Integrity Clientless Security Administrator Guide Version 4.1 1-0230-0410-2006-11-17 © 2006 Check Point Software Technologies Ltd. All rights reserved. This product and related documentation are protected by copyright and distributed under licensing restricting their use, copying, distribution, and decompilation. No part of this product or related documentation may be reproduced in any form or by any means without prior written authorization of Check Point. While every precaution has been taken in the preparation of this book, Check Point assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice. TRADEMARKS: © 2006 Check Point Software Technologies Ltd. All rights reserved. Check Point, Application Intelligence, Check Point Express, the Check Point logo, AlertAdvisor, ClusterXL, Cooperative Enforcement, ConnectControl, Connectra, CoSa, Cooperative Security Alliance, FireWall-1, FireWall-1 GX, FireWall-1 SecureServer, FloodGate-1, Hacker ID, IMsecure, INSPECT, INSPECT XL, Integrity, InterSpect, IQ Engine, Open Security Extension, OPSEC, Policy Lifecycle Management, Provider-1, Safe@Home, Safe@Office, SecureClient, SecureKnowledge, SecurePlatform, SecuRemote, SecurServer, SecureUpdate, SecureXL, SiteManager-1, SmartCenter, SmartCenter Pro, Smarter Security, SmartDashboard, SmartDefense, SmartLSM, SmartMap, SmartUpdate, SmartView, SmartView Monitor, SmartView Reporter, SmartView Status, SmartViewTracker, SofaWare, SSL Network Extender, TrueVector, UAM, User-to-Address Mapping, UserAuthority, VPN-1, VPN-1 Accelerator Card, VPN-1 Edge, VPN-1 Pro, VPN-1 SecureClient, VPN-1 SecuRemote, VPN-1 SecureServer, VPN-1 VSX, Web Intelligence, ZoneAlarm, Zone Alarm Pro, Zone Labs, and the Zone Labs logo, are trademarks or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The products described in this document are protected by U.S. Patent No. 5,606,668, 5,835,726 and 6,496,935 and may be protected by other U.S. Patents, foreign patents, or pending applications. Contents Preface About this Guide ...................................................................... 9 Other Documentation ................................................................ 9 Feedback ............................................................................... 10 Chapter 1 Introduction Integrity Clientless Security Features ........................................ 11 Integrity Clientless Security Scanner ...........................................11 Advanced Anti-Keylogger ............................................................12 Integrity Secure Workspace ........................................................12 Reports ................................................................................. 13 ICSInfo Utility ........................................................................ 13 Customization ........................................................................ 13 Installing and Upgrading ICS ................................................... 13 Chapter 2 Upgrading and Reconfiguring ICS Upgrade Installation Process ................................................... 16 Uninstallation Process ............................................................ 17 Reconfiguration Processes ....................................................... 18 Configuring ICS to receive software updates .................................18 Moving ICS to another server ......................................................19 Changing the protected gateway ..................................................20 Relocating the Administrator Console ..........................................20 Chapter 3 General Administration Tasks Planning for Security .............................................................. 23 Security scenarios .....................................................................24 Understanding Security Lifecycles ...............................................28 Supporting the Endpoint User .....................................................29 Logging In ............................................................................. 30 Configuration Workflow ........................................................... 30 General Administration Tasks .................................................. 31 Configuring ICS to fail open ........................................................31 Configuring updates ...................................................................31 Chapter 4 Administering Security Scanner Policies Understanding Integrity Clientless Security Scanner .................. 33 Implementing Policies ............................................................ 34 Understanding Enforcement Rules ........................................... 34 ICS Administrator Guide 5 Enforcement Rule Types ............................................................35 Firewall Application Rules ..........................................................36 Anti-virus Application Rules .......................................................36 Anti-Spyware Scan Rules ...........................................................38 Custom Application Rules ..........................................................39 Custom Group Rules ..................................................................40 Creating Policies .................................................................... 41 Activating Policies .................................................................. 41 Chapter 5 Administering Advanced Anti-Keylogger Understanding Keylogger Protection ......................................... 43 Administering ICS Advanced Anti-Keylogger .............................. 44 Activating ICS Advanced Anti-Keylogger ......................................44 Configuring Advanced Anti-Keylogger to fail open .........................45 Monitoring Advanced Anti-Keylogging ..........................................45 Chapter 6 Administering Integrity Secure Workspace Understanding Integrity Secure Workspace ............................... 47 Supported Applications ..............................................................48 Administering Integrity Secure Workspace ................................ 49 Configuring and Activating ISW ...................................................49 Configuring ISW permissions ......................................................50 Configuring Secure Workspace to fail open ...................................51 Testing Integrity Secure Workspace .......................................... 52 Chapter 7 Logging and Reports Logging ................................................................................. 53 Server-side logs .........................................................................54 Log and database rotation ..........................................................55 Endpoint computer logs .............................................................58 Reports ................................................................................. 58 Generating Reports ....................................................................58 Access Statistics .......................................................................59 Security Scan Results ................................................................59 Spyware Found ..........................................................................59 Rules Broken ............................................................................59 Anti-Keylogger ...........................................................................59 Errors .......................................................................................60 Chapter 8 The ICSInfo Utility Troubleshooting endpoint user issues ..........................................61 Obtaining anti-virus application information .................................62 Obtaining application checksums ................................................62 ICS Administrator Guide 6 Chapter 9 Customizing the User Interface Assumptions .......................................................................... 65 Customization Methods ........................................................... 66 Customizing ICS ..................................................................... 66 Creating the customization folder ................................................66 Modifying the CSS file ...............................................................67 Modifying the template file .........................................................67 Adding Administrator Contact Information ....................................68 Changing the logo ......................................................................68 Changing the colors ...................................................................69 Changing the fonts ....................................................................70 Configuring the custom text ........................................................70 Style Reference ...................................................................... 70 Customizing the Integrity Secure Workspace ............................. 81 Changing message text ...............................................................81 Changing the images .................................................................81 Index ...........................................................................
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages86 Page
-
File Size-