Home » HP Manuals » Desktops » HP t5710 » Manual Viewer

HP t5710 HP Sygate Security Agent and Symantec Embedded Security:Frequently As - Page 4

Firewall questions - xpe image

Add to My Manuals
Save this manual to your list of manuals

Page 4 highlights

Firewall questions Q: What approach has HP taken to secure my thin client? A: In addition to following strict security-centric image design policies, HP provides Sygate Firewall software on all new t57x0 series thin clients with Windows XPe SP2 preinstalled. HP provides Windows XPe SP2 as a Web deliverable for existing t57x0 series thin clients, which provides endusers with restricted firewall control and administrators with full agent access privileges to the agent software. Q: How is the HP Sygate Security Agent different than Microsoft Windows Firewall? A: HP Sygate Security Agent is a stateful or dynamic firewall, while the Microsoft Windows Firewall is primarily static. A stateful firewall can selectively enable a specific port for outbound traffic for a specific application, and it can dynamically react and allow incoming traffic on that port to reach the application with outbound rights. A static firewall would enable the port, and then any application could use it. A stateful firewall is more secure. HP Sygate Security Agent is a much more feature-rich software package that gives you more tools to provide a secure environment. As a stateful firewall, Sygate provides the ability to define inbound ports specific to an application, which offers administrators additional control over network traffic. HP Sygate Security Agent also has the ability to define which application has outbound access to the network. Q: What is the difference between a whitelist and a blacklist approach? A: The HP Sygate Security Agent uses a "whitelist" approach. In a whitelist environment, only network traffic for known, listed programs is allowed. A blacklist environment allows all traffic except what is known to be harmful. HP knows every program it installs on its thin clients; therefore, you only update additions you make to HP thin clients. 4

Section	Page
HP Sygate Security Agent and Symantec Embedded Security: Frequently Asked Questions	1
Question and answers	2
Overview	2
Q: Are thin clients susceptible to viruses or worms?	2
1. With the HP thin client computing model, your exposure to virus attack on the thin client system is less than a standard Wind...	2
2. The HP thin client computing model utilizes PC blades and/or servers located in the data center. You can protect and monitor ...	2
3. Since no user data resides on the thin client, there is no risk of user data loss due to a virus or worm on the thin client.	2
4. If a thin client’s image is compromised or corrupted, the recovery time is typically measured in minutes instead of hours. You can often perform recovery with a simple reboot of the client.	2
Q: What does HP deliver in the factory image?	2
Q: What is the free functionality?	3
Q: How can I get signature updates for the Sygate firewall to ensure protection from the latest threats?	3
Q: How can I obtain antivirus support for my thin clients?	3
Q: How do I buy Symantec Embedded Security?	3
Firewall questions	4
Q: What approach has HP taken to secure my thin client?	4
Q: How is the HP Sygate Security Agent different than Microsoft Windows Firewall?	4
Q: What is the difference between a whitelist and a blacklist approach?	4
Q: What viruses, worms, or vulnerabilities will HP Sygate Security Agent block?	5
Q: How do I use the SOS scanner?	6
1. Double-click the Sygate icon to launch the HP Sygate Security Agent GUI.	6
2. Select Tools > Test Your System Security to automatically launch Internet Explorer and links to SOS at http://scan.sygate.com.	6
3. From the Sygate site, select the tests you want to perform.	6
Q: Which inbound and outbound ports has HP allowed?	6
Q: What is the HP Sygate Policy Editor and what does it do?	7
Q: Where do I obtain the HP Sygate Policy Editor?	8
Q: Is there a fee associated with the HP Sygate Policy Editor?	8
Q: Who do I contact for technical support on the HP Sygate Policy Editor?	8
Q: How do I modify the ports against the applications already specified by HP?	8
1. Log on as Administrator.	8
2. Right-click on the Sygate systray icon.	8
3. Select Advanced Rules.	8
Q: Is there a limitation to which ports and/or applications that I can add?	8
Q: What if my application uses a range of ports?	8
Q: Can I or do I need to specify whether my application uses UDP or TCP?	8
Q: Is there a risk to opening all ports for an application?	8
Q: Is there a limit to the number of rules I can add?	8
Q: Is there a list of well-known ports and their respective applications?	8
Log files	9
Q: How do I view the log files while at the thin client?	9
1. Log in as Administrator.	9
2. Right-click the Sygate icon in the system tray.	9
3. Select Logs.	9
Q: How do I retrieve the log files remotely?	9
Q: What does the log file reveal?	9
Q: How do I know that a port or application has been blocked?	9
Q: What should I do when an application is blocked?	9
Intrusion detection	10
Q: What is the functionality of an Intrusion Detection System (IDS)?	10
Q: How do I deploy modified policies with Altiris?	10
Q: Are there best practices for automating deployment?	10
Q: How do I make IDS files persistent?	10

Match case Limit results 1 per page

Firewall questions

What approach has HP taken to secure my thin client?

In addition to following strict security-centric image design policies, HP provides Sygate Firewall

software on all new t57x0 series thin clients with Windows XPe SP2 preinstalled. HP provides

Windows XPe SP2 as a Web deliverable for existing t57x0 series thin clients, which provides end-

users with restricted firewall control and administrators with full agent access privileges to the agent

software.

How is the HP Sygate Security Agent different than Microsoft Windows Firewall?

HP Sygate Security Agent is a stateful or dynamic firewall, while the Microsoft Windows Firewall is

primarily static. A stateful firewall can selectively enable a specific port for outbound traffic for a

specific application, and it can dynamically react and allow incoming traffic on that port to reach the

application with outbound rights. A static firewall would enable the port, and then any application

could use it. A stateful firewall is more secure. HP Sygate Security Agent is a much more feature-rich

software package that gives you more tools to provide a secure environment. As a stateful firewall,

Sygate provides the ability to define inbound ports specific to an application, which offers

administrators additional control over network traffic. HP Sygate Security Agent also has the ability to

define which application has outbound access to the network.

What is the difference between a whitelist and a blacklist approach?

The HP Sygate Security Agent uses a “whitelist” approach. In a whitelist environment, only network

traffic for known, listed programs is allowed. A blacklist environment allows all traffic except what is

known to be harmful. HP knows every program it installs on its thin clients; therefore, you only update

additions you make to HP thin clients.