DOCSLIB.ORG

Interscan Web Security for Virtual Appliances 5.1 Administrator's Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Interscan Web Security for Virtual Appliances 5.1 Administrator's Guide i-i i-ii Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files, release notes and the latest version of the Installation Guide, which are available from Trend Micro’s Web site at: http://www.trendmicro.com/download/documentation/ Trend Micro, the Trend Micro t-ball logo, InterScan, TrendLabs, Trend Micro Control Manager, and Trend Micro Damage Cleanup Services are trademarks or registered trademarks of Trend Micro, Incorporated. All other product or company names may be trademarks or registered trademarks of their owners. Copyright© 2011 Trend Micro Incorporated. All rights reserved. No part of this publication may be reproduced, photocopied, stored in a retrieval system, or transmitted without the express prior written consent of Trend Micro Incorporated. Release Date: January 2011 Protected by U.S. Patent No. 5,951,698 The Administrator’s Guide for Trend Micro is intended to provide in-depth information about the main features of the software. You should read through it prior to installing or using the software. For technical support, please refer to the Technical Support and Troubleshooting chapter for information and contact details. Detailed information about how to use specific features within the software are available in the online help file and online Knowledge Base at Trend Micro’s Web site. Trend Micro is always seeking to improve its documentation. If you have questions, comments, or suggestions about this or any Trend Micro documents, please contact us at [email protected]. Your feedback is always welcome. Please evaluate this documentation on the following site: http://www.trendmicro.com/download/documentation/rating.asp ii Contents Preface IWSVA Documentation ................................................................................xxii Audience ..........................................................................................................xxiii Document Conventions ...............................................................................xxiii About Trend Micro .......................................................................................xxiv Chapter 1: Introducing Trend Micro™ InterScan™ Web Security Virtual Appliance Web Traffic Security Risk Overview ........................................................... 1-2 Smart Search Support ................................................................................ 1-3 Hardware Specifications ................................................................................ 1-4 Compatible Directory Servers .................................................................. 1-5 Integration with ICAP 1.0-compliant Caching Devices ...................... 1-5 X-Authenticated ICAP Headers Support .......................................... 1-5 What’s New .................................................................................................... 1-6 High Availability ......................................................................................... 1-6 Cluster Management .................................................................................. 1-6 Hardware Event Monitoring .................................................................... 1-6 Network Packet Capturing ....................................................................... 1-6 System Updates .......................................................................................... 1-7 Hyper-V Installation Supported .............................................................. 1-7 Prevention of Brute Force Attacks against Password .......................... 1-7 Advanced Reports and Management (ARM) Database Failover Support ........................................................................................ 1-7 Updates for URL Categories .................................................................... 1-7 Main Features .................................................................................................. 1-8 Support for Multiple Trend Micro™ InterScan™ Web Security Virtual Appliance Installations .............................................................. 1-8 HTTP Virus Scanning ............................................................................... 1-8 iii FTP Scanning ..............................................................................................1-8 Improved Deferred Scanning for HTTP and FTP Large File Scans .1-9 Applets and ActiveX Security ...................................................................1-9 URL Filtering ..............................................................................................1-9 Direct URL Filter Category Selection .....................................................1-9 URL Filtering Category Mapping .....................................................1-10 Access Quota Policies ..............................................................................1-16 URL Access Control ................................................................................1-16 IP Address, Host Name and LDAP Client Identification .................1-16 Server and Port Access Control Restrictions .......................................1-16 Notifications ..............................................................................................1-16 PhishTrap ..................................................................................................1-17 Web Reputation ........................................................................................1-17 Anti-phishing and Anti-pharming Based on Web Reputation .....1-18 IntelliTrap ..................................................................................................1-18 IntelliTunnel ..............................................................................................1-18 Easier Collection of System Information for Support Diagnosis .....1-19 True File-type Blocking Within Compressed Files .............................1-19 Real-time Statistics and Alerts ................................................................1-19 Configurable Threshold Warning ..........................................................1-20 Reverse Proxy Support ............................................................................1-20 Logs and Reports ......................................................................................1-20 Additional Reporting Information .........................................................1-21 Integration with Cisco WCCP ................................................................1-22 Command Line Interface ........................................................................1-22 HTTPS Decryption ..................................................................................1-23 Secure Shell (SSH) Configuration in Web Console ............................1-23 Per-policy Exception ...............................................................................1-23 Compressed File Handling Actions .......................................................1-23 Custom Category ......................................................................................1-23 URL Monitoring Mode ...........................................................................1-23 Reporting ...................................................................................................1-24 Web Page Analysis ...................................................................................1-24 Safe Search Engine ...................................................................................1-24 User/group Name Authentication in Transparent Mode (WCCP and Bridge mode) ............................................................................1-24 White List for User/group Name Authentication ..............................1-24 iv Network Interface Configuration and PING Management .............. 1-25 System Event Logs .................................................................................. 1-25 Syslog Support .......................................................................................... 1-25 System Shutdown or Restart .................................................................. 1-25 Configuration Backup and Restore ....................................................... 1-25 License Management in Control Manager ........................................... 1-26 Manual Component Update Button ..................................................... 1-26 Advanced Reporting and Management Integration ........................... 1-26 Deployment Wizard ................................................................................ 1-26 Fail Open/LAN Bypass .......................................................................... 1-26 Notification Message Enhancement ..................................................... 1-26 Smart Search ............................................................................................. 1-27 URL Filtering Access Warning Mode ................................................... 1-27 LDAP Integration Policy Improvement .............................................. 1-27 Product License ........................................................................................ 1-27 Content Cache .......................................................................................... 1-27 HTTPS Scanning ....................................................................................
Load more

Recommended publications
  • What Is ASP.NET?
    Welcome to the ASP.NET QuickStart Tutorial Getting Started Introduction The ASP.NET QuickStart is a series of ASP.NET samples and What is ASP.NET? supporting commentary designed to quickly acquaint Language Support developers with the syntax, architecture, and power of the ASP.NET Web programming framework. The QuickStart ASP.NET Web Forms samples are designed to be short, easy-to-understand Introducing Web Forms illustrations of ASP.NET features. By the time you have Working with Server Controls completed the QuickStart tutorial, you will be familiar with: Applying Styles to Controls Server Control Form Validation ● ASP.NET Syntax. While some of the ASP.NET Web Forms User Controls syntax elements will be familiar to veteran ASP developers, several are unique to the new Data Binding Server Controls framework. The QuickStart samples cover each Server-Side Data Access element in detail. Data Access and Customization ● ASP.NET Architecture and Features. The Working with Business Objects QuickStart introduces the features of ASP.NET that Authoring Custom Controls enable developers to build interactive, world-class Web Forms Controls Reference applications with much less time and effort than ever before. Web Forms Syntax Reference ● Best Practices. The QuickStart samples demonstrate the best ways to exercise the power of ASP.NET Web Services ASP.NET while avoiding potential pitfalls along the Introducing Web Services way. Writing a Simple Web Service Web Service Type Marshalling What Level of Expertise Is Assumed in the Using Data in Web Services QuickStart? Using Objects and Intrinsics If you have never developed Web pages before, the The WebService Behavior QuickStart is not for you.
    [Show full text]
  • Exam Ref 70-482: Advanced Windows Store App Development Using HTML5 and Javascript
    Exam Ref 70-482: Advanced Windows Store App Development Using HTML5 and JavaScript Roberto Brunetti Vanni Boncinelli Copyright © 2013 by Roberto Brunetti and Vanni Boncinelli All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher. ISBN: 978-0-7356-7680-0 1 2 3 4 5 6 7 8 9 QG 8 7 6 5 4 3 Printed and bound in the United States of America. Microsoft Press books are available through booksellers and distributors worldwide. If you need support related to this book, email Microsoft Press Book Support at [email protected]. Please tell us what you think of this book at http://www.microsoft.com/learning/booksurvey. Microsoft and the trademarks listed at http://www.microsoft.com/about/legal/ en/us/IntellectualProperty/Trademarks/EN-US.aspx are trademarks of the Microsoft group of companies. All other marks are property of their respec- tive owners. The example companies, organizations, products, domain names, email ad- dresses, logos, people, places, and events depicted herein are fictitious. No association with any real company, organization, product, domain name, email address, logo, person, place, or event is intended or should be inferred. This book expresses the author’s views and opinions. The information con- tained in this book is provided without any express, statutory, or implied warranties. Neither the authors, Microsoft Corporation, nor its resellers, or distributors will be held liable for any damages caused or alleged to be caused either directly or indirectly by this book.
    [Show full text]
  • ASP.NET 4 and Visual Studio 2010 Web Development Overview
    ASP.NET 4 and Visual Studio 2010 Web Development Overview This document provides an overview of many of the new features for ASP.NET that are included in the.NET Framework 4 and in Visual Studio 2010. Contents Core Services .....................................................................................................................................3 Web.config File Refactoring ...................................................................................................................... 3 Extensible Output Caching ........................................................................................................................ 3 Auto-Start Web Applications .................................................................................................................... 5 Permanently Redirecting a Page ............................................................................................................... 7 Shrinking Session State ............................................................................................................................. 7 Expanding the Range of Allowable URLs ................................................................................................... 8 Extensible Request Validation .................................................................................................................. 8 Object Caching and Object Caching Extensibility ...................................................................................... 9 Extensible HTML, URL, and HTTP Header
    [Show full text]
  • Contents Contents
    Contents Contents ........................................................................................................................................................ 1 1 Introduction ............................................................................................................................................... 4 Samples and Examples .............................................................................................................................. 4 2 Prerequisites .............................................................................................................................................. 4 3 Architecture ............................................................................................................................................... 4 Direct to On-Prem ..................................................................................................................................... 4 Azure Cloud ............................................................................................................................................... 5 Service On-Prem ....................................................................................................................................... 6 4 Why Choose the Microsoft Technology Stack? ......................................................................................... 7 Rapid Application Development ............................................................................................................... 7 C# .........................................................................................................................................................
    [Show full text]
  • Microsoft CRM – Typical Customizations
    Microsoft CRM – Typical Customizations by Andrew Karasev Microsoft CRM was designed to be easily customizable. Microsoft CRM Software Development Kit (MS CRM SDK) which you can download from Microsoft website contains descriptions of the objects or classes, exposed for customization. It has sample code in C# and partially in VB.Net. In Visual Studio.Net you can analyze all the classes, used by Microsoft developers to create MS CRM - you will discover that most of them are not documented in MS CRM SDK. Microsoft will not support your customization if you use undocumented class or do direct SQL access to CRM database. Let us describe you - programmer, software developer typical cases of MS CRM Customizations. 1. Integration with SQL Server application. If you have legacy system on MS SQL Server - let's say you are transportation company and have in-house developed cargo tracking database. Now in MS CRM you want lookup the shipments for the customer (or account in CRM). This is SDK programming and calling SQL stored proc to retrieve cargo info. Instead of SQL Server you can have other database (ORACLE, MS Access, PervasiveSQL to name a few) - you can access multiple Database platforms via ADO.Net connection from your .Net application, which is easily integrated into MS CRM Account screen. 2. Email capturing in MS CRM. You have customer with email [email protected]. Now you want all the emails that you receive from customer.com domain to be attached to Bill who is account in CRM. This is more difficult customization - you have to create MS CRM SDK web service, that one will be creating email activity and call it from COM+ application - Microsoft Exchange event handler (ONSYNCSAVE database event sink).
    [Show full text]
  • Moving Applications to the Cloud, 2Nd Edition Patterns & Practices
    Moving Applications to the Cloud, nd 2 Edition patterns & practices Summary: This book demonstrates how you can adapt an existing, on-premises ASP.NET application to one that operates in the cloud. The book is intended for any architect, developer, or information technology (IT) professional who designs, builds, or operates applications and services that are appropriate for the cloud. Although applications do not need to be based on the Microsoft Windows operating system to work in Windows Azure, this book is written for people who work with Windows-based systems. You should be familiar with the Microsoft .NET Framework, Microsoft Visual Studio, ASP.NET, and Microsoft Visual C#. Category: Guide Applies to: Windows Azure SDK for .NET (includes the Visual Studio Tools for Windows Azure), Windows Azure SQL Database, Microsoft SQL Server or SQL Server Express 2008, Windows Identity Foundation, Enterprise Library 5, WatiN 2.0, Microsoft Anti-Cross Site Scripting Library V4, Microsoft .NET Framework version 4.0, Microsoft Visual Studio 2010 Source: MSDN Library(patterns & practices) (link to source content) E-book publication date:June 2012 Copyright © 2012 by Microsoft Corporation All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher. Microsoft and the trademarks listed at http://www.microsoft.com/about/legal/en/us/IntellectualProperty/Trademarks/EN-US.aspx are trademarks of the Microsoft group of companies. All other marks are property of their respective owners. The example companies, organizations, products, domain names, email addresses, logos, people, places, and events depicted herein are fictitious.
    [Show full text]
  • Special Characters A
    Index Special Characters AddAttributesToRender method, overriding, & (ampersand) character, QueryString 681, 691, 724, 777 encryption, 635 AddBezier method, 793 & operator, 499 AddBeziers method, 793 * (asterisk) character, XPath expression, 476 AddClosedCurve method, 793 * wildcard operator, 500, 505 AddCurve method, 793 @ (at sign) character, XPath expression, 477 AddEllipse method, 793 | (pipe) character, XPath expression, 477 AddLine method, 793 < > (brackets) characters, XPath expression, AddLines method, 793 477 AddNew method, 315 = (equal sign) character, QueryString AddParsedSubObject method, 706, 749 encryption, 635 AddPath method, 793 : (colon) character, namespace prefix, xmlns, AddPie method, 793 458 AddPolygon method, 793 . (dot) character, XPath expression, 477 AddRectangle method, 793 / (forward slash) character, XPath expression, AddRectangles method, 793 477 AddString method, 793 . (period) character, XPath expression, 477 AddStyleAttribute method, 674 \ in Path, 503 Administrator enumeration, ? wildcard operator, 500, 505 WindowsBuiltInRole, 592 ADO vs. ADO.NET, 276–78 A ADO.NET, 407–24, 426, 428, 431, 433–44, Abandon session state settings, 248 446–51 abstract encryption classes, 624 advanced grids, 433–41, 443 AcceptChanges, DataSet Version-Tracking, overview, 433 313, 334–36 parent/child view, 433–36 access, anonymous, 589, 596, 617 parent/child view in single table, access control lists (ACLs), 608 440–41, 443 AccessKey property, 149 parent/child/detail view, 437–38 account tokens, 596–97 summaries in DataGrid, 438–40
    [Show full text]
  • Tornadoproxyhandlers Documentation
    tornadoproxyhandlersDocumentation Release 0.0.5 Tim Paine Oct 15, 2020 Contents 1 Install 3 2 Overview 5 3 Use 7 4 API Documentation 9 Python Module Index 11 Index 13 i ii tornadoproxyhandlersDocumentation; Release0:0:5 Tornado proxy handlers for HTTP requests and web sockets Build Status Coverage License PyPI Docs Contents 1 tornadoproxyhandlersDocumentation; Release0:0:5 2 Contents CHAPTER 1 Install pip install tornado-proxy-handlers or from source python setup.py install 3 tornadoproxyhandlersDocumentation; Release0:0:5 4 Chapter 1. Install CHAPTER 2 Overview This project contains 2 proxy handlers: • HTTP Handler • Websocket Handler The websocket handler requires the http handler for 599 protocol switching. 5 tornadoproxyhandlersDocumentation; Release0:0:5 6 Chapter 2. Overview CHAPTER 3 Use These are designed to be embedded in a tornado server that needs to proxy. They can also be run as a standalone proxy server via the tornado-proxy command. 7 tornadoproxyhandlersDocumentation; Release0:0:5 8 Chapter 3. Use CHAPTER 4 API Documentation class tornado_proxy_handlers.handlers.ProxyHandler(application: tor- nado.web.Application, request: tor- nado.httputil.HTTPServerRequest, **kwargs) Bases: tornado.web.RequestHandler get(url=None) Get the login page initialize(proxy_url=’/’, **kwargs) class tornado_proxy_handlers.handlers.ProxyWSHandler(application: tor- nado.web.Application, request: tor- nado.httputil.HTTPServerRequest, **kwargs) Bases: tornado.websocket.WebSocketHandler initialize(proxy_url=’/’, **kwargs) on_close() Invoked when the WebSocket is closed. If the connection was closed cleanly and a status code or reason phrase was supplied, these values will be available as the attributes self.close_code and self.close_reason. Changed in version 4.0: Added close_code and close_reason attributes. on_message(message) Handle incoming messages on the WebSocket This method must be overridden.
    [Show full text]
  • Installation Guide for Microsoft SQL Server With
    Informatica® Multidomain MDM 10.4 Installation Guide for Microsoft SQL Server with Oracle WebLogic Informatica Multidomain MDM Installation Guide for Microsoft SQL Server with Oracle WebLogic 10.4 July 2020 © Copyright Informatica LLC 2001, 2020 This software and documentation are provided only under a separate license agreement containing restrictions on use and disclosure. No part of this document may be reproduced or transmitted in any form, by any means (electronic, photocopying, recording or otherwise) without prior consent of Informatica LLC. U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation is subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License. Informatica, the Informatica logo, and ActiveVOS are trademarks or registered trademarks of Informatica LLC in the United States and many jurisdictions throughout the world. A current list of Informatica trademarks is available on the web at https://www.informatica.com/trademarks.html. Other company and product names may be trade names or trademarks of their respective owners. Portions of this software and/or documentation are subject to copyright held by third parties. Required third party notices are included with the product. The information in this documentation is subject to change without notice.
    [Show full text]
  • Benefits of Sharepoint 2010 As a Product Platform
    Benefits of SharePoint 2010 as a Product Platform For Independent Software Vendors and Enterprises Date published: November 2010 Authors: Owen Allen – Principal, SharePoint Directions Eric Bowden – Senior Consultant, ThreeWill Kirk Liemohn – Principal Software Engineer, ThreeWill Danny Ryan – Principal, ThreeWill Tommy Ryan – Principal, ThreeWill Pete Skelly – Principal Consultant, ThreeWill John Underwood - Technical Evangelist, ThreeWill Contributors: Geoffrey Edge – Senior Technology Specialist, Microsoft Corporation Kirk Evans – Developer and Platform Evangelism for Communications Sector, Microsoft Corporation Chris Mitchell – Technology Architect for Microsoft Technology Center, Microsoft Corporation Reviewers: Bill Arconati – Product Marketing Manager, Atlassian Software Systems Tony Clark – Director, Enterprise Architecture, Cox Enterprises Geoffrey Edge – Senior Technology Specialist, Microsoft Corporation Bo George – Senior Application Developer, Aflac Murray Gordon – ISV Architect Evangelist, Microsoft Corporation Adam P. Morgan - Enterprise Sales, Digital Marketing Platform Group, Microsoft Corporation Aaron Rafus – Technology Evangelist, McKesson Corporation William Rogers – Chief Workplace Architect, CorasWorks Corporation Scott Schemmel - VP, Global Information Technology at PGi Brendon Schwartz – Senior Platform Engineer, JackBe Corporation Cole Shiflett – Solutions Architect, Equifax Dr. Todd Stephens – Senior Technical Architect, AT&T Matt Waltz – Chief Technology Officer, NextDocs Michael Wilson – Solution Specialist
    [Show full text]
  • Introducing ASP.NET AJAX
    Microsoft AJAX Library Essentials Client-side ASP.NET AJAX 1.0 Explained A practical tutorial to using Microsoft AJAX Library to enhance the user experience of your ASP.NET Web Applications Bogdan Brinzarea Cristian Darie BIRMINGHAM - MUMBAI Microsoft AJAX Library Essentials Client-side ASP.NET AJAX 1.0 Explained Copyright © 2007 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, Packt Publishing, nor its dealers or distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: July 2007 Production Reference: 1230707 Published by Packt Publishing Ltd. 32 Lincoln Road Olton Birmingham, B27 6PA, UK. ISBN 978-1-847190-98-7 www.packtpub.com Cover Image by www.visionwt.com Credits Authors Project Coordinator Bogdan Brinzarea Abhijeet Deobhakta Cristian Darie Indexer Reviewers
    [Show full text]
  • Oracle Fusion Middleware Application Adapters Installation Guide for Oracle Weblogic Server, 11G Release 1 (11.1.1.4.0) E17054-06
    Oracle® Fusion Middleware Application Adapters Installation Guide for Oracle WebLogic Server 11g Release 1 (11.1.1.4.0) E17054-06 November 2011 Provides information on how to install configure Oracle Application Adapters for Oracle WebLogic Server. Oracle Fusion Middleware Application Adapters Installation Guide for Oracle WebLogic Server, 11g Release 1 (11.1.1.4.0) E17054-06 Copyright © 2001, 2011, Oracle and/or its affiliates. All rights reserved. Primary Author: Stefan Kostial Contributors: Vikas Anand, Marian Jones, Sunil Gopal, Bo Stern This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations.
    [Show full text]