HP Sygate Security Agent 4.0 User Guide Documentation Build 1004 Published: May 1, 2005
HP Sygate Security Agent User Guide Technical Support HP provides a variety of service and support programs. To contact HP: 1. Locate the www.hp.c
Chapter 1. Overview of the Agent The HP Sygate Security Agent (the Agent) is security software that is installed on embedded devices, such as ATMs an
HP Sygate Security Agent User Guide When you install Policy Editor, the default policy file is automatically installed with it. When you open the Poli
Chapter 2. Getting Around This chapter describes the tools that you use in getting around in the Agent. Starting the Agent The Agent is designed to
HP Sygate Security Agent User Guide Figure 1. Main Console The Agent interface is resizable, so you can view it as a full-screen or part-screen ima
Getting Around Figure 2. Traffic History Graph The Traffic History graphs are broken into three sections. On the left side of the graphs section ar
HP Sygate Security Agent User Guide since they are often crucial to the operation of your device, you most likely want to allow them. To change the d
Getting Around Table 1. Menus Menu Menu choices File • Close—Closes the Agent main console. • Exit Sygate Agent—Exits the Agent, effectively turni
HP Sygate Security Agent User Guide Table 1. Menus Menu Menu choices • Connection Details—Provides further information on the type of connection be
Getting Around Table 2. System Tray Icon Colors If the color of the arrow is... ...then... RED ...traffic is being blocked by the Agent. BLUE ..
Copyright Information Copyright© 2003-2005 by Sygate Technologies, Inc. All rights reserved. No part of this document may be reproduced or transmitte
HP Sygate Security Agent User Guide Table 3. System Tray Icon Appearance Icon Description Both incoming and outgoing traffic are blocked. There
Getting Around Table 4. System Tray Icon Menu Menu Option Description HP Sygate Security Agent Opens the Agent’s main console. Block All Normal Blo
HP Sygate Security Agent User Guide 3. Enter your new password in the New Password and Confirm New Password fields. Note: You can disable password
Chapter 3. Testing Your System’s Vulnerability This chapter describes ways to test the vulnerability of your system to outside threats by scanning yo
HP Sygate Security Agent User Guide o UDP Scan o ICMP Scan 4. Click Scan Now. A brief document of frequently asked questions about Sygate Online S
Testing Your System's Vulnerability and proxies for users connecting to the web site through such a device. The scan takes about 10 minutes and s
HP Sygate Security Agent User Guide 16
Chapter 4. Working With Rules This chapter describes how to protect your system by creating security rules for applications that you have running on
HP Sygate Security Agent User Guide To set up an advanced rule: 1. On the Tools menu, click Advanced Rules. The Advanced Rules dialog box opens. 2.
Working With Rules Rules are applied in the order they are listed. For example, if a rule that blocks all traffic is listed first, followed by a rule
Table of Contents Preface... ix Related Documentat
HP Sygate Security Agent User Guide Apply Rule to Network Interface Specifies which network interface card this rule will apply to. If you have multip
Working With Rules All addresses Applies rule to all addresses. MAC addresses Applies rule to the MAC address of the traffic. IP Address(es) Applies
HP Sygate Security Agent User Guide Protocol Specifies a protocol for the rule. All Protocols Applies to all protocols on all ports, for both incomi
Working With Rules all ports will be affected by the rule. If you enter a port number for the local port entry, but not for the remote port entry, the
HP Sygate Security Agent User Guide Enable Scheduling Enables the scheduling feature. During the period below Enables scheduling to take place during
Working With Rules Applications Tab You can specify applications that will be affected by advanced rules. The Applications tab provides a list of all
HP Sygate Security Agent User Guide Browse Opens the Open dialog box so you can search for applications that are not displayed in the table. Rule Summ
Chapter 5. Monitoring and Logging This chapter describes how you can monitor your system by using the logs that are present in the Agent. It begins w
HP Sygate Security Agent User Guide Viewing Logs To view logs on the Agent: 1. Do one of the following: o Click Tools|Logs. o On the toolbar, clic
Monitoring and Logging Table 5. Security Log Icons Icon Description Critical attack Major attack Minor attack Information Security Log Parameter
HP Sygate Security Agent User Guide Rule Summary field ...
HP Sygate Security Agent User Guide Table 6. Security Log Parameters and Description Name of Parameter Description MAC Application Name Name of the
Monitoring and Logging Icons for the Traffic Log When you open a Traffic Log, icons are displayed at the left side of the first column. They are graph
HP Sygate Security Agent User Guide Table 8. Traffic Log Parameters and Description Name of Parameter Description Local Port/ICMP Code Port and ICMP
Monitoring and Logging Packet Log The Packet Log captures every packet of data that enters or leaves a port on your device. The Packet Log is disable
HP Sygate Security Agent User Guide Packet Decode and Packet Dump for the Packet Log Below the Log Viewer are two additional data fields that provide
Monitoring and Logging Description and Data Fields for the System Log Below the rows of logged events are the Description and Data fields. When you cl
HP Sygate Security Agent User Guide Back Tracing Logged Events Back tracing enables you to pinpoint the source of data from a logged event. Like retr
Monitoring and Logging The Trace route field provides details, such as IP address, on each hop made by the data packet that was logged by the Agent. A
HP Sygate Security Agent User Guide To stop an active response: 1. On the main console, click Tools|Logs|Security. 2. Select the row for the applic
Chapter 6. Configuring the Agent’s Settings You can set and import security options for the Agent, including e-mail notification of attacks, customiz
Table Of Contents System Log Parameters and Description...34 Description and Data Field
HP Sygate Security Agent User Guide Automatically load HP Sygate Agent service at startup Automatically launches the Agent at startup. Block Network
Configuring the Agent's Settings Hide application popup Hides a dialog box that appears when you open an application that has been modified since
HP Sygate Security Agent User Guide Network Interface Specifies the network you want to access. Allow to browse Network Neighborhood files and printer
Configuring the Agent's Settings analyzes network packets and compares them with both known attacks and known patterns of attack, and then blocks
HP Sygate Security Agent User Guide Automatically block attacker’s IP address for... second(s) Blocks all communication from a source host once an att
Configuring the Agent's Settings Automatically allow all known DLLs Automatically allows DLL modules that are commonly loaded by the network appl
HP Sygate Security Agent User Guide rule specifically allowing access to that server. By default, this option is disabled on the Agent. Anti-Applicati
Configuring the Agent's Settings The first three options set the frequency of the message. Do Not Notify Disables the e-mail notification option
HP Sygate Security Agent User Guide Cc: Specifies an e-mail address to send a courtesy copy of each email message. Subject: Describes the subject of t
Configuring the Agent's Settings Enable ... Log Enables the Security, Traffic, System, and Packet Logs. The Packet Log is not enabled by default
HP Sygate Security Agent User Guide To: ...
HP Sygate Security Agent User Guide 50
Glossary A access point: A network connection that allows a computer or user to connect to an enterprise network. Virtual Private Networks (VPNs), wi
HP Sygate Security Agent User Guide antivirus: Software and technology that is used to detect malicious computer applications, prevent them from infec
Glossary C client: A device or program that uses shared resources from another computer, called a server. In the context of the Agent, client refers t
HP Sygate Security Agent User Guide DLL fingerprint: A 128-bit number that is generated by performing an MD5 hash of an entire DLL packet. It is uniqu
Glossary F filtering logs: Viewing selected information from logged information. For example, a filter can be set up so that you can view only blocked
HP Sygate Security Agent User Guide icon: A small visual image displayed on a computer screen to represent an application, a command, an object, or to
Glossary Intrusion Prevention System (IPS): A device or software used to prevent intruders from accessing systems from malicious or suspicious activit
HP Sygate Security Agent User Guide logs: Files that store information generated by an application, service, or operating system. The information is u
Glossary O OS Fingerprint Masquerading: An option that keeps programs from detecting the operating system of a computer running the Agent. When OS Fin
Table Of Contents List of Tables Table 1. Menus...
HP Sygate Security Agent User Guide Profile Serial Number: A number that the Policy Editor automatically generates every time an Agent’s security poli
Glossary signature library: A set of IDS signatures. Sygate provides a library of known signatures in the System Library, which can be kept up-to-date
HP Sygate Security Agent User Guide spoofing: A technique used by an intruder to gain unauthorized network access to a computer system or network by f
Glossary System Library: A Sygate library containing preconfigured IDS signatures to help detect and prevent known attacks. System administrators can
HP Sygate Security Agent User Guide User Datagram Protocol (UDP): A communications protocol for the Internet network layer, transport layer, and sessi
Index A Active Response 37 advanced rules creating 17 defined 17 Agent configuring 39 opening 3 allowing traffic 17, 19 Applications tab 25 B blockin
HP Sygate Security Agent User Guide policy file 1 Ports and Protocols tab 21 protecting your system 13, 17, 39 S scanning your system 13 Scheduling ta
HP Sygate Security Agent User Guide List of Figures Figure 1. Main Console......
Preface This document, the HP Sygate Security Agent User Guide, describes how to distribute, install, and use the HP Sygate Standalone Agent (the Age
Kommentare zu diesen Handbüchern