8e6 Technologies TAR User Manual
  1. Manuals
  2. Brands
  3. 8e6 Technologies Manuals
  4. Network Hardware
  5. TAR
  6. User manual

8e6 Technologies TAR User Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Threat Analysis Reporter
®
USER
GUIDE
Model: TAR
Release 1.3.00 • Manual Version 1.01

Advertisement

Table of Contents
loading

Related Manuals for 8e6 Technologies TAR

Summary of Contents for 8e6 Technologies TAR

  • Page 1 Threat Analysis Reporter ® USER GUIDE Model: TAR Release 1.3.00 • Manual Version 1.01...
  • Page 2 ECHNOLOGIES HREAT NALYSIS EPORTER UIDE...
  • Page 3 8e6 Technologies shall not be liable for any error or for incidental or consequential damages in connection with the furnishing, performance, or use of this manual or the exam- ples herein.
  • Page 4 ECHNOLOGIES HREAT NALYSIS EPORTER UIDE...
  • Page 5 ONTENTS ..........1 NTRODUCTORY ECTION Threat Analysis Reporter ............1 About this User Guide ..............2 How to Use this User Guide ............3 Conventions ..................3 Terminology ..................4 Environment Requirements ............7 Workstation Requirements ..............7 Network Requirements ..............8 Installation Prerequisite ..............
  • Page 6 ONTENTS Remove a pattern..............23 IP Ranges tab ................24 Specify an IP range ............25 Remove an IP address range ..........26 Single User tab ................. 26 Add one or more individual users........27 Use the filter to narrow Available Users results .... 27 Select users to add to the Assigned Users list .....
  • Page 7 ONTENTS Assign a Threat Score Weight ............52 Chapter 2: Custom Gauge Setup, Usage ........ 53 Add a Gauge ................... 54 Add Gauge Information ............55 Sync All Categories ..............56 Select Library Categories ............56 Assign User Groups ..............57 View, edit library components ...........
  • Page 8 ONTENTS Manage the Lockout List ..............92 View a specified time period of lockouts ........93 Unlock a workstation ..............94 Chapter 4: Analyze Web Usage Trends ........95 View URL Trend Reports ..............96 View all URL dashboard gauge activity ........96 View activity for a specified URL gauge ........
  • Page 9 Chapter 1: Custom Category Maintenance ......126 View Custom Categories ............... 127 Add a Custom Category ..............128 Synchronize TAR with the R3000 ..........130 Delete a Custom Category ............131 Chapter 2: View the Master User List ........132 Search the MUL Database ............
  • Page 10 ONTENTS Sync All Devices ................149 Chapter 5: Perform Backup, Restoration ......150 Execute a Backup on Demand ............152 Restore User Settings ..............153 Restore to Factory Default Settings ..........154 Chapter 6: Install Software Updates ........155 Check for Available Software Updates .......... 155 Apply a Software Update ..............
  • Page 11 Create the System Tray logon script......... 177 Assign System Tray logon script to administrators ... 181 Administrator usage of System Tray ........183 Use the TAR Alert icon’s menu ......... 183 Status of the TAR Alert icon..........184 View System Tray alert messages........185 Appendix C ................
  • Page 12 ONTENTS Step 4: Contact Technical Support ......199 Fan failure ................. 200 Identify a fan failure ............ 200 Appendix D ................201 Glossary ..................201 ................205 NDEX ECHNOLOGIES HREAT NALYSIS EPORTER UIDE...

  • Page 13: I Ntroductory S Ection

    Network administrators need tools to monitor these threats so management can enforce corpo- rate Internet usage policies. 8e6's Threat Analysis Reporter (TAR) appliance is designed to offer administrators or management dynamic, real time graphical snapshots of their network’s Internet traffic, supported by remediation tools to manage and control user- generated Web threats.

  • Page 14: About This User Guide

    The Threat Analysis Reporter User Guide addresses the network administrator designated to configure and manage the TAR server on the network (referred to as the “global administrator” throughout this user guide, since he/she has all rights and permissions on the TAR server), as well as administrators designated to manage user groups on the network (referred to as “group administrators”...

  • Page 15: How To Use This User Guide

    NTRODUCTORY ECTION OW TO SE THIS UIDE D features a glossary of technical terminology used in this user guide. • Index - This section includes an index of subjects and the first page numbers where they appear in this user guide.

  • Page 16: Terminology

    NTRODUCTORY ECTION OW TO SE THIS UIDE Terminology The following terms are used throughout this user guide. Sample images (not to scale) are included for each item. • button - an object in a dialog box, window, or screen that can be clicked with your mouse to execute a command.
  • Page 17 NTRODUCTORY ECTION OW TO SE THIS UIDE • frame - a boxed-in area in a dialog box, window, or screen that includes a group of objects such as fields, text boxes, list boxes, buttons, radio buttons, checkboxes, and/or tables. Objects within a frame belong to a specific function or group.
  • Page 18 NTRODUCTORY ECTION OW TO SE THIS UIDE • pull-down menu - a field in a dialog box, window, or screen that contains a down arrow to the right. When you click the arrow, a menu of items displays from which you make a selection. •...

  • Page 19: Environment Requirements

    16 bits • 256MB RAM • Pentium III 600 MHz or higher, or equivalent • Network card and ability to connect to the TAR server and R3000 server • Email client that can be set up to receive email alerts •...

  • Page 20: Network Requirements

    NTRODUCTORY ECTION NVIRONMENT EQUIREMENTS Network Requirements • High speed connection from the TAR server to client workstations • HTTPS connection to 8e6’s software update server • Internet connectivity for downloading Java virtual machine/Flash, if not already installed Installation Prerequisite • 8e6 R3000 running software version 2.0.10 or later NOTE: The R3000 must be running software version 2.0.00 or...

  • Page 21: Getting Started

    Start Guide, contact 8e6 Technologies immediately to have a copy sent to you. Once the TAR unit is set up on the network, the designated global administrator of the TAR server should be able to access the unit via its URL, using the username and pass- word registered during Step 1 of the quick start wizard procedures.

  • Page 22: Login Window

    Appendix A: Disable Pop-up Blocking Software. 2. In the Address field of the browser window, type in the URL for the TAR server (in which ‘x.x.x.x’ represents the IP address specified during quick start procedures): http://x.x.x.x:8080 This action opens the TAR login window: Fig.
  • Page 23 URL dashboard gauge view in the right panel by default. The navigation panel displays to the left. In the panel above, the system time and date display (in the HH:MM:SS/MM:DD:YYYY format) beside the Help and Logout buttons: Fig. 1:1-2 Default TAR window ECHNOLOGIES HREAT NALYSIS EPORTER...

  • Page 24: Navigation Panel Menu Topics

    • Administration - click this topic to access menu options for setting up and maintaining administrator profiles, and managing the TAR unit. • Policy - click this topic to access menu options for setting up and maintaining policies used for triggering warnings when gauges approach their upper threshold limits.

  • Page 25: Exit The Interface

    NTRODUCTORY ECTION ETTING TARTED Log out To log out of the application, click the Logout button in the upper right corner of the screen. When your session has been terminated, the login window re-displays. Exit the interface To exit the interface, click the “X” in the upper right corner of the browser window.

  • Page 26: Navigation Tips And Conventions

    NTRODUCTORY ECTION AVIGATION IPS AND ONVENTIONS Navigation Tips and Conventions The following tips and list of conventions will help you navi- gate the Administrator console: • Move a pop-up window - Click the toolbar of a pop-up window and simultaneously move your mouse to relo- cate the pop-up window to another area in the current browser window.
  • Page 27 • Browser Back button, Refresh button - Clicking either the Back button or the Refresh button in your browser will refresh the TAR interface and log you out of the applica- tion. • Select multiple items in specified windows - In speci-...

  • Page 28: P Reliminary S Etup S Ection

    • Chapter 2: Admin Groups Setup - This chapter explains how to set up permissions so that an administrator in your group will only be able to access areas of the TAR console that you specify. • Chapter 3: Admins Setup - This chapter explains how to set up a group administrator account.

  • Page 29: Chapter 1: User Groups Setup

    ROUPS ETUP Chapter 1: User Groups Setup On a new TAR server, the global administrator should first set up user groups—whose Internet activity will be moni- tored by group administrators. A group administrator should set up user groups once he/...
  • Page 30 Click Back to Gauges in the upper right corner of the panel to re- display the default gauges view. NOTES: This version of TAR will import user groups from a source R3000 using IP group authentication or the following LDAP server types: •...

  • Page 31: View User Group Information

    1: U RELIMINARY ETUP ECTION HAPTER ROUPS ETUP View User Group Information For each group in the User Groups frame, the following information displays: Status icon, group Name, and the date the user group was Last Rebuilt on demand (YYYY-MM-DD HH:SS)—if the latter is applicable.
  • Page 32 1: U RELIMINARY ETUP ECTION HAPTER ROUPS ETUP 2. Click any of the tabs in the frame to the right in order to view pertinent information: • Patterns tab - view patterns previously set up for that user group. • IP Ranges tab - view Starting IP and Ending IP ranges previously added for that user group.

  • Page 33: Add A User Group

    1: U RELIMINARY ETUP ECTION HAPTER ROUPS ETUP Add a User Group To add a new user group: 1. From the User Groups list box, select an existing user group to be used as the base group for creating the new user group.

  • Page 34: Patterns Tab

    1: U RELIMINARY ETUP ECTION HAPTER ROUPS ETUP TIP: At any time before saving the new user group, if you need to cancel the entry of the new user group, click the Cancel button to return to the main User Groups management panel. 5.

  • Page 35: View Users Resolved By The Pattern

    1: U RELIMINARY ETUP ECTION HAPTER ROUPS ETUP View users resolved by the pattern To view a list of users resolved by the pattern you added: 1. Select the pattern from the Assigned Patterns list box. 2. Click Preview Users to display the panel that shows the Patterns frame to the left and the Resolved Users frame to the right: Fig.

  • Page 36: Ip Ranges Tab

    1: U RELIMINARY ETUP ECTION HAPTER ROUPS ETUP IP Ranges tab When creating a user group, the IP Ranges tab is used for specifying IP ranges to be used by the new group. The left side of this tab includes fields for entering an IP range or single IP address and netmask.

  • Page 37: Specify An Ip Range

    1: U RELIMINARY ETUP ECTION HAPTER ROUPS ETUP Specify an IP range To add an IP address range: 1. Do one of the following: • To make a selection from Parent Ranges, click the row in the Parent Ranges frame to highlight and select that row, and also to add that Starting IP and Ending IP range in the Starting IP and Ending IP fields at the left of the tab.

  • Page 38: Remove An Ip Address Range

    1: U RELIMINARY ETUP ECTION HAPTER ROUPS ETUP Fig. 2:1-6 Add user group, IP range added Remove an IP address range To remove an IP address range from the Assigned Ranges list box: 1. Click the row to highlight and select it; this action acti- vates the Remove IP Range button below.

  • Page 39: Add One Or More Individual Users

    1: U RELIMINARY ETUP ECTION HAPTER ROUPS ETUP Fig. 2:1-7 Add user group, Single Users tab Add one or more individual users To add users to the Assigned Users list, make your selec- tions from the Available Users list. If the Available Users list is long, you can reduce the number of results that display in this list by using the filter.

  • Page 40: Remove Users From The Add Tab

    1: U RELIMINARY ETUP ECTION HAPTER ROUPS ETUP 2. Click [+] Add to include the selected user(s) in the Add Users tab that now displays to the right. NOTE: Users added to the Add tab will still be listed in the Avail- able Users list.

  • Page 41: Edit A User Group

    1: U RELIMINARY ETUP ECTION HAPTER ROUPS ETUP Edit a User Group NOTE: Global and group administrators can only edit user groups they have created, and cannot edit their base groups or imported user groups. To edit a user group: 1.

  • Page 42: Rebuild The User Group

    1: U RELIMINARY ETUP ECTION HAPTER ROUPS ETUP Rebuild the User Group After editing the user group, the user group profile should be rebuilt. 1. In the main User Groups management panel, select the user group to be rebuilt. 2. Click Rebuild Group to change the user group's status to rebuilt, to make the screen turn hazy, and to open the Rebuild Started! alert box with the message: "Your group rebuild has started.

  • Page 43: Delete A User Group

    1: U RELIMINARY ETUP ECTION HAPTER ROUPS ETUP Delete a User Group NOTES: A user group can only be deleted by the administrator who added it. A base group cannot be deleted. To delete a user group: 1. In the main User Groups management panel, select the user group from the User Groups list.

  • Page 44: Chapter 2: Admin Groups Setup

    Once you have set up user groups, you are ready to create a set of management permissions, so that a group adminis- trator you set up will only be able to access areas of the TAR console that you specify.
  • Page 45 Click the appro- priate checkbox(es) to specify the type of access the administrator will be granted on the TAR console or its related devices: • User Profiles - manage a list of end users’ logged events •...

  • Page 46: View An Admin Group's Permissions

    2: A RELIMINARY ETUP ECTION HAPTER DMIN ROUPS ETUP • Alerts - manage alerts that indicate if gauges are close to—or have reached—their established upper thresh- olds • Probe - access the R3000 application’s Real Time Probe feature that lets you monitor end user Internet usage in real time to verify whether the Internet is being used appropriately •...
  • Page 47 • Device Registry - edit settings for an R3000, ER, or TAR (a bandwidth IP address range for TAR can also be added or removed); add another R3000, or add an ER (if the latter was not previously added); view infor- mation about devices connected to the TAR server;...

  • Page 48: Edit An Administrator Group

    2: A RELIMINARY ETUP ECTION HAPTER DMIN ROUPS ETUP 4. Click the “X” in the upper right corner of the Permissions Viewer pop-up window to close it. Edit an Administrator Group 1. In the Group Management pop-up window, click the name of the administrator group to highlight the group name and to activate all buttons (see Fig.

  • Page 49: Delete An Administrator Group

    2: A RELIMINARY ETUP ECTION HAPTER DMIN ROUPS ETUP Delete an Administrator Group 1. In the Group Management pop-up window, click the name of the administrator group to highlight the group name and to activate all buttons (see Fig. 2:2-3). 2.

  • Page 50: Chapter 3: Admins Setup

    NOTE: In addition to seeing account IDs he/she set up in this window, a global administrator will also see the TAR Login ID established during the quick start wizard hardware installation process. A group administrator will only see administrator profiles he/she added.

  • Page 51: View Account Info

    “X” in the upper right corner of the window to close it. View Account Info In the Active Users frame, click the TAR Login ID of the administrator to display that user’s account information in the Account Info frame: Fig.

  • Page 52: View Account Info

    The global administrator profile that was created during the quick start wizard hardware installation process displays at minimum the TAR Login ID and Email address. For this profile, the Admin- istrator Group field does not display and the User Groups list box...

  • Page 53: Add An Administrator Profile

    1. Click Add New Admin to open the Add new Adminis- trator pop-up window: Fig. 2:3-3 Add new Administrator, Account Info 2. Type in the TAR Login ID the group administrator will use to access the TAR interface. 3. Type in the Password the group administrator will use in conjunction with the TAR Login ID, and enter that same password again in the Confirm Password field.

  • Page 54: Contact Info Tab

    2: A RELIMINARY ETUP ECTION HAPTER DMIN ROUPS ETUP 6. If an entry was made in the LDAP Username field, type in the exact characters for the LDAP Active Directory Domain name in which the group administrator is regis- tered. NOTE: If the group administrator will be using the System Tray feature—that triggers an alert in his/her System Tray if an end user’s Internet usage has reached the upper threshold estab-...

  • Page 55: Groups Tab

    2: A RELIMINARY ETUP ECTION HAPTER DMIN ROUPS ETUP 3. Optional: Type in the group administrator’s Home Phone number without entering any special characters. 4. Type in the group administrator’s Email address. 5. Optional: Type in identifying information about the group administrator’s physical office Location.

  • Page 56: Edit Account Info

    Home Phone number, Location information, Comments. • The following actions can also be performed: Change (TAR Login) Password, Add (a user) group, or Remove (a user) group. TIP: See the Change Password and User Groups: Add or remove a group sub-sections for information on updating passwords and user group selections.

  • Page 57: Change Password

    3. Click Submit to close the Change Password pop-up window and to activate the new password. NOTE: If the administrator whose password was changed is currently logged into TAR, he/she will need to log out and log back in again using the new password. ECHNOLOGIES...

  • Page 58: User Groups: Add Or Remove A Group

    2: A RELIMINARY ETUP ECTION HAPTER DMIN ROUPS ETUP User Groups: Add or remove a group Add a group 1. In the User Groups section of the activated Account Info frame, click Add group to open the Add new user group pop-up window: Fig.

  • Page 59: Delete Admin

    NOTE: The global administrator account established during the quick start hardware installation process can be modified but cannot be deleted. 1. In the Admin System pop-up window, select the TAR Login ID of the group administrator from the Active Users frame.

  • Page 60: C Onfiguration S Ection

    “weight” to each library category on the source (primary) R3000 connected to this TAR server. A threat score is a component that influences gauge movement. • Chapter 2: Custom Gauge Setup, Usage - This chapter explains how gauges are configured and monitored.

  • Page 61: Chapter 1: Threat Score Setup

    After setting up group administrators with access to the TAR server, the global administrator should assign a threat score “weight” to each library category on the source R3000 connected to TAR. A threat score is a component that influ- ences gauge movement. Anatomy of a Gauge...

  • Page 62: Gauge Score Methodology

    1: T ONFIGURATION ECTION HAPTER HREAT CORE ETUP Gauge score methodology The numerical score displayed inside the URL dashboard gauge icon is based upon: The library categories included in the gauge, the threat score assigned to each library cate- gory, and the total score of all end users assigned to a specific gauge.

  • Page 63: View Assigned Threat Score Weights

    “1”, indicating a “low” threat. NOTE: In order to reduce complexity, it is recommended that first time users of TAR should leave all threat score weights at “1”. 3. After performing the intended actions in this window, click the “X”...

  • Page 64: Assign A Threat Score Weight

    1: T ONFIGURATION ECTION HAPTER HREAT CORE ETUP Assign a Threat Score Weight 1. Click the Category to highlight it. 2. Click in the Severity column to make the field editable. 3. One of the following entries can be made: •...

  • Page 65: Chapter 2: Custom Gauge Setup, Usage

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE Chapter 2: Custom Gauge Setup, Usage With threat score weights established, a group administrator can begin setting up gauges for monitoring end users’ Internet activity. 1. In the navigation panel, go to the URL Dashboard and click Gauges to open the Gauge Management pop-up window: Fig.
  • Page 66 2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE 2. In the Current Gauge Groups list box, click the gauge name to display a list of library categories and threshold criteria set up for that gauge: Fig. 3:2-2 Gauge Management, Gauge Components 3.

  • Page 67: Add Gauge Information

    3. Type in the Upper Limit Value of the ceiling for gauge activity. The recommended value is 200. This can be adjusted after using TAR for awhile and evaluating activity levels at your organization. 4. Type in the Timespan in minutes (1-60 Only) for tracking gauge activity;...

  • Page 68: Sync All Categories

    ETUP SAGE Sync All Categories To synchronize 8e6 supplied library category updates and custom libraries from the source R3000 to this TAR unit, click Sync All Categories. Select Library Categories Next, specify which library categories the gauge will use for monitoring end user activity.

  • Page 69: Assign User Groups

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE Assign User Groups To assign user groups to be monitored by the gauge: 1. Click Inclusions to open the Assign Groups pop-up window: Fig. 3:2-4 Assign Groups NOTE: The base group displays in the Assigned list box by default but can be removed.

  • Page 70: View, Edit Library Components

    (default), Keyword, URL, Others (passed categories). NOTE: If the selected gauge method is “Keyword” or “URL”, Filter Options for end user profiles on the source R3000 used with TAR must have "Search Engine Keyword Filter Control" or "URL Keyword Filter Control" enabled.
  • Page 71 2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE 3. Click Next to close the Add a new Gauge Group windows and to display the new gauge in the URL dashboard gauge view: Fig. 3:2-6 New Gauge Group added ECHNOLOGIES HREAT NALYSIS EPORTER...

  • Page 72: Gauge Components And Activity

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE Gauge Components and Activity Types of gauges There are four types of gauges: URL dashboard gauges, library category gauges, protocol bandwidth gauges, and port gauges. Gauges that display in the URL dashboard are comprised of library categories.

  • Page 73: Read A Gauge

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE Read a gauge Gauges become active when end users access URLs/ports included in that gauge. Activity is depicted by the position of the dial within the gauge—green (safe) section, yellow (warning) section, or red (network threat) section—and by a numerical “score”...
  • Page 74 2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE be that one or more library categories within the gauge currently have a high score, and that one or more end users are responsible for this threat. Inbound/Outbound protocol bandwidth gauges also display the timespan for gauge activity beneath the gauge icon.

  • Page 75: Modify A Gauge

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE Modify a Gauge Edit gauge settings To edit an existing gauge, click Gauges in the navigation panel to open the Gauge Management pop-up window: Fig. 3:2-7 Group Management, edit gauge 1. In the Current Gauge Groups list box, select the gauge to be edited.
  • Page 76 2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE TIP: The Edit Gauge Group pop-up window is also accessible by right-clicking a URL dashboard gauge, and then selecting Edit Gauge Group from the pop-up menu (see Fig. 3:2-12). 3. Edit any of the following criteria, as necessary: •...

  • Page 77: Hide, Show A Url Gauge

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE NOTE: When saving your edits, the gauge hits and score are reset to zero (“0”). Hide, Show a URL Gauge If you only want to view certain URL gauges and their asso- ciated library categories, options are available to hide spec- ified URL gauges.

  • Page 78: Save Settings For Hiding A Url Gauge

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE Save settings for hiding a URL gauge To permanently hide a URL dashboard gauge: 1. Click Gauge View in the URL Dashboard section of the navigation panel to open the Edit Gauge Visibility pop-up window: Fig.

  • Page 79: Delete A Gauge

    4. Click Save Visibility to save your settings. These settings will remain the next time you log into the TAR server. NOTE: Gauges that are hidden will not display in trend reports (see View URL Trend Reports in Chapter 4: Analyze Web Usage Trends).
  • Page 80 2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE b. In the Current Gauge Groups list, select the gauge to be deleted. This action highlights the gauge name and populates the Gauge Components list box with library categories set up to be monitored by that gauge.

  • Page 81: View End User Gauge Activity

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE View End User Gauge Activity There are several ways to access information on end user gauge activity: • Overall end user gauge activity - For a snapshot of all current gauge activity ranked in order by the highest to lowest end user score, use the Overall Ranking option (see View Overall Ranking).

  • Page 82: View Overall Ranking

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE View Overall Ranking To view details about current gauge activity for all end users affecting gauges: 1. In the URL Dashboard section of the navigation panel, click Overall Ranking to open the Overall Rankings pop- up window: Fig.

  • Page 83: View A Url Gauge Ranking Table

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE View a URL gauge ranking table To view details about a specified URL gauge’s current activity: 1. Right-click the URL dashboard gauge to open its pop-up menu (see Fig. 3:2-12). 2. Choose View Rankings to open the URL gauge’s ranking table pop-up window: Fig.

  • Page 84: View A Library Category Gauge Ranking Table

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE 3. To drill down and view additional information about an end user’s activity, click the Name to highlight it. 4. Click User Summary to open the Individual User View pop-up window (see Fig. 3:2-17), and perform any of the actions described for this window (see Monitor, Restrict End User Activity).
  • Page 85 2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE 3. Click the library category gauge to open its pop-up window: Fig. 3:2-16 Library category gauge ranking table This window includes rows of records for each end user who is affecting this library category gauge. For each record in the list, the following information displays: Name (username/IP address), and corresponding Score.

  • Page 86: Monitor, Restrict End User Activity

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE 5. After performing the intended actions in this window, click the “X” in the upper right corner of this window to close it. Monitor, Restrict End User Activity The Individual User View window lets you view/restrict an end user’s use of the Internet/network.

  • Page 87: View A List Of Categories Accessed By The User

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE TIP: To sort the list in descending order by either Name or Score, click the column header. To sort the list in ascending order, click the column header again. 2. After performing the intended actions in this window, click the “X”...
  • Page 88 2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE accessed by the end user within that category (see View a list of URLs accessed by the user). 5. After performing the intended actions in this window, click the “X” in the upper right corner of this window to close it. ECHNOLOGIES HREAT NALYSIS...

  • Page 89: View A List Of Urls Accessed By The User

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE View a list of URLs accessed by the user There are two ways to access the View Details window that contains a list of URLs the end user viewed within a speci- fied category: •...

  • Page 90: Manually Lock Out An End User

    2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE 1. If a URL in the list is linked to a page or object, select the URL in the list, and then click Open URL to open the page/object in a separate browser window. 2.
  • Page 91 Remove to move the category back to the Available Categories list. Click Sync All Categories after custom library categories have been added to the list, in order to force synchronization between the R3000 and the TAR unit. ECHNOLOGIES HREAT NALYSIS...
  • Page 92 2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE c. After adding all library categories, click Next to open the alert box stating: “The user has been locked out.” d. Click the “X” in the upper right corner of the box to close it.

  • Page 93: End User Workstation Lockout

    Fig. 3:2-22 Low severity lockout page This page contains the following information: message “Access Denied by TAR”, USER name/IP address, URL denied access, Category in which the URL resides, and end user’s Score. • Medium severity lockout - In this scenario, after attaining...
  • Page 94 2: C ONFIGURATION ECTION HAPTER USTOM AUGE ETUP SAGE Fig. 3:2-23 Medium severity lockout page This page contains the following information: “502 Access Denied by 8e6 R3000 Enterprise Filter”. • High severity lockout - In this scenario, after attaining the designated score established for a gauge, the end user will be unable to access the organization’s network.

  • Page 95: Chapter 3: Alerts, Lockout Management

    3: A ONFIGURATION ECTION HAPTER LERTS OCKOUT ANAGEMENT Chapter 3: Alerts, Lockout Management After setting up gauges for monitoring end user Internet activity, notifications for Internet abuse should be set up in the form of policy alerts. These messages inform the admin- istrator when an end user has triggered an alert for having reached the threshold limit established for a gauge.

  • Page 96: Add An Alert

    3: A ONFIGURATION ECTION HAPTER LERTS OCKOUT ANAGEMENT Add an Alert 1. In the Current Gauges box, click the gauge for which an alert will be created (see Fig. 3:3-1). 2. Click Add New Alert to open the Add a new Alert pop-up window: Fig.

  • Page 97: Email Alert Function

    Internet/network access if he/she reaches the threshold limit set up in a gauge alert. • System Tray - A TAR Alert message notifies a group administrator via his/her workstation’s System Tray if an end user has reached the threshold limit set up in a gauge alert.

  • Page 98: Receive Email Alerts

    3: A ONFIGURATION ECTION HAPTER LERTS OCKOUT ANAGEMENT Receive email alerts If an alert is triggered, an email message is sent to the mailbox address(es) specified. This message includes the following information: • Subject: Alert triggered by user (username/IP address). •...

  • Page 99: System Tray Alert Function

    3: A ONFIGURATION ECTION HAPTER LERTS OCKOUT ANAGEMENT 3. Specify the Duration (hours) of the end users’ lockout: Unlimited, Half Hour, 1, 1-1/2 ... 8. NOTE: If “Unlimited” is specified, the end user will remain locked out from Internet/network access until the group administrator unlocks his/her workstation using the Lockout window.

  • Page 100: View Alert Settings

    3: A ONFIGURATION ECTION HAPTER LERTS OCKOUT ANAGEMENT This action populates the Current Alerts box with any existing alerts created for that gauge. 2. Select the alert to be viewed or modified by clicking on it to highlight it. View alert settings 1.

  • Page 101: Modify An Alert

    3: A ONFIGURATION ECTION HAPTER LERTS OCKOUT ANAGEMENT Modify an alert 1. In the Alert Manager pop-up window, click Edit Alert to open the Edit an Alert pop-up window: Fig. 3:3-5 Edit an Alert 2. The following items can be edited: •...

  • Page 102: Delete An Alert

    3: A ONFIGURATION ECTION HAPTER LERTS OCKOUT ANAGEMENT Delete an alert 1. In the Alert Manager pop-up window, click Delete Alert to open the Delete Alert dialog box: Fig. 3:3-6 Delete Alert 2. Click Delete Alert to close the Delete Alert dialog box and to remove the alert from the Current Alerts box.

  • Page 103: View The Alert Log

    3: A ONFIGURATION ECTION HAPTER LERTS OCKOUT ANAGEMENT View the Alert Log After alerts are sent to an administrator, a list of alert activity is available for viewing in the Alert Log Viewer. This function is available to a group administrator only if permissions were granted by the administrator who set up his/her account, as detailed in Chapters 2 and 3 of the Preliminary Setup Section.

  • Page 104: Manage The Lockout List

    3: A ONFIGURATION ECTION HAPTER LERTS OCKOUT ANAGEMENT 3. Click View Alert to open the Alert Viewer pop-up window (see Fig. 3:3-4). 4. Click the “X” in the upper right corner of Alert Viewer and Alert Log Viewer pop-up windows to close them. Manage the Lockout List An end user who is manually or automatically locked out for an “Unlimited”...

  • Page 105: View A Specified Time Period Of Lockouts

    Automatic lockout); Start Time for the alert (using the HH:MM:SS/MM:DD:YYYY format); PUID (Personal User IDentification assigned by TAR to the end user). 3. After performing the intended actions in this window, click the “X” in the upper right corner of the pop-up window to close it.

  • Page 106: Unlock A Workstation

    3: A ONFIGURATION ECTION HAPTER LERTS OCKOUT ANAGEMENT 3. Click the calendar icon on the right to open the larger calendar for the current month, with today’s date high- lighted. 4. Click the ending date to select it and to close the calendar pop-up window.

  • Page 107: Chapter 4: Analyze Web Usage Trends

    Real Time Probe tool—or the Enterprise Reporter’s Web Client, if the ER server is installed and connected to your R3000—can be accessed via the TAR interface so you can generate customized reports to run for a time period of your specifications.

  • Page 108: View Url Trend Reports

    4: A ONFIGURATION ECTION HAPTER NALYZE SAGE RENDS View URL Trend Reports There are two types of URL trend reports that can be gener- ated on demand to show total gauge score averages for a specified, limited time period: All Visible Gauges trend chart, and specified URL dashboard gauge trend chart.

  • Page 109: View Activity For A Specified Url Gauge

    4: A ONFIGURATION ECTION HAPTER NALYZE SAGE RENDS 3. After you have viewed the information in this chart, click the “X” in the upper right corner of the window to close it. View activity for a specified URL gauge 1. In the URL dashboard gauge view, double-click the gauge to open a pop-up window displaying library cate- gory gauges comprising the URL dashboard gauge (see Fig.

  • Page 110: Suppress Specified Scores

    4: A ONFIGURATION ECTION HAPTER NALYZE SAGE RENDS Suppress specified scores To view only specified gauge scores in the chart, click the checkbox corresponding to the gauge to suppress graphical information for that gauge from displaying in the chart. To re- enable displaying information for that gauge, click the checkbox again.

  • Page 111: Access Real Time Probe, Web Client

    4: A ONFIGURATION ECTION HAPTER NALYZE SAGE RENDS Access Real Time Probe, Web Client R3000 Real Time Probe reports can be generated to obtain more information about end user Internet usage trends. If an ER server is connected to the R3000, ER Web Client reports can be generated for viewing historical Internet usage trend data.

  • Page 112: Chapter 5: View User Category Activity

    5: V ONFIGURATION ECTION HAPTER ATEGORY CTIVITY Chapter 5: View User Category Activity If there are certain end users who are generating excessive, unwanted traffic on the network, or if some library catego- ries containing URLs against your organization’s policies are persistently being frequented, you can target offending entities by performing a custom search to identify URLs being accessed in such library categories.
  • Page 113 5: V ONFIGURATION ECTION HAPTER ATEGORY CTIVITY 4. Make a selection from the Timespan pull-down menu for the time period in which URLs within the category were accessed: Last 15 Minutes, Last 30 Minutes, Last 45 Minutes, Last Hour. 5. If “All” was selected in the User field, the Result field becomes activated.

  • Page 114: View Urls Within The Accessed Category

    5: V ONFIGURATION ECTION HAPTER ATEGORY CTIVITY View URLs within the accessed category To find out which URLs an end user accessed within the library category: 1. Click the User to highlight his/her record. This action acti- vates the View Details button. 2.

  • Page 115: Print The Results

    5: V ONFIGURATION ECTION HAPTER ATEGORY CTIVITY Print the results To print the results displayed in this window: 1. Click any record to highlight it and to activate the Print Report button. 2. Click Print Report to open the Print dialog box where you specify criteria for printing the report.

  • Page 116: B Andwidth M Anagement S Ection

    ANDWIDTH ANAGEMENT ECTION NTRODUCTION ANDWIDTH ANAGEMENT ECTION Introduction Whereas the URL dashboard Bandwidth gauge monitors end user Internet activity by the number of URL hits, gauges in the Bandwidth section of the interface monitor incoming and outgoing end user bandwidth traffic by the number of bytes.

  • Page 117: Chapter 1: Monitor Bandwidth Gauges

    1: M ANDWIDTH ANAGEMENT ECTION HAPTER ONITOR ANDWIDTH AUGES Chapter 1: Monitor Bandwidth Gauges Bandwidth gauges work similarly to URL dashboard gauges, except these gauges solely monitor inbound or outbound network traffic. Viewing bandwidth gauge activity of end users helps target areas that are slowing down or endangering the network.
  • Page 118 1: M ANDWIDTH ANAGEMENT ECTION HAPTER ONITOR ANDWIDTH AUGES • 8080 - HTTP Alternate (http-alt) TCP port used under the following conditions: when running a second Web server on the same machine (the other is using port 80), as a Web proxy and caching server, or when running a Web server as a non-root user.
  • Page 119 1: M ANDWIDTH ANAGEMENT ECTION HAPTER ONITOR ANDWIDTH AUGES • 4665 - TCP/UDP port for eDonkey 2000 • 6346 - TCP/UDP port for Gnutella file sharing (Frost- Wire, LimeWire, BearShare, etc.) • 6347 - TCP/UDP port for Gnutella • 6699 - UDP port for Napster •...

  • Page 120: View Bandwidth Gauges

    1: M ANDWIDTH ANAGEMENT ECTION HAPTER ONITOR ANDWIDTH AUGES View Bandwidth Gauges 1. In the navigation panel, click Bandwidth to open its menu. 2. Click either Inbound or Outbound to open the View Incoming/Outgoing Bandwidth Gauge pop-up window: Fig. 4:1-1 View Incoming Bandwidth The total score in bytes (KB, MB, GB) displays in each of the following gauge icons: HTTP, FTP, SMTP, P2P, IM.

  • Page 121: View Bandwidth Usage For A Specified Protocol

    1: M ANDWIDTH ANAGEMENT ECTION HAPTER ONITOR ANDWIDTH AUGES View bandwidth usage for a specified protocol 1. In the View Incoming/Outgoing Bandwidth gauge pop-up window, right-click the bandwidth protocol gauge to open its pop-up menu: Fig. 4:1-2 Bandwidth gauge pop-up menu 2.

  • Page 122: View End User Bandwidth Gauge Activity

    1: M ANDWIDTH ANAGEMENT ECTION HAPTER ONITOR ANDWIDTH AUGES The total score in bytes (KB, MB, GB) displays in each of the port icons. The total number of bytes for all ports in this window equals the total number of bytes for the bandwidth protocol.

  • Page 123: View Overall Ranking For Bandwidth

    1: M ANDWIDTH ANAGEMENT ECTION HAPTER ONITOR ANDWIDTH AUGES View Overall Ranking for bandwidth To view details about current bandwidth gauge activity for all end users affecting bandwidth gauges: 1. In the Bandwidth section of the navigation panel, click Overall Ranking to open the Overall Rankings pop-up window: Fig.

  • Page 124: View A Protocol Gauge Ranking Table

    1: M ANDWIDTH ANAGEMENT ECTION HAPTER ONITOR ANDWIDTH AUGES actions described for this window (see Monitor, Restrict Bandwidth Usage). 4. Click the “X” in the upper right corner of this pop-up window to close it. View a protocol gauge ranking table To view details about a specified bandwidth protocol gauge’s current activity: 1.

  • Page 125: View A Port Gauge Ranking Table

    1: M ANDWIDTH ANAGEMENT ECTION HAPTER ONITOR ANDWIDTH AUGES NOTE: The protocol gauge’s ranking table pop-up window is also accessible by right-clicking a protocol gauge, selecting View Gauge Details from the pop-up menu (see Fig. 4:1-2), and then clicking the Ranking Table button in the pop-up window. 3.
  • Page 126 1: M ANDWIDTH ANAGEMENT ECTION HAPTER ONITOR ANDWIDTH AUGES Fig. 4:1-6 Port gauge ranking table By default, this window includes rows of records for each end user who is affecting this port gauge. For each record in the list, the following information displays: user IP address, and corresponding Score in bytes.

  • Page 127: Monitor, Restrict Bandwidth Usage

    1: M ANDWIDTH ANAGEMENT ECTION HAPTER ONITOR ANDWIDTH AUGES Monitor, Restrict Bandwidth Usage The Individual User View window lets you view/restrict an end user’s bandwidth usage. 1. From any of the user ranking windows, with the user- name/IP address selected, click User Summary to open the Individual User View pop-up window: Fig.

  • Page 128: View The End User's Port Usage In Bytes

    1: M ANDWIDTH ANAGEMENT ECTION HAPTER ONITOR ANDWIDTH AUGES View the end user’s port usage in bytes To monitor an end user’s bandwidth port traffic: 1. In the Individual User View pop-up window (see Fig. 4:1- 7), select the protocol gauge to highlight it. 2.

  • Page 129: Manually Lock Out An End User

    1: M ANDWIDTH ANAGEMENT ECTION HAPTER ONITOR ANDWIDTH AUGES Manually lock out an end user To prevent the end user from accessing specified URLs that result in too much bandwidth usage: 1. In the Individual User View pop-up window (see Fig. 4:1- 7), select the name of the Protocol to highlight it.
  • Page 130 Click Sync All Categories after custom library categories have been added to the list, in order to force synchronization between the R3000 and the TAR unit. c. After adding all library categories, click Next to open the alert box stating: “The user has been locked out.”...

  • Page 131: Chapter 2: Modify Bandwidth Gauges

    2: M ANDWIDTH ANAGEMENT ECTION HAPTER ODIFY ANDWIDTH AUGES Chapter 2: Modify Bandwidth Gauges While bandwidth protocol gauges cannot be added or removed, their timespan and threshold limits can be modi- fied, along with their associated port numbers. This function to modify bandwidth protocol gauges is avail- able to a group administrator only if permissions were granted by the administrator who set up his/her account, as detailed in Chapters 2 and 3 of the Preliminary Setup...

  • Page 132: Edit Port Settings

    2: M ANDWIDTH ANAGEMENT ECTION HAPTER ODIFY ANDWIDTH AUGES • Upper Limit - the default upper threshold for HTTP is 65535, and 20000 for all other protocols 3. If you do not need to modify any port settings, click Save to save your edits and to close the Bandwidth Gauges pop-up window.

  • Page 133: Chapter 3: View Bandwidth Trend Reports

    3: V ANDWIDTH ANAGEMENT ECTION HAPTER ANDWIDTH REND EPORTS Chapter 3: View Bandwidth Trend Reports Similarly to URL trend reports, bandwidth trend reports help you further configure bandwidth gauges and alerts so you can focus on traffic areas that most affect the network. There are two types of bandwidth trend reports that can be generated on demand to show total gauge score averages for a specified, limited time period: All Bandwidth Gauges...

  • Page 134: View Activity For A Specified Gauge

    3: V ANDWIDTH ANAGEMENT ECTION HAPTER ANDWIDTH REND EPORTS down menu, and a color-coded key listing All Visible Gauges. 3. After you have viewed the information in this chart, click the “X” in the upper right corner of the window to close it. View Activity for a Specified Gauge 1.

  • Page 135: Suppress Criteria Of Specified Ports

    3: V ANDWIDTH ANAGEMENT ECTION HAPTER ANDWIDTH REND EPORTS 4. After you have viewed the information in this chart, click the “X” in the upper right corner of the window to close it. Suppress Criteria of Specified Ports To view only specified port criteria in the chart, click the checkbox corresponding to a port name/number to suppress that port’s graphical information from displaying in the chart.

  • Page 136: A Dministration S Ection

    TAR. See Appendix C for information about using the Hardware Detector window to troubleshoot RAID on a TAR “SL”, “HL”, or “H” server. • Chapter 1: Custom Category Maintenance - This chapter...
  • Page 137 TAR server. • Chapter 7: View Hard Disk Status - This chapter explains how to view the current hardware drive status on a TAR- SL, HL, or H server with RAID technology. ECHNOLOGIES...

  • Page 138: Chapter 1: Custom Category Maintenance

    The Custom Categories window is used by the global administrator to manage criteria for Custom Categories set up on the source R3000 connected to this TAR server. 1. In the navigation panel, go to URL Dashboard and click Custom Categories to open the Custom Categories pop- up window: Fig.

  • Page 139: View Custom Categories

    1: C DMINISTRATION ECTION HAPTER USTOM ATEGORY AINTENANCE View Custom Categories To view details about a custom category: 1. Select the custom category from the Custom Categories frame, which populates fields, checkbox(es), and tab(s), and activates the Delete Category button: Fig.

  • Page 140: Add A Custom Category

    1: C DMINISTRATION ECTION HAPTER USTOM ATEGORY AINTENANCE Add a Custom Category 1. Click New Category. 2. Enter up to seven characters for the Category Name. This entry automatically displays in uppercase charac- ters. 3. Enter the Description for the category. 4.
  • Page 141 6. After making all entries, click Save to refresh the window and to display the name of the newly added category in the Custom Categories frame. When a custom category is added in TAR, the new cate- gory also is added in the Custom Categories list on the source R3000.

  • Page 142: Synchronize Tar With The R3000

    • new custom categories that were added in the source R3000 are added to TAR • new custom categories that were added in TAR are added to the source R3000 • custom category additions/deletions that were made in the source R3000 are executed in TAR •...

  • Page 143: Delete A Custom Category

    3. Click Delete Category to close the dialog box and to remove the category from the Custom Categories list. This action also removes the category from the Custom Categories list on the source R3000 connected to this TAR server. ECHNOLOGIES HREAT NALYSIS...

  • Page 144: Chapter 2: View The Master User List

    R3000. This list is used for verifying that the list of active end users on the source R3000 matches the list of end users on the TAR server. If there are any discrepancies, synchronization can be forced between the two servers.

  • Page 145: Search The Mul Database

    2: V DMINISTRATION ECTION HAPTER IEW THE ASTER corresponding end user IP address, and Display Name (username/IP address). 3. After performing the intended actions in this window, click the “X” in the upper right corner of the pop-up window to close it.

  • Page 146: View End User Activity

    End User Activity in the Configuration Section, Chapter 2: Custom Gauge Setup, Usage). Synchronize TAR with the R3000 If changes were made to the user list on the LDAP server or on the source R3000, click Import Now to force synchroni- zation between the servers.

  • Page 147: Chapter 3: View Administrator Activity

    CTIVITY Chapter 3: View Administrator Activity The Log Viewer window is used for viewing the most recent administrative activity performed on TAR by the global or group administrators, for a period of time up to the past 30 days. 1. In the navigation panel, click Administration to open that menu.

  • Page 148: Perform A Search On A Specified Activity

    To perform a search on a specified activity: 1. Select the type of activity from the Log Headings list: All, Invalid Authentication (TAR was busy and unable to respond to a valid login request), Log In Attempt (incor- rect Admin Name or Password entered), Successful Log...

  • Page 149: Search Results

    3: V DMINISTRATION ECTION HAPTER DMINISTRATOR CTIVITY Search Results When populated with rows of records, the Results box includes the following columns: AdminName (entry from the Admin Name field in the login window); activity Type [Invalid Authentication, Log In Attempt, Successful Log In, Add New Group, Add New Administrator, Add Admin Detail, MUL Fetch, Update Admin Info, Admin Group Edit, User Group Edit, Password Change, Delete Admin, Delete Group];...
  • Page 150 3: V DMINISTRATION ECTION HAPTER DMINISTRATOR CTIVITY edited an administrator group via the Group Manage- ment window • User Group Edit - the Target column for this selection displays the group administrator name of the entity who edited a user group via the User Groups management panel •...

  • Page 151: Chapter 4: Maintain The Device Registry

    EVICE EGISTRY Chapter 4: Maintain the Device Registry TAR’s device registry is used by the global administrator to view information about devices connected to the TAR unit, synchronize TAR with user groups and libraries from the source R3000, edit 8e6 appliance criteria, and add or delete an R3000 or ER.
  • Page 152 EGISTRY In the middle of the panel, each device communicating with TAR is represented by a square with a picture of a chassis, labeled with an icon indicating the type of device, the device's IP address, and at least one button for an action that can be performed for that device: View, Edit, Delete.

  • Page 153: R3000 Device Maintenance

    4: M DMINISTRATION ECTION HAPTER AINTAIN THE EVICE EGISTRY R3000 Device Maintenance The actions in this sub-section are initiated from the main Device Registry panel, in the square representing the R3000 device. View, edit R3000 device criteria 1. Click Edit to display the R3000 panel: Fig.

  • Page 154: Add An R3000 To The Registry

    4: M DMINISTRATION ECTION HAPTER AINTAIN THE EVICE EGISTRY 3. Click Save to save your edits, and to return to the main Device Registry panel. Add an R3000 to the registry 1. Click New R3000 to display the R3000 panel (see Fig. 5:4-2).

  • Page 155: Threat Analysis Reporter Maintenance

    1. Click Edit to display the Threat Analysis Reporter panel: Fig. 5:4-3 Threat Analysis Reporter panel On the left side of this panel, the Device Type (TAR), Name of the server (Threat Analysis Reporter), and IP address(es) entered during the quick start wizard process display and cannot be edited.
  • Page 156 4: M DMINISTRATION ECTION HAPTER AINTAIN THE EVICE EGISTRY 2. For bandwidth criteria: • To add a bandwidth IP address range: a. Type in the Bandwidth IP address. b. Type in the Bandwidth Netmask. c. Click [+] Add Range to add the bandwidth IP range in the list box.

  • Page 157: Er Device Maintenance

    4: M DMINISTRATION ECTION HAPTER AINTAIN THE EVICE EGISTRY ER Device Maintenance If an ER is connected to the source R3000 server, this ER device should be added in the Device Registry. Add an ER to the registry 1. Click the New ER button to display the ER panel: Fig.

  • Page 158: View, Edit Er Device Criteria

    4: M DMINISTRATION ECTION HAPTER AINTAIN THE EVICE EGISTRY View, edit ER device criteria The actions in this sub-section are initiated from the main Device Registry panel, in the square representing the ER device. 1. Click Edit to display the ER panel: Fig.

  • Page 159: Delete Er Device

    4: M DMINISTRATION ECTION HAPTER AINTAIN THE EVICE EGISTRY Delete ER device The actions in this sub-section are initiated from the main Device Registry panel, in the square representing the ER device. Click Delete to delete the ER device from the registry, and to remove the square representing that ER box from the main Device Registry panel.

  • Page 160: View Patch Server Device Criteria

    4: M DMINISTRATION ECTION HAPTER AINTAIN THE EVICE EGISTRY View Patch Server device criteria 1. Click View to open the Patch Server pop-up window. The following information displays: Name of server, Device Type (Patch Server), IP address, Username (if appli- cable), Password (if applicable, asterisks display), Https ("on"...

  • Page 161: Sync All Devices

    EVICE EGISTRY Sync All Devices A forced synchronization should be performed on the TAR unit if any of the source R3000’s related devices listed in the Device Registry are updated. 1. Click Sync All to open the Sync All Devices pop-up window: Fig.

  • Page 162: Chapter 5: Perform Backup, Restoration

    2:00 a.m., storing up to seven days of automatic backup files. NOTE: In the event that TAR should fail, please contact 8e6 Technical Support to restore TAR with the most recent backup. 1. In the navigation panel, click Administration to open that menu.
  • Page 163 5: P DMINISTRATION ECTION HAPTER ERFORM ACKUP ESTORATION This window is comprised of the Backup user configura- tion frame and the Restore user configuration frame. In the Restore user configuration frame, the Restoration File box includes a list of up to seven of the most recent automatic backup files, and any backup files created on demand by the administrator.

  • Page 164: Execute A Backup On Demand

    5: P DMINISTRATION ECTION HAPTER ERFORM ACKUP ESTORATION Execute a Backup on Demand On demand backups ensure user settings saved in these files are retained on the server indefinitely. 1. In the Backup on demand section of the window, enter the File Name for the backup file to activate the Backup Personal Data button: Fig.

  • Page 165: Restore User Settings

    5: P DMINISTRATION ECTION HAPTER ERFORM ACKUP ESTORATION Restore User Settings 1. From the Restoration File box, select the file to be restored by clicking on it to highlight it: Fig. 5:5-3 Restore Personal Settings 2. Click Restore Personal Settings to restore user settings from the selected file.

  • Page 166: Restore To Factory Default Settings

    ACKUP ESTORATION Restore to Factory Default Settings If a TAR server needs to be purged of all existing data, a global administrator can restore the unit back to factory default settings. WARNING: When using this option, all settings made to the unit—including administrator, group, and gauge configuration—...

  • Page 167: Chapter 6: Install Software Updates

    By default, the TAR server waits to receive software updates each hour via Traveler, 8e6’s executable program. If a new software update is available, it is downloaded to TAR and an email message is dispatched to the global administrator whose email address was supplied during the TAR Wizard installation procedures.

  • Page 168: Apply A Software Update

    6: I DMINISTRATION ECTION HAPTER NSTALL OFTWARE PDATES This window displays any available software updates in the table at the top of the Install New Patches tab. Any updates previously applied display in the Patch History frame below. 3. After performing the intended actions in this window, click the “X”...

  • Page 169: Revert To A Previous Software Installation

    7. Clear the browser’s cache. 8. Log back in to TAR using the login window. NOTE: See View Software Installation Details to determine whether the software was successfully applied.
  • Page 170 ECTION HAPTER NSTALL OFTWARE PDATES Fig. 5:6-4 Software Update, Patch History 2. Click Undo. 3. Launch a new browser window. 4. Clear the browser’s cache. 5. Log back in to TAR using the login window. ECHNOLOGIES HREAT NALYSIS EPORTER UIDE...

  • Page 171: View Software Installation Details

    6: I DMINISTRATION ECTION HAPTER NSTALL OFTWARE PDATES View Software Installation Details To view information about the software installation: 1. Click the View Software Update Log tab to display infor- mation about the software update recently applied to the server: Fig.

  • Page 172: Chapter 7: View Hard Disk Status

    Fig. 5:6-6 Hardware Detector, hard disks OK NOTE: If the TAR server is a TAR-S or TAR-MSA unit, when clicking Hardware Detector, the following message displays in a pop-up box: “This is not a RAID box!” Click the “X” in the upper right corner to close the pop-up box.
  • Page 173 7: V DMINISTRATION ECTION HAPTER TATUS the Rebuild button displays at the bottom of the window in place of the status message: Fig. 5:6-7 Hardware Detector, hard disk failure See Appendix C: RAID Maintenance for information on troubleshooting RAID, and replacing and rebuilding the hard drive.

  • Page 174: Technical Support

    ECHNICAL UPPORT RODUCT ARRANTIES Technical Support For technical support, visit 8e6 Technologies’s Technical Support Web page at http://www.8e6.com/support.html, or contact us by phone, by email, or in writing. Hours Regular office hours are from Monday through Friday, 8 a.m. to 5 p.m. PST.

  • Page 175: Office Locations And Phone Numbers

    ECHNICAL UPPORT RODUCT ARRANTIES ECHNICAL UPPORT Office Locations and Phone Numbers 8e6 Corporate Headquarters (USA) 828 West Taft Avenue Orange, CA 92865-4232 Local 714.282.6111 714.282.6116 Domestic US 1.888.786.7999 International +1.714.282.6111 8e6 Taiwan 7 Fl., No. 1, Sec. 2, Ren-Ai Rd. Taipei 10055 Taiwan, R.O.C.

  • Page 176: Support Procedures

    ECHNICAL UPPORT RODUCT ARRANTIES ECHNICAL UPPORT Support Procedures When you contact our technical support department: • You will be greeted by a technical professional who will request the details of the problem and attempt to resolve the issue directly. • If your issue needs to be escalated, you will be given a ticket number for reference, and a senior-level technician will contact you to resolve the issue.

  • Page 177: Product Warranties

    ARRANTIES Product Warranties Standard Warranty 8e6 Technologies warrants the medium on which the 8e6 product is provided to be free from defects in material and workmanship under normal use for period of one year (the “Warranty Period”) from the date of delivery. This standard Warranty Period applies to both new and refurbished equip- ment for a period of one year from the delivery date.

  • Page 178: Technical Support And Service

    RODUCT ARRANTIES Technical Support and Service 8e6 Technologies will provide initial installation support and technical support for up to 90 days following installation. 8e6 Technologies provides after-hour emergency support to 8e6 server customers. An after hours technician can be reached by voice line.

  • Page 179: Extended Warranty (Optional)

    If parts are discontinued from production during the Warranty Period, immediate replacement product(s) or hardware parts will be available for exchange with defective parts from 8e6 Technologies’ local reseller or distributor. Extended Technical Support and Service Extended technical support is available to customers under a Technical Support Agreement.

  • Page 180: A Ppendices S Ection

    An administrator with pop-up blocking software installed on his/her workstation will need to disable pop-up blocking in order to use the TAR console. This appendix provides instructions on how to disable pop- up blocking software for the following products: Yahoo! Toolbar, Google Toolbar, AdwareSafe, and Windows XP Service Pack 2 (SP2).
  • Page 181 PPENDICES ECTION PPENDIX 2. Choose Always Allow Pop-Ups From to open the Yahoo! Pop-Up Blocker dialog box: Fig. A-2 Allow pop-ups from source 3. Select the source from the Sources of Recently Blocked Pop-Ups list box to activate the Allow button. 4.

  • Page 182: Google Toolbar Pop-Up Blocker

    PPENDICES ECTION PPENDIX Google Toolbar Pop-up Blocker Add the Client to the White List To add the Client to the white list so that it will always be allowed to pass, go to the Google Toolbar and click the # blocked icon: Fig.

  • Page 183: Adwaresafe Pop-Up Blocker

    PPENDICES ECTION PPENDIX AdwareSafe Pop-up Blocker Disable Pop-up Blocking AdwareSafe’s SearchSafe toolbar lets you toggle between enabling pop-up blocking (# popups blocked) and disabling pop-up blocking (Popup protection off) by clicking the pop- up icon. 1. In the IE browser, go to the SearchSafe toolbar and click the icon for # popups blocked to toggle to Popup protec- tion off.

  • Page 184: Windows Xp Sp2 Pop-Up Blocker

    PPENDICES ECTION PPENDIX Windows XP SP2 Pop-up Blocker This sub-section provides information on setting up pop-up blocking and disabling pop-up blocking in Windows XP SP2. Set up Pop-up Blocking There are two ways to enable the pop-up blocking feature in the IE browser.

  • Page 185: Use The Ie Toolbar

    PPENDICES ECTION PPENDIX Use the IE Toolbar In the IE browser, go to the toolbar and select Tools > Pop- up Blocker > Turn On Pop-up Blocker: Fig. A-6 Toolbar setup When you click Turn On Pop-up Blocker, this menu selec- tion changes to Turn Off Pop-up Blocker and activates the Pop-up Blocker Settings menu item.

  • Page 186: Add The Client To The White List

    PPENDICES ECTION PPENDIX Add the Client to the White List There are two ways to disable pop-up blocking for the Client and to add the Client to your white list. Use the IE Toolbar 1. With pop-up blocking enabled, go to the toolbar and select Tools >...

  • Page 187: Use The Information Bar

    PPENDICES ECTION PPENDIX Use the Information Bar With pop-up blocking enabled, the Information Bar can be set up and used for viewing information about blocked pop- ups or allowing pop-ups from a specified site. Set up the Information Bar 1. Go to the toolbar and select Tools > Pop-up Blocker > Pop-up Blocker Settings to open the Pop-up Blocker Settings dialog box (see Fig.
  • Page 188 PPENDICES ECTION PPENDIX 3. Click Yes to add the Client to your white list and to close the dialog box. NOTE: To view your white list, go to the Pop-up Blocker Settings dialog box (see Fig. A-7) and see the entries in the Allowed sites list box.

  • Page 189: Appendix B

    System Tray Alerts: Setup, Usage This appendix explains how to set up and use the feature for System Tray alerts. A TAR Alert is triggered in an adminis- trator’s System Tray if an end user’s Internet usage has reached the upper threshold established for a gauge set up by that administrator.
  • Page 190 PPENDICES ECTION PPENDIX 2. In the Run dialog box, type in the path to the scripts folder: C:\WINDOWS\sysvol\domain\scripts. 3. Click OK to open the scripts folder: Fig. B-2 C:\WINDOWS\sysvol\domain\scripts window 4. Right-click in this Windows folder to open the pop-up menu.
  • Page 191 6. Type the following text in the blank document file: @echo off start “” “\\X.X.X.X\win\tartrayw32.exe” ta[X.X.X.X] in which “X.X.X.X” represents the IP address of the TAR server, and “\win\tartrayw32.exe” refers to the location of the TAR Alert executable file on the TAR server.
  • Page 192 PPENDICES ECTION PPENDIX 7. Go to: File > Save As to open the Save As window: Fig. B-4 Save As dialog box 8. In the File name field, type in the name for the file using the “filename.bat” format. For example: tartray21.bat. NOTE: Be sure that the Save as type field has “All Files”...

  • Page 193: Assign System Tray Logon Script To Administrators

    PPENDICES ECTION PPENDIX Assign System Tray logon script to administrators With the “.bat” file created, the administrator with permis- sions on the LDAP server can now begin to assign the System Tray logon script to as many administrators as needed. 1.
  • Page 194 PPENDICES ECTION PPENDIX Fig. B-5 Properties dialog box, Active Directory Users folder 3. In the Properties dialog box, click the Profile tab to display its contents. 4. In the Login script field, type in the “.bat” filename. For example: tartray21.bat. 5.

  • Page 195: Administrator Usage Of System Tray

    TAR Alert icon (pictured to the far left in the image below) automatically loads in his/her System Tray: NOTE: The TAR Alert icon will not load in the System Tray if the TAR server is not actively running. Use the TAR Alert icon’s menu...

  • Page 196: Status Of The Tar Alert Icon

    TAR Alert icon: “Connected. No Alerts.” However, if an alert is triggered, the TAR Alert icon changes in appearance from the standard gauge to a yellow gauge (pictured to the far left in the image below): The following message appears briefly above the yellow gauge: “New 8e6 TAR Alert!”...

  • Page 197: View System Tray Alert Messages

    Close button: “X more alerts” (in which “X” represents the number of additional alerts), and the Next >> button. 2. Click Logon to TAR to launch the TAR login window (see Fig. 1:1-1). If there are additional alerts, click Next >> to view the next TAR Alert.

  • Page 198: Appendix C

    Contact 8e6 Technical Support for replacement hard drives and power supplies. Part 1: Hardware Components The TAR “H”, “SL”, and “HL” RAID server contains two hard drives, two power supplies, and five sets of dual cooling fans (10 in total). These components are depicted in the diagram below: Fig.

  • Page 199: Part 2: Server Interface

    PPENDICES ECTION PPENDIX Part 2: Server Interface LED indicators in SL and HL units On an “SL” and “HL” unit, the following LED indicators for software and hardware status monitoring display on the left side of the front panel: • LOG = Log Download Status •...
  • Page 200 PPENDICES ECTION PPENDIX LED Indicator Chart Below is a chart of LED indicators in the “SL” and “HL” unit: Color Condition Description Indicator Green Downloading a log No log download detected RAID Green RAID mode enabled and running RAID mode is inactive Hard drive fault or failure Green Database is active...

  • Page 201: Front Control Panels On H, Sl, And Hl Units

    PPENDICES ECTION PPENDIX Front control panels on H, SL, and HL units Control panel buttons, icons, and LED indicators display on the right side of the front panel. The buttons let you perform a function on the unit, while an LED indicator corresponding to an icon alerts you to the status of that feature on the unit.
  • Page 202 PPENDICES ECTION PPENDIX Overheat/Fan Fail (icon) – This LED is unlit unless the chassis is overheated. A flashing red LED indicates a fan failure. A steady red LED (on and not flashing) indicates an overheating condi- tion, which may be caused by cables obstructing the airflow in the system or the ambient room tem- perature being too warm.

  • Page 203: Rear Panels On H And Hl Units

    PPENDICES ECTION PPENDIX Rear panels on H and HL units UID (LED indicator) – On the rear of the “H” or “HL” chassis, to the left of the power supplies, a steady blue UID LED indi- cator displays when the UID button on the control panel is pressed.

  • Page 204: Part 3: Troubleshooting

    PPENDICES ECTION PPENDIX Part 3: Troubleshooting The text in this section explains how the server alerts the administrator to a failed component, and what to do in the event of a failure. Hard drive failure Step 1: Review the notification email If a hard drive fails, a notification email is sent to the admin- istrator of the server.

  • Page 205: Step 2: Verify The Failed Drive In The Admin Console

    PPENDICES ECTION PPENDIX Step 2: Verify the failed drive in the Admin console The Hardware Detector window in the Administrator console is accessible via the Administration > Hardware Detector menu selection: Fig. C-2 Hardware Detector window The Hardware Detector window displays the current RAID Array Status for the two hard drives (HD 1 and HD 2).

  • Page 206: Step 3: Replace The Failed Hard Drive

    PPENDICES ECTION PPENDIX Step 3: Replace the failed hard drive After verifying the failed hard drive in the Administrator console, go to the server to replace the drive. Press the red release button to release the handle on the carrier, and then extend the handle fully and pull the carrier out towards you.

  • Page 207: Step 4: Rebuild The Hard Drive

    PPENDICES ECTION PPENDIX Step 4: Rebuild the hard drive A. Once the failed hard drive has been replaced, return to the Hardware Detector window in the Administrator console, and click Rebuild to display instructions on how to proceed with the rebuild process: Fig.
  • Page 208 PPENDICES ECTION PPENDIX Fig. C-4 Hardware Detector window, step 3 C. Return to the chassis. Push the Power button in and hold it down for five seconds, and then release it to reboot the unit. D. Log back into the Administrator console, and navigate to Administration >...
  • Page 209 PPENDICES ECTION PPENDIX Fig. C-5 Hardware Detector window, step 4 During this process, a message might display indicating that the server has timed out. G. If you log back into the Administrator console and navi- gate to Administration > Hardware Detector window, note that the failed hard drive now displays an “OK”...

  • Page 210: Step 5: Contact Technical Support

    PPENDICES ECTION PPENDIX WARNING: When the RAID array reconstruction process begins, the Administrator console will close and the hard drive will become inaccessible. Step 5: Contact Technical Support Contact Technical Support to order a new replacement hard drive and for instructions on returning your failed hard drive to 8e6.

  • Page 211: Step 3: Replace The Failed Power Supply

    PPENDICES ECTION PPENDIX Step 3: Replace the failed power supply Remove the failed power supply by locating the red release tab (1) and pushing it to the right (2), then lifting the curved metal handle and pulling the power supply module towards you (3).

  • Page 212: Fan Failure

    PPENDICES ECTION PPENDIX Fan failure Identify a fan failure A flashing red LED indicates a fan failure. If this displays on your unit, contact Technical Support for an RMA (Return Merchandise Authorization) number and for instructions on returning the unit to 8e6. A steady red LED (on and not flashing) indicates an over- heating condition, which may be caused by cables obstructing the airflow in the system or the ambient room...

  • Page 213: Appendix D

    - A unique library category on the R3000 that includes URLs, URL keywords, and/or search engine keywords to be blocked. In TAR, global administrators can create and manage custom library categories and sync them to the source R3000.
  • Page 214 TAR. Lightweight Directory Access Protocol (LDAP) is a directory service protocol based on entries (Distinguished Names). The other authentication method that can be used with TAR is IP groups. peer-to-peer - P2P involves communication between computing devices—desktops, servers, and other smart devices—that are linked directly to each other.
  • Page 215 PPENDICES ECTION PPENDIX UDP - An abbreviation for User Data Protocol, one of the core protocols of the Internet protocol suite. Using UDP, programs on networked computers can send short messages (sometimes known as datagrams) to one another. URL - An abbreviation for Uniform Resource Locator, the global address of Web pages and other resources on the Internet.
  • Page 216 PPENDICES ECTION PPENDIX ECHNOLOGIES HREAT NALYSIS EPORTER UIDE...
  • Page 217 NDEX alert log 91 alert messages 83 backup 150 bandwidth 34 gauge 60 gauge monitoring 104 reading gauges 61 traffic monitoring 104 base group 21 definition 201 button, terminology 4 byte score 62 checkbox, terminology 4 Ctrl key 15 custom category 126 definition 201 custom search 100 device registry 139...
  • Page 218 NDEX field, terminology 4 Firefox 7 Flash plug-in 7 frame, terminology 5 FTP 106 definition 201 gauge components 60 restore configuration settings 150 scoring methodology 50 types 60 global administrator 2 definition 201 group administrator 2 definition 201 H server 186 hit score 61 HL server 186 How to...
  • Page 219 LED indicators 187 library categories definition 201 list box, terminology 5 lockout 42 automatic 86 end user workstation 81 function 85 list management 92 manual 78 unlock workstation 94 into TAR 11 out of TAR 13 ECHNOLOGIES HREAT NALYSIS EPORTER UIDE...
  • Page 220 NDEX Macintosh 7 Master User List 132 network requirements 8 outbound traffic monitoring 104 P2P 106 definition 202 panel, terminology 5 peer-to-peer definition 202 pop-up blocking, disable 168 pop-up box/window, terminology 5 port gauge 60 number 105 Product Warranties section 165 protocol bandwidth gauge 60 definition 202...
  • Page 221 NDEX RAID 160 Real Time Probe 202 recovery procedures 150 requirements environment 7 Safari 7 screen, terminology 6 search engine definition 202 search engine keyword in custom category 128 Shift key 15 SL server 186 SMTP 106 definition 202 software updates 155 synchronization custom category update 79 definition 202...
  • Page 222 NDEX UDP 105 definition 203 URL 9 category details 77 custom category 128 dashboard gauge method 58 lock out user from bandwidth usage 117 lock out users from access 79 trend reports 95 trend reports for bandwidth usage 121 with wildcard in custom category 128 URL Keyword custom category 129 URL, definition 203...

Table of Contents