota is turned “off”. If turned “on”, enter the number of minutes in the min f...
Page 283: Remove A Rule
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 255 5. Click save rule. Remove a rule to delete a rule: 1. Select the rule from the current rules pull-down menu. 2. Click delete rule. Global group profile window the global group profile window displays when g...
Page 284: Category Profile
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 256 m86 s ecurity u ser g uide category profile category profile displays by default when global group profile is selected from the global group menu, or when the category tab is clicked. This tab is used for assigning filter settings to ...
Page 285
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 257 • block - urls in this category will be blocked. Note: if a category group does not display any filter setting (i.E. The check mark does not display in any column for the category group), one or more library...
Page 286: Port
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 258 m86 s ecurity u ser g uide note: see the quota settings window in chapter 1: system screen for more information on configuring quota settings and resetting quotas for end users currently blocked by quotas. • the overall quota field be...
Page 287: Default Redirect Url
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 259 create, edit a list of service ports all service ports are filtered by default. To block a service port from being accessed by global filtering profile users: 1. Enter the port number in the port field. 2. C...
Page 288: Filter Options
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 260 m86 s ecurity u ser g uide create, edit the redirect url 1. Specify the type of redirect url to be used: “default block page”, “authentication request form”, or “custom url”. If “custom url” is selected, enter the redirect url in the ...
Page 289
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 261 control”, “url keyword filter control”. If url keyword filter control is selected, the “extend url keyword filter control” option can be selected. 2. Click apply to apply your settings. X strikes blocking wi...
Page 290
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 262 m86 s ecurity u ser g uide search engine keyword filter control with the search engine keyword filter control option enabled, search engine keywords can be set up to be blocked. When a user enters a keyword in the search engine, if th...
Page 291
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 263 url keyword filter control with the url keyword filter control option enabled, url keywords can be set up to be blocked. When a user enters a keyword in the address line of a browser window, if that keyword ...
Page 292: Override Account Window
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 264 m86 s ecurity u ser g uide override account window the override account window displays when override account is selected from the global group menu. This window is used for creating an override account that allows an ip group user to...
Page 293: Add An Override Account
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 265 add an override account to create an override account profile: 1. In the account details frame, enter the username in the name field. 2. Enter the password. 3. Make the same entry again in the confirm passwo...
Page 294: Category Profile
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 266 m86 s ecurity u ser g uide category profile the rule tab is used for creating the categories portion of the override account profile. Fig. 2:2-18 override account pop-up window, rule tab to create the category profile: 1. Select a fil...
Page 295
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 267 in the adult content category group some of the library catego- ries have a block setting and other library categories have a warn setting, there would be no category group filter setting, since all library ...
Page 296
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 268 m86 s ecurity u ser g uide • in the quota column, enter the number of minutes the user will be able to access the library group/category. The minimum number of minutes is “1” and the maximum is “1439” (one day minus one minute). The n...
Page 297: Redirect Url
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 269 redirect url the redirect tab is used for specifying the url to be used for redirecting the user if he/she attempts to access a site or service set up to be blocked. Fig. 2:2-19 override account pop-up windo...
Page 298: Filter Options
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 270 m86 s ecurity u ser g uide filter options the filter options tab is used for specifying which filter option(s) will be applied to the override account profile. Fig. 2:2-20 override account pop-up window, filter options tab 1. Click th...
Page 299
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 271 • “google/bing/yahoo!/youtube/ask/aol safe search enforcement” - with the google/yahoo!/youtube/ask/ aol safe search enforcement option enabled, google, bing.Com, yahoo!, youtube, ask.Com, and aol’s “strict”...
Page 300: Edit An Override Account
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 272 m86 s ecurity u ser g uide • “url keyword filter control”- with the url keyword filter control option enabled, url keywords can be set up to be blocked. When the user enters a keyword in the address line of a browser window, if that k...
Page 301: Modify An Override Account
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 273 4. Make the same entry again in the confirm password field. 5. Click view/modify to open the pop-up window. 6. Click apply. 7. Click close to close the pop-up window. Modify an override account to modify an ...
Page 302
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 274 m86 s ecurity u ser g uide approved content settings window the approved content settings window displays when approved content (incl. Vusafe) is selected from the global group menu. This window is used for granting designated users a...
Page 303
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 275 approved content feature in a user’s profile gives that user access to videos posted to vusafe. Approved content setup and configuration there are two parts to set up in order to use the approved content fea...
Page 304
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 276 m86 s ecurity u ser g uide approved content settings entries once you have passkeys created for the approved videos, you can begin making entries in the approved content settings window. Step 1: enable global group passkey inheritance...
Page 305
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 277 minimum filtering level window the minimum filtering level window displays when minimum filtering level is selected from the global group menu. This window is used for establishing the minimum filtering leve...
Page 306: Minimum Filtering Categories
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 278 m86 s ecurity u ser g uide minimum filtering categories minimum filtering categories displays by default when minimum filtering level is selected from the global group menu, or when the category tab is clicked. This tab is used for ma...
Page 307
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 279 create, edit minimum filtering categories to create the categories portion of the minimum filtering level profile: 1. Double-click the column (pass, block) in the row corre- sponding to that category group/l...
Page 308: Port
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 280 m86 s ecurity u ser g uide port port displays when the port tab is clicked. This tab is used for blocking access to specified ports at the minimum filtering level. Fig. 2:2-23 minimum filtering level window, port tab create, edit a li...
Page 309
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 281 3. Click apply to apply your settings at the minimum filtering level. Minimum filtering bypass options minimum filtering bypass options displays when the min. Filter bypass tab is clicked. This tab is used f...
Page 310: Refresh All
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 282 m86 s ecurity u ser g uide specify minimum filtering bypass options to allow a user to override settings made at the minimum filtering level: 1. In the override account frame, click the “on” checkbox. Any user who has an override acco...
Page 311: Add Group
Wf g lobal a dministrator s ection c hapter 2: p olicy screen m86 s ecurity u ser g uide 283 ip ip includes options for adding a master ip group and to refresh the tree list. Click the ip link to view a menu of sub- topics: add group, and refresh. Add group add a master ip group from the ip group me...
Page 312: Refresh
Wf g lobal a dministrator s ection c hapter 2: p olicy screen 284 m86 s ecurity u ser g uide 3. Enter the password, and re-enter it in the confirm password field, using eight to 20 characters and at least one alpha character, one numeric character, and one special character. The password is case sen...
Page 313: Chapter 3: Library Screen
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 285 chapter 3: library screen the library screen is comprised of windows and dialog boxes used for adding and maintaining library categories. Library categories are used when creating or modifying filtering pro...
Page 314
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 286 m86 s ecurity u ser g uide click library lookup, customer feedback module, cate- gory weight system, nntp newsgroup, or pattern detec- tion whitelist to select that topic. To view the list of category groups, double-click category gr...
Page 315: Updates
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 287 updates updates includes options for making configurations for library category activities. Click the updates link to view a menu of sub-topics: configuration, manual update, addi- tional language support, ...
Page 316: Select The Log Level
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 288 m86 s ecurity u ser g uide optional: specify a proxy server 1. In the ftp proxy setting frame, by default “disable” is selected. Click “enable” if the server is in a proxy server environment. This selection activates the fields in th...
Page 317: Manual Update Window
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 289 manual update window the manual update to m86 supplied categories window displays when manual update is selected from the updates menu. This window is used for updating specified m86 supplied library catego...
Page 318
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 290 m86 s ecurity u ser g uide • full url library update - select this option to update url library categories with core library files, and to update search engine keywords, newsgroup libraries, and im/p2p pattern files. Choose this opti...
Page 319: Select Additional Languages
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 291 additional language support window the additional language support window displays when additional language support is selected from the updates menu. This window is used for including additional m86- suppo...
Page 320: Library Update Log Window
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 292 m86 s ecurity u ser g uide 3. Click apply to have urls from the selected language(s) included in the library categories. Library update log window the library update log window displays when library update log is selected from the up...
Page 321: Download The Log
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 293 download log, view, print contents download the log 1. Click download log to open the alert box containing a message on how to download the log file to your worksta- tion, if using windows xp. 2. Click ok t...
Page 322
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 294 m86 s ecurity u ser g uide fig. 2:3-6 folder containing downloaded file 2. Choose “open with” and then select a zip file executable program such as “winzip executable” to launch that application: fig. 2:3-7 winzip executable program ...
Page 323
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 295 fig. 2:3-8 winzip window 4. Right-click the zip file to open the pop-up menu, and choose “view” to open the view dialog box: fig. 2:2-9 view dialog box 5. Select “internal ascii text viewer”, and then click...
Page 324
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 296 m86 s ecurity u ser g uide save, print the log file contents with the log file displaying correctly formatted in winzip’s view window, if you wish to save or print the contents of this file: 1. Click clipboard copy, wait for the dial...
Page 325: Emergency Update Log Window
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 297 emergency update log window the emergency update log window displays when emer- gency update log is selected from the updates menu. This window is used for viewing transfer activity of emergency software up...
Page 326
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 298 m86 s ecurity u ser g uide download the software update log file note: see library update log window for screen shots pertaining to downloading the software update log file. 1. Click download log to open the alert box containing a me...
Page 327: Library Lookup
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 299 library lookup library lookup window the library lookup window displays when library lookup is selected from the navigation panel. This window is used for verifying whether a url or search engine keyword or...
Page 328: Remove A Url
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 300 m86 s ecurity u ser g uide the following types of url formats also can be entered in this field: • ip address - e.G. "209.247.228.221" in http:// 209.247.228.221 • octal format - e.G. Http://0106.0125.0226.0322 • hexadecimal short fo...
Page 329
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 301 submit an email to the administrator if using a non-web based email client such as outlook, you can send an email to the administrator at your organization regarding a url or search engine keyword that appe...
Page 330: Reload The Library
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 302 m86 s ecurity u ser g uide reload the library once all changes have been made to library windows, click reload library to refresh. Note: since reloading the library utilizes system resources that impact the performance of the web fil...
Page 331: Customer Feedback Module
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 303 customer feedback module customer feedback module window the customer feedback module window displays when customer feedback module is selected from the navigation panel. This window is used for enabling th...
Page 332
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 304 m86 s ecurity u ser g uide disable customer feedback module 1. At the customer feedback module - auto learning feature field, click “off” to indicate that you wish to disable the customer feedback module. 2. Click apply. Enable custo...
Page 333
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 305 3. Scroll down to read the text in this box: “customer feedback module disclosure statement “customer feedback module shall mean the function installed on m86 security’s products used to transmit selective ...
Page 334
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 306 m86 s ecurity u ser g uide “your agreement to activate the customer feedback module will be transmitted back to m86 security once you click the ‘accept’ button.” 4. After reading this text, if you agree with the terms, click in the c...
Page 335: Category Weight System
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 307 category weight system category weight system window the category weight system window displays when cate- gory weight system is selected from the navigation panel. This feature lets you choose which catego...
Page 336: View The Current Selections
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 308 m86 s ecurity u ser g uide view the current selections this window contains two list boxes: • “no weight” categories - populated with m86 supplied categories • “weight” categories - pre-populated by default with cate- gories m86 sugg...
Page 337: Weighting Library Categories
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 309 weighting library categories 1. Select the category from the "no weight" categories list box. Tip: multiple categories can be selected by clicking each cate- gory while pressing the ctrl key on your keyboar...
Page 338: Nntp Newsgroup
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 310 m86 s ecurity u ser g uide nntp newsgroup nntp newsgroup window the nntp newsgroup window displays when nntp news- group is selected from the navigation panel. This window is used for adding or removing a newsgroup from the libraries...
Page 339
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 311 remove a newsgroup from the library to remove a newsgroup from the library: 1. In the newsgroup frame, enter the newsgroup address. 2. Click remove. After all changes have been made to library windows, clic...
Page 340: Pattern Detection Whitelist
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 312 m86 s ecurity u ser g uide pattern detection whitelist pattern detection whitelist window the pattern detection whitelist window displays when pattern detection whitelist is selected from the navigation panel. This window is used for...
Page 341
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 313 create, maintain a whitelist of ip addresses 1. Enter the ip address to bypass pattern detection filtering. 2. Click add to include the ip address in the ips list box. Tip: to remove an ip address from the ...
Page 342: Category Groups
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 314 m86 s ecurity u ser g uide category groups category groups is represented by a tree of library category groups, with each group comprised of m86 supplied library categories. M86 supplied library categories are updated regularly with ...
Page 343: Library Details Window
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 315 double-click a category group’s envelope to open that segment of the tree and to view library categories belonging to that group. Click the m86 supplied category link to view a menu of sub- topics: library ...
Page 344: Urls Window
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 316 m86 s ecurity u ser g uide urls window the urls window displays when urls is selected from the library category’s menu of sub-topics. This window is used for viewing, or adding and/or removing a url from a library category. A url is ...
Page 345
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 317 view a list of urls in the library category to view a list of all urls that either have been added or deleted: 1. Click the view tab. 2. Make a selection from the pull-down menu for “addition list”, “deleti...
Page 346
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 318 m86 s ecurity u ser g uide add or remove urls, reload the library the action tab is used for making entries in the urls window for adding or removing a url, or reloading the library. Add a url to the library category to add a url to ...
Page 347
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 319 tip: multiple urls can be selected by clicking each url while pressing the ctrl key on your keyboard. Blocks of urls can be selected by clicking the first url, and then pressing the shift key on your keyboa...
Page 348: Reload The Library
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 320 m86 s ecurity u ser g uide remove a url from the library category to remove a url or wildcard url from the library category: 1. Click the action tab. 2. Enter the url in the edit url list frame or edit wild- card url list frame, as p...
Page 349: Url Keywords Window
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 321 url keywords window the url keywords window displays when url keywords is selected from the library category’s menu of sub-topics. This window is used for adding and removing url keywords from a library cat...
Page 350: View A List of Url Keywords
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 322 m86 s ecurity u ser g uide view a list of url keywords to view a list of all url keywords that either have been added or deleted: 1. In the view keyword addition/deletion list frame, make a selection from the pull-down menu for “addi...
Page 351
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 323 upload a list of url keywords to the library before uploading a text file with url keyword additions or deletions, in the upload url keyword file frame, specify whether the contents of this file will add to...
Page 352: Reload The Library
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 324 m86 s ecurity u ser g uide upload a list of url keyword deletions to upload a text file with url keyword deletions: 1. Click upload to deletion file to open the upload library keyword pop-up window (see fig. 2:3-25). 2. Click browse....
Page 353
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 325 search engine keywords window the search engine keywords window displays when search engine keywords is selected from the library cate- gory’s menu of sub-topics. This window is used for adding and removing...
Page 354
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 326 m86 s ecurity u ser g uide warning: use extreme caution when setting up search engine keywords for filtering. If a non-offending keyword contains the same consecutive characters as a keyword set up to be blocked, users will be denied...
Page 355
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen m86 s ecurity u ser g uide 327 remove a search engine keyword from the library to remove a search engine keyword/phrase from the library category: 1. In the edit search keyword list frame, enter up to 75 alphanumeric characters in the ke...
Page 356: Reload The Library
Wf g lobal a dministrator s ection c hapter 3: l ibrary screen 328 m86 s ecurity u ser g uide upload a list of search engine keyword deletions to upload a text file with search engine keyword/phrase deletions: 1. Click upload to deletion to open the upload library keyword pop-up window (see fig. 2:3...
Page 357: Chapter 4: Reporting Screen
Wf g lobal a dministrator s ection c hapter 4: r eporting screen m86 s ecurity u ser g uide 329 chapter 4: reporting screen the reporting screen contains options for transferring and/ or reviewing internet usage data collected by the web filter. Fig. 2:4-1 reporting screen from the navigation panel ...
Page 358: Report Configuration
Wf g lobal a dministrator s ection c hapter 4: r eporting screen 330 m86 s ecurity u ser g uide report configuration report configuration window the report configuration window displays when report configuration is selected from the navigation panel. This window is used for initiating an on demand l...
Page 359: Real Time Probe
Wf g lobal a dministrator s ection c hapter 4: r eporting screen m86 s ecurity u ser g uide 331 real time probe real time probe window the real time probe window displays when real time probe is selected from the navigation panel. This feature lets the probe administrator monitor a user's internet u...
Page 360: Set Up Real Time Probes
Wf g lobal a dministrator s ection c hapter 4: r eporting screen 332 m86 s ecurity u ser g uide set up real time probes 1. Enter the maximum probes to run/schedule simulta- neously, up to 99 probes. The default setting is 10 probes. 2. Enter the maximum probes that can be scheduled, equal to or less...
Page 361: Report Recipients
Wf g lobal a dministrator s ection c hapter 4: r eporting screen m86 s ecurity u ser g uide 333 report recipients click the report recipients tab to display email report: fig. 2:4-4 real time probe window, report recipients tab specify email file criteria 1. Click the radio button corresponding the ...
Page 362: Remove Email Addresses
Wf g lobal a dministrator s ection c hapter 4: r eporting screen 334 m86 s ecurity u ser g uide set up email addresses to receive reports 1. Enter the email address of an individual who will receive completed probe reports. 2. Click add to include the email address in the current list of completed r...
Page 363: Logon Accounts
Wf g lobal a dministrator s ection c hapter 4: r eporting screen m86 s ecurity u ser g uide 335 logon accounts click the logon accounts tab to display logon accounts: fig. 2:4-5 real time probe window, logon accounts tab set up users authorized to create probes 1. Enter the username of a staff membe...
Page 364: Delete A Logon Account
Wf g lobal a dministrator s ection c hapter 4: r eporting screen 336 m86 s ecurity u ser g uide deactivate an authorized logon account to deactivate an authorized user’s account: 1. Select the username from the current accessible users list box. 2. Click disable to move the username to the current u...
Page 365: Re-Login Window
Wf g lobal a dministrator s ection c hapter 4: r eporting screen m86 s ecurity u ser g uide 337 go to real time probe reports gui when any administrator clicks the real time probe icon or go to real time probe reports gui, either the re-login window or the real time probe reports pop-up window opens...
Page 366: Real Time Probe Reports
Wf g lobal a dministrator s ection c hapter 4: r eporting screen 338 m86 s ecurity u ser g uide real time probe reports the real time probe reports window is comprised of the view and create tabs. The view tab displays by default (see fig. 2:4-11), showing the global administrator information on all...
Page 367: Create A Real Time Probe
Wf g lobal a dministrator s ection c hapter 4: r eporting screen m86 s ecurity u ser g uide 339 fig. 2:4-8 real time probes introductory window this window must be left open during the entire session. Create a real time probe click the create tab to enter and specify criteria for the report you wish...
Page 368
Wf g lobal a dministrator s ection c hapter 4: r eporting screen 340 m86 s ecurity u ser g uide the current probe count displays the total number of active probes, and the number of probes created under this account. The maximum probes to run/schedule simultaneously entered on the configuration tab ...
Page 369
Wf g lobal a dministrator s ection c hapter 4: r eporting screen m86 s ecurity u ser g uide 341 • “category”: select the library category to be probed. This selection generates a report with data for the specified library category. Tip: select “approved content” from the drop-down menu to probe inst...
Page 370: View Real Time Probe Details
Wf g lobal a dministrator s ection c hapter 4: r eporting screen 342 m86 s ecurity u ser g uide view real time probe details click the view tab to view details about active probes: fig. 2:4-10 real time probe reports, view tab the display name shows the name assigned to the probe on the create tab. ...
Page 371
Wf g lobal a dministrator s ection c hapter 4: r eporting screen m86 s ecurity u ser g uide 343 view option if a probe is completed or in progress, clicking view opens the real time information window: fig. 2:4-11 real time information window this window displays the number of minutes left for the p...
Page 372
Wf g lobal a dministrator s ection c hapter 4: r eporting screen 344 m86 s ecurity u ser g uide • if the probe is currently in progress, clicking stop halts the real time probe and changes this button to “email”. • after the probe is completed, the email button is avail- able instead of the stop but...
Page 373
Wf g lobal a dministrator s ection c hapter 4: r eporting screen m86 s ecurity u ser g uide 345 stop, delete options clicking stop halts the probe and gives it a completed status. This option is also available in the real time infor- mation box via the “stop” button. Clicking delete opens the follow...
Page 374: Usage Graphs
Wf g lobal a dministrator s ection c hapter 4: r eporting screen 346 m86 s ecurity u ser g uide usage graphs usage graphs window the usage graphs window displays when usage graphs is selected from the navigation panel. This window is used for viewing and analyzing internet usage data for a specified...
Page 375: Select A Graph to View
Wf g lobal a dministrator s ection c hapter 4: r eporting screen m86 s ecurity u ser g uide 347 select a graph to view 1. From the available menu choices, select either “recent trend” or one of the “daily peaks” dates. 2. Click view to open a separate browser window containing the specified graph. R...
Page 376: Daily Peaks
Wf g lobal a dministrator s ection c hapter 4: r eporting screen 348 m86 s ecurity u ser g uide daily peaks the daily peaks graph includes the following information: date, and number of hits per second at peak time for a given time using the hh:mm format: fig. 2:4-17 daily peaks graph click the “x” ...
Page 377: Shadow Log Format
Wf g lobal a dministrator s ection c hapter 4: r eporting screen m86 s ecurity u ser g uide 349 shadow log format shadow log format window the shadow log format window displays when shadow log format is selected from the navigation panel.This window is used for specifying the log format the web filt...
Page 378: Auto-Detect Option
Wf g lobal a dministrator s ection c hapter 4: r eporting screen 350 m86 s ecurity u ser g uide auto-detect option by default, “auto-detect” is selected. Using this option, the web filter will search for a connection to the sr and identify the software version applied to the sr. Status: • active - d...
Page 379: Wf G
Wf g roup a dministrator s ection i ntroduction m86 s ecurity u ser g uide 351 wf g roup a dministrator s ection introduction the wf group administrator section of this portion of the user guide is comprised of two chapters that include infor- mation on functions performed by the group administrator...
Page 380: Chapter 1: Policy Screen
Wf g roup a dministrator s ection c hapter 1: p olicy screen 352 m86 s ecurity u ser g uide chapter 1: policy screen group administrators use policy screen windows to add members to a master ip group, create sub-groups and/or individual ip members, and define and maintain members’ filtering profiles...
Page 381: Refresh
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 353 ip refresh refresh the master ip group, member click refresh whenever a change has been made to the master ip group or member level of the tree. Fig. 3:1-2 policy screen, ip menu.
Page 382: Master Ip Group
Wf g roup a dministrator s ection c hapter 1: p olicy screen 354 m86 s ecurity u ser g uide master ip group master ip group includes options for defining and main- taining group accounts, setting up an override account and/ or exception urls to bypass global settings, and uploading or downloading ip...
Page 383: Members Window
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 355 to change the password for this group: 1. Enter the password in the password and confirm pass- word fields, using eight to 20 characters and at least one alpha character, one numeric character, and one specia...
Page 384
Wf g roup a dministrator s ection c hapter 1: p olicy screen 356 m86 s ecurity u ser g uide add the ip address of the member if using the invisible or router mode: 1. Specify whether to add an ip address range with or without a netmask by selecting either “source ip” or “source ip start / end”. • if...
Page 385: Override Account Window
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 357 override account window the override account window displays when override account is selected from the menu. This window is used for creating an override account that allows an end user from a master ip grou...
Page 386: Add An Override Account
Wf g roup a dministrator s ection c hapter 1: p olicy screen 358 m86 s ecurity u ser g uide see appendix c: override pop-up blockers for information on how a user with an override account can authenticate if a pop-up blocker is installed on his/her workstation. Add an override account to create an o...
Page 387: Category Profile
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 359 category profile the rule tab is used for creating the categories portion of the override account profile. Fig. 3:1-6 override account pop-up window, rule tab to create the category profile: 1. Select a filte...
Page 388
Wf g roup a dministrator s ection c hapter 1: p olicy screen 360 m86 s ecurity u ser g uide in the adult content category group some of the library catego- ries have a block setting and other library categories have a warn setting, there would be no category group filter setting, since all library c...
Page 389
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 361 • in the quota column, enter the number of minutes the user will be able to access the library group/category. The minimum number of minutes is “1” and the maximum is “1439” (one day minus one minute). The nu...
Page 390: Redirect Url
Wf g roup a dministrator s ection c hapter 1: p olicy screen 362 m86 s ecurity u ser g uide redirect url the redirect tab is used for specifying the url to be used for redirecting the user if he/she attempts to access a site or service set up to be blocked. Fig. 3:1-7 override account pop-up window,...
Page 391: Filter Options
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 363 filter options the filter options tab is used for specifying which filter option(s) will be applied to the override account profile. Fig. 3:1-8 override account pop-up window, filter options tab click the che...
Page 392
Wf g roup a dministrator s ection c hapter 1: p olicy screen 364 m86 s ecurity u ser g uide aol’s “strict” safesearch filtering option will be used whenever the end user performs a google, bing.Com, yahoo!, youtube, ask.Com, or aol web search or image search. Warning: if this option is used in conju...
Page 393: Edit An Override Account
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 365 note: to set up url keywords in a url keywords window, see the url keywords window in chapter 2. Edit an override account change the password to change an override account’s password: 1. In the current accoun...
Page 394: Delete An Override Account
Wf g roup a dministrator s ection c hapter 1: p olicy screen 366 m86 s ecurity u ser g uide delete an override account to delete an override account: 1. In the current accounts frame, select the username from the list box. 2. Click remove. Group profile window the group profile window displays when ...
Page 395
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 367 fig. 3:1-9 group profile window, profile tab note: in order to use this tab, filtering rules profiles must already have been set up by the global administrator. By default, “rule0 minimum filtering level” dis...
Page 396
Wf g roup a dministrator s ection c hapter 1: p olicy screen 368 m86 s ecurity u ser g uide tip: in the category groups tree, double-click the group enve- lope to open that segment of the tree and to view library catego- ries belonging to that group. Note: if a category group does not display any fi...
Page 397
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 369 4. To use the quota feature to restrict the end user’s access to a passed library group/category, do the following: • in the quota column, enter the number of minutes the user will be able to access the libra...
Page 398: Redirect Url
Wf g roup a dministrator s ection c hapter 1: p olicy screen 370 m86 s ecurity u ser g uide redirect url redirect url displays when the redirect url tab is clicked. This tab is used for specifying the url to be used for redirecting users who attempt to access a site or service set up to be blocked a...
Page 399: Filter Options
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 371 filter options filter options displays when the filter options tab is clicked. This tab is used for specifying which filter option(s) will be applied to the group’s filtering profile. Fig. 3:1-11 group profil...
Page 400
Wf g roup a dministrator s ection c hapter 1: p olicy screen 372 m86 s ecurity u ser g uide note: see the x strikes blocking window in chapter 1: system screen of the wf global administrator section for information on setting up the x strikes blocking feature. Google/bing/yahoo!/youtube/ask/aol safe...
Page 401
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 373 notes: search engine keyword filtering relies on an exact keyword match. For example, if the word “sex” is set up to be blocked, but “sexes” is not set up to be blocked, a search will be allowed on “sexes” bu...
Page 402: Exception Url Window
Wf g roup a dministrator s ection c hapter 1: p olicy screen 374 m86 s ecurity u ser g uide exception url window the exception url window displays when exception url is selected from the group menu. This window is used for blocking group members’ access to specified urls and/or for letting group mem...
Page 403: Valid Url Entries
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 375 valid url entries the following types of url entries are accepted in this window: • formats such as: http://www.Coors.Com, www.Coors.Com, or coors.Com • ip address - e.G. "209.247.228.221" in http:// 209.247....
Page 404
Wf g roup a dministrator s ection c hapter 1: p olicy screen 376 m86 s ecurity u ser g uide add urls to block url or bypass url frame to block or bypass specified urls, in the block url or the bypass url frame: 1. Type the url to be blocked in the block urls field, or the url to be bypassed in the b...
Page 405
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 377 empty checkbox for each entry in the table. Check the checkbox corresponding to a url entry you want to designate as being case-specific. The url entry made by the end user must exactly match this entry in or...
Page 406
Wf g roup a dministrator s ection c hapter 1: p olicy screen 378 m86 s ecurity u ser g uide • “url cannot be added due to conflicts” - preceded by the red circle icon with a line through it, this type of conflict indicates the url is already included in the exception url list. Url can be added, but ...
Page 407
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 379 remove urls from block url or bypass url frame to remove urls from the block url or the bypass url frame: 1. Select a url to be removed from the block url / bypass url list box; your selection populates the b...
Page 408: Apply Settings
Wf g roup a dministrator s ection c hapter 1: p olicy screen 380 m86 s ecurity u ser g uide 3. Click remove selected to close the pop-up window and to remove your selection(s) from the appropriate url list box. Apply settings click apply to apply your settings after adding or removing any urls. Time...
Page 409: Add A Time Profile
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 381 add a time profile to create a time profile: 1. Click add to open the adding time profile pop-up box: fig. 3:1-17 adding time profile 2. Type in three to 20 alphanumeric characters—the under- score ( _ ) char...
Page 410
Wf g roup a dministrator s ection c hapter 1: p olicy screen 382 m86 s ecurity u ser g uide a. Select from a list of time slots incremented by 15 minutes: “12:00” to “11:45”. By default, the start field displays the closest 15-minute future time, and the end field displays a time that is one hour ah...
Page 411
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 383 if 5 is entered, this profile will be used every five days at the specified time. • weekly - if this selection is made, enter the interval for the weeks this time profile will be used, and specify the day(s) ...
Page 412
Wf g roup a dministrator s ection c hapter 1: p olicy screen 384 m86 s ecurity u ser g uide first enter the year(s) for the interval. By default “1” displays, indicating this time profile will be used each year. Next, choose from one of two options to specify the day of the month for the interval: •...
Page 413
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 385 7. Click each of the tabs (rule, redirect, filter options, exception) and specify criteria to complete the time profile. (see category profile, redirect url, filter options, and exception url in this sub-sect...
Page 414: Category Profile
Wf g roup a dministrator s ection c hapter 1: p olicy screen 386 m86 s ecurity u ser g uide category profile the rule tab is used for creating the categories portion of the time profile. Fig. 3:1-19 time profile pop-up window, rule tab note: see the override account window, category profile sub- sec...
Page 415: Redirect Url
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 387 redirect url the redirect tab is used for specifying the url to be used for redirecting users who attempt to access a site or service set up to be blocked. Fig. 3:1-20 time profile pop-up window, redirect url...
Page 416: Filter Options
Wf g roup a dministrator s ection c hapter 1: p olicy screen 388 m86 s ecurity u ser g uide filter options the filter options tab is used for specifying which filter option(s) will be applied to the time profile. Fig. 3:1-21 time profile pop-up window, filter options tab note: see the override accou...
Page 417: Exception Url
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 389 exception url the exception tab is used for allowing users to be blocked from accessing specified urls and/or to be allowed to access specified urls blocked at the minimum filtering level. Fig. 3:1-22 time pr...
Page 418: Approved Content
Wf g roup a dministrator s ection c hapter 1: p olicy screen 390 m86 s ecurity u ser g uide approved content the approved content tab is used for enabling/disabling the approved content feature for users to view specific youtube or schooltube videos from a designated portal or from vusafe. If this f...
Page 419: Modify A Time Profile
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 391 modify a time profile to modify an existing time profile: 1. Select the time profile from the current time profiles list box. 2. Click view/modify to open the modify time profiles pop- up window. 3. Make modi...
Page 420
Wf g roup a dministrator s ection c hapter 1: p olicy screen 392 m86 s ecurity u ser g uide approved content settings window the approved content settings window displays when approved content (incl. Vusafe) is selected from the group menu. This window is used for granting users access to a specifie...
Page 421
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 393 note: if pattern blocking is enabled (system > control > filter > service control frame), then the filtering profile must "allow" the flash video (flv) pattern (category groups > bandwidth > streaming media >...
Page 422
Wf g roup a dministrator s ection c hapter 1: p olicy screen 394 m86 s ecurity u ser g uide if the global group has the “enable approved content (incl. Vusafe)” option disabled, the message “pass- keys are currently disabled” displays, and any pass- keys listed for the global group will not be inher...
Page 423: Upload Ip Profiles
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 395 upload/download ip profile window the ip profile management window displays when upload/ download ip profile is selected from the group menu. This window is used for uploading or downloading a text file conta...
Page 424
Wf g roup a dministrator s ection c hapter 1: p olicy screen 396 m86 s ecurity u ser g uide note: leave the refresh page open until the file containing the profile has been uploaded. 2. Click browse... To open the choose file window in which you find and select the file containing the ip profiles to...
Page 425: Download Profile
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 397 download profile if profiles have been created and/or uploaded to the server: 1. Click download profile to open a browser window containing the profiles: fig. 3:1-28 download ip profiles window the contents o...
Page 426: Add Sub Group
Wf g roup a dministrator s ection c hapter 1: p olicy screen 398 m86 s ecurity u ser g uide add sub group add an ip sub group from the group menu: 1. Click add sub group to open the create sub group dialog box: fig. 3:1-29 create sub group box 2. Enter the group name for the sub-group. Notes: the na...
Page 427: Add Individual Ip
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 399 add individual ip add an individual ip member from the group menu: 1. Click add individual ip to open the create individual ip dialog box: fig. 3:1-30 create individual ip box 2. Enter the member name for the...
Page 428: Delete Group
Wf g roup a dministrator s ection c hapter 1: p olicy screen 400 m86 s ecurity u ser g uide delete group delete a master ip group profile to delete a group profile, choose delete group from the group menu. This action removes the master ip group from the tree. Paste sub group the paste sub group fun...
Page 429: Sub Group
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 401 sub group sub group includes options for creating and maintaining the filtering profile for the sub-group. Click the sub-group’s link to view a menu of sub-topics: sub group details, members, sub group profil...
Page 430: Add Ip Sub-Group Details
Wf g roup a dministrator s ection c hapter 1: p olicy screen 402 m86 s ecurity u ser g uide • ip range • memberip address and netmask or ip address range, and mac address(es) if using the mobile mode. Note: see appendix d: mobile client for information on using the mobile mode. Add ip sub-group deta...
Page 431: Members Window
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 403 • enter the ip address range in the text boxes. 3. Click apply to save your entries. Once applied, the member fields become greyed-out and the apply button becomes deactivated (see fig. 3:1-32). Members windo...
Page 432: Modify Sub-Group Members
Wf g roup a dministrator s ection c hapter 1: p olicy screen 404 m86 s ecurity u ser g uide modify sub-group members the modify sub group member frame is comprised of the ip address and mac address frames. 1. In the ip address frame, specify whether to add or edit an ip address range with or without...
Page 433: Exception Url Window
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 405 exception url window the exception url window displays when exception url is selected from the sub-group menu. This window is used for blocking sub-group members’ access to specified urls and/or for letting s...
Page 434
Wf g roup a dministrator s ection c hapter 1: p olicy screen 406 m86 s ecurity u ser g uide approved content settings window the approved content settings window displays when approved content (incl. Vusafe) is selected from the sub- group menu. This window is used for granting access to a specified...
Page 435: Delete Sub Group
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 407 delete sub group delete an ip sub-group to delete a sub-group, choose delete sub group from the sub-group menu. This action removes the sub-group from the tree. Copy sub group the copy sub group function is u...
Page 436: Individual Ip
Wf g roup a dministrator s ection c hapter 1: p olicy screen 408 m86 s ecurity u ser g uide individual ip individual ip includes options for creating and maintaining the filtering profile for the individual ip member. Click the individual ip member’s link to view a menu of sub-topics: members, indiv...
Page 437: Individual Ip Profile Window
Wf g roup a dministrator s ection c hapter 1: p olicy screen m86 s ecurity u ser g uide 409 enter the ip address of the member in the modify individual group member frame: 1. Enter the ip address in the member field. 2. Click modify to apply your changes. Individual ip profile window the individual ...
Page 438: Delete Individual Ip
Wf g roup a dministrator s ection c hapter 1: p olicy screen 410 m86 s ecurity u ser g uide note: see the time profile window in the master ip group sub- section of this chapter for information on entries that can be made for the following components of the filtering profile: category profile, redir...
Page 439: Chapter 2: Library Screen
Wf g roup a dministrator s ection c hapter 2: l ibrary screen m86 s ecurity u ser g uide 411 chapter 2: library screen group administrators use windows and dialog boxes in the library screen to look up urls and to add and maintain custom library categories for a group. Library categories are used wh...
Page 440: Library Lookup
Wf g roup a dministrator s ection c hapter 2: l ibrary screen 412 m86 s ecurity u ser g uide library lookup library lookup window the library lookup window displays when library lookup is selected from the navigation panel. This window is used for verifying whether or not a url or search engine keyw...
Page 441: Look Up A Url
Wf g roup a dministrator s ection c hapter 2: l ibrary screen m86 s ecurity u ser g uide 413 look up a url 1. In the url lookup frame, enter the url. For example, enter http://www.Coors.Com, coors.Com, or use a wild- card by entering *.Coors.Com. A wildcard entry finds all urls containing text that ...
Page 442: Custom Categories
Wf g roup a dministrator s ection c hapter 2: l ibrary screen 414 m86 s ecurity u ser g uide look up a search engine keyword to see if a search engine keyword or keyword phrase has been included in any library category: 1. In the search engine keyword lookup frame, enter the search engine keyword or...
Page 443: Add Category
Wf g roup a dministrator s ection c hapter 2: l ibrary screen m86 s ecurity u ser g uide 415 warning: the maximum number of categories that can be saved is 512. This figure includes both m86 supplied categories and custom categories. Add category a unique custom library category should be created on...
Page 444: Refresh
Wf g roup a dministrator s ection c hapter 2: l ibrary screen 416 m86 s ecurity u ser g uide new custom category, the group name displays in paren- theses after the long name. Tip: if this is the first custom category you are adding, you may need to double-click “custom categories” to open the tree ...
Page 445: Custom Library Category
Wf g roup a dministrator s ection c hapter 2: l ibrary screen m86 s ecurity u ser g uide 417 custom library category when a custom library category is created, its long name displays in the custom categories tree list. Click the custom library category link to view a menu of sub-topics: library deta...
Page 446: View, Edit Library Details
Wf g roup a dministrator s ection c hapter 2: l ibrary screen 418 m86 s ecurity u ser g uide fig. 3:2-6 library details window view, edit library details the following display and cannot be edited: custom cate- gories group name and library category short name. 1. The long description name displays ...
Page 447: Urls Window
Wf g roup a dministrator s ection c hapter 2: l ibrary screen m86 s ecurity u ser g uide 419 urls window the urls window displays when urls is selected from the custom library category’s menu of sub-topics. This window is used for viewing, adding and/or removing a url from a custom library category’...
Page 448
Wf g roup a dministrator s ection c hapter 2: l ibrary screen 420 m86 s ecurity u ser g uide view a list of urls in the library category to view a list of all urls that either have been added or deleted from the master url list or master wildcard url list: 1. Click the view tab. 2. Make a selection ...
Page 449
Wf g roup a dministrator s ection c hapter 2: l ibrary screen m86 s ecurity u ser g uide 421 add or remove urls or wildcard urls the action tab is used for making entries in the urls window for adding or removing a url or wildcard url, uploading a master url list or master wildcard url list, or relo...
Page 450
Wf g roup a dministrator s ection c hapter 2: l ibrary screen 422 m86 s ecurity u ser g uide tip: multiple urls can be selected by clicking each url while pressing the ctrl key on your keyboard. Blocks of urls can be selected by clicking the first url, and then pressing the shift key on your keyboar...
Page 451
Wf g roup a dministrator s ection c hapter 2: l ibrary screen m86 s ecurity u ser g uide 423 remove a url from the library category to remove a url or wildcard url from the library category: 1. Click the action tab. 2. Enter the url in the edit url list frame or edit wild- card url list frame, as pe...
Page 452
Wf g roup a dministrator s ection c hapter 2: l ibrary screen 424 m86 s ecurity u ser g uide tip: a url text file must contain one url per line. Warning: the text file uploaded to the server will overwrite the current file. Note: before the file is uploaded to the server, it will first be vali- date...
Page 453
Wf g roup a dministrator s ection c hapter 2: l ibrary screen m86 s ecurity u ser g uide 425 a. Go to the ip lookup options section and click the radio button corresponding to the option to be used when uploading the file: • “upload the file with ip lookup” - if this option is selected, ip addresses...
Page 454
Wf g roup a dministrator s ection c hapter 2: l ibrary screen 426 m86 s ecurity u ser g uide 3. Select the file to be uploaded. Tip: a wildcard url text file must contain one wildcard url per line. Warning: the text file uploaded to the server will overwrite the current file. Note: before the file i...
Page 455: Reload The Library
Wf g roup a dministrator s ection c hapter 2: l ibrary screen m86 s ecurity u ser g uide 427 note: in order for the urls to take effect, library categories must be reloaded. Reload the library after all changes have been made to library windows, click reload library to refresh. Note: since reloading...
Page 456: View A List of Url Keywords
Wf g roup a dministrator s ection c hapter 2: l ibrary screen 428 m86 s ecurity u ser g uide note: if the feature for url keyword filtering is not enabled in a filtering profile, url keywords can be added in this window but url keyword filtering will not be in effect for the user(s). (see the filter...
Page 457: Reload The Library
Wf g roup a dministrator s ection c hapter 2: l ibrary screen m86 s ecurity u ser g uide 429 upload a list of url keywords to the library to upload a text file containing url keyword additions: 1. In the upload master url keyword file frame, click upload master to open the upload library keyword pop...
Page 458
Wf g roup a dministrator s ection c hapter 2: l ibrary screen 430 m86 s ecurity u ser g uide search engine keywords window the search engine keywords window displays when search engine keywords is selected from the custom library category’s menu of sub-topics. This window is used for adding and remo...
Page 459
Wf g roup a dministrator s ection c hapter 2: l ibrary screen m86 s ecurity u ser g uide 431 able to run a search on a subject such as “cotton gin”. However, if the word “sex” is set up to be blocked, a search will be allowed on “sexes” but not “sex” since a search engine keyword must exactly match ...
Page 460: Reload The Library
Wf g roup a dministrator s ection c hapter 2: l ibrary screen 432 m86 s ecurity u ser g uide upload a master list of search engine keywords to upload a master list containing search engine keyword/ phrase additions: 1. In the upload search keywords file frame, click upload master to open the upload ...
Page 461: Ilter
W eb f ilter a ppendices s ection a ppendix a m86 s ecurity u ser g uide 433 w eb f ilter a ppendices s ection appendix a filtering profile format and rules a filtering profile must be set up in a specified format, containing the following items: 1. The username or group name 2. Ip address or mac ad...
Page 462: Rule Criteria
W eb f ilter a ppendices s ection a ppendix a 434 m86 s ecurity u ser g uide rule criteria rule criteria consists of selections made from the following lists of codes that are used in profile strings: • port command codes: a = filter all ports b = filter the defined port number(s) i = open all ports...
Page 463
W eb f ilter a ppendices s ection a ppendix a m86 s ecurity u ser g uide 435 • category command codes: category command codes must be entered in the following order: j, r, m, i. “passed” should either be entered after j, r, or m, or after a string of category codes following j, r, or m. J = position...
Page 464
W eb f ilter a ppendices s ection a ppendix a 436 m86 s ecurity u ser g uide • filter option codes: • 0x1 = exception url query (always enabled) • 0x2 = x strikes blocking • 0x4 = google/bing/yahoo!/youtube/ask/aol safe search enforcement • 0x100 = search engine keyword • 0x200 = url keyword • 0x100...
Page 465: Appendix B
W eb f ilter a ppendices s ection a ppendix b m86 s ecurity u ser g uide 437 appendix b create a custom block page m86 offers ways for you to customize the block page so that the page can have a different look while retaining the infor- mation/functionality provided in m86’s default block page. Note...
Page 466: 2. Exclude Filtering Ip
W eb f ilter a ppendices s ection a ppendix b 438 m86 s ecurity u ser g uide http://[:]/ ?Url=&ip= ip>&cat=&user= 2. Exclude filtering ip 1. Go to: gui: policy > global group > range to detect 2. Input the ip address under “destination ip” > ”exclude ip” without excluding this ip address, the web fi...
Page 467: (Optional)
W eb f ilter a ppendices s ection a ppendix b m86 s ecurity u ser g uide 439 show m86’s information in the block page (optional) the following information is passed to the through the query string: implement the “further option” (optional) the “further option” is included in m86’s default block page...
Page 468
W eb f ilter a ppendices s ection a ppendix b 440 m86 s ecurity u ser g uide customized block page examples the examples in the reference portion of this appendix illustrate how form data is parsed and posted in the custom- ized block page. Examples include: 1. Html (using java script to parse/post ...
Page 469: Reference
W eb f ilter a ppendices s ection a ppendix b m86 s ecurity u ser g uide 441 reference html function parsedata(str, start, end) { result = ""; i = str.Indexof(start); if (i >= 0) { len = str.Length; substr = str.Substr(i+start.Length, len - start.Length); j = substr.Indexof(end); if ( j > 0) { resul...
Page 470
W eb f ilter a ppendices s ection a ppendix b 442 m86 s ecurity u ser g uide user = parsedata(query, "user=", "&"); document.Block.User.Value = user; } } function showdata(){ document.Write("url:" + document.Block.Url.Value + ""); document.Write("ip:" + document.Block.Ip.Value + ""); document.Write(...
Page 471: Cgi Written In Perl
W eb f ilter a ppendices s ection a ppendix b m86 s ecurity u ser g uide 443 cgi written in perl there are two methods for cgi written in perl: one lets you embed data in the query string to pass data to the options cgi, and the other lets you use java script to post form data to the options cgi. Em...
Page 472
W eb f ilter a ppendices s ection a ppendix b 444 m86 s ecurity u ser g uide print "for further options, :81/ cgi/ block.Cgi?Url=$url&ip=$ip&cat=$cat&user=$user&step=step2\">click here"; print " "; print " "; use java script to post form data #!/usr/bin/perl # original filename: cusp_block2.Cg...
Page 473: Cgi Written In C
W eb f ilter a ppendices s ection a ppendix b m86 s ecurity u ser g uide 445 print " print " print " value=\"_block_site_\">"; print ""; print ""; print ""; print ""; print ""; print "web filter customized block page (cgi written with perl using java script to post form data)"; print "...
Page 474
W eb f ilter a ppendices s ection a ppendix b 446 m86 s ecurity u ser g uide void printhtml(); void unescape_url(char *url); char x2c(char *what); char *makeword(char *line, char stop); void plustospace(char *str); char *fmakeword(file *f, char stop, int *cl); int to_upper(char *string); void getque...
Page 475
W eb f ilter a ppendices s ection a ppendix b m86 s ecurity u ser g uide 447 areas of the program ====================================================*/ data_size = atoi(getenv("content_length")); for(index = 0; data_size && (!Feof(stdin)); index++) { entries[index].Val = (char *)fmakeword(stdin, '&...
Page 476
W eb f ilter a ppendices s ection a ppendix b 448 m86 s ecurity u ser g uide szusername); printf(" value=\"step2\">"); printf("web filter customized block page (cgi written with c using java script to post form data)"); printf("url: %s", szurl); printf("ip: %s", szip); printf("cat: %s", sz...
Page 477
W eb f ilter a ppendices s ection a ppendix b m86 s ecurity u ser g uide 449 int x = 0, y; char *word = (char *) malloc(sizeof(char) * (strlen(line) + 1)); for(x=0;((line[x]) && (line[x] != stop));x++) word[x] = line[x]; word[x] = '\0'; if(line[x]) ++x; y=0; while(line[y++] = line[x++]); return word...
Page 478
W eb f ilter a ppendices s ection a ppendix b 450 m86 s ecurity u ser g uide word[ll] = '\0'; return word; } ++ll; } } /* to_upper: * change the string to upper case */ int to_upper(char *string) { int len; int i; char *tmp=null; if (string && strlen(string)) { if (!(tmp=(char*)strdup(string))) retu...
Page 479: Appendix C
W eb f ilter a ppendices s ection a ppendix c m86 s ecurity u ser g uide 451 appendix c override pop-up blockers an override account user with pop-up blocking software installed on his/her workstation will need to temporarily disable pop-up blocking in order to authenticate him/herself via the optio...
Page 480
W eb f ilter a ppendices s ection a ppendix c 452 m86 s ecurity u ser g uide yahoo! Toolbar pop-up blocker if pop-up blocking is enabled 1. In the options page (see fig. C-1), enter your username and password. 2. Press and hold the ctrl key on your keyboard while simultaneously clicking the override...
Page 481
W eb f ilter a ppendices s ection a ppendix c m86 s ecurity u ser g uide 453 fig. C-3 allow pop-ups from source 3. Select the source from the sources of recently blocked pop-ups list box to activate the allow button. 4. Click allow to move the selected source to the always allow pop-ups from these s...
Page 482
W eb f ilter a ppendices s ection a ppendix c 454 m86 s ecurity u ser g uide google toolbar pop-up blocker if pop-up blocking is enabled 1. In the options page (see fig. C-1), enter your username and password. 2. Press and hold the ctrl key on your keyboard while simultaneously clicking the override...
Page 483: Adwaresafe Pop-Up Blocker
W eb f ilter a ppendices s ection a ppendix c m86 s ecurity u ser g uide 455 adwaresafe pop-up blocker if pop-up blocking is enabled 1. In the options page (see fig. C-1), enter your username and password. 2. Press and hold the ctrl key on your keyboard while simultaneously clicking the override but...
Page 484
W eb f ilter a ppendices s ection a ppendix c 456 m86 s ecurity u ser g uide mozilla firefox pop-up blocker add override account to the white list 1. From the firefox browser, go to the toolbar and select tools > options to open the options dialog box. 2. Click the content tab at the top of this box...
Page 485
W eb f ilter a ppendices s ection a ppendix c m86 s ecurity u ser g uide 457 fig. C-7 mozilla firefox pop-up window exceptions 4. Enter the address of the web site to let the override account window pass. 5. Click allow to add the url to the list box section below. 6. Click close to close the allowe...
Page 486: Set Up Pop-Up Blocking
W eb f ilter a ppendices s ection a ppendix c 458 m86 s ecurity u ser g uide windows xp sp2 pop-up blocker set up pop-up blocking there are two ways to enable the pop-up blocking feature in the ie browser. Use the internet options dialog box 1. From the ie browser, go to the toolbar and select tools...
Page 487: Use The Ie Toolbar
W eb f ilter a ppendices s ection a ppendix c m86 s ecurity u ser g uide 459 use the ie toolbar in the ie browser, go to the toolbar and select tools > pop- up blocker > turn on pop-up blocker: fig. C-9 toolbar setup when you click turn on pop-up blocker, this menu selec- tion changes to turn off po...
Page 488: Use The Ie Toolbar
W eb f ilter a ppendices s ection a ppendix c 460 m86 s ecurity u ser g uide add override account to the white list there are two ways to disable pop-up blocking for the over- ride account and to add the override account to your white list. Use the ie toolbar 1. With pop-up blocking enabled, go to t...
Page 489: Use The Information Bar
W eb f ilter a ppendices s ection a ppendix c m86 s ecurity u ser g uide 461 use the information bar with pop-up blocking enabled, the information bar can be set up and used for viewing information about blocked pop- ups or allowing pop-ups from a specified site. Set up the information bar 1. Go to ...
Page 490
W eb f ilter a ppendices s ection a ppendix c 462 m86 s ecurity u ser g uide 3. Click the information bar for settings options: fig. C-12 information bar menu options 4. Select always allow pop-ups from this site—this action opens the allow pop-ups from this site? Dialog box: fig. C-13 allow pop-ups...
Page 491: Appendix D
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 463 appendix d mobile client mobile client performs internet filtering and blocking on mobile pcs physically located outside your organization. This product is comprised of a web filter configured to use the mobile mode, profil...
Page 492: Environment Requirements
W eb f ilter a ppendices s ection a ppendix d 464 m86 s ecurity u ser g uide environment requirements workstation requirements system requirements for the administrator include the following: • web filter must be configured to use the mobile mode option • session cookies from the web filter must be ...
Page 493: Network Requirement
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 465 network requirement • high speed connection from the web filter to mobile pcs remote filtering components • mobile client software installed on each end user’s mobile pc work flow overview mobile client installed on a mobil...
Page 494: Network Operations Overview
W eb f ilter a ppendices s ection a ppendix d 466 m86 s ecurity u ser g uide network operations overview mobile client on the network 1. A url request is made from an end user’s mobile pc to access inappropriate content on the internet. 2. The mobile client installed on the end user’s workstation se...
Page 495
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 467 configure the web filter to use the mobile mode the operation mode window is used for setting up the web filter to use the mobile mode for filtering mobile pcs. 1. In the mode frame, choose either “mobile only” or one of th...
Page 496
W eb f ilter a ppendices s ection a ppendix d 468 m86 s ecurity u ser g uide exception url, ldap authentication, and warn and quota filter settings. (an end user with categories blocked in his/her profile will be blocked from categories with a warn or quota setting instead of receiving a warning or ...
Page 497
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 469 notes: follow steps 2-3 for each mac address to be added. To remove a member from the current members list box, select the mac address from the list box, and then click remove. Select mac addresses for a sub group in the mo...
Page 498: View Sub Group Mac Addresses
W eb f ilter a ppendices s ection a ppendix d 470 m86 s ecurity u ser g uide • to remove mac addresses from the sub-group, select each sub-group by highlighting it in the member mac(s) list box, and then clicking the right arrow to move the item(s) to the available mac(s) list box. Tips: multiple ma...
Page 499
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 471 if the sub-group has been completely defined, ip address criteria was entered in the ip address frame and saved in this window. Add a mac address to an individual member when using the mobile mode, the individual ip’s membe...
Page 500
W eb f ilter a ppendices s ection a ppendix d 472 m86 s ecurity u ser g uide upload mac address file for ip group a file containing multiple mac addresses can be uploaded to the master ip group using the upload/download ip profile window. Fig. D-6 master ip group’s upload/download ip profile window ...
Page 501: Troubleshoot Mac Addresses
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 473 troubleshoot mac addresses when using the mobile mode, the active profile lookup is used for verifying whether an entity has an active filtering profile for his/her mac address. This window also is used for troubleshooting ...
Page 502: Mobile Client Section
W eb f ilter a ppendices s ection a ppendix d 474 m86 s ecurity u ser g uide mobile client section the mobile client section of this user guide contains infor- mation on how the windows network administrator uses the mobile client deployment kit to install the mobile client on a windows or macintosh...
Page 503
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 475 download and install the deployment kit to download the mobile client deployment kit to your machine: 1. Launch the m86 mobile client web page, and then find and click the link for the mobile client deployment kit installer...
Page 504
W eb f ilter a ppendices s ection a ppendix d 476 m86 s ecurity u ser g uide fig. D-9 end user license agreement 4. Click next to go to the choose setup type step, and select the setup option for installing the mobile client: “typical”, “custom”, “complete”: fig. D-10 choose setup type 5. Click next...
Page 505
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 477 fig. D-11 installation process ready to begin 6. Click install to begin the installation process. The following page displays when the installation process is complete: fig. D-12 installation complete 7. Click finish to clo...
Page 506
W eb f ilter a ppendices s ection a ppendix d 478 m86 s ecurity u ser g uide access the mobile client deployment tool window once the mobile client deployment kit is installed on your machine, the mobile client deployment tool window (see fig. D-13) and package configuration window (see fig. D- 15) ...
Page 507: Configure A New Package Set
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 479 configure a new package set 1. In the mobile client deployment tool window, go to file > new package... To open the choose product version dialog box: fig. D-14 choose product version dialog box 2. Select the mobile client ...
Page 508: Specify Package Criteria
W eb f ilter a ppendices s ection a ppendix d 480 m86 s ecurity u ser g uide the package configuration window is comprised of the following frames: package information, network settings, automatic update settings, and application options settings. Note: to exit the package configuration window at an...
Page 509: Configure Network Settings
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 481 configure network settings the network settings frame includes fields for entering ip addresses of host servers used for filtering mobile worksta- tions and in-house workstations, and proxy server criteria— the latter, if a...
Page 510
W eb f ilter a ppendices s ection a ppendix d 482 m86 s ecurity u ser g uide add, remove internal filter host server note: entries made in this portion of the user interface are optional. If you have one filter host server on your network, the ip address would be the same ip address you entered for ...
Page 511
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 483 add proxy address or host name 1. If your organization is using a proxy server on the network, in the proxy address or host name field, enter the ip address or host name of your proxy server. 2. In the port field, enter the...
Page 512
W eb f ilter a ppendices s ection a ppendix d 484 m86 s ecurity u ser g uide optional: specify url for mobile client updates notes: a url directory entry is required in the automatic update settings frame only if the mobile client updater will be installed on end user workstations and a web server w...
Page 513
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 485 3. Click add to include the entry in the list box below. 4. After entering the url, click ok to close the dialog box and to display your entries in the update url base field of the package configuration window. Note: to rem...
Page 514
W eb f ilter a ppendices s ection a ppendix d 486 m86 s ecurity u ser g uide step 1: first line entry by default, the application options settings field is empty. If you wish to add any options, you must first type in mode 0 on the first line. For example: mode 0 {option #1} {option #2} … step 2: id...
Page 515
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 487 step 3: add an option line for the application enter an option line for each application to be blocked or bypassed. To block an application, for example: block_firefox -c “c:\program files\mozilla firefox\firefox.Exe” -k to...
Page 516
W eb f ilter a ppendices s ection a ppendix d 488 m86 s ecurity u ser g uide line encryptor/decryptor... Other types of application qualifying arguments exist in addition to the examples provided in the previous para- graphs of this user guide. It is also possible to encrypt the application options ...
Page 517
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 489 • md5 calculation - use the tools in this frame to generate an md5 “digital thumbprint” for a file. • aes / base64 encryption - use the tools in this frame to generate advanced encryption standard (aes) base64 encryption: 2...
Page 518
W eb f ilter a ppendices s ection a ppendix d 490 m86 s ecurity u ser g uide fig. D-20 mobile client package contents page.
Page 519
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 491 the mobile client package contents page includes the following information: • component versions - the mobile client windows and macintosh version numbers and mcu version numbers • packages - links to downloadable component...
Page 520
W eb f ilter a ppendices s ection a ppendix d 492 m86 s ecurity u ser g uide • configuration - mobile client and server settings: • configuration revision number • mobile server host ip address(es) and port number(s) • internal server host ip address(es) and port number(s) • proxy server - server ho...
Page 521
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 493 edit a package configuration 1. From the mobile client deployment tool window, select file > edit package... To open the select package window: fig. D-21 select package window 2. From the packages list box, choose the packa...
Page 522
W eb f ilter a ppendices s ection a ppendix d 494 m86 s ecurity u ser g uide edit default configuration settings 1. From the mobile client deployment tool window, select tools > edit default configuration... To open the package configuration window for default settings: fig. D-22 package configurati...
Page 523
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 495 tip: select file > cancel to exit without saving your edits. 2. Make your edits in this window and then select from the following options to save the default configuration: file > save or file > save and quit. Note: see sav...
Page 524: McU File Preparations
W eb f ilter a ppendices s ection a ppendix d 496 m86 s ecurity u ser g uide mcu file preparations in order to use the optional mobile client updater (mcu) component to distribute product or configuration updates to end users, you must first install the mcu on end user work- stations. Then you must ...
Page 525
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 497 step 2: choose a deployment host for updates decide where to host mobile client update files: • a web server you maintain • mobile server web filter host mc file on your web server this choice is advantageous for environmen...
Page 526
W eb f ilter a ppendices s ection a ppendix d 498 m86 s ecurity u ser g uide not coordinate their synchronization attempts with each other, the timing of download attempts will follow a random statistical distribution. Nevertheless, it is conceivable that if you have 4,000 client workstations, they ...
Page 527
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 499 step 3: post the latest files for mcu next you must post the mobile client configuration files to the host server. After this initial posting, whenever changes are made to the client configuration, or whenever a new softwar...
Page 528
W eb f ilter a ppendices s ection a ppendix d 500 m86 s ecurity u ser g uide 3. Click browse... To open the file upload window and search for the .Tgz file to be uploaded to the server. Warning: uploading subsequent packages of the mobile client to the server will overwrite the current file configur...
Page 529: Deployment to A Group
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 501 mc deployment to windows computers deployment to a group the modified 8e6client.Msi file is distributed to multiple windows workstations by creating a group policy object (gpo) which assigns this software to the required co...
Page 530
W eb f ilter a ppendices s ection a ppendix d 502 m86 s ecurity u ser g uide 3. Link the new policy: a. In the gpmc, select the domain or organizational unit for which the policy should be applied. B. Right-click, choose "link an existing gpo", and then select the new policy you created in step 2. C...
Page 531
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 503 5. Enable the policy link: return to the new policy link in the gpmc for the target domain or organizational unit, right-click, and then choose "link enabled". 6. Test the deployment: a. Select one of the workstations withi...
Page 532
W eb f ilter a ppendices s ection a ppendix d 504 m86 s ecurity u ser g uide installation on a single computer the mobile client is manually installed on a single windows workstation by following these procedures: 1. Go to the folder in which the modified 8e6client.Msi file was downloaded, and click...
Page 533
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 505 mobile client removal from computers uninstallation from a windows group if the group policy that was used for installing the mobile client on workstations is removed, the mobile client will still remain installed on target...
Page 534
W eb f ilter a ppendices s ection a ppendix d 506 m86 s ecurity u ser g uide • windows xp: start > control panel > add or remove programs 2. Find the mobile client program and click remove to open the m86 mobile client - uninstall dialog box: fig. D-27 mobile client uninstall dialog box 3. Copy the ...
Page 535
W eb f ilter a ppendices s ection a ppendix d m86 s ecurity u ser g uide 507 fig. D-29 generate a key copy this uninstall key. In this example: f0d34d note: click close to close the create uninstall key pop-up window. 6. Access the m86 mobile client - uninstall dialog box again, and enter the genera...
Page 536: Appendix E
W eb f ilter a ppendices s ection a ppendix e 508 m86 s ecurity u ser g uide appendix e glossary this glossary includes definitions for terminology used in this user guide. Always allowed - a filter category or port given this desig- nation in a profile will be included in the white list. However, t...
Page 537
W eb f ilter a ppendices s ection a ppendix e m86 s ecurity u ser g uide 509 global administrator - an authorized administrator of the network who maintains all aspects of the web filter, except for managing master ip groups and their members, and their associated filtering profiles. The global admi...
Page 538
W eb f ilter a ppendices s ection a ppendix e 510 m86 s ecurity u ser g uide (ldap) is a directory service protocol based on entries (distinguished names). M86 supplied category - a library category that was created by m86, and includes a list of urls, url keywords, and search engine keywords to be ...
Page 539
W eb f ilter a ppendices s ection a ppendix e m86 s ecurity u ser g uide 511 net use - a command that is used for connecting a computer to—or disconnecting a computer from—a shared resource, or displaying information about computer connec- tions. The command also controls persistent net connec- tion...
Page 540
W eb f ilter a ppendices s ection a ppendix e 512 m86 s ecurity u ser g uide protocol - a type of format for transmitting data between two devices. Ldap and smb are types of authentication method protocols. Proxy server - an appliance or software that accesses the internet for the user’s client pc. ...
Page 541
W eb f ilter a ppendices s ection a ppendix e m86 s ecurity u ser g uide 513 search engine - a program that searches web pages for specified keywords and returns a list of the pages or services where the keywords were found. Service port - service ports can be set up to blocked. Examples of these po...
Page 542
W eb f ilter a ppendices s ection a ppendix e 514 m86 s ecurity u ser g uide virtual ip address - the ip address used for communi- cating with all users who log on the network. Vlan - virtual local area network is a network of computers that may be located on different segments of a lan but communic...
Page 543: Sr I
Sr i ntroductory s ection s ecurity r eporter o verview m86 s ecurity u ser g uide 515 sr i ntroductory s ection security reporter overview m86’s security reporter (sr) application is comprised of the system configuration administrator console and report manager. Using system configuration screens, ...
Page 544
Sr i ntroductory s ection a bout this p ortion of the u ser g uide 516 m86 s ecurity u ser g uide about this portion of the user guide the security reporter portion of the user guide primarily addresses the administrator designated to configure and manage the security reporter on the network. This a...
Page 545
Sr i ntroductory s ection a bout this p ortion of the u ser g uide m86 s ecurity u ser g uide 517 • sr appendices section - appendix a of this section explains how to use the sr in the evaluation mode, and how to switch to the registered mode. Appendix b provides details on setting up and using the ...
Page 546: Terminology
Sr i ntroductory s ection a bout this p ortion of the u ser g uide 518 m86 s ecurity u ser g uide terminology the following terms are used throughout this user guide. Sample images (not to scale) are included for each item. • accordion - one of at least two or more like objects, stacked on top of ea...
Page 547
Sr i ntroductory s ection a bout this p ortion of the u ser g uide m86 s ecurity u ser g uide 519 • field - an area in a dialog box, window, or panel that either accommodates your data entry, or displays pertinent information. A text box is a type of field. • frame - a boxed-in area in a dialog box,...
Page 548
Sr i ntroductory s ection a bout this p ortion of the u ser g uide 520 m86 s ecurity u ser g uide • pop-up box or pop-up window - a box or window that opens after you click a button in a dialog box, window, or panel. This box or window may display information, or may require you to make one or more ...
Page 549
Sr i ntroductory s ection a bout this p ortion of the u ser g uide m86 s ecurity u ser g uide 521 • slider - a small, triangular-shaped object—posi- tioned on a line—that when clicked and dragged to the left or right decreases or increases the number of records displayed in the grid to which it pert...
Page 550: Getting Started
Sr i ntroductory s ection g etting s tarted 522 m86 s ecurity u ser g uide getting started procedures for logging in, out access the security reporter login window the sr report manager user interface is accessible in one of two ways: • by clicking the sr icon in the wfr welcome window (see access s...
Page 551
Sr i ntroductory s ection g etting s tarted m86 s ecurity u ser g uide 523 clicking the sr icon launches a separate browser window/ tab containing the security reporter login window (see fig. 1:1-2). Enter report manager’s url in the address field 1. Launch an internet browser window supported by th...
Page 552: Log In
Sr i ntroductory s ection g etting s tarted 524 m86 s ecurity u ser g uide log in note: in this window, security reporter’s software version number displays beneath the frame. To log in the application: 1. In the username field, type in your username (the default username is admin). If you are loggi...
Page 553
Sr i ntroductory s ection g etting s tarted m86 s ecurity u ser g uide 525 3. Click login to display the summary reports panel of the report manager user interface (if you have permissions to view this panel—see fig. 1:1-3 for a sample panel), or the drill down report wizard summary report panel of ...
Page 554: Re-Login
Sr i ntroductory s ection g etting s tarted 526 m86 s ecurity u ser g uide fig. 1:1-4 drill down report wizard summary report re-login each session is timed so that it remains active as long as there is activity in the user interface within an eight hour period. You need to log into the application ...
Page 555: Expired Passwords
Sr i ntroductory s ection g etting s tarted m86 s ecurity u ser g uide 527 expired passwords if your password has been set by the global administrator to expire after a specified number of days (system configura- tion: database > optional features), upon clicking the login button, the update passwor...
Page 556: Forgot Your Password
Sr i ntroductory s ection g etting s tarted 528 m86 s ecurity u ser g uide forgot your password if you forgot your password, you can reset it on demand. 1. Click the forgot your password? Link in the login window (see fig. 1:1-2) to open the forgot your pass- word? Window: fig. 1:1-6 forgot your pas...
Page 557
Sr i ntroductory s ection g etting s tarted m86 s ecurity u ser g uide 529 fig. 1:1-7 reset your password window 5. Enter a password comprised of eight to 20 characters (using at least one alpha, one numeric, and one symbol character) in the new password and confirm pass- word fields. 6. Click submi...
Page 558: User Interface Navigation
Sr i ntroductory s ection g etting s tarted 530 m86 s ecurity u ser g uide user interface navigation once you have logged into the report manager, use the navigation toolbar at the top of the screen to navigate to the section of the user interface you wish to use. This toolbar provides a menu link t...
Page 559
Sr i ntroductory s ection g etting s tarted m86 s ecurity u ser g uide 531 • help - hover over this link to view menu options for assisting you in configuring the sr: • online help - clicking this link accesses the web page at m86security.Com containing links to the latest documentation in the .Pdf ...
Page 560
Sr i ntroductory s ection g etting s tarted 532 m86 s ecurity u ser g uide divider in the column header to display the arrow and double line characters (). A column is then expanded or contracted by left-clicking the mouse and dragging the column bar to the right or left. • browser back button, refr...
Page 561: Wildcard Searches
Sr i ntroductory s ection g etting s tarted m86 s ecurity u ser g uide 533 wildcard searches 1. When performing a search with wildcard(s), enter text in the following format: %x%, %x, or x% (in which “x” represents a partial or complete user ip address, user- name, site url, or other specified searc...
Page 562: Log Out
Sr i ntroductory s ection g etting s tarted 534 m86 s ecurity u ser g uide log out to log out of the sr, click the logout button in the naviga- tion toolbar; this action re-displays the login window. Click the “x” in the upper right corner of the logout window or tab to close the window/tab. Exiting...
Page 563: Sr S
Sr s ystem c onfiguration s ection i ntroduction m86 s ecurity u ser g uide 535 sr s ystem c onfiguration s ection introduction the sr system configuration section of this portion of the user guide provides instructions to the global administrator on configuring and maintaining the sr. The global ad...
Page 564
Sr s ystem c onfiguration s ection c hapter 1: a ccess s ystem c onfiguration 536 m86 s ecurity u ser g uide chapter 1: access system configuration if your account profile is set up with privileges to access the system configuration administrator console, its user inter- face is accessible by naviga...
Page 565: Network Menu
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 537 chapter 2: configuring the server the system configuration administrator console is comprised of network, server, and database menu screens for configuring the sr and maintaining the report manager...
Page 566: Box Mode Screen
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 538 m86 s ecurity u ser g uide box mode screen the box mode screen displays when the box mode option is selected from the network menu. The box mode indicates whether the server box is functioning in the “live” mode, or in the “...
Page 567: Archive Mode
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 539 archive mode in the “archive” mode, the server solely functions as a receptacle in which historical, archived files are placed. In this mode, “old” files placed on the server can be viewed using th...
Page 568
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 540 m86 s ecurity u ser g uide • choose archive if you wish the server to function in the “archive” mode, solely as a receptacle for historical, archived files. 3. Click apply to confirm your selection. The mode you specify will...
Page 569
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 541 view locked accounts, ip addresses the frames in this screen display the following messages if there are no users currently locked out: • locked-out admin accounts - there is no adminis- trator acc...
Page 570: Server Menu
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 542 m86 s ecurity u ser g uide server menu the server pull-down menu includes options for setting up processes for maintaining the server. These options are: backup, self-monitoring, server status, secure access, shut down, and ...
Page 571
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 543 backup and recovery procedures important: m86 security recommends establishing backup and recovery procedures when you first begin using the sr. Please follow the advice in this section to ensure y...
Page 572: Execute A Manual Backup
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 544 m86 s ecurity u ser g uide as you can see, it is critical that raw logs are available to bridge the gap between the last database backup and the present time, and more frequent backups (local and remote) result in less “catc...
Page 573: Perform A Remote Backup
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 545 losing the oldest data on the sr, prior to the daily backup process. Warning: if corrupted data is detected on the sr, do not backup your data, as you may back up and eventually restore a corrupted...
Page 574
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 546 m86 s ecurity u ser g uide archive directory to get all the raw logs to include in your backup. 3. Store this backup data in a safe place off the remote server. If this backup database needs to be restored, it can be uploade...
Page 575: Self Monitoring Screen
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 547 self monitoring screen the self monitoring screen displays when the self-moni- toring option is selected from the server menu. This screen is used for setting up and maintaining e-mail addresses of...
Page 576: Deactivate Self-Monitoring
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 548 m86 s ecurity u ser g uide view a list of contact e-mail addresses if this feature is currently activated, the e-mail address of the master administrator displays on this screen, along with any other contacts set up as choic...
Page 577: Server Status Screen
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 549 server status screen the server status screen displays when the server status option is selected from the server menu. This screen, which automatically refreshes itself every 10 seconds, displays t...
Page 578
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 550 m86 s ecurity u ser g uide view the status of the server the product version number of the software displays at the top of the screen, along with the date that software version was implemented. Status information displays in...
Page 579: Secure Access Screen
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 551 secure access screen the secure access screen displays when the secure access option is selected from the server menu. This screen is primarily used by m86 security technical support representative...
Page 580: Terminate A Port Connection
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 552 m86 s ecurity u ser g uide fig. 2:2-8 port entries terminate a port connection 1. After maintenance has been performed on the customer’s server, select the active port number from the list box by clicking on it. 2. Click the...
Page 581: Shut Down Screen
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 553 shut down screen the shut down screen displays when the shut down option is selected from the server menu. This screen is used to restart or shut down the sr’s software. Fig. 2:2-9 shut down screen...
Page 582: Perform A Server Action
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 554 m86 s ecurity u ser g uide perform a server action 1. Click the radio button corresponding to the server action you wish to execute. 2. Click the apply button to display the warning screen. 3. To proceed with your selection,...
Page 583: Report Manager Screen
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 555 report manager screen the report manager screen displays when the report manager option is selected from the server menu. This screen is used for enabling specified features on the reporting side o...
Page 584
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 556 m86 s ecurity u ser g uide enable/disable the report manager scheduler 1. In the enable/disable report manager scheduler frame, click the appropriate radio button to specify whether or not to automatically run scheduled repo...
Page 585: Database Menu
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 557 database menu the database pull-down menu includes options for config- uring the database. These options are: ip.Id, elapsed time, page definition, tools, expiration, optional features, and user gr...
Page 586
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 558 m86 s ecurity u ser g uide fig. 2:2-11 user name identification screen with ip.Id activated as the administrator of the sr, you have the option to either enable or disable this feature for logging users’ activities by userna...
Page 587: Arnings
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 559 w arnings the sr will generate netbios requests outside the network if ip.Id is activated and if no segment settings have been specified in the configuration of the web filter—causing it to log ext...
Page 588
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 560 m86 s ecurity u ser g uide view the user name identification screen if user name identification is enabled, specified ip.Id criteria displays, and ip, machine, and username frames will be populated if entries were previously...
Page 589
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 561 page view elapsed time screen the page view elapsed time screen displays when the elapsed time option is selected from the database menu. This screen is used for establishing the value—amount of ti...
Page 590: Elapsed Time Rules
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 562 m86 s ecurity u ser g uide elapsed time rules each time a user on the network accesses a web site, this activity is logged as one or more visit(s) to that site. The amount of time a user spends on that site and the number of...
Page 591: Page Definition Screen
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 563 page definition screen the page definition screen displays when the page defini- tion option is selected from the database menu. This screen is used for specifying the types of pages to be included...
Page 592: Remove A Page Type
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 564 m86 s ecurity u ser g uide remove a page type to remove a page type from the detail report: 1. Select the page extension from the current page types list box. 2. Click remove. 3. Click apply. Add a page type to add a page ty...
Page 593: Tools Screen
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 565 tools screen the tools screen displays when the tools option is selected from the database menu. This screen is used for viewing reports and logs to help you troubleshoot problems with the report m...
Page 594: View Diagnostic Reports
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 566 m86 s ecurity u ser g uide view diagnostic reports 1. Choose a report from the pull-down menu (table status, process list, full process list, tables, or daily summary). 2. Click the view button to view the selected diagnosti...
Page 595
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 567 • db identify - this log provides information about the server’s action of obtaining user/machine names from name log files and populating the database with these names. • db ipgroups - this log li...
Page 596
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 568 m86 s ecurity u ser g uide • software installation log - this log gives information about the most recently applied software update. • software download log - this log gives information about recent software updates that hav...
Page 597: Expiration Screen
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 569 expiration screen the expiration screen displays when the expiration option is selected from the database menu. This screen shows statistics on the amount of data currently stored on the sr, and pr...
Page 598: Expiration Rules
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 570 m86 s ecurity u ser g uide expiration rules the sr calculates the maximum number of weeks of data it can store, based on the storage capacity of the hard drive and the average number of end user hits per day within the last ...
Page 599
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 571 view data storage statistics in the status section of this screen, the date and time of the last database expiration check displays in the status bar. The date displays in the yyyy-mm-dd format, an...
Page 600: Optional Features Screen
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 572 m86 s ecurity u ser g uide • estimated total week(s) of data - the estimated number of weeks of data the server will store. This number is affected by end user hits/day and the storage capacity of the server. • estimated num...
Page 601
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 573 fig. 2:2-16 optional features screen.
Page 602: Enable Block Request Count
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 574 m86 s ecurity u ser g uide enable search string reporting if search string reporting is enabled, detail drill down reports display the full search string content typed into a search engine text box for search sites such as g...
Page 603: Enable Time Usage Reports
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 575 note: since summary reports are processed each night, any changes made to settings today will not effective until the following day. Enable time usage reports if time usage report is enabled, time ...
Page 604
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 576 m86 s ecurity u ser g uide • “pages only” - choose this option to include only web page hits in reports. • “pages and objects” - choose this option to include both web page and object hits in reports. 2. Click apply to apply...
Page 605
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 577 • at the lockout by username field, click the radio button corresponding to either of the following options: • on - choose this option to lock out the user by username if the incorrect password is ...
Page 606
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 578 m86 s ecurity u ser g uide • failed password attempts timespan (in minutes) - with the lockout by username and/or lockout by ip address option(s) enabled, enter the number of minutes that defines the interval in which a user...
Page 607: User Group Import Screen
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver m86 s ecurity u ser g uide 579 user group import screen the user group import screen displays when the user group import option is selected from the database menu. This screen is used for specifying the web filter(s) to send lda...
Page 608: Import User Groups
Sr s ystem c onfiguration s ection c hapter 2: c onfiguring the s erver 580 m86 s ecurity u ser g uide import user groups note: web filter ip fields are populated by default if one or more web filter servers are connected to this sr. 1. Specify the web filter ip address of each web filter to send ld...
Page 609: Sr R
Sr r eport m anager a dministration s ection i ntroduction m86 s ecurity u ser g uide 581 sr r eport m anager a dministration s ection introduction this section of the user guide provides instructions to the global administrator on configuring and managing the administration portion of the report ma...
Page 610
Sr r eport m anager a dministration s ection i ntroduction 582 m86 s ecurity u ser g uide • chapter 3: report configuration - this chapter explains how to create and manage custom category groups used for monitoring end user internet activity, and configure general report settings..
Page 611: User Groups Panel
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 583 chapter 1: group, profile management the following panels from the administration menu of the report manager are described in this chapter: user groups, admin groups, and admin profi...
Page 612
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement 584 m86 s ecurity u ser g uide names of user groups previously added by the adminis- trator and corresponding user group types (“system”, “custom”, “ldap”, or “swg”) display in black text—the latter information it...
Page 613
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 585 notes: the sr will import user groups from the web filter or swg using ip group authentication or the following ldap server types: • active directory • novell edirectory • sun one • ...
Page 614: View User Group Information
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement 586 m86 s ecurity u ser g uide view user group information for each group in the user groups sub-panel, the following information displays: status icon, group name, and the date the user group was last rebuilt on ...
Page 615
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 587 2. Click an accordion in the group members sub-panel to open it and view pertinent information: • patterns accordion - view patterns previously set up for that user group. • ip range...
Page 616: Add A User Group
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement 588 m86 s ecurity u ser g uide add a user group to add a new user group: 1. From the user groups list, select an existing user group to be used as the base group for creating the new user group. 2. Click new to di...
Page 617: Patterns Sub-Panel
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 589 tip: at any time before saving the new user group, if you need to cancel the entry of the new user group, click the cancel button to return to the main user groups panel. 5. After ma...
Page 618: Remove A Pattern
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement 590 m86 s ecurity u ser g uide view users resolved by the pattern to view a list of users resolved by the pattern you added: 1. Select the pattern from the assigned patterns list box. 2. Click preview users to ope...
Page 619: Ip Ranges Sub-Panel
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 591 ip ranges sub-panel when creating a user group, the ip ranges sub-panel is used for specifying ip ranges to be used by the new group. The top portion of this sub-panel includes a box...
Page 620: Specify An Ip Range
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement 592 m86 s ecurity u ser g uide specify an ip range to add an ip address range: 1. Do one of the following: • to make a selection from parent ranges, click the row in the parent ranges box to highlight and select t...
Page 621: Remove An Ip Address Range
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 593 fig. 3:1-6 add user group, ip range added remove an ip address range to remove an ip address range from the assigned ranges list box: 1. Click the row to highlight and select it; thi...
Page 622
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement 594 m86 s ecurity u ser g uide single users/exclude sub-panel when creating a user group, the single users/exclude sub- panel is used for adding one or more users to the group. This sub-panel includes the availabl...
Page 623
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 595 add one or more individual users to add users to the assigned users list, make your selec- tions from the available users list. If the available users list is long, you can reduce th...
Page 624
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement 596 m86 s ecurity u ser g uide remove users from the add tab to remove users from this user group: 1. Select the user(s) from the add tab; this action activates the [-] remove button: fig. 3:1-8 add user group, re...
Page 625: Edit A User Group
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 597 edit a user group note: global and group administrators can only edit user groups they have created, and cannot edit their base groups or imported user groups. To edit a user group: ...
Page 626: Rebuild The User Group
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement 598 m86 s ecurity u ser g uide rebuild the user group after editing the user group, the user group profile should be rebuilt. 1. In the user groups sub-panel, select the user group to be rebuilt. 2. Click rebuild ...
Page 627: Admin Groups Panel
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 599 admin groups panel once you have set up user groups, you are ready to create a set of management permissions (administrator group or admin group), so that a group administrator you s...
Page 628: Add A Group
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement 600 m86 s ecurity u ser g uide add a group 1. At the bottom of the administrator groups sub-panel, click add group. 2. At the top of the group privileges sub-panel, type in up to 32 characters for the group name. ...
Page 629
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 601 • alerts - this privilege lets the administrator manage alerts that indicate if url or bandwidth gauges (driven by end user internet/network activity) are close to—or have reached—th...
Page 630
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement 602 m86 s ecurity u ser g uide view, edit administrator group permissions view administrator group settings in the administrator groups sub-panel, click the name of the administrator group to highlight the group n...
Page 631
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 603 edit administrator group settings 1. In the group privileges sub-panel, perform any of the following actions: • modify the group name • add functions to be monitored by the administr...
Page 632: Admin Profiles Panel
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement 604 m86 s ecurity u ser g uide admin profiles panel after permission sets have been created, profiles of group administrators can be set up to monitor user groups. In the navigation toolbar, hover over the adminis...
Page 633
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 605 existing administrator’s account information, and modifying or deleting a group administrator profile, as necessary. If logged in as a group administrator without privileges to creat...
Page 634: Add An Administrator Profile
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement 606 m86 s ecurity u ser g uide add an administrator profile 1. If privileges are granted for you to create a group admin- istrator profile, at the bottom of the administrators sub- panel, click add admin to clear ...
Page 635
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 607 • type in the password the group administrator will use in conjunction with the username, and enter that same password again in the confirm password field. These entries display as a...
Page 636
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement 608 m86 s ecurity u ser g uide • optional: if necessary, specify the username format used on the ldap server by making a selection from the available choices—domain\username, user- name\domain, username, domain. 3...
Page 637: View, Edit Admin Detail
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 609 view, edit admin detail view admin details for an account with permissions to create other adminis- trator profiles, in the admin list box, select the adminis- trator’s username to p...
Page 638: Edit Account Info
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement 610 m86 s ecurity u ser g uide fig. 3:1-16 admin detail sub-panel edit account info 1. In the populated admin detail sub-panel: • the following information can be updated: email address, graph colors, username, pa...
Page 639: Delete Admin
Sr r eport m anager a dministration s ection c hapter 1: g roup , p rofile m anagement m86 s ecurity u ser g uide 611 note: if the administrator whose password was changed is currently logged into sr, he/she will need to log out and log back in again using the new password. Delete admin only an admi...
Page 640: Https Configuration Panel
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 612 m86 s ecurity u ser g uide chapter 2: database management the following panels from the administration menu of the report manager are described in this chapter: https configuration, user profiles, activity view, devic...
Page 641
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 613 generate a self-signed certificate for the sr on the self-signed tab, you generate a secure socket layer certificate that ensures secure exchanges between the sr and group administrator work...
Page 642: Step A: Create A Csr
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 614 m86 s ecurity u ser g uide notes: once the ssl certificate has been created, the generate button displays greyed-out. Although the security reporter login window may re-display right away, the service will take a few ...
Page 643
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 615 b. Organization name - name of your organization, such as logo. C. Organizational unit name - name of your depart- ment, such as administration. D. Locality (city) - name of your organizatio...
Page 644
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 616 m86 s ecurity u ser g uide step c: upload the signed ssl certificate to sr when the ssl certificate is emailed back to you with the authorized signature, do the following: 1. Launch notepad on your machine. 2. Copy an...
Page 645: Download The Ssl Certificate
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 617 download, delete a third party certificate if a trusted certificate was generated and uploaded to the sr, the download/delete certificate tab shows the down- load and delete buttons enabled:...
Page 646: User Profiles Panel
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 618 m86 s ecurity u ser g uide user profiles panel if using a web filter, the user profiles panel lets you view the list of users that is created when the sr first communi- cates with the source web filter. This list is u...
Page 647: Search The User Database
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 619 at the bottom left of the panel is the search options menu that lets you search for a specific user by username or ip address. At the bottom right of the panel is the user summary button tak...
Page 648: Activity View Panel
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 620 m86 s ecurity u ser g uide activity view panel the activity view panel is used for viewing the most recent administrative activity performed on the sr. In the navigation toolbar, hover over the administration menu lin...
Page 649
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 621 perform a search on a specified activity to perform a search on a specified activity: 1. Select the type of activity from available choices in the list: all, admin login successful, admin lo...
Page 650: Search Results
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 622 m86 s ecurity u ser g uide 7. Click search to display the specified records for the selected dates in the results list: fig. 3:2-6 activity view results search results when populated with rows of records, the results ...
Page 651
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 623 • alert name for add/edit/delete alert • gauge name for add/edit/delete url/bandwidth gauge..
Page 652: Device Registry Panel
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 624 m86 s ecurity u ser g uide device registry panel the device registry panel is used for viewing information about devices connected to the sr, synchronizing the sr with user groups and libraries from the source web fil...
Page 653
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 625 at the bottom of the panel the following buttons display: • refresh view - click this button if any icon representing a device does not properly display in the user interface. • refresh sett...
Page 654
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 626 m86 s ecurity u ser g uide removing/adding web filter, swg devices please note the following conditions that occur if removing a web filter and/or swg device, and/or adding another device of either of these types: war...
Page 655
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 627 web filter device maintenance note: web filter device criteria is only accessible on a web filter added after the wizard hardware installation process. Add a web filter to the device registr...
Page 656
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 628 m86 s ecurity u ser g uide fig. 3:2-9 web filter pop-up window the device type (wf) displays and cannot be edited. 2. Edit any of the following: • name - name of the application. • ip - ip address of the server. • sou...
Page 657: View Sr Device Criteria
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 629 tips: the wfr must always have a designated source web filter. If the current source web filter needs to be replaced, please use the edit function to specify a different web filter as the so...
Page 658: View Other Device Criteria
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 630 m86 s ecurity u ser g uide add, remove a bandwidth range 1. Do the following in the bandwidth range section: • to add a bandwidth ip address range: a. Type in the ip address. B. Type in the subnet mask. C. Click add t...
Page 659
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 631 fig. 3:2-11 smtp window the following information displays: name of server, device type (smtp), ip address, port number (if appli- cable), username (if applicable), password (if appli- cable...
Page 660: Refresh Settings
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 632 m86 s ecurity u ser g uide 2. Click close to close this pop-up window. View ntp server device criteria 1. Go to the image of the ntp server in the device registry panel and click view to open the ntp server pop-up win...
Page 661
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 633 • user groups - make this selection to synchronize ldap user group information on the source web filter to the sr. Tip: click the “x” in the upper right corner of this pop-up window to close...
Page 662
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 634 m86 s ecurity u ser g uide the following information displays and cannot be edited: device type (swg), id, username. 2. Enter a name for the device and/or a description for the device. 3. Enter the password this sr wi...
Page 663
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 635 2. Enter a name for the device and/or a description for the device. Tip: click cancel to close this pop-up window. 3. Click save to save and process your information, and to return to the de...
Page 664
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 636 m86 s ecurity u ser g uide • click change common password to open the change swg policy server(s) password pop-up window: fig. 3:2-16 change common password pop-up window a) enter the password this sr will use for acc...
Page 665
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 637 delete a policy server from the device registry 1. Go to the swg server icon in the device registry panel and click delete to open the confirm dialog box with a message asking if you want to...
Page 666
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 638 m86 s ecurity u ser g uide 2. Make entries in the following fields: • ldap type: active directory, open directory, sun, novell edirectory, custom • name - label assigned to the ldap server • base dn - root of the ldap...
Page 667: Import Ldap Group Profiles
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 639 import ldap group profiles 1. Go to the ldap server icon in the device registry panel and click import to begin importing group profiles from the ldap server. 2. After the alert box opens to...
Page 668
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 640 m86 s ecurity u ser g uide tip: click cancel to close this pop-up window. 3. Click save to save your edits and to close the pop-up window. Delete an ldap server from the device registry 1. Go to the ldap server icon i...
Page 669
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 641 database processes list panel the global administrator uses the database process list panel to view a list of processes currently running on the sr or to halt a process that is currently run...
Page 670: View Details On A Process
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 642 m86 s ecurity u ser g uide view details on a process each row in the list includes the following information: process identification number (id) on the mysql server; hostname or ip address of the server, and port conn...
Page 671: Server Information Panel
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 643 server information panel the global administrator uses the server information panel to obtain details about data storage on the sr server, the time the report manager was last restarted, and...
Page 672: Mode
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 644 m86 s ecurity u ser g uide mode registered mode and evaluation mode the mode section displays information about an sr in registered mode: “registered” followed by the maximum number of weeks of data storage (“max data...
Page 673: Date Scopes
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 645 date scopes the date scopes section displays the overall date scope of data stored on the sr. This date scope includes the range for the period of stored data, using the mm/dd/yyyy hh:mm:ss ...
Page 674: Server Activity
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 646 m86 s ecurity u ser g uide server activity in the server activity section, specify the type of chart you wish to generate that provides details on the number of hits within a designated time period. A “hit” is any pag...
Page 675
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 647 ated those hits (in blue) for each unit of time in the spec- ified period. Rows of report details indicate the time measurement (day, week, or month), the exact number of hits corre- spondin...
Page 676
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 648 m86 s ecurity u ser g uide fig. 3:2-22 hits per week chart • hits per month - if you selected hits by month, each month within the date range is plotted on the graph. The summary shows the general number of hits (in p...
Page 677
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 649 3. You now have the option to do any of the following: • print the chart - click the print icon to open the print dialog box, and proceed with standard print procedures. • save the chart - c...
Page 678: Expiration Info
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 650 m86 s ecurity u ser g uide expiration info in the expiration info section, the following data displays: • data space utilization - the percentage of database storage space currently being used on the sr. Beneath this ...
Page 679
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 651 reset to factory defaults panel the global administrator uses the reset to factory defaults panel, if necessary, to restore the sr to default settings for the current software update level o...
Page 680: Reset Sr to Factory Defaults
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 652 m86 s ecurity u ser g uide reset sr to factory defaults 1. Enter your admin password that was created during the wfr wizard hardware installation process. 2. Enter the above characters displayed beneath the admin pass...
Page 681: Wizard Panel
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 653 wizard panel 1. In the wizard login window, type in the username created during the wizard hardware installation process. 2. Type in the password created for the username during the wizard h...
Page 682: Main Administrator
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 654 m86 s ecurity u ser g uide main administrator 1. In the main administrator section, type in the following information: username, email address, password, confirm password. Note: the username ‘admin’ cannot be used, si...
Page 683: Secure Web Gateway Setup
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement m86 s ecurity u ser g uide 655 to add another web filter, type in the server name and server ip address, and then click add to include the server criteria in the table below. Tips: to remove a web filter from the table, s...
Page 684: Save Entries
Sr r eport m anager a dministration s ection c hapter 2: d atabase m anagement 656 m86 s ecurity u ser g uide save entries click save to save your entries and to go to the sr login window: fig. 3:2-28 sr login window.
Page 685
Sr r eport m anager a dministration s ection c hapter 3: r eport c onfiguration m86 s ecurity u ser g uide 657 chapter 3: report configuration the following panels from the administration menu of the report manager are described in this chapter: default report settings, and custom category groups. D...
Page 686: Set New Defaults
Sr r eport m anager a dministration s ection c hapter 3: r eport c onfiguration 658 m86 s ecurity u ser g uide set new defaults 1. Enter the default top ‘n’ value of records that will be generated for summary reports. The default is “50” records. 2. Enter the maximum number of records that will be i...
Page 687
Sr r eport m anager a dministration s ection c hapter 3: r eport c onfiguration m86 s ecurity u ser g uide 659 • automatic - this default selection indicates that dupli- cate name entries found in swg log feeds will be combined under one record entry in the generated security report, whether from on...
Page 688: Custom Category Groups Panel
Sr r eport m anager a dministration s ection c hapter 3: r eport c onfiguration 660 m86 s ecurity u ser g uide custom category groups panel the custom category groups option is used for defining a customized group of filter categories or ports, if you wish to run reports only using certain filter ca...
Page 689: Add A Custom Category Group
Sr r eport m anager a dministration s ection c hapter 3: r eport c onfiguration m86 s ecurity u ser g uide 661 add a custom category group 1. At the bottom of the custom category group sub-panel, click add. 2. In the custom category group detail sub-panel, type in the category group name. 3. Specify...
Page 690: Delete A Category Group
Sr r eport m anager a dministration s ection c hapter 3: r eport c onfiguration 662 m86 s ecurity u ser g uide modify a custom category group 1. Select the custom category group name from the list box by clicking on your choice to highlight it. 2. Make your edits: • to modify the custom category gro...
Page 691: Sr P
Sr p roductivity r eports s ection i ntroduction m86 s ecurity u ser g uide 663 sr p roductivity r eports s ection introduction this section of the user guide provides instructions to administrators on how to utilize the report manager to generate productivity report views and interpret results. Pro...
Page 692: Dashboard
Sr p roductivity r eports s ection c hapter 1: a h igh l evel o verview 664 m86 s ecurity u ser g uide chapter 1: a high level overview the following productivity reporting topics from the reports menu of the report manager are described in this chapter: dashboard, summary reports, and sample report...
Page 693
Sr p roductivity r eports s ection c hapter 1: a h igh l evel o verview m86 s ecurity u ser g uide 665 requests, unique ips/users, and date (mm/dd/yyyy format). The following information displays in the center of the panel: • blocked requests - top eight blocked library categories requested by end u...
Page 694: Summary Reports
Sr p roductivity r eports s ection c hapter 1: a h igh l evel o verview 666 m86 s ecurity u ser g uide summary reports summary reports are “canned” productivity reports that use pre-generated data to display bar charts or pie charts of end user internet/network activity for a specified report type w...
Page 695: Summary Report Types
Sr p roductivity r eports s ection c hapter 1: a h igh l evel o verview m86 s ecurity u ser g uide 667 tips: click the left arrows or right arrows at the edges of the dashboard to display thumbnail images that are currently hidden. Click the tab for the specified time period (yesterday, last week, l...
Page 696
Sr p roductivity r eports s ection c hapter 1: a h igh l evel o verview 668 m86 s ecurity u ser g uide cious code/virus, bad reputation domains, spyware, adware, and irc. Note: for swg users, results that display in the top 20 users by malware report reflect library contents mapped to the m86 suppli...
Page 697
Sr p roductivity r eports s ection c hapter 1: a h igh l evel o verview m86 s ecurity u ser g uide 669 modify the summary report view the report view displays either a bar chart or pie chart graph based on the selected report type. Fig. 4:1-3 yesterday’s category comparison report use any the follow...
Page 698: Pdf Format
Sr p roductivity r eports s ection c hapter 1: a h igh l evel o verview 670 m86 s ecurity u ser g uide download, export a summary report at the bottom of the report view, click a download report option for pdf, csv, or png to generate a report in the specified file format (.Pdf, .Csv, or .Png). Pdf ...
Page 699
Sr p roductivity r eports s ection c hapter 1: a h igh l evel o verview m86 s ecurity u ser g uide 671 • bar chart - name of category, username, username path, url or site ip address, user group name, or blocked user request, and corresponding bar graph. Beneath the bar graph are count indicators an...
Page 700: Csv Format
Sr p roductivity r eports s ection c hapter 1: a h igh l evel o verview 672 m86 s ecurity u ser g uide csv format download the report in the csv format clicking the csv button opens a separate browser window containing the summary report in the .Csv format: fig. 4:1-5 sample summary report in the cs...
Page 701: Png Format
Sr p roductivity r eports s ection c hapter 1: a h igh l evel o verview m86 s ecurity u ser g uide 673 the report can be exported by printing it or saving it to your machine. Png format download the report in the png format clicking the png button opens a separate browser window containing the summa...
Page 702: Sample Reports
Sr p roductivity r eports s ection c hapter 1: a h igh l evel o verview 674 m86 s ecurity u ser g uide sample reports sample reports are productivity reports in the pdf format that contain today’s data for a specified reporting topic. These types of reports are accessible by navigating to reports > ...
Page 703: Sample Report Types
Sr p roductivity r eports s ection c hapter 1: a h igh l evel o verview m86 s ecurity u ser g uide 675 sample report types available sample report types are as follows: • top 20 categories by page count - top library catego- ries end users accessed • top 20 ips by category/ip - top end user ip addre...
Page 704: View Sample Report Contents
Sr p roductivity r eports s ection c hapter 1: a h igh l evel o verview 676 m86 s ecurity u ser g uide view, export a sample report fig. 4:1-8 sample categories report view sample report contents the report header contains the following information: “secu- rity reporter” and date range for today’s d...
Page 705: Export The Sample Report
Sr p roductivity r eports s ection c hapter 1: a h igh l evel o verview m86 s ecurity u ser g uide 677 time zone in which the report was generated; generated by: manager’s login id; filter: none; page number and page range. Export the sample report pdf file window 1. From the open pdf file window, t...
Page 706
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 678 m86 s ecurity u ser g uide chapter 2: drill down reports this chapter provides information about generating drill down productivity reports that let you query the database to access more detailed information about end user inte...
Page 707: Generate A Drill Down Report
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 679 generate a drill down report to generate a drill down productivity report: 1. Choose one of the following topics from the reports > drill down reports menu for the type of summary drill down report yo...
Page 708
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 680 m86 s ecurity u ser g uide summary drill down report view the summary drill down productivity report view provides a snapshot of end user activity for a specified report type and defined date of activity recorded by the sr. For...
Page 709: Report Type Tabs
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 681 tip: to refresh the current report view, select reports > drill down reports and choose the report type again. Summary report view tools and tips report type tabs report type tabs let you generate ano...
Page 710: Count Columns and Links
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 682 m86 s ecurity u ser g uide • click this icon to display the top six bars and table of records (see fig. 4:2-1). • click this icon to display the table of records only: fig. 4:2-3 sample records only view count columns and links...
Page 711
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 683 • ip count - displays the number of sites or categories visited by the ip address for a user’s machine. • user count - displays the number of individuals who have visited a specific site or category. ...
Page 712: Time Column
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 684 m86 s ecurity u ser g uide by clicking the link in this column, the detail report view displays data for all objects accessed, including hyper- links to those objects. Note: if “pages only” was specified in the log import setti...
Page 713: Column Sorting Tips
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 685 column sorting tips to sort summary report view records in ascending/ descending order by a specified column, click that column’s header: category count, ip count, user count, site count, page count, ...
Page 714
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 686 m86 s ecurity u ser g uide detail drill down report view the detail drill down productivity report view provides infor- mation on pages or objects accessed by end users within a specific time period and is horizontally organize...
Page 715: Report Type Tabs
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 687 detail report view tools and tips report type tabs report type tabs let you generate a summary drill down report view by clicking that tab (categories, ips, users, sites, category groups, or user grou...
Page 716
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 688 m86 s ecurity u ser g uide • user ip - displays the ip address of the user’s machine (e.G. “200.10.101.80”). • user - displays any of the following information: user- name, user ip address, or the path and username (e.G. “logo\...
Page 717: Column Sorting Tips
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 689 note: refer to the optional features screen sub-section of the system configuration section for information about the search string feature. • url - displays the link for the page/object accessed by t...
Page 718: Other Navigation Tips
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 690 m86 s ecurity u ser g uide detail drill down record exportation in a detail drill down report view, all records are selected for exportation by default. Clicking export all opens the export pop-up window in which you specify cr...
Page 719: Navigation Tips
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 691 report view navigation and usage understanding how to use report view tools is paramount to generating a report containing relevant content, since the usage of these tools determines the results of yo...
Page 720: Usage Tools
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 692 m86 s ecurity u ser g uide usage tools the bottom panel contains objects that let you customize, export, and/or save the current report view using pop-up boxes and/or panels accessible via the report settings menu and the expor...
Page 721
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 693 modify a report via the run option the run option lets you modify the current report view by changing any of the following: date scope, maximum number of records to be included other than the number e...
Page 722: Save Report Option
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 694 m86 s ecurity u ser g uide fig. 4:2-6 run report pop-up box for multi-report group selection for detail drill down reports, you have the additional option to specify whether blocked records or all returned records— both blocked...
Page 723
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 695 fig. 4:2-8 save report pop-up window for summary reports tip: the copy (ctrl+c) and paste (ctrl+v) functions can be used in the fields in the save report pop-up window. Clicking back closes the pop-up...
Page 724
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 696 m86 s ecurity u ser g uide fig. 4:2-10 save report, advanced options tab for detail reports after all modifications are made, click one of the save option buttons: • save and schedule to open the schedule report pop- up window ...
Page 725: Limit Detail Result Option
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 697 note: see report wizard and report schedule in chapter 3 for information about using these report options. Limit detail result option the limit detail result option lets you specify the maximum number...
Page 726: Export Records Option
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 698 m86 s ecurity u ser g uide export records option the export all or export selected option lets you email or download the current report view in the specified group by and output format. For summary drill down reports, if specif...
Page 727
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 699 fig. 4:2-14 detail drill down export pop-up box notes: after all modifications are made, click email to dispatch the report to the email recipient, or click download to launch a separate browser windo...
Page 728: Report View Components
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 700 m86 s ecurity u ser g uide report view components report fields and usage the following fields are used in the summary and detail drill down productivity report wizard, save report, and/or summary or detail report views and pop...
Page 729: Date Scope and Date Fields
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 701 date scope and date fields the date scope field is used for specifying the period of time to be included in the generated report view. Reports can be run for any data saved in the sr’s memory. At the ...
Page 730
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 702 m86 s ecurity u ser g uide • year to yesterday - this option generates the report view for the range of days that includes the first day of the current year through yesterday. • last week - this option generates the report view...
Page 731: Number of Records Fields
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 703 number of records fields the number of records fields are used for specifying the number of records from the query you wish to include in the summary drill down report view, and how these records will...
Page 732: Limit Detail Result Fields
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 704 m86 s ecurity u ser g uide count”, “bandwidth”—the latter available for an swg only environment. If the “name of ‘x’” option is selected, the limit summary result to field displays. Make a selection from the pull-down menu for ...
Page 733: Group By Field
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 705 blocked records only” options. When this checkbox is enabled and the top number of records is entered in the field, no more than the specified quantity of the selected record type (both blocked and no...
Page 734: Data To Export Field
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 706 m86 s ecurity u ser g uide data to export field the data to export field is used for specifying which records will be exported when the generated summary drill down report is emailed or viewed. At the data to export field pull-...
Page 735: For Pie and Bar Charts Only
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 707 for pie and bar charts only generate using field the generate using field is used when exporting a drill down categories, category group, or user group pie chart or bar chart report, and determines by...
Page 736
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 708 m86 s ecurity u ser g uide the checkbox. By entering a check mark in this checkbox, activity on machines not assigned to specific end users will not be included in report views. Changing this selection will not affect the setti...
Page 737: Detailed Info Fields
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 709 detailed info fields detailed info fields are used for specifying which columns of data will be excluded from detail drill down reports. In the detailed info fields, by default all checkboxes corre- s...
Page 738
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 710 m86 s ecurity u ser g uide • content information - click this checkbox to exclude the column that displays criteria used for determining the categorization of the record, or “n/a” if unclassified. • search string information - ...
Page 739: Export A Productivity Report
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 711 export a productivity report the email option for exporting drill down reports lets you electronically send the report in the specified file format to designated personnel. Warning: if using a spam fi...
Page 740: View and Print Options
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 712 m86 s ecurity u ser g uide view and print options the view and print options for exporting drill down reports let you view/print the report in the specified file format. The view option lets you make any necessary adjustments t...
Page 741: Sample Report File Formats
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 713 sample report file formats the following report file formats are available for emailing and viewing drill down reports: ms-dos text, pdf, rich text format, html, comma-delimited text, excel (chinese),...
Page 742: Ms-Dos Text
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 714 m86 s ecurity u ser g uide ms-dos text this is a sample of the category groups detail report in the ms-dos text format, saved with a .Txt file extension: fig. 4:2-15 category groups detail report, ms-dos text file format pdf th...
Page 743: Rich Text Format
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 715 rich text format this is a sample of the category groups detail report in the rich text file format, saved with a .Rtf file extension: fig. 4:2-17 category groups detail report, rtf format.
Page 744: Html
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports 716 m86 s ecurity u ser g uide html this is a sample of the category groups detail report in the html format, saved with a .Html file extension: fig. 4:2-18 category groups detail report, html file format comma-delimited text this ...
Page 745: Excel (English)
Sr p roductivity r eports s ection c hapter 2: d rill d own r eports m86 s ecurity u ser g uide 717 excel (english) this is a sample of the category groups detail report in the excel (english) format, saved with a .Xls file extension: fig. 4:2-20 category groups detail report, excel (english) file f...
Page 746: Report Wizard
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports 718 m86 s ecurity u ser g uide chapter 3: customize, maintain reports the following report topics from the reports menu of the report manager are described in this chapter: report wizard, saved reports, and report schedul...
Page 747
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports m86 s ecurity u ser g uide 719 step a: select the report option select one of two available custom drill down report options: • summary report (by hit count and time) - this report provides a synopsis of specified end use...
Page 748: Summary Report
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports 720 m86 s ecurity u ser g uide step b: specify the report type summary report make a choice for the type of report to be generated: “cate- gories”, “ips”, “users”, “sites”, “category groups”, “user groups”. To narrow your...
Page 749
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports m86 s ecurity u ser g uide 721 • by username - if selecting this filter, enter the end user- name to filter your results—using the ‘%’ wildcard to return multiple usernames—and then click search to display query results i...
Page 750
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports 722 m86 s ecurity u ser g uide box below. More than one keyword can be included in the list box. Tip: to remove a keyword, select the keyword from the list box and click remove. Note: if a keyword is entered, the followin...
Page 751
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports m86 s ecurity u ser g uide 723 step e: specify when to generate the report indicate the next step in the wizard by selecting one of two choices that specify when the report will be generated: • run - click this button to ...
Page 752: Step F: Save Report Panel
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports 724 m86 s ecurity u ser g uide • save - click this button to go to the save report panel where you save your report criteria now but generate your report later (see step f and saved reports). Step f: save report panel 1. ...
Page 753
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports m86 s ecurity u ser g uide 725 • to and subject, and optional fields for body, cc, and bcc. • hide unidentified ips checkbox is de-selected by default if the “hide unidentified ips” checkbox is de- selected in the default...
Page 754
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports 726 m86 s ecurity u ser g uide whether these records will only include blocked end user queries, or also records of non-blocked end user queries. 6. Specify the next—or final—step in the wizard by selecting one of three c...
Page 755
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports m86 s ecurity u ser g uide 727 note: the default start time is 8:00 am. If you wish to run a report today and this time has already passed, be sure to select a future time. E. Click save to save your report schedule setti...
Page 756: Saved Reports
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports 728 m86 s ecurity u ser g uide note: see report schedule and saved reports in this chapter for information on using these options. Saved reports the saved reports option lets you view, copy, or edit data in a report you c...
Page 757: Edit A Report
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports m86 s ecurity u ser g uide 729 notes: refer to report view components in chapter 2: drill down reports for information on using the fields in the save report panel discussed on the following pages in this sub- section. Re...
Page 758: Edit A Security Report
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports 730 m86 s ecurity u ser g uide edit a security report 1. To edit a security report, click edit to display the security report wizard panel where you edit report settings for a saved report: fig. 4:3-10 save report, edit s...
Page 759: Copy A Saved Report
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports m86 s ecurity u ser g uide 731 copy a saved report the copy feature is a great time saver, letting you use settings from a saved drill down report. 1. In the saved reports panel, select the report from the list. 2. Click ...
Page 760: Run A Saved Report
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports 732 m86 s ecurity u ser g uide • security report wizard panel for a security report: fig. 4:3-12 security report wizard, duplicate report note: the report name field displays the text “copy of ‘x’”, in which ‘x’ represent...
Page 761: Delete A Report
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports m86 s ecurity u ser g uide 733 delete a report to remove the report from choices available in the report name list, and the list in the report schedule panel: 1. In the saved reports panel (see fig. 4:3-8), select the rep...
Page 762: Report Schedule
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports 734 m86 s ecurity u ser g uide report schedule the report schedule option is used for maintaining a schedule for generating a customized drill down or security report. In the navigation toolbar, hover over the reports men...
Page 763
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports m86 s ecurity u ser g uide 735 click the refresh button to refresh the list of records and to scroll to the top of the list. Note: refer to these sub-sections for information about the following topics: • to save drill do...
Page 764
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports 736 m86 s ecurity u ser g uide the following information displays in this sub-panel: name assigned to the scheduled event; selected report to run; interval when to run the report; day of the week the report will run if th...
Page 765
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports m86 s ecurity u ser g uide 737 add a report run event to the schedule 1. In the report schedule panel, click add event to display the report schedule details sub-panel to the right side of the panel: fig. 4:3-15 add an ev...
Page 766
Sr p roductivity r eports s ection c hapter 3: c ustomize , m aintain r eports 738 m86 s ecurity u ser g uide note: the default start time is 8:00 am. If you wish to run a report today and this time has already passed, be sure to select a future time. Tip: click cancel to return to the report schedu...
Page 767
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports m86 s ecurity u ser g uide 739 chapter 4: specialized reports the following types of productivity reports from the reports menu of the report manager are described in this chapter: executive internet usage summary reports, blocked ...
Page 768: View, Edit Report Settings
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports 740 m86 s ecurity u ser g uide view, edit report settings 1. In the reports sub-panel, select the report name to display report setting criteria in the report details sub- panel. Fig. 4:4-2 executive internet usage summary report d...
Page 769: Add A New Report
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports m86 s ecurity u ser g uide 741 add a new report 1. At the bottom of the reports sub-panel, click new report to clear the panel. 2. At the top of the report details sub-panel, enter the report name to be used. 3. In the deliver repo...
Page 770
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports 742 m86 s ecurity u ser g uide a. Click in the empty field and type in the email address. B. Click add to clear the field and to add the email address in the list box below. C. By default, checkmarks populate the frequency check- b...
Page 771
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports m86 s ecurity u ser g uide 743 tips: multiple user groups can be selected by clicking each user group while pressing the ctrl key on your keyboard. Blocks of user groups can be selected by clicking the first user group, and then pr...
Page 772
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports 744 m86 s ecurity u ser g uide bar charts for top security risks (library categories), top categories, top blocked users, and top users show the top five categories/users and their corresponding total requests. Fig. 4:4-3 executive...
Page 773
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports m86 s ecurity u ser g uide 745 the key at the bottom of the page. The range of requests is shown to the left of the chart, and the days (m/d/yy) are shown beneath the chart. Fig. 4:4-4 executive internet usage summary monthly repor...
Page 774
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports 746 m86 s ecurity u ser g uide categories in group. Each library category in the chart is represented by a colored symbol that can be identified by the key at the bottom of the page. The range of requests is shown to the left of th...
Page 775
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports m86 s ecurity u ser g uide 747 for weekly and monthly reports, the fourth page includes the top 10 users in category group ‘x’ chart: fig. 4:4-6 executive internet usage summary monthly report, page 4 the balance of the report is c...
Page 776: Blocked Request Reports
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports 748 m86 s ecurity u ser g uide blocked request reports the blocked request reports option is used for obtaining results of blocked urls end users attempted to access within a specified time period. Note: the blocked request reports...
Page 777
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports m86 s ecurity u ser g uide 749 generate a blocked request report to generate a blocked request report: 1. In the criteria sub-panel, specify the type of report to be generated by clicking the radio button corresponding to that opti...
Page 778
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports 750 m86 s ecurity u ser g uide 2. Click create report to generate the report view in the pdf format. As with other reports exported in the pdf format, this report can be saved and/or printed. Notes: if there is no data available—or...
Page 779
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports m86 s ecurity u ser g uide 751 view the blocked request report the header of the generated blocked request report includes the date range, report type, and criteria details. ‘results for: the date’ displays above the name column he...
Page 780: Time Usage Reports
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports 752 m86 s ecurity u ser g uide time usage reports the time usage reports option is used for obtaining end user internet usage activity for a specified time period, based on the time usage algorithm. This algorithm calcu- lates the ...
Page 781: Generate A Time Usage Report
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports m86 s ecurity u ser g uide 753 generate a time usage report to generate a time usage report: 1. In the criteria sub-panel, specify the type of report to be generated by clicking the radio button corresponding to that option, and—if...
Page 782
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports 754 m86 s ecurity u ser g uide 2. Click create report to generate the report view in the pdf format. As with other reports exported in the pdf format, this report can be saved and/or printed. Notes: if there is no data available—or...
Page 783: View The Time Usage Report
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports m86 s ecurity u ser g uide 755 view the time usage report the header of the generated time usage report includes the date range, report type, and details criteria. The body of the report includes the end user name, time usage time ...
Page 784: Time Usage Algorithm
Sr p roductivity r eports s ection c hapter 4: s pecialized r eports 756 m86 s ecurity u ser g uide time usage algorithm for each end user included in the report, the number of seconds from the log is dropped, and each unique minute within a given hour counts as one minute. In the following example,...
Page 785: Eal
R eal t ime r eports s ection i ntroduction m86 s ecurity u ser g uide 757 r eal t ime r eports s ection introduction this section of the user guide provides instructions to administrators on how to utilize data from web filter logs for monitoring end user internet and network activity in real time....
Page 786: Chapter 1: Gauge Components
R eal t ime r eports s ection c hapter 1: g auge c omponents 758 m86 s ecurity u ser g uide chapter 1: gauge components types of gauges there are two types of gauges that are used for monitoring user activity on the network: url gauges and bandwidth gauges. Either gauge type is referred to as a “gau...
Page 787: Bandwidth Gauges
R eal t ime r eports s ection c hapter 1: g auge c omponents m86 s ecurity u ser g uide 759 bandwidth gauges a bandwidth gauge is comprised of protocols/port numbers and monitors a targeted user group’s inbound/outbound network traffic generated for specified protocols/port numbers. With the url gau...
Page 788: Anatomy of A Gauge
R eal t ime r eports s ection c hapter 1: g auge c omponents 760 m86 s ecurity u ser g uide anatomy of a gauge understanding the anatomy of a gauge will help you better configure and maintain gauges to monitor network threats. The illustration below depicts a url gauge and a bandwidth gauge and some...
Page 789: How to Read A Gauge
R eal t ime r eports s ection c hapter 1: g auge c omponents m86 s ecurity u ser g uide 761 how to read a gauge gauges become active when end users access urls/ports included in that gauge. Activity is depicted by the position of the dial within one of three sections in the gauge—green, yellow, or r...
Page 790: Bandwidth Gauge Components
R eal t ime r eports s ection c hapter 1: g auge c omponents 762 m86 s ecurity u ser g uide bandwidth gauge components incoming/outgoing bandwidth gauges include the following gauges and ports (tcp and/or udp) to monitor: • http - hyper text transfer protocol gauge monitors the protocol used for tra...
Page 791
R eal t ime r eports s ection c hapter 1: g auge c omponents m86 s ecurity u ser g uide 763 • 25 - smtp tcp/udp port used for email routing between mail server email messages • 110 - pop3 (post office protocol version 3) tcp port used for sending/retrieving email messages • p2p - peer-to-peer gauge ...
Page 792: Gauge Usage Shortcuts
R eal t ime r eports s ection c hapter 1: g auge c omponents 764 m86 s ecurity u ser g uide gauge usage shortcuts the following shortcut actions can be performed in the gauges dashboard: • view gauge ranking - clicking a gauge or right-clicking a gauge and selecting this topic from the menu displays...
Page 793
R eal t ime r eports s ection c hapter 1: g auge c omponents m86 s ecurity u ser g uide 765 • disable gauge - right-clicking a gauge and then selecting this menu topic lets you disable a gauge. This is a shortcut to use instead of going to dashboard settings, selecting the gauge from the list, and t...
Page 794
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage 766 m86 s ecurity u ser g uide chapter 2: custom gauge setup, usage once an account for the group administrator is set up, he/ she can begin setting up gauges for monitoring end users’ internet activity. 1. In the navigation to...
Page 795
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage m86 s ecurity u ser g uide 767 for each gauge name in this list, the following infor- mation displays: group threshold (200), timespan (minutes)—15 by default. • click bandwidth gauges to view the contents of this tab. By defau...
Page 796: Add A Gauge
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage 768 m86 s ecurity u ser g uide add a gauge in the add/edit gauge panel, click new gauge to display url gauge panel: fig. 5:2-3 add a new gauge this panel includes the gauge information sub-panel to the left and accordions for g...
Page 797: Specify Gauge Information
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage m86 s ecurity u ser g uide 769 specify gauge information in the gauge information sub-panel: 1. Type in at least two characters for the gauge name using upper and/or lowercase alphanumeric characters, and spaces, if desired. 2....
Page 798: Define Gauge Components
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage 770 m86 s ecurity u ser g uide note: if the selected gauge method is “search engine keyword” or “url keyword”, filter options for end user profiles on the source web filter used with this sr must have "search engine keyword fil...
Page 799: Assign User Groups
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage m86 s ecurity u ser g uide 771 2. Click add (for url gauges) or add port (for bandwidth gauges) to move the selection(s) to the assigned cate- gories/groups list box. Tip: to remove one or more library categories from the assig...
Page 800: Save Gauge Settings
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage 772 m86 s ecurity u ser g uide 3. Click add to move the user group to the assigned user groups list box. Tip: to remove a user group from the assigned user groups list box, click the user group to highlight it, and then click r...
Page 801: Modify A Gauge
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage m86 s ecurity u ser g uide 773 modify a gauge edit gauge settings 1. In the add/edit gauge panel, click the url gauges or bandwidth gauges tab. 2. Select the gauge from the list to activate all buttons below and populate the ga...
Page 802
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage 774 m86 s ecurity u ser g uide fig. 5:2-7 edit gauge settings tip: this panel is also accessible from the gauges dashboard by clicking the edit gauge icon at the bottom left of the gauge. 4. Edit any of the following criteria, ...
Page 803
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage m86 s ecurity u ser g uide 775 hide, disable, delete, rearrange gauges if you want to view certain gauges in the dashboard, options are available to hide, disable, or delete a specified gauge. You can also manipulate the order ...
Page 804
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage 776 m86 s ecurity u ser g uide • state - a gauge icon displays in one of three columns to indicate the current status of the gauge, with the other two columns greyed-out: (visible) - this icon in the first column indicates the ...
Page 805: Hide A Gauge
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage m86 s ecurity u ser g uide 777 hide a gauge to hide a gauge from displaying in the dashboard: 1. Select the gauge in the url gauges or bandwidth gauges tab. 2. In the state column, click the icon in the second column (hide gaug...
Page 806: Delete A Gauge
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage 778 m86 s ecurity u ser g uide • click the “up” arrow icon in the first column to move the gauge name up one row in this tab, and one position forward in the dashboard. • click the “down” arrow icon in the second column to move...
Page 807: View End User Gauge Activity
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage m86 s ecurity u ser g uide 779 view end user gauge activity there are two types of gauge activity you will want to view and monitor: • overall ranking - use this option for a snapshot of end user activity for all gauges, ranked...
Page 808: View A Gauge Ranking Table
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage 780 m86 s ecurity u ser g uide the url sub-panel displays to the left and the band- width sub-panel displays to the right, containing the user name (or ip address) and score for each user currently affecting one or more gauges....
Page 809
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage m86 s ecurity u ser g uide 781 note: the gauge ranking panel is also accessible by right- clicking a dashboard gauge and then selecting view gauge ranking from the pop-up menu. This panel includes rows of records for each end u...
Page 810: View User Summary Data
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage 782 m86 s ecurity u ser g uide monitor, restrict end user activity view user summary data the user summary panel contains the following sub- panels: • user detail information sub-panel to the left that includes the group member...
Page 811: Url Gauges Tab Selection
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage m86 s ecurity u ser g uide 783 and the score (see access the category view user panel). • access the lockout option to lock out the end user from specified internet/network privileges (see manually lock out an end user). Access...
Page 812
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage 784 m86 s ecurity u ser g uide fig. 5:2-12 category view user panel for url gauges tab selection for each url included in the list, the timestamp displays using military time in the yyyy-mm-dd hh:mm:ss format. 2. Click a url fr...
Page 813
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage m86 s ecurity u ser g uide 785 bandwidth gauges tab selection for bandwidth gauges, the category view user panel contains the categories sub-panel showing the ports column and corresponding inbound/outbound bandwidth usage by t...
Page 814
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage 786 m86 s ecurity u ser g uide manually lock out an end user 1. In the user summary panel, in the user detail informa- tion sub-panel, click the lockout accordion to open it: fig. 5:2-14 user summary panel, lockout accordion ex...
Page 815: Low Severity Lockout
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage m86 s ecurity u ser g uide 787 • high - this selection locks out the end user from all network access via a tcp connection (see medium and high severity lockout). 4. After performing the additional steps based on the chosen loc...
Page 816: End User Workstation Lockout
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage 788 m86 s ecurity u ser g uide medium and high severity lockout if a “medium” or “high” severity lockout was selected, the type field displays. Click either “medium” or “high” to select that lockout level. End user workstation ...
Page 817
R eal t ime r eports s ection c hapter 2: c ustom g auge s etup , u sage m86 s ecurity u ser g uide 789 this page contains the following information: header “access denied!”, user/machine name for an ldap user (blank for an ip group user), user’s ip address, library cate- gory in which the url resid...
Page 818
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement 790 m86 s ecurity u ser g uide chapter 3: alerts, lockout management after setting up gauges for monitoring end user internet activity, notifications for internet abuse should be set up in the form of policy alerts. These messa...
Page 819
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement m86 s ecurity u ser g uide 791 2. Do the following to view the contents in the tab to be used: • click url gauges if this tab currently does not display. By default, this tab includes the following list of gauge names: shopping...
Page 820: Add An Alert
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement 792 m86 s ecurity u ser g uide add an alert 1. From the left sub-panel, select the gauge for which an alert will be created; this action activates the new alert button. 2. Click new alert to open the panel for that gauge: fig. ...
Page 821: Email Alert Function
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement m86 s ecurity u ser g uide 793 5. In the alert action section, specify the mode(s) to use when an alert is triggered: • email - an email alert notifies a group administrator via email if an end user has reached the threshold li...
Page 822: Receive Email Alerts
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement 794 m86 s ecurity u ser g uide tip: to remove an email address from the list box, select the email address and then click remove email. Click submit to save your settings. Receive email alerts if an alert is triggered, an email...
Page 823: Lockout Function
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement m86 s ecurity u ser g uide 795 lockout function to set up the lockout function: 1. Click the checkbox corresponding to lockout to activate the severity and duration (minutes) fields. 2. Specify the severity of the end users’ lo...
Page 824
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement 796 m86 s ecurity u ser g uide note: if “unlimited” is specified, the end user will remain locked out from internet/network access until the group administrator unlocks his/her workstation using the gauges > lockouts panel. Tip...
Page 825: View Alert Settings
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement m86 s ecurity u ser g uide 797 view alert settings 1. Beneath the alerts sub-panel, click view alert to open the alert viewer pop-up window: fig. 5:3-4 view an alert the following information displays to the left of this window...
Page 826: Modify An Alert
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement 798 m86 s ecurity u ser g uide modify an alert 1. In the alerts panel, click the url gauges or bandwidth gauges tab. 2. Select the gauge from the list to populate the alerts sub- panel with alerts for that gauge, and to activat...
Page 827: Delete An Alert
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement m86 s ecurity u ser g uide 799 5. Click save to save your edits, and to return to the main alerts panel. Delete an alert 1. In the alerts panel, click the url gauges or bandwidth gauges tab. 2. Select the gauge from the list to...
Page 828: View The Alert Log
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement 800 m86 s ecurity u ser g uide view the alert log after alerts are sent to an administrator, a list of alert activity is available for viewing in the alert logs panel. 1. In the navigation toolbar, hover over the policy menu li...
Page 829
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement m86 s ecurity u ser g uide 801 4. Click view alert to open the alert viewer pop-up window: fig. 5:3-7 view an alert the following information displays to the left of this window: • user threshold amount • alert action criteria ...
Page 830: Manage The Lockout List
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement 802 m86 s ecurity u ser g uide manage the lockout list an end user who is manually or automatically locked out for an “unlimited” period of time—from accessing designated content on the internet or using the network—can only ha...
Page 831
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement m86 s ecurity u ser g uide 803 manual lockout, or name of the alert in an automatic lockout); start time for the alert (using the yyyy-mm-dd hh:mm:ss format). View a specified time period of lockouts if the lockout list is popu...
Page 832: Unlock Workstations
R eal t ime r eports s ection c hapter 3: a lerts , l ockout m anagement 804 m86 s ecurity u ser g uide 5. Click search by dates to display records for only the selected dates. Tip: click refresh to clear all records returned by the search query, and to display the default records (all lockout recor...
Page 833
R eal t ime r eports s ection c hapter 4: a nalyze u sage t rends m86 s ecurity u ser g uide 805 chapter 4: analyze usage trends when analyzing end user internet usage trends, trend charts help you configure gauges and alerts so you can focus on current traffic areas most affecting the network. If m...
Page 834: View Trend Charts
R eal t ime r eports s ection c hapter 4: a nalyze u sage t rends 806 m86 s ecurity u ser g uide view trend charts there are three basic types of trend charts that can be generated on demand to show total gauge score averages for a specified, limited time period: • pie trend chart for an individual ...
Page 835
R eal t ime r eports s ection c hapter 4: a nalyze u sage t rends m86 s ecurity u ser g uide 807 this action of clicking the trend charts icon displays the gauge trend chart panel: fig. 5:4-1 pie trend chart for an individual url gauge the pie trend chart that displays in the middle of this panel in...
Page 836
R eal t ime r eports s ection c hapter 4: a nalyze u sage t rends 808 m86 s ecurity u ser g uide view overall url or bandwidth gauge activity 1. In the navigation toolbar, hover over the reports menu link and select either the url trend charts to display the url trend charts panel, or select bandwid...
Page 837: Navigate A Trend Chart
R eal t ime r eports s ection c hapter 4: a nalyze u sage t rends m86 s ecurity u ser g uide 809 information about all actions that can be performed in this panel appears in the navigate a trend chart sub-section. Navigate a trend chart the following actions can be performed in this panel: • view ga...
Page 838
R eal t ime r eports s ection c hapter 4: a nalyze u sage t rends 810 m86 s ecurity u ser g uide • 1 month - this selection displays the gauge url/byte average score in one-day increments for the past month’s time period once you’ve selected the time period you wish to view, you can analyze the acti...
Page 839
R eal t ime r eports s ection c hapter 4: a nalyze u sage t rends m86 s ecurity u ser g uide 811 fig. 5:4-3 drill into a pie slice to display a line trend chart by default, this chart contains the following information: linear depiction of the total end user score in fixed time increments (using the...
Page 840
R eal t ime r eports s ection c hapter 4: a nalyze u sage t rends 812 m86 s ecurity u ser g uide if the chart includes more than one line, and more than one point is located in the area of the hover pointer, a separate box appears for each point in that section of the chart. Each box includes the fo...
Page 841: Perform A Custom Search
R eal t ime r eports s ection c hapter 5: i dentify u sers , c ategories m86 s ecurity u ser g uide 813 chapter 5: identify users, categories if there are certain end users who are generating excessive, unwanted traffic on the network, or if some library catego- ries containing urls against your org...
Page 842: Specify Search Criteria
R eal t ime r eports s ection c hapter 5: i dentify u sers , c ategories 814 m86 s ecurity u ser g uide specify search criteria 1. In the users accordion, do one of the following: • to identify users with the highest scores - click the all users checkbox to select all users in the list and to grey-o...
Page 843
R eal t ime r eports s ection c hapter 5: i dentify u sers , c ategories m86 s ecurity u ser g uide 815 6. Click search to display records returned by the query in the results sub-panel at the right side of the panel: fig. 5:5-2 search results for bandwidth categories for each record in the table, t...
Page 844
R eal t ime r eports s ection c hapter 5: i dentify u sers , c ategories 816 m86 s ecurity u ser g uide view urls within the accessed category in the results sub-panel, do the following to view a specific url: 1. Click the user name/ip address to highlight that user’s record and to activate the view...
Page 845: Ecurity
S ecurity r eports s ection i ntroduction m86 s ecurity u ser g uide 817 s ecurity r eports s ection introduction this section of the user guide provides instructions to administrators on how to utilize data from swg logs for monitoring end user internet and network usage via security reports. • cha...
Page 846: Chapter 1: Security Reports
S ecurity r eports s ection c hapter 1: s ecurity r eports 818 m86 s ecurity u ser g uide chapter 1: security reports security reports are accessible by navigating to reports > security reports and selecting the report type from the menu: • blocked viruses - this report displays details for each ins...
Page 847: Security Report Format
S ecurity r eports s ection c hapter 1: s ecurity r eports m86 s ecurity u ser g uide 819 security report format for each report type, by default the top portion of the report view includes tabs for all security report types. The following information displays beneath this row of tabs: report type, ...
Page 848
S ecurity r eports s ection c hapter 1: s ecurity r eports 820 m86 s ecurity u ser g uide clicking an ip count or user count link in a column for a specific record displays additional information about that record in a similar report view format (as depicted in fig. 6:1-1). However, this second or t...
Page 849: Security Report Types
S ecurity r eports s ection c hapter 1: s ecurity r eports m86 s ecurity u ser g uide 821 security report types blocked viruses report view the blocked viruses report view is accessible via reports > security reports > blocked viruses (see fig. 6:1-1). The following statistics display for each block...
Page 850: Traffic Analysis Report View
S ecurity r eports s ection c hapter 1: s ecurity r eports 822 m86 s ecurity u ser g uide the following statistics display for each security policy violation record in the table: ip count, user count, and hit count for end users who breached that security policy, and the hit count for all instances ...
Page 851
S ecurity r eports s ection c hapter 1: s ecurity r eports m86 s ecurity u ser g uide 823 rule transactions report view the blocked viruses report view is accessible via reports > security reports > rule transactions: fig. 6:1-5 rule transactions report view the following statistics display for each...
Page 852
S ecurity r eports s ection c hapter 1: s ecurity r eports 824 m86 s ecurity u ser g uide drill down into a security report in the current report view, more details about a record can be obtained by drilling down into a column for that record. For blocked viruses, security policy violations, and rul...
Page 853: Security Report Tools
S ecurity r eports s ection c hapter 1: s ecurity r eports m86 s ecurity u ser g uide 825 from this report view, clicking an ip count column link displays a report view with columns for ips and band- width. Security report tools security report type tabs report type tabs (blocked viruses, security p...
Page 854
S ecurity r eports s ection c hapter 1: s ecurity r eports 826 m86 s ecurity u ser g uide fig. 6:1-6 sample top six bars view note that the graph only report view footer does not include the export selected button and page navigation field. • click this icon to display the top six bars and table of ...
Page 855: Security Report Exportation
S ecurity r eports s ection c hapter 1: s ecurity r eports m86 s ecurity u ser g uide 827 • click this icon to display the table of records only: fig. 6:1-8 sample records only view security report exportation click export all records to open the export report pop-up window in which you specify crit...
Page 856
S ecurity r eports s ection c hapter 1: s ecurity r eports 828 m86 s ecurity u ser g uide detail report column visibility by default all report view column(s) display. For a detail report view created by drilling down into a hit count or bandwidth column, you can hide a column by clicking the column...
Page 857: Security Report Tips
S ecurity r eports s ection c hapter 1: s ecurity r eports m86 s ecurity u ser g uide 829 security report tips breadcrumb trail when generating a report view and modifying that report view to create another report view, a trail of breadcrumb links remain in the row beneath the navigation toolbar. Cl...
Page 858: Report Settings Options
S ecurity r eports s ection c hapter 1: s ecurity r eports 830 m86 s ecurity u ser g uide report settings options run a security report 1. In the security report view, hover over report settings and choose run to display the security report wizard panel for that report: fig. 6:1-9 report settings ru...
Page 859
S ecurity r eports s ection c hapter 1: s ecurity r eports m86 s ecurity u ser g uide 831 tip: at the bottom left of the panel, click back at any time to return to the previous security report panel. B. Indicate the top item limit to be included in the report; by default the top number of items spec...
Page 860
S ecurity r eports s ection c hapter 1: s ecurity r eports 832 m86 s ecurity u ser g uide fig. 6:1-10 report filters option b. Choose a filter type from an available accordion (poli- cies, rules, action, content type) and indicate criteria to use in the filter: • select one or more records from the ...
Page 861
S ecurity r eports s ection c hapter 1: s ecurity r eports m86 s ecurity u ser g uide 833 fig. 6:1-11 generated security report view the report can now be exported by selecting one of the export options (see export a security report)..
Page 862: Save A Security Report
S ecurity r eports s ection c hapter 1: s ecurity r eports 834 m86 s ecurity u ser g uide save a security report 1. In the security report view, hover over report settings and choose save to display the security report wizard panel for that report: fig. 6:1-12 report settings save option 2. In the r...
Page 863
S ecurity r eports s ection c hapter 1: s ecurity r eports m86 s ecurity u ser g uide 835 c. Indicate the top item limit to be included in the report; by default the top number of items specified in “default top ‘n’ value” from administration > default report settings is selected. To modify this sel...
Page 864
S ecurity r eports s ection c hapter 1: s ecurity r eports 836 m86 s ecurity u ser g uide b. Choose a filter type from an available accordion (poli- cies, rules, action, content type) and indicate criteria to use in the filter: • select one or more records from the available list box and click add t...
Page 865
S ecurity r eports s ection c hapter 1: s ecurity r eports m86 s ecurity u ser g uide 837 5. Click save at the bottom of the security report wizard panel to save your settings and to add the report to the saved reports panel (see saved reports in chapter 3 of the productivity reports section). Sched...
Page 866
S ecurity r eports s ection c hapter 1: s ecurity r eports 838 m86 s ecurity u ser g uide fig. 6:1-14 schedule settings 3. Enter a name for the report run event you are sched- uling. 4. Select the frequency when to run from the pull-down menu (daily, weekly, or monthly). If weekly, specify the day o...
Page 867: Export A Security Report
S ecurity r eports s ection c hapter 1: s ecurity r eports m86 s ecurity u ser g uide 839 export a security report at the bottom of the security report view panel, click either export all records or export selected to open the export report pop-up window: fig. 6:1-15 export report pop-up window, exp...
Page 868
S ecurity r eports s ection c hapter 1: s ecurity r eports 840 m86 s ecurity u ser g uide • if the export selected option was selected, “all” is greyed-out. Specify the top number of items to be included in the exported report. 3. For the basic four security report types, by default, export report w...
Page 869: Security Report Format
S ecurity r eports s ection c hapter 1: s ecurity r eports m86 s ecurity u ser g uide 841 f. Click email report to send the report in the pdf format via email to the specified recipient(s). Security report format the generated security report pdf file includes the following information: fig. 6:1-16 ...
Page 870
S ecurity r eports s ection c hapter 1: s ecurity r eports 842 m86 s ecurity u ser g uide for bandwidth or hit count detail report views, the body of the report includes columns set up to be visible. These columns might include date (m/dd/yyyy h:mm:ss am/pm format), ip, user name path, site, bandwid...
Page 871: Specify Report Details
S ecurity r eports s ection c hapter 2: s ecurity r eport w izard m86 s ecurity u ser g uide 843 chapter 2: security report wizard the security report wizard lets you customize any of the basic four security reports, and schedule these reports to run on a regular basis. In the navigation toolbar, ho...
Page 872
S ecurity r eports s ection c hapter 2: s ecurity r eport w izard 844 m86 s ecurity u ser g uide analysis”, “rule transactions”); by default “blocked viruses” displays. 3. Specify the report time span by choosing one of two options: • predefined ranges - if selecting this default option, make a choi...
Page 873: Select Users
S ecurity r eports s ection c hapter 2: s ecurity r eport w izard m86 s ecurity u ser g uide 845 select users in the users sub-panel, select one of the accordions and indicate criteria to include in the report to be generated: • by user group - if selecting this option, choose the user group for you...
Page 874
S ecurity r eports s ection c hapter 2: s ecurity r eport w izard 846 m86 s ecurity u ser g uide tip: at the bottom left of the panel, click back at any time to return to the security report wizard panel. B. Choose a filter type from an available accordion (poli- cies, rules, action, content type) a...
Page 875: Specify Email Settings
S ecurity r eports s ection c hapter 2: s ecurity r eport w izard m86 s ecurity u ser g uide 847 specify email settings in the email settings sub-panel: 1. Enter at least one email address and then click add to include the email address in the list box below. 2. Specify the delivery method for the e...
Page 876
S ecurity r eports s ection c hapter 2: s ecurity r eport w izard 848 m86 s ecurity u ser g uide schedule, run a report using the wizard once security report settings have been made using the security report wizard, choose one of two reporting options by clicking the button at the bottom right of th...
Page 877: Sr A
Sr a ppendices s ection a ppendix a m86 s ecurity u ser g uide 847 sr a ppendices s ection appendix a evaluation mode by default, the sr is set to evaluation mode. This appendix explains how to use the sr in evaluation mode, and how to register the sr to function in registered mode. Report manager b...
Page 878: System Configuration Console
Sr a ppendices s ection a ppendix a 848 m86 s ecurity u ser g uide trator console and status pop-up box (see fig. A-2) as described in the next sub-section. Note: the system configuration administrator console is only available to users with permissions set up to access it. System configuration cons...
Page 879: Expiration Screen
Sr a ppendices s ection a ppendix a m86 s ecurity u ser g uide 849 use the server in the evaluation mode to use the unit in evaluation mode, click the "x" in the upper right corner of the sr status pop-up box to close it. Expiration screen when navigating to database > expiration, the expiration scr...
Page 880: Change The Evaluation Mode
Sr a ppendices s ection a ppendix a 850 m86 s ecurity u ser g uide note: the status date and time and evaluation message do not display on a newly installed server, or a server that has just been reset to factory default settings. (see reset to factory defaults panel in chapter 2 of the sr report ma...
Page 881: Activation Page
Sr a ppendices s ection a ppendix a m86 s ecurity u ser g uide 851 activation page 1. In the activation page pop-up box, the hostname of the server, ip address, and mac address (media access control address) display. 2. In the message “please click here to activate your appli- ance.”, click the link...
Page 882: Appendix B
Sr a ppendices s ection a ppendix b 852 m86 s ecurity u ser g uide appendix b system tray alerts: setup, usage this appendix explains how to set up and use the feature for system tray alerts. An sr alert is triggered in an adminis- trator’s system tray if an end user’s internet usage has reached the...
Page 883
Sr a ppendices s ection a ppendix b m86 s ecurity u ser g uide 853 2. In the run dialog box, type in the path to the scripts folder: c:\windows\sysvol\domain\scripts. 3. Click ok to open the scripts folder: fig. B-2 c:\windows\sysvol\domain\scripts window 4. Right-click in this windows folder to ope...
Page 884
Sr a ppendices s ection a ppendix b 854 m86 s ecurity u ser g uide 5. Select new > text document to launch a new text document: fig. B-3 new text document 6. Type the following text in the blank document file: @echo off start “” “\\x.X.X.X\win\tartrayw32.Exe” ta[x.X.X.X] in which “x.X.X.X” represent...
Page 885
Sr a ppendices s ection a ppendix b m86 s ecurity u ser g uide 855 7. Go to: file > save as to open the save as window: fig. B-4 save as dialog box 8. In the file name field, type in the name for the file using the “filename.Bat” format. For example: tartray21.Bat. Note: be sure that the save as typ...
Page 886
Sr a ppendices s ection a ppendix b 856 m86 s ecurity u ser g uide assign system tray logon script to administrators with the “.Bat” file created, the administrator with permis- sions on the ldap server can now begin to assign the system tray logon script to as many administrators as needed. 1. From...
Page 887
Sr a ppendices s ection a ppendix b m86 s ecurity u ser g uide 857 fig. B-6 properties dialog box, active directory users folder 3. In the properties dialog box, click the profile tab to display its contents. 4. In the login script field, type in the “.Bat” filename. For example: tartray21.Bat. 5. C...
Page 888
Sr a ppendices s ection a ppendix b 858 m86 s ecurity u ser g uide administrator usage of system tray once the system tray logon script has been added to the administrator’s profile, when the administrator logs on his/ her workstation, the system tray alert icon (pictured to the far left in the imag...
Page 889
Sr a ppendices s ection a ppendix b m86 s ecurity u ser g uide 859 status of the system tray alert icon if there are no alerts for any gauges set up by the adminis- trator, the following message displays when hovering over the standard system tray alert icon: “connected. No alerts.” however, if an a...
Page 890
Sr a ppendices s ection a ppendix b 860 m86 s ecurity u ser g uide view system tray alert messages 1. Double-click the sr tray alert notification icon to open the sr alert box: fig. B-7 sr alert this box contains the following message: “user (user- name/ip address) has triggered the (alert name) ale...
Page 891: Appendix C
Sr a ppendices s ection a ppendix c m86 s ecurity u ser g uide 861 appendix c glossary this glossary includes definitions for terminology used in this user guide. Base group - a user group consisting of end users whose network activities are monitored by the designated group administrator(s). Only t...
Page 892
Sr a ppendices s ection a ppendix c 862 m86 s ecurity u ser g uide group by report type - a report that includes two or more sets of report type criteria, such as user/sites or category/ ips or category/site/users. Hit count - the number of pages and/or objects end users access as the result of ente...
Page 893
Sr a ppendices s ection a ppendix c m86 s ecurity u ser g uide 863 search engine - a program that searches web pages for specified keywords and returns a list of the pages or services where the keywords were found. Smtp - simple mail transfer protocol is used for transfer- ring email messages betwee...
Page 894
Sr a ppendices s ection a ppendix c 864 m86 s ecurity u ser g uide url - an abbreviation for uniform resource locator, the global address of web pages and other resources on the internet. A url is comprised of two parts. The first part of the address specifies which protocol to use (such as "http")....
Page 895: Wfr A
Wfr a ppendices s ection a ppendix i m86 s ecurity u ser g uide 867 wfr a ppendices s ection appendix i disable pop-up blocking software an administrator with pop-up blocking software installed on his/her workstation will need to disable pop-up blocking in order to use the system configuration conso...
Page 896: Mozilla Firefox 6.0
Wfr a ppendices s ection a ppendix i 868 m86 s ecurity u ser g uide mozilla firefox 6.0 1. In the firefox toolbar, navigate to tools > options... > content tab. 2. Uncheck the “block pop-up windows” checkbox, or click exceptions... And then add the sr's url in the allowed sites - pop-ups window. Goo...
Page 897
Wfr a ppendices s ection a ppendix i m86 s ecurity u ser g uide 869 yahoo! Toolbar pop-up blocker add the client to the white list if the client was previously blocked by the yahoo! Toolbar, it can be moved from the black list and added to the white list so that it will always be allowed to pass. To...
Page 898
Wfr a ppendices s ection a ppendix i 870 m86 s ecurity u ser g uide 2. Choose always allow pop-ups from to open the yahoo! Pop-up blocker dialog box: fig. I-2 allow pop-ups from source 3. Select the source from the sources of recently blocked pop-ups list box to activate the allow button. 4. Click a...
Page 899
Wfr a ppendices s ection a ppendix i m86 s ecurity u ser g uide 871 google toolbar pop-up blocker add the client to the white list to add the client to the white list so that it will always be allowed to pass, go to the google toolbar and click the pop- up blocker button: fig. I-3 pop-up blocker but...
Page 900: Adwaresafe Pop-Up Blocker
Wfr a ppendices s ection a ppendix i 872 m86 s ecurity u ser g uide adwaresafe pop-up blocker disable pop-up blocking adwaresafe’s searchsafe toolbar lets you toggle between enabling pop-up blocking (# popups blocked) and disabling pop-up blocking (popup protection off) by clicking the pop- up icon....
Page 901
Wfr a ppendices s ection a ppendix i m86 s ecurity u ser g uide 873 mozilla firefox pop-up blocker add the client to the white list 1. From the firefox browser, go to the toolbar and select tools > options to open the options dialog box. 2. Click the content tab at the top of this box to open the co...
Page 902
Wfr a ppendices s ection a ppendix i 874 m86 s ecurity u ser g uide fig. I-6 mozilla firefox pop-up window exceptions 4. Enter the address of the web site to let the client pass. 5. Click allow to add the url to the list box section below. 6. Click close to close the allowed sites - pop-ups box. 7. ...
Page 903: Set Up Pop-Up Blocking
Wfr a ppendices s ection a ppendix i m86 s ecurity u ser g uide 875 windows xp sp2 pop-up blocker this sub-section provides information on setting up pop-up blocking and disabling pop-up blocking in windows xp sp2. Set up pop-up blocking there are two ways to enable the pop-up blocking feature in th...
Page 904: Use The Ie Toolbar
Wfr a ppendices s ection a ppendix i 876 m86 s ecurity u ser g uide 4. Click apply and then click ok to close the dialog box. Use the ie toolbar in the ie browser, go to the toolbar and select tools > pop- up blocker > turn on pop-up blocker: fig. I-8 toolbar setup when you click turn on pop-up bloc...
Page 905: Use The Ie Toolbar
Wfr a ppendices s ection a ppendix i m86 s ecurity u ser g uide 877 add the client to the white list there are two ways to disable pop-up blocking for the client and to add the client to your white list. Use the ie toolbar 1. With pop-up blocking enabled, go to the toolbar and select tools > pop-up ...
Page 906: Set Up The Information Bar
Wfr a ppendices s ection a ppendix i 878 m86 s ecurity u ser g uide set up the information bar 1. Go to the toolbar and select tools > pop-up blocker > pop-up blocker settings to open the pop-up blocker settings dialog box (see fig. I-9). 2. In the notifications and filter level frame, click the che...
Page 907: Appendix II
Wfr a ppendices s ection a ppendix ii m86 s ecurity u ser g uide 879 appendix ii raid and hardware maintenance this appendix is divided into three parts: hardware compo- nents, server interface, and troubleshooting—in the event of a failure in one of the drives, power supplies, or fans. Note: as par...
Page 908: Part 2: Server Interface
Wfr a ppendices s ection a ppendix ii 880 m86 s ecurity u ser g uide part 2: server interface front control panel on a 300 series unit the keypad on the front of the server is used for performing basic server functions. Front control panel on the 500 series model control panel buttons, icons, and le...
Page 909
Wfr a ppendices s ection a ppendix ii m86 s ecurity u ser g uide 881 the buttons and led indicators for the depicted icons func- tion as follows: overheat/fan fail (icon) – this led is unlit unless the chassis is overheated. A flashing red led indicates a fan failure. A steady red led (on and not fl...
Page 910: Part 3: Troubleshooting
Wfr a ppendices s ection a ppendix ii 882 m86 s ecurity u ser g uide part 3: troubleshooting the text in this section explains how the server alerts the administrator to a failed component, and what to do in the event of a failure. Hard drive failure step 1: review the notification email if a hard d...
Page 911
Wfr a ppendices s ection a ppendix ii m86 s ecurity u ser g uide 883 fig. Ii-1 hardware failure detection window on a 300 series model fig. Ii-2 hardware failure detection window on a 500 series model the hardware failure detection window displays the current raid array status for all the hard drive...
Page 912
Wfr a ppendices s ection a ppendix ii 884 m86 s ecurity u ser g uide however, if a hard drive has failed, the message “fail” displays to the right of the hard drive number. Before taking any action in this window, proceed to step 3. Step 3: replace the failed hard drive after verifying the failed ha...
Page 913: Power Supply Failure
Wfr a ppendices s ection a ppendix ii m86 s ecurity u ser g uide 885 step 4: rebuild the hard drive once the failed hard drive has been replaced, return to the hardware failure detection window in the administrator console, and click rebuild to proceed with the rebuild process. Warning: when the rai...
Page 914: Fan Failure
Wfr a ppendices s ection a ppendix ii 886 m86 s ecurity u ser g uide fan failure identify a fan failure a flashing red led on a 500 series model indicates a fan failure. If this displays on your unit, contact technical support for an rma (return merchandise authorization) number and for instructions...
Page 915: Ndex
M86 s ecurity u ser g uide 887 i ndex a accordion, terminology 518 account password security 106 setup 103 active connections diagnostic tool 117 active filtering profiles 30 active profile lookup window 124 activity view panel 620 additional language support window 291 admin audit trail window 128 ...
Page 916
I ndex 888 m86 s ecurity u ser g uide backup/restore window 168 bandwidth gauge 758 , 759 base group 588 , 771 definition 863 beta 136 block page 20 , 22 , 29 , 30 , 90 , 101 , 161 custom 437 route table 101 block page authentication window 86 block page customization window 211 block page device 16...
Page 917
I ndex m86 s ecurity u ser g uide 889 cmc management 148 , 152 cmc management menu 227 column visibility 687 , 828 common customization window 205 components 4 configuration window 287 contact e-mail addresses 131 control menu 80 conventions 3 copy a saved report 731 count columns 682 cpu usage diag...
Page 918
I ndex 890 m86 s ecurity u ser g uide detail result warning limit 658 detailed info fields 709 device registry panel 624 diagnostic reports 565 diagnostics menu 114 dialog box, terminology 13 , 518 disable gauge 775 pop-up blockers 867 disk usage diagnostic tool 119 dmz 466 draw chart button 646 e e...
Page 919
I ndex m86 s ecurity u ser g uide 891 f field, terminology 13 , 519 filter field 703 filter option codes 436 filter options global group 260 filter setting 35 definition 508 filter string field 703 filter window 80 filtering 435 category codes 435 hierarchy diagram 37 profile components 31 rules 35 ...
Page 920
I ndex 892 m86 s ecurity u ser g uide generate blocked request report 749 drill down report 679 server activity charts 646 static table of ip addresses, machine names 560 time usage report 753 generate using field 707 global administrator 11 , 516 add account 103 definition 509 , 863 global administ...
Page 921
I ndex m86 s ecurity u ser g uide 893 help screen 63 help topics for r3000 64 hide a gauge 775 hide unidentified ips 658 , 707 , 741 hit count, definition 864 hit, definition 646 how to access saved custom reports 728 access the add/edit gauges panel 766 add a custom category group 661 add a new ale...
Page 922
I ndex 894 m86 s ecurity u ser g uide set up a time profile 380 set up an override account global group 264 group profile 357 set up email alert notifications 793 set up exception urls 374 set up pattern detection whitelisting 312 set up profile options global group profile 260 group or member profi...
Page 923
I ndex m86 s ecurity u ser g uide 895 definition 864 https 5 login 7 , 58 , 523 port numbers 434 proxy environment 166 https configuration panel 612 https filtering 83 i icon, terminology 519 im bandwidth gauge 763 individual ip 408 individual ip member add to group 399 definition 509 delete 410 pro...
Page 924
I ndex 896 m86 s ecurity u ser g uide search engine, custom category 430 search engine, m86 supplied category 325 update 289 url, custom category 427 url, m86 supplied category 321 l lan settings window 96 ldap 579 , 854 definition 509 , 864 server types supported in sr 585 user authentication in sr...
Page 925
I ndex m86 s ecurity u ser g uide 897 linux os 4 list box, terminology 14 , 519 listening device 161 local software update window 136 , 177 , 290 lock page 190 lock page customization window 208 lock profile 28 profile type 30 locked-out accounts and ips screen 540 lockout 577 , 607 , 790 automatic ...
Page 926
I ndex 898 m86 s ecurity u ser g uide machine name, definition 510 macintosh 6 , 464 mail server 711 manual backup button 544 manual update to m86 supplied categories 289 manual update window 289 master ip group 26 definition 510 filtering profile 29 setup 283 master list 325 definition 510 member w...
Page 927
I ndex m86 s ecurity u ser g uide 899 terminology 14 navigation panel in r3000 user interface 67 navigation tips 62 net use definition 511 netbios definition 511 network address translation (nat), definition 511 network menu 537 network menu 96 network requirements 5 , 465 network time protocol (ntp...
Page 928
I ndex 900 m86 s ecurity u ser g uide p p2p bandwidth gauge 763 definition 511 , 864 page count 575 page count, definition 864 page definition screen 563 page navigation 691 , 827 page view elapsed time screen 561 panel, terminology 519 password create on sr for remote server’s ftp account 544 expir...
Page 929
I ndex m86 s ecurity u ser g uide 901 protocol bandwidth gauge 758 definition 864 protocol, definition 512 proxy environment settings window 165 proxy server 165 , 483 definition 512 pull-down menu, terminology 15 , 520 q quota definition 512 format 436 quota block page customization window 221 quot...
Page 930
I ndex 902 m86 s ecurity u ser g uide global group 259 refresh the r3000 user interface 72 regional setting window 100 registered mode and evaluation mode 644 re-login 526 remote filtering components 465 remote server backup on sr 545 report date scope field 701 delete a report 733 detail drill down...
Page 931
I ndex m86 s ecurity u ser g uide 903 router mode 22 definition 512 routing table diagnostic tool 117 rule 33 definition 512 rule transactions report view 823 rules elapsed time 562 expiration 570 rules window 251 run report pop-up box 692 s safari 6 , 464 save report 694 save report pop-up box 692 ...
Page 932
I ndex 904 m86 s ecurity u ser g uide server information panel 643 server menu 542 server status screen 549 service port 33 definition 513 setup window 149 shadow log format window 349 shift key 73 , 532 shut down ifr server 93 shut down screen 553 shutdown wfr server 534 shutdown window 93 single s...
Page 933
I ndex m86 s ecurity u ser g uide 905 storage capacity maintenance 570 sub group (ip group) window 401 mac addresses 470 sub group profile window 404 sub-group 401 add to master ip group 398 copy 407 definition 513 delete 407 paste 400 sub-panel, definition 519 sub-topic terminology 16 summary drill...
Page 934
I ndex 906 m86 s ecurity u ser g uide t tab, terminology 521 table, terminology 521 tar profile 28 target mode 44 , 153 tcp definition 865 port 762 technical support 551 terminology 518 text box, terminology 16 , 521 threat analysis reporter 36 thumbnail, terminology 521 time column 684 time count, ...
Page 935
I ndex m86 s ecurity u ser g uide 907 tree terminology 17 tree in r3000 user interface 69 troubleshooting mode window 122 type field 700 u udp definition 865 port 762 update add software update to server 136 emergency software updates 297 library categories 292 scheduled event 736 software 143 updat...
Page 936
I ndex 908 m86 s ecurity u ser g uide user name identification screen 557 user profiles panel 618 usernames and passwords 10 v view diagnostic reports 566 record data truncated in a column 689 server activity charts 646 view log file window 120 view report 712 virtual ip address, definition 514 vlan...
Page 937
I ndex m86 s ecurity u ser g uide 909 mobile client 464 x x strikes blocking global group filter option 261 x strikes blocking window 188.
Page 938
I ndex 910 m86 s ecurity u ser g uide.