HP T5720 HP Sygate Security Agent User Guide

HP T5720 - Compaq Thin Client Manual

Get HP T5720 - Compaq Thin Client PDF manuals and user guides
UPC - 882780099517
View all HP T5720 manuals
Add to My Manuals
Save this manual to your list of manuals

HP T5720 manual content summary:

  • HP T5720 | HP Sygate Security Agent User Guide - Page 1
    HP Sygate Security Agent 4.0 User Guide Documentation Build 1004 Published: May 1, 2005
  • HP T5720 | HP Sygate Security Agent User Guide - Page 2
    the Sygate 'S' Logo are registered trademarks or trademarks of Sygate Technologies, Inc. Microsoft and Windows are registered trademarks of Microsoft Corporation. All other companies and product names referenced herein may be trademarks or registered trademarks of their respective holders. ii
  • HP T5720 | HP Sygate Security Agent User Guide - Page 3
    Preface ...ix Related Documentation ...ix Intended Audience...ix Technical Support ...x Chapter 1. Overview of the Agent 1 Modifying the System Tray Icon Mean 10 The System Tray Icon Menu 10 Enabling Password Protection 11 Chapter 3. Testing Your System's Vulnerability 13 Scanning Your System
  • HP T5720 | HP Sygate Security Agent User Guide - Page 4
    HP Sygate Security Agent User Guide Rule Summary field ...20 Hosts Tab ...20 All addresses ...21 MAC addresses...21 IP Address(es) ...21 Subnet...21 Rule Summary field ...21 Ports and
  • HP T5720 | HP Sygate Security Agent User Guide - Page 5
    39 Automatically load HP Sygate Agent service at startup 40 Block Network Neighborhood traffic while in screensaver mode 40 Hide all notification messages 40 Beep before notify ...40 Hide blocking notification 40 Hide application popup ...41 Set Password...41 Ask password
  • HP T5720 | HP Sygate Security Agent User Guide - Page 6
    HP Sygate Security Agent User Guide To: ...47 Cc: ...48 Subject:...48 SMTP Server Address 48 My E-Mail Server Requires Authentication 48 Authentication Server Address 48 User Name/Password 48 Test E-Mail Notification 48 Log Tab ...48 Enable ... Log ...49 Maximum log file size is ... KB 49 Save
  • HP T5720 | HP Sygate Security Agent User Guide - Page 7
    Table Of Contents List of Tables Table 1. Table 2. Table 3. Table 4. Table 5. Table 6. Table 7. Table 8. Table 9. Table 10. Table 11. Table 12. Menus...7 System Tray Icon Colors 9 System Tray Icon Appearance 9 System Tray Icon Menu 11 Security Log Icons...29 Security Log Parameters and
  • HP T5720 | HP Sygate Security Agent User Guide - Page 8
    HP Sygate Security Agent User Guide List of Figures Figure 1. Main Console ...4 Figure 2. Traffic History Graph...5 Figure 3. Security Log...30 viii
  • HP T5720 | HP Sygate Security Agent User Guide - Page 9
    policy for the HP Sygate Security Agent using the HP Sygate Policy Editor. You can access the User Guide after you install the Policy Editor. On the Start menu, click All Programs|Sygate|Policy Editor Help. Intended Audience This documentation is written for system administrators and end users
  • HP T5720 | HP Sygate Security Agent User Guide - Page 10
    : 1. Locate the www.hp.com/support web site. 2. From the drop-down menu, select the country and language and click the double arrow. 3. On the Support & Drivers page, under Or Select a product category, click Desktops & Workstations. 4. Click Thin Clients and then the specific product. Note: You can
  • HP T5720 | HP Sygate Security Agent User Guide - Page 11
    HP Sygate Security Agent (the Agent) is security software that is installed on embedded devices, such as ATMs and thin clients or service from gaining access through your . If you are a system administrator, you can modify the security to the image-building system. 2. Follow the instructions when
  • HP T5720 | HP Sygate Security Agent User Guide - Page 12
    User Guide When you install Policy Editor, the default policy file is automatically installed with it. When you open the Policy Editor, the default policy file's advanced rules and options appear. To open the Policy Editor: • On the image-building system, click Start|All Programs|Sygate|HP Sygate
  • HP T5720 | HP Sygate Security Agent User Guide - Page 13
    . • Start menu-Click Start|All Programs|Sygate|HP Sygate Security Agent. Any method opens the main console, or the main screen that is the control center for the Agent. Option Alert: You can only open the Agent if you have logged on using an Administrator account. Users with a User account only see
  • HP T5720 | HP Sygate Security Agent User Guide - Page 14
    HP Sygate Security Agent User Guide Figure 1. Main Console The Agent interface is resizable, so you can view it as a full-screen or part-screen image. Menus and Toolbar Buttons The top of the screen displays a standard menu and toolbar. The toolbar buttons can be used to quickly access logs, view
  • HP T5720 | HP Sygate Security Agent User Guide - Page 15
    sent to every device in a particular subnet, and thus is not directed specifically to your device. If you do not want to see this traffic, display of system services by clicking Hide Windows Services above the Running Applications field. There are a number of services running at any given time, and
  • HP T5720 | HP Sygate Security Agent User Guide - Page 16
    of the Agent is located below the Running Applications field on the main console. It provides a real-time update of your Agent's communication status. The Message Console is, by default, hidden. To show or hide the Message Console: 1. Below the Running Applications field, click Show Message Console
  • HP T5720 | HP Sygate Security Agent User Guide - Page 17
    . • Normal-Blocks only selective traffic. This is the default configuration, and is a prudent choice. Tools • Logs- specific rules for implementing security on your Agent. • Update Signature-Not enabled for the Agent. • Automatically Start Service number and location path of each application. 7
  • HP T5720 | HP Sygate Security Agent User Guide - Page 18
    HP Sygate Security Agent User Guide Table 1. Menus Menu Menu choices • Connection Details-Provides further information on the type of connection being made by an each application accessing shortcuts that can be used to quickly block all applications, change your application profiles, access update
  • HP T5720 | HP Sygate Security Agent User Guide - Page 19
    Getting Around Table 2. System Tray Icon Colors If the color of the arrow is... RED BLUE GRAY ...then... ...traffic is being blocked by the Agent. ...traffic is flowing uninterrupted by the Agent ...no traffic is flowing in that direction. The following table illustrates the different
  • HP T5720 | HP Sygate Security Agent User Guide - Page 20
    HP Sygate Security Agent User Guide Table 3. System Tray Icon Appearance Icon Description Both incoming describing the type of attack . The icon stops flashing after one minute. For users with an Administrator account, you can also stop the icon from flashing by opening the Security Log. The System
  • HP T5720 | HP Sygate Security Agent User Guide - Page 21
    Option Description HP Sygate you can write specific rules for allowing or blocking network access. Disable/Enable Disables Password Protection You can set your Agent to require a password prior to making any security changes, and to require a password before exiting the Agent. To enable password
  • HP T5720 | HP Sygate Security Agent User Guide - Page 22
    HP Sygate Security Agent User Guide 3. Enter your new password in the New Password and Confirm New Password fields. Note: You can disable password protection by making no entry in the New Password field and confirming that in the Confirm New Password field. 4. To have the Agent prompt you for a
  • HP T5720 | HP Sygate Security Agent User Guide - Page 23
    web page (http://scan.sygate.com) directly. 2. On the web page, click Scan Now. The Sygate Online Services scanner scans your computer and attempts to determine your IP address, operating system, web browser, and other information about your system. 3. For a specific type of scan, click one
  • HP T5720 | HP Sygate Security Agent User Guide - Page 24
    HP Sygate Security Agent User Guide o UDP Scan o ICMP Scan 4. Click Scan Now. A brief document of frequently asked questions about Sygate Online Services is also available from the main scan page. Click Scan FAQ at the bottom left side of the screen. Types of Scans On the Sygate
  • HP T5720 | HP Sygate Security Agent User Guide - Page 25
    Testing Your System's Vulnerability and proxies for users connecting to the web site through such a device. The scan takes about 10 minutes and should be logged in the Security Log as a port scan from Sygate. ICMP Scans When an ICMP scan has completed scanning a user's device, it displays a page
  • HP T5720 | HP Sygate Security Agent User Guide - Page 26
    HP Sygate Security Agent User Guide 16
  • HP T5720 | HP Sygate Security Agent User Guide - Page 27
    unauthorized Internet users from accessing a private network. and outgoing traffic from specific applications, ports, of day, type of traffic, and port number) that must exist for the rule to supports advanced rules, which exhibit complex relationships between applications, IP addresses, and services
  • HP T5720 | HP Sygate Security Agent User Guide - Page 28
    HP Sygate Security Agent User Guide To set up click the Browse button to locate it. 5. To create a rule with the default settings, click OK. Or, to change these settings on the other tabs, information that you enter on each tab, the more specific the rule will be. 6. Click the Move Up or Move Down
  • HP T5720 | HP Sygate Security Agent User Guide - Page 29
    , "Rule1" may not be a very good name for a rule, but "Block After 1 AM" would be. Block this traffic Denies traffic specified by the rule from accessing your network. Allow this traffic Allows traffic specified by the rule from
  • HP T5720 | HP Sygate Security Agent User Guide - Page 30
    HP Sygate Security Agent User Guide Apply Rule to Network Interface Specifies which network interface card this rule will apply to. If you have multiple network cards, select one from the
  • HP T5720 | HP Sygate Security Agent User Guide - Page 31
    Working With Rules All addresses Applies rule to all addresses. MAC addresses Applies rule to the MAC address of the traffic. IP Address(es) Applies rule to the IP address or address range of the traffic. Subnet Applies rule to the subnet address and subnet mask of the traffic. Rule Summary field
  • HP T5720 | HP Sygate Security Agent User Guide - Page 32
    HP Sygate Security Agent User Guide Protocol Specifies a protocol for the rule. All Protocols Applies to all which ports (remote and/or local) should be affected by the rule. You can type the port numbers or select the port type from the list boxes for the both local and remote ports. If you
  • HP T5720 | HP Sygate Security Agent User Guide - Page 33
    Working With Rules all ports will be affected by the rule. If you enter a port number for the local port entry, but not for the remote port entry, then the local port you entered and ALL remote ports will be affected
  • HP T5720 | HP Sygate Security Agent User Guide - Page 34
    HP Sygate Security Agent User Guide Enable Scheduling Enables the scheduling feature. During the that the scheduling begins, including a month, day, hours, and minutes. You can also leave the default settings, which apply the schedule all day, every day, all year. Duration If you have specified
  • HP T5720 | HP Sygate Security Agent User Guide - Page 35
    Tab You can specify applications that will be affected by advanced rules. The Applications tab provides a list of all applications that have accessed your network connection. Display selected applications only Displays only the applications that you have selected to be controlled by this rule
  • HP T5720 | HP Sygate Security Agent User Guide - Page 36
    HP Sygate Security Agent User Guide Browse Opens the Open dialog box so you can search for applications that are not displayed in the table. Rule Summary field Provides a description of the rule and what traffic it will affect on your system. 26
  • HP T5720 | HP Sygate Security Agent User Guide - Page 37
    scanning, that is aimed at your device. They also help you troubleshoot connectivity problems or possible network attacks. The Agent's logs can also do back such as the starting and stopping of services, detection of network applications, software configuration modifications, and software execution errors.
  • HP T5720 | HP Sygate Security Agent User Guide - Page 38
    HP Sygate Security Agent User Guide the View menu and click either Local View, the default setting, or Source View. Depending on whether you wish. 5. Click Refresh or press F5 to update the log that you are viewing. 6. Click as port scanning, or denial of service attacks. The Security Log is probably
  • HP T5720 | HP Sygate Security Agent User Guide - Page 39
    executable changed. Protocol Type of protocol-UDP, TCP, and ICMP Remote Host Name of the remote computer (only appears in Local View - this is the default) Remote MAC MAC address of the remote device. If outside the subnet, it is the MAC address of the router. (only appears in Local View
  • HP T5720 | HP Sygate Security Agent User Guide - Page 40
    HP Sygate Security Agent User Guide Table 6. Security Log Parameters and Description Name of Parameter MAC Description Application Name Name of the application associated with the attack User Name User or Computer client that sent or received the traffic Domain Domain of the user Security
  • HP T5720 | HP Sygate Security Agent User Guide - Page 41
    or outgoing) Protocol Type of protocol - UDP, TCP, and ICMP Remote Host Name of the remote computer (only appears in Local View - this is the default) Remote MAC MAC address of the remote device. If outside the subnet, it is the MAC address of the router. (only appears in Local View
  • HP T5720 | HP Sygate Security Agent User Guide - Page 42
    HP Sygate Security Agent User Guide Table 8. Traffic Log Parameters and Description Name of Parameter Local Port/ICMP Code Description Port and ICMP code used on the Agent device (only appears in Local View - this is the default) Source Host Name of the source computer (only appears in Source
  • HP T5720 | HP Sygate Security Agent User Guide - Page 43
    Logging Packet Log The Packet Log captures every packet of data that enters or leaves a port on your device. The Packet Log is disabled by default in the Agent because of its potentially large size. You must enable the Packet Log first. Icons for the Packet Log There is only one
  • HP T5720 | HP Sygate Security Agent User Guide - Page 44
    HP Sygate Security Agent User Guide starting and stopping of services, detection of network Console. The System Log is especially useful for troubleshooting the Agent. Icons for the System Log When log indicates a problem with the source; a Warning log indicates a potential problem; and an
  • HP T5720 | HP Sygate Security Agent User Guide - Page 45
    and Clearing Logs The Security, Traffic, and System Logs are enabled by default. You must enable the Packet Log before you can view the contents. of the maximum size for the log file. 256 KB is the default setting. 5. Click OK. To set the number of days to save the log: 1. On the Tools menu, click
  • HP T5720 | HP Sygate Security Agent User Guide - Page 46
    HP Sygate Security Agent User Guide Back Tracing Logged Events Back tracing enables you to pinpoint the source of data from a logged event. Like retracing a criminal's path at a crime scene, back
  • HP T5720 | HP Sygate Security Agent User Guide - Page 47
    panel unless you are experiencing a high number of security logs in which the attacks originate but is it more likely that you do this for security review, or to import them into a tool such as Microsoft Excel specific amount of time (the default is 10 minutes). If you don't want to wait the default
  • HP T5720 | HP Sygate Security Agent User Guide - Page 48
    HP Sygate Security Agent User Guide To stop an active response: 1. On the main console, click Tools|Logs|Security. 2. Select the row for the application or service you want to unblock. Blocked traffic is specified as Blocked in the Action column. 3. On the Action menu, click Stop Active Response to
  • HP T5720 | HP Sygate Security Agent User Guide - Page 49
    in the Options dialog box. General Tab The broadest level of configuration options for protecting your Agent appears on the General tab. This tab provides access to options for the basic running of the Agent. 39
  • HP T5720 | HP Sygate Security Agent User Guide - Page 50
    Sygate Security Agent User Guide Automatically load HP Sygate Agent service at startup Automatically launches the Agent at before notify, Hide blocking notification, and Hide application popup check boxes. By default, this option is not checked. Beep before notify Allows audio announcement first
  • HP T5720 | HP Sygate Security Agent User Guide - Page 51
    prompts you to enter your password every time you access the Agent main console. Ask password while exiting Prompts you to enter your password when closing the Agent. Network Neighborhood Tab The Network Neighborhood tab provides multiple interface support and network browsing rights configuration
  • HP T5720 | HP Sygate Security Agent User Guide - Page 52
    HP Sygate Security Agent User Guide Network Interface Specifies the network you want to access. Allow to browse Network Neighborhood files and printer(s) Enables you to browse other computers, devices, and printers on the selected network. This allows you to access other files on your network. If
  • HP T5720 | HP Sygate Security Agent User Guide - Page 53
    but still protects your ports from hacking attempts. By default, this option is enabled on the Agent. Enable driver level protection Blocks protocol drivers from accessing the network unless the user gives permission. If a protocol driver attempts to access the network, you will see a pop-up message
  • HP T5720 | HP Sygate Security Agent User Guide - Page 54
    HP Sygate Security Agent User Guide the seconds field. By default, this option is enabled in the Agent. Block all traffic while the service is not loaded Prevents any DLLs to run, and each application uses specific DLLs. Often, several applications will access the same DLL. However, some hackers try
  • HP T5720 | HP Sygate Security Agent User Guide - Page 55
    specific host. It blocks all other unexpected ARP traffic and logs it in the Security Log. By default, attempts by randomizing the sequence numbers of each communication packet, preventing Be aware that this can cause a problem with Outlook if connecting to an Exchange server that is on
  • HP T5720 | HP Sygate Security Agent User Guide - Page 56
    HP Sygate Security Agent User Guide rule specifically allowing access to that server. By default, this option is packets on remote ports 67 and 68. By default, this option is enabled on the Agent. Enable smart WINS Allows Windows Internet Naming Service (WINS) requests only if they were solicited.
  • HP T5720 | HP Sygate Security Agent User Guide - Page 57
    the person sending the message. This can be your personal email address or another e-mail address. To: Specifies a recipient email address. This can be an administrator's email address, or your email address, if you are accessing email remotely. 47
  • HP T5720 | HP Sygate Security Agent User Guide - Page 58
    HP Sygate Security Agent User Guide Cc: Specifies an e-mail address to send a courtesy copy of each email Address: Specifies the address of the authentication server. User Name/Password: Specifies your username and password for the authentication server in the appropriate fields. Test E-Mail
  • HP T5720 | HP Sygate Security Agent User Guide - Page 59
    is ... KB Specifies the maximum size for the log file in kilobytes. The default setting is either 512 KB or 1024 KB. Save log file for the past ... days For the log you want to configure, specifies the number of days to save the log. Clear Logs Clears the selected log. 49
  • HP T5720 | HP Sygate Security Agent User Guide - Page 60
    HP Sygate Security Agent User Guide 50
  • HP T5720 | HP Sygate Security Agent User Guide - Page 61
    VPNs), wireless communications, and Remote Access Service (RAS) dial-up connections are examples of access points. See also end point, wireless access point (wireless AP). Active Response: The ability to automatically block the IP address of a known intruder for a specific amount of time. The amount
  • HP T5720 | HP Sygate Security Agent User Guide - Page 62
    HP Sygate Security Agent User Guide antivirus: Software and technology that is used to detect user or computer is who they claim to be. authorization: The process of granting or denying access to a specific network resource or domain based on the user's identity. B backtrace: A way of using ICMP
  • HP T5720 | HP Sygate Security Agent User Guide - Page 63
    server. In the context of the Agent, client refers to a Sygate Security Agent running on that can host Internet services and has devices accessible to the Internet; the or application-specific dynamic link libraries (DLLs) and ensure the integrity of applications. An Agent can be instructed to allow
  • HP T5720 | HP Sygate Security Agent User Guide - Page 64
    . DoS attack: See Denial of Service (DoS). driver-level protection: A Sygate software feature that blocks protocol drivers from gaining access to the network unless a user gives permission. If a protocol driver attempts to gain access to the network through a client running the Sygate Security Agent
  • HP T5720 | HP Sygate Security Agent User Guide - Page 65
    access an organization's network or resources. By using firewall rules, an Agent can systematically allow and block incoming traffic from specific it so only one administrator can make changes to it at any time. See also Computer Group, Users Group, Global Group. GUID: Global Unique Identifier.
  • HP T5720 | HP Sygate Security Agent User Guide - Page 66
    the default log server, port numbers, administrator console timeout, encrypted web console communication, and console access. Other initialization files are SetAid.ini (for Agent installation settings and AutoLocation method) and SyLink.xml (specifying Agent administrative details such as client vs
  • HP T5720 | HP Sygate Security Agent User Guide - Page 67
    into two or more packets. The Sygate Security Agent supports IP fragmentation, the ability to receive or send incomplete packets Access Protocol (LDAP): A standard directory access protocol for searching and updating information directories containing, for example, email addresses, phone numbers
  • HP T5720 | HP Sygate Security Agent User Guide - Page 68
    HP Sygate Security Agent User Guide logs: Files that store information generated by an application, service, or operating system. The security policies, network traffic, client connections, and administrator activities. M MAC address: A vendor's Media Access Control hardware address that identifies
  • HP T5720 | HP Sygate Security Agent User Guide - Page 69
    packet is evaluated for specific patterns that indicate known attacks numbered from 0 to 65535. Ports 0 to 1024 are reserved for use by certain privileged services does not in itself provide access to a remote system. default, have a priority of 10. Advanced Rules, by default, have a priority
  • HP T5720 | HP Sygate Security Agent User Guide - Page 70
    administrator can check the serial number on the Help|About menu of the Agent to verify that an Agent is running an up-to-date security policy. protocol driver the client computer. security policy: A combination of all the security rules and settings that have been applied to a specific group to
  • HP T5720 | HP Sygate Security Agent User Guide - Page 71
    Sygate Management Server. Administrators can also specify VPNs, etc. Simple rules have a default priority of 10, where 0 is the Name System (DNS) client to resolve a domain WINS: Allows Windows Internet Naming Service (WINS) requests only if number on which the traffic originated. See also port. 61
  • HP T5720 | HP Sygate Security Agent User Guide - Page 72
    HP Sygate Security Agent User Guide spoofing: A technique used by an intruder to gain unauthorized network access to a computer system or network by forging known network credentials. IP spoofing is a common method for intruders to gain unauthorized network access of Service attacks, administrators
  • HP T5720 | HP Sygate Security Agent User Guide - Page 73
    System administrators can use Sygate periodically posts an updated System Library for download specific applications, hosts, schedules, and services specific computer. See also broadcast, multicast. unique ID: A 128-bit hexadecimal number, also called the GUID, assigned to uniquely identify a client
  • HP T5720 | HP Sygate Security Agent User Guide - Page 74
    HP Sygate Security Agent User Guide security policy of the Sygate Security Agent can gain access to an enterprise network through a VPN. See also Service, a system that determines the IP address associated with a particular network computer. This is called name resolution. WINS supports network client
  • HP T5720 | HP Sygate Security Agent User Guide - Page 75
    Packet Log 33 Security Log 28 System Log 34 Traffic Log 30 viewing 28 M menu commands 6 N Network Neighborhood tab 41 O options creating 39 defined 1, 39 P password protection, enabling 11, 39 Policy Editor 1 65
  • HP T5720 | HP Sygate Security Agent User Guide - Page 76
    HP Sygate Security Agent User Guide policy file 1 Ports and Protocols tab 21 protecting your system 13, 17, 39 S scanning your system 13 Scheduling tab 23 security options creating 39 defined 1,
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
HP Sygate Security Agent 4.0
User Guide
Documentation Build 1004
Published: May 1, 2005