G DATA Business Solutions Reference Guide

Total Page:16

File Type:pdf, Size:1020Kb

G DATA Business Solutions Reference Guide G DATA Business Solutions Reference Guide G DATA Software AG | October 2017 G DATA Business Solutions Reference Guide Contents Introduction .......................................................................................................................... 6 Section A: Planning and deployment ........................................................................................ 7 1. Network and client management ....................................................................................... 7 1.1. Network layout ................................................................................................................................ 7 1.2. Security components ..................................................................................................................... 12 2. Choosing a solution ........................................................................................................ 13 2.1. G DATA business solutions ............................................................................................................ 13 2.2. System requirements .................................................................................................................... 14 2.3. Licensing ........................................................................................................................................ 15 3. Installation scenarios ..................................................................................................... 16 3.1. Local deployment .......................................................................................................................... 16 3.2. Managed Endpoint Security and Managed Endpoint Security Powered by Microsoft Azure ..... 22 4. Deployment ................................................................................................................... 23 4.1. Preparation .................................................................................................................................... 23 4.2. Clean installation ........................................................................................................................... 24 4.3. Upgrade installation ...................................................................................................................... 27 4.4. Network configuration .................................................................................................................. 29 4.5. Initial configuration ....................................................................................................................... 30 4.6. Server updates and registration.................................................................................................... 32 4.7. Server database backup and restore ............................................................................................ 33 4.8. Client deployment ......................................................................................................................... 35 4.9. Finalizing deployment ................................................................................................................... 43 4.10. Subnet server(s) ............................................................................................................................. 44 5. Remote administration ................................................................................................... 46 5.1. Desktop application....................................................................................................................... 46 5.2. Browser .......................................................................................................................................... 47 5.3. Mobile ............................................................................................................................................. 49 5.4. MasterAdmin .................................................................................................................................. 50 2 Copyright © 2017 G DATA Software AG Contents Section B: Using G DATA business solutions ............................................................................. 51 6. Dashboard and monitoring .............................................................................................. 51 6.1. Overview, Dashboard and Statistics ............................................................................................. 51 6.2. Reports and Alarms ....................................................................................................................... 54 6.3. ReportManager .............................................................................................................................. 56 7. Managing clients ............................................................................................................ 58 7.1. Using groups .................................................................................................................................. 58 7.2. Integrating Active Directory .......................................................................................................... 59 7.3. Signature and program file updates ............................................................................................. 60 7.4. End user security permissions ....................................................................................................... 64 7.5. Performance .................................................................................................................................. 65 7.6. Malware Information Initiative ...................................................................................................... 66 7.7. Managing Linux/Mac clients .......................................................................................................... 66 7.8. Removing a client .......................................................................................................................... 67 8. Real time protection ....................................................................................................... 68 8.1. Internet traffic scans ...................................................................................................................... 69 8.2. Monitor ........................................................................................................................................... 71 8.3. Performance .................................................................................................................................. 74 8.4. Operating system security ............................................................................................................. 75 8.5. Web proxy protection .................................................................................................................... 77 9. On demand protection .................................................................................................... 78 9.1. Idle scan ......................................................................................................................................... 78 9.2. Scan jobs ........................................................................................................................................ 79 9.3. Exceptions ...................................................................................................................................... 85 9.4. Local scan jobs ............................................................................................................................... 86 10. Handling a malware infection .......................................................................................... 87 10.1. Automated detection and mitigation ........................................................................................... 87 10.2. Extended mitigation ...................................................................................................................... 89 10.3. Analysis .......................................................................................................................................... 90 11. Mobile device management ............................................................................................. 93 11.1. Android ........................................................................................................................................... 93 11.2. iOS .................................................................................................................................................. 98 Copyright © 2017 G DATA Software AG 3 G DATA Business Solutions Reference Guide 12. Backups ....................................................................................................................... 102 12.1. Managing backups ....................................................................................................................... 103 12.2. Create a backup ........................................................................................................................... 104 12.3. Restore a backup ......................................................................................................................... 109 13. Firewall ........................................................................................................................ 111 13.1. Managing firewall clients ............................................................................................................
Recommended publications
  • Inferring TCP/IP-Based Trust Relationships Completely Off-Path
    ONIS: Inferring TCP/IP-based Trust Relationships Completely Off-Path Xu Zhang Jeffrey Knockel Jedidiah R. Crandall Department of Computer Science Department of Computer Science Department of Computer Science University of New Mexico University of New Mexico University of New Mexico [email protected] [email protected] [email protected] Abstract—We present ONIS, a new scanning technique that researcher in country X who wants to learn if network traffic can perform network measurements such as: inferring TCP/IP- from a host in country Y can connect to a Tor server in country based trust relationships off-path, stealthily port scanning a Z. Performing this measurement off-path is necessary when target without using the scanner’s IP address, detecting off- path packet drops between two international hosts. These tasks vantage points (VPNs, Planet Lab nodes, etc.) are limited or typically rely on a core technique called the idle scan, which is unavailable in some countries. Ensafi et al. detail this off- a special kind of port scan that appears to come from a third path trust relationship testing by using the idle scan in [2]. machine called a zombie. The scanner learns the target’s status Specifically, they measured packet drops from clients to Tor from the zombie by using its TCP/IP side channels. directory servers by using machines with global incrementing Unfortunately, the idle scan assumes that the zombie has IP identifiers (IPIDs) which exhibit the now-discouraged behavior IPIDs as vantage points without those machines being under of being globally incrementing. The use of this kind of IPID their control.
    [Show full text]
  • The Effectiveness of Application Permissions
    The Effectiveness of Application Permissions Adrienne Porter Felt,∗ Kate Greenwood, David Wagner University of California, Berkeley apf, kate eli, [email protected] Abstract cations’ permission requirements up-front so that users can grant them during installation. Traditional user-based permission systems assign the Traditional user-based permission systems assign the user’s full privileges to all applications. Modern plat- user’s full privileges to all of the user’s applications. In forms are transitioning to a new model, in which each the application permission model, however, each appli- application has a different set of permissions based on cation can have a customized set of permissions based its requirements. Application permissions offer several on its individual privilege requirements. If most applica- advantages over traditional user-based permissions, but tions can be satisfied with less than the user’s full priv- these benefits rely on the assumption that applications ileges, then three advantages of application permissions generally require less than full privileges. We explore over the traditional user-based model are possible: whether that assumption is realistic, which provides in- sight into the value of application permissions. • User Consent: Security-conscious users may be We perform case studies on two platforms with appli- hesitant to grant access to dangerous permissions cation permissions, the Google Chrome extension sys- without justification. For install-time systems, this tem and the Android OS. We collect the permission re- might alert some users to malware at installation; quirements of a large set of Google Chrome extensions for time-of-use systems, this can prevent an in- and Android applications.
    [Show full text]
  • Daniel Nashed "CSI Domino" Diagnostic Collection & NSD Analysis
    "CSI Domino" Diagnostic Collection & NSD Analysis Daniel Nashed AdminCamp 2016 – Sept. 19-21 in Gelsenkirchen About the presenter ● Nash!Com – German IBM® Business Partner/ISV – Member of The Penumbra group -- an international consortium of selected Business Partners pooling their talent and resources ● Focused on Cross-Platform C-API, IBM® Domino® Infrastructure, Administration, Integration, Troubleshooting and IBM® Traveler – Platform Focus: Microsoft® Windows® 32/64, Linux® and IBM AIX® ● Author of the Domino on Linux®/UNIX® Start Script – Note: Working on RHEL7 + SLES 12 “systemd” support Agenda ● Introduction – What is „Serviceability“ ● Automatic Data Collection (ADC), Configuration Collector ● NSD, Memcheck – Server Crashes, Hangs, Annotation of NSDs ● Memory Management ● Advanced Methods – Semaphore Debugging – Memory Dumps ● Performance Troubleshooting ● Q&A – Any time Useful Software & Tools ● Software – Notes Peek – Lotus Notes Diagnostics (LND) – 7Zip – open source ZIP tool – Ultraedit (commerical but great) or Notepad++ (free) – NashCom Tools ● nshcrash ● Nshmem ● C-API Toolkit – Great source of information What is Serviceability? ● RAS = Reliability Availability Serviceability ● RAS is the effort to improve the Domino Product suite so that: – Client/Server doesn’t crash or hang as often (Reliability) – Client/Server performs well, Server is available to clients (Availability) – The ability to quickly pin-point and fix problems (Serviceability) ● Ongoing effort in each incremental release – Some features are even back-ported
    [Show full text]
  • 7.4, Integration with Google Apps Is Deprecated
    Google Search Appliance Integrating with Google Apps Google Search Appliance software version 7.2 and later Google, Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043 www.google.com GSA-APPS_200.03 March 2015 © Copyright 2015 Google, Inc. All rights reserved. Google and the Google logo are, registered trademarks or service marks of Google, Inc. All other trademarks are the property of their respective owners. Use of any Google solution is governed by the license agreement included in your original contract. Any intellectual property rights relating to the Google services are and shall remain the exclusive property of Google, Inc. and/or its subsidiaries (“Google”). You may not attempt to decipher, decompile, or develop source code for any Google product or service offering, or knowingly allow others to do so. Google documentation may not be sold, resold, licensed or sublicensed and may not be transferred without the prior written consent of Google. Your right to copy this manual is limited by copyright law. Making copies, adaptations, or compilation works, without prior written authorization of Google. is prohibited by law and constitutes a punishable violation of the law. No part of this manual may be reproduced in whole or in part without the express written consent of Google. Copyright © by Google, Inc. Google Search Appliance: Integrating with Google Apps 2 Contents Integrating with Google Apps ...................................................................................... 4 Deprecation Notice 4 Google Apps Integration 4
    [Show full text]
  • Trend Micro Worry-Free Business Security 9.0 SP1 Administrator's
    Trend Micro Incorporated reserves the right to make changes to this document and to the product described herein without notice. Before installing and using the product, review the readme files, release notes, and/or the latest version of the applicable documentation, which are available from the Trend Micro website at: http://docs.trendmicro.com/en-us/smb/worry-free-business-security.aspx Trend Micro, the Trend Micro t-ball logo, TrendProtect, TrendSecure, Worry-Free, OfficeScan, ServerProtect, PC-cillin, InterScan, and ScanMail are trademarks or registered trademarks of Trend Micro Incorporated. All other product or company names may be trademarks or registered trademarks of their owners. Copyright © 2014. Trend Micro Incorporated. All rights reserved. Document Part No.: WFEM96626/140825 Release Date: September 2014 Protected by U.S. Patent No.: 5,951,698 and 7,188,369 This documentation introduces the main features of the product and/or provides installation instructions for a production environment. Read through the documentation before installing or using the product. Detailed information about how to use specific features within the product may be available at the Trend Micro Online Help Center and/or the Trend Micro Knowledge Base. Trend Micro always seeks to improve its documentation. If you have questions, comments, or suggestions about this or any Trend Micro document, please contact us at [email protected]. Evaluate this documentation on the following site: http://www.trendmicro.com/download/documentation/rating.asp Table
    [Show full text]
  • Sir Charles Poised for Comms Vision
    Bahman Rahimi: An Node4 channel chief entrepreneur with his outlines strategy for mind on growth p32 mid-market push p46 VOL 22 ISSUE 5 OCTOBER 2017 www.comms-dealer.com Call recording for PCI, FCA and MiFID ll compliance. oak.co.uk ADVERTISEMENT ADVERTISEMENT THE HEARTBEAT OF THE UK COMMS INDUSTRY THINK For Reliable & Scaleable Recording Solutions, MiFIDII, FCA & PCI Compliance e: [email protected] t: 020 3488 1498 w: www.vidicodeuk.com 3-22 Industry News Fully white labelled Catch up with hosted telephony events in comms solution from £2.75 Take Control of Your PBX Deploy24 on Windows, Linux or in the Cloud Business Matters Q3 dominated by fibre-fest and M&A CD_commcloud.pdf 1 24/04/2017 12:24 www.channeltelecom.com www.channeltelecom.com 26 Experience the Interview Sir Charles poisedC Thirkill and the rise M of3CX GCI People PhoneCloud System Y CM Communications Cloud • Easy to install & managefor Comms VisionMY 34 CY We get your • Inexpensive to buy and expand Case study SIR Charles Dunstone, one of the UK’s most successful ICT entrepreneurs, willCMY employees, outline his vision for the future of the industry at Gleneagles next month. • VirtualizeApprenticeships or run in and the cloud (Windows / Linux) K customers and why they matter apps talking • Halve your phone bill with SIPEXCLUSIVE Trunks ing a culture to drive growth’, In June 2012 Dunstone rec- TalkTalk Executive Chairman eived a Knighthood for his ser- • Increase48 mobility with smartphoneComms Vision Conference clients org- Sir Charles will take part in vices to the telecommunications aniser Comms Dealer has con- an exclusive conversation and industry and his charitable work.
    [Show full text]
  • Hacking Techniques & Intrusion Detection
    Hacking Techniques & Intrusion Detection Ali Al-Shemery arabnix [at] gmail All materials is licensed under a Creative Commons “Share Alike” license. • http://creativecommons.org/licenses/by-sa/3.0/ 2 # whoami • Ali Al-Shemery • Ph.D., MS.c., and BS.c., Jordan • More than 14 years of Technical Background (mainly Linux/Unix and Infosec) • Technical Instructor for more than 10 years (Infosec, and Linux Courses) • Hold more than 15 well known Technical Certificates • Infosec & Linux are my main Interests 3 Scanning and Fingerprinting Outline • Diving into Important Network Protocols (TCP, UDP, ICMP, ARP, etc) • Nmap – Intro. • Host Discovery • Tracing the Route • Port Scanning • OS and Service Fingerprinting • Learning Python in 4 Slides • Packet Crafting 5 Diving into Important Network Protocols • Diving into Important Network Protocols: – TCP – UDP – ICMP – ARP – HTTP – etc 6 Nmap • "Network Mapper” is a free and open source utility for network discovery and security auditing. - Fyodor • IMO: #1 tool in your security arsenal! Important Note: A huge difference between running Nmap as a privileged/unprivileged user! 7 Host Discovery • Identifying Live Systems • Also called “Network Sweep” • Nmap ping sweeps: – Ping Only (-sP) – ARP Ping (-PR) – ICMP Echo Request Ping (-PE) – TCP SYN Ping (-PS) – TCP ACK Ping (-PA) – UDP Ping (-PU) DEMO 8 Assignment #1 • Why do host discovery or network sweeping if we already have the target list of IP(s)? 9 Tracing the Route • Nmap --traceroute option • DEMO DEMO 10 Port Scanning • The act of testing a remote
    [Show full text]
  • Com Google Gdata Client Spreadsheet Maven
    Com Google Gdata Client Spreadsheet Maven Merriest and kinkiest Casey invent almost accelerando, though Todd sucker his spondulicks hided. Stupefied and microbiological Ethan readies while insecticidal Stephen shanghais her lichee horribly and airts cherubically. Quietist and frostbitten Waiter never nest antichristianly when Stinky shook his seizin. 09-Jun-2020 116 24400 google-http-java-client-findbugs-1220-lp1521. It just gives me like a permutation code coverage information plotted together to complete output panel making mrn is com google gdata client spreadsheet maven? Chrony System EnvironmentDaemons 211-1el7centos An NTP client. Richard Huang contact-listgdata. Gdata-mavenmaven-metadataxmlmd5 at master eburtsev. SpreadsheetServiceVersionsclass comgooglegdataclientspreadsheet. Index of sitesdownloadeclipseorgeclipseMirroroomph. Acid transactions with maven coordinates genomic sequences are required js code coverage sequencing kits and client library for com google gdata client spreadsheet maven project setup and table of users as. Issues filed for googlegdata-java-client Record data Found. Uncategorized Majecek's Weblog. API using Spring any Spring Data JPA Maven and embedded H2 database. GData Spreadsheet1 usages comgooglegdataclientspreadsheet gdata-spreadsheet GData Spreadsheet Last feather on Feb 19 2010. Maven dependency for Google Spreadsheet Stack Overflow. Httpmavenotavanopistofi7070nexuscontentrepositoriessnapshots false. Gdata-spreadsheet-30jar Fri Feb 19 105942 GMT 2010 51623. I'm intern to use db2triples for the first time fan is a java maven project. It tries to approve your hours of columns throughout the free software testing late to work. Maven Com Google Gdata Client Spreadsheet Google Sites. Airhacksfm podcast with adam bien Apple. Unable to build ODK Aggregate locally Development ODK. Bmkdep bmon bnd-maven-plugin BNFC bodr bogofilter boinc-client bomber bomns bonnie boo books bookworm boomaga boost1710-gnu-mpich-hpc.
    [Show full text]
  • How to Scan a Network with Hping3
    How To Scan a Network With Hping3 Hping3 Hping3 is a command-line oriented TCP/IP packet assembler and analyser and works like Nmap. The application is able to send customizes TCP/IP packets and display the reply as ICMP echo packets, even more Hping3 supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features like DDOS flooding attacks. Hping3 can be used to perform: OS fingerprinting ICMP pings Traceroute Port scanning Firewall testing Test IDSes Network testing and auditing MTU discovery Exploit and vulnerabilities discovery DDOS and ICMP flooding Hping3 comes pre-installed with Kali Linux but and can also be installed on most Linux distros, also you need to run the commands with sudo privileges. Visit the official documentation at to learn more on how you can use Hping3 http://www.hping.org/documentation.php Useful Options -h Show this help -v Show version -c Packet count -i –interval –flood -V Verbose mode -D Debugging -f Fragment packets -Q Display sequence number -0 RAW IP mode -1 ICMP mode -2 UDP mode -8 SCAN mode -9 listen mode -F Set the FIN flag -S Set the SYN flag -P Set the PUSH flag -A Set the ACK flag -U Set the URG flag Commands Send a ACK packet to a target hping3 –A 192.168.100.11 HPING 192.168.100.11 (eth0 192.168.100.11): A set, 40 headers + 0 data bytes len=46 ip=192.168.100.11 ttl=128 id=29627 sport=0 flags=R seq=0 win=32767 rtt=4.0 ms len=46 ip=192.168.100.11 ttl=128 id=29628 sport=0 flags=R seq=1 win=32767 rtt=2.0 ms len=46 ip=192.168.100.11
    [Show full text]
  • Download the Index
    Dewsbury.book Page 555 Wednesday, October 31, 2007 11:03 AM Index Symbols addHistoryListener method, Hyperlink wid- get, 46 $wnd object, JSNI, 216 addItem method, MenuBar widget, 68–69 & (ampersand), in GET and POST parameters, addLoadListener method, Image widget, 44 112–113 addMessage method, ChatWindowView class, { } (curly braces), JSON, 123 444–445 ? (question mark), GET requests, 112 addSearchResult method JUnit test case, 175 SearchResultsView class, 329 A addSearchView method, MultiSearchView class, 327 Abstract Factory pattern, 258–259 addStyleName method, connecting GWT widgets Abstract methods, 332 to CSS, 201 Abstract Window Toolkit (AWT), Java, 31 addToken method, handling back button, 199 AbstractImagePrototype object, 245 addTreeListener method, Tree widget, 67 Abstraction, DAOs and, 486 Adobe Flash and Flex, 6–7 AbstractMessengerService Aggregator pattern Comet, 474 defined, 34 Jetty Continuations, 477 Multi-Search application and, 319–321 action attribute, HTML form tag, 507 sample application, 35 Action-based web applications Aggregators, 320 overview of, 116 Ajax (Asynchronous JavaScript and XML) PHP scripts for building, 523 alternatives to, 6–8 ActionObjectDAO class, 527–530 application development and, 14–16 Actions, server integration with, 507–508 building web applications and, 479 ActionScript, 6 emergence of, 3–5 ActiveX, 7 Google Gears for storage, 306–309 Add Import command Same Origin policy and, 335 creating classes in Eclipse, 152 success and limitations of, 5–6 writing Java code using Eclipse Java editor,
    [Show full text]
  • Messages End-To-End Encryption Overview
    Messages End-to-End Encryption Overview Technical Paper Emad Omara Communications Security Lead November 2020 Version 1.0 A high-level technical overview of end-to-end encryption in Messages Introduction ​2 Background & RCS Ecosystem ​3 Threat Model ​3 Goals ​4 UI Changes ​4 SMS/MMS Fallback ​5 Identity Verification ​6 E2EE in Messages ​7 Signal Protocol ​7 Key Server ​8 Messages Encryption ​9 Attachment Encryption ​10 Session Recovery ​10 Web Client ​10 Storage & Access ​11 Android Messages Database ​11 Notifications ​11 Limitations ​11 Third Party RCS Client ​11 Conclusion ​12 Introduction Rich Communication Services (RCS) is designed to improve users’ experience and security over Short Message Service (SMS)/Multimedia Messaging Service (MMS), and we’ve invested in making Messages by Google a modern and globally available RCS & SMS/MMS messaging app for Android phones. While RCS messages are already a big security improvement over SMS/MMS, we wanted to take it a step further and add end-to-end encryption (E2EE) to Messages, so no one else – including 2 Messages E2EE Overview​ Google servers or third-party servers – can access your conversations as they travel between your phone and the phone you message. Background & RCS Ecosystem RCS uses a set of standard internet protocols like Session Initiation Protocol (SIP)​[1] ​ to establish a connection between two clients through a central messaging server. This connection is then used to exchange the messages using Message Session Relay Protocol (MSRP)​[2].​ In some RCS deployments this server is hosted by the carrier, and in other deployments the server is hosted by Jibe Mobile from Google.
    [Show full text]
  • Oracle® Beehive Oracle Beehive Standards-Based Clients Help Release 2 (2.0)
    Oracle® Beehive Oracle Beehive Standards-Based Clients Help Release 2 (2.0) November 2011 Last updated on November 4, 2011 This page contains configuration instructions and other related information for the following standards-based clients supported by Oracle Beehive: Hardware and Software Certification Managing your E-Mails ■ Apple Mail ■ Microsoft Outlook ■ Mozilla Thunderbird Managing Calendar and Task List ■ Apple iCal ■ Mozilla Lightning Using Instant Messaging ■ Apple iChat ■ Pidgin ■ Trillian Pro Accessing Documents (Web Clients and FTP Clients) ■ Browser-based Access ■ Desktop WebDAV Clients ■ Mac OS X Finder Web Access ■ Cadaver ■ Microsoft Windows Web Folders ■ Desktop FTP Clients ■ FileZilla ■ NCFTP ■ SmartFTP ■ Transmit RSS Clients Mobile Access Documentation Accessibility 1 Hardware and Software Certification The hardware and software requirements included in this installation guide were current at the time this guide was published. However, because new platforms and operating system software versions might be certified after this guide is published, review the certification matrix on the My Oracle Support Web site for the most up-to-date list of certified hardware platforms and operating system versions. My Oracle Support is available at the following URL: http://support.oracle.com/ You must register online before using My Oracle Support. Use the following steps to locate the certification information for your platform: 1. After logging in, click the Certifications tab. 2. In the Certification Search pane, on the Search tab, select the following information: ■ Product: Enter the product name or select from the drop-down list of Products. ■ Release: Select the release number of the product. ■ Platform: Select the target platform by choosing from the submenu list.
    [Show full text]