Page 1: Installation Guide
M86 Security Reporter INSTALLATION GUIDE Models: 300, 500, 700, 705, 730, 735 Software Version: 3.0.00 Document Version: 10.30.10...
Page 2 Every effort has been made to ensure the accuracy of this document. However, M86 Security makes no warranties with respect to this documentation and disclaims any implied warranties of merchantability and fitness for a particular purpose. M86 Security shall not be liable for any error or for incidental or consequential damages in connec- tion with the furnishing, performance, or use of this manual or the examples herein.
Page 3: Table Of Contents
ROCEDURES Unpack the Unit from the Carton................... 6 Select a Site for the Server..................... 7 300 Model Server Setup Procedures ..................7 Set Top Applications ......................7 Optional 1U 2-Unit Tray Kit Applications ................7 Rack Mount the Server....................8 Rack Setup Precautions ......................
Page 4 Monitor and Keyboard Setup ................... 22 Serial Console Setup ....................... 22 Power on the SR ........................23 Power up a 300 Model ..................... 23 Power up a 500, 700, or 730 Model ................24 Power up a 705 or 735 Model ..................24 HyperTerminal Setup Procedures ..................
Page 5 ONTENTS Access the SR via its LAN 1 IP Address ................41 Accept the Security Certificate in Firefox ................42 Temporarily Accept the Security Certificate in IE ..............44 Accept the Security Certificate in Safari ................. 45 Accept the End User License Agreement ................46 Log in to the Security Reporter Wizard ..................
Page 6 ONTENTS Step C: Export the report view in the PDF output format ..........77 III. Save and schedule a report exercise ................78 Step A. Save a report ...................... 78 Step B. Schedule a recurring time for the report to run ........... 79 IV.
Page 7 UTTONS Front Control Panels on 500, 700 and 730 Models..........115 Rear Panel on the 700 and 730 Model............... 116 Front Control Panel on a 300 Model................116 Chassis Panels on a 705 and 735 Model..............116 ........117...
Page 8 ONTENTS B: O .......127 PPENDIX PTIONAL THERNET NSTALLATION Preliminary Setup Procedures................... 127 Unpack the Ethernet Tap Unit from the Box ................127 Other Required Installation Items ..................127 Install the Ethernet Tap Unit..................127 ......................129 NDEX viii M86 S ECURITY NSTALLATION UIDE...
Page 9: M86 Sr Appliance Introduction
Web Filter and/or M86 Secure Web Gateway (SWG) appliance(s), and security reports from an SWG. Using a Web Filter, you have the option to use an SR 300, 500, 700 or 730 Equus model, or an SR 705 or 735 IBM model.
Page 10: About This Document
• Introduction - This section is comprised of an overview of the SR product and how to use this document • Service Information - This section provides M86 Security contact information • Preliminary Setup Procedures - This section includes instructions on how to physically set up the SR appliance in your network environment •...
Page 11: Security Reporter Models 705 And 735
M86 SR A PPLIANCE NTRODUCTION ECURITY EPORTER ODELS Security Reporter Models 705 and 735 Please refer to the appropriate IBM documentation when installing Security Reporter models 705 and 735; these units use IBM System x3620 M3 hardware. System x3620 M3 Type 7376 Installation and User’s Guide IBM System x3620 M3 Type 7376 Installation and User's Guide contains instruc- tions on installing and configuring Security Reporter models 705 and 735, and viewing and using LED indicators and buttons on these units.
Page 12: Conventions Used In This Document
CAUTION: The “caution” icon is followed by information warning you that a situation has the potential to cause bodily harm or death. IMPORTANT: The “important” icon is followed by information M86 Security recommends that you review before proceeding with the next action.
Page 13: Service Information
Any initial hardware setup problem that cannot be resolved at your internal organi- zation should be referred to an M86 Security solutions engineer or technical support representative. For technical assistance or warranty repair, please visit http:// www.m86security.com/support/ .
Page 14: Preliminary Setup Procedures
1 set of 4 pressure sensitive feet to be affixed to the bottom corners of a non-rack mounted unit For 300 models, If you have purchased the optional 1U two-unit tray for mounting the half- U server(s) in a rack, this item will be shipped in a separate carton.
Page 15: Select A Site For The Server
300 Model Server Setup Procedures Set Top Applications If you have a 300 series server you do not wish to rack mount, apply the pressure sensitive feet (that came with the server) to the bottom corners of the unit, and then place the unit in a location that meets server site selection criteria.
Page 16: Rack Mount The Server
RELIMINARY ETUP ROCEDURES OUNT THE ERVER Rack Mount the Server Rack Setup Precautions WARNING: Before rack mounting the server, the physical environment should be set up to safely accommodate the server. Be sure that: • The weight of all units in the rack is evenly distributed. Mounting of the equip- ment in the rack should be such that a hazardous condition is not achieved due to uneven mechanical loading.
Page 17: Rack Mount Instructions For 500 Model Servers
RELIMINARY ETUP ROCEDURES OUNT THE ERVER Rack Mount Instructions for 500 Model Servers Rack Setup Suggestions • Determine the placement of each component in the rack before you install the rails. • Install the heaviest server components on the bottom of the rack first, and then work up.
Page 18: Install The Slide Assemblies To The Rack
RELIMINARY ETUP ROCEDURES OUNT THE ERVER Install the Slide Assemblies to the Rack 1. After you have installed the short and long brackets to the outer slides, you are ready to install the whole slide assemblies (outer slides with short and long brackets attached) to the rack.
Page 19: Install The Chassis Into The Rack
RELIMINARY ETUP ROCEDURES OUNT THE ERVER Install the Chassis into the Rack 1. Push the inner slides, which are attached to the chassis, into the grooves of the outer slide assemblies that are installed in the rack as shown below: 2.
Page 20: Rack Mount Instructions For 700 And 730 Model Servers
RELIMINARY ETUP ROCEDURES OUNT THE ERVER Rack Mount Instructions for 700 and 730 Model Servers Rack Setup Suggestions • Determine the placement of each component in the rack before you install the rails. • Install the heaviest server components on the bottom of the rack first, and then work up.
Page 21: Install The Inner Rails
RELIMINARY ETUP ROCEDURES OUNT THE ERVER Install the Inner Rails 1. Place the inner rack extensions on the side of the chassis aligning the hooks of the chassis with the rail extension holes. Make sure the extension faces "outward" just like the pre-attached inner rail. 2.
Page 22 RELIMINARY ETUP ROCEDURES OUNT THE ERVER M86 S ECURITY NSTALLATION UIDE...
Page 23: Install The Server Into The Rack
RELIMINARY ETUP ROCEDURES OUNT THE ERVER Install the Server into the Rack 1. Confirm that chassis includes the inner rails (A) and rail extensions (B). Also, confirm that the outer rails (C) are installed on the rack. 2. Line chassis rails (A and B) with the front of the rack rails (C). 3.
Page 24: Install The Server Into A Telco Rack
RELIMINARY ETUP ROCEDURES OUNT THE ERVER Install the Server into a Telco Rack If you are installing the server into a Telco type rack, follow the directions given on the previous pages for rack installation. The only difference in the installation procedure will be the positioning of the rack brackets to the rack.
Page 25: Install The Bezel On The 500, 700, And 730 Model Chassis
RELIMINARY ETUP ROCEDURES OUNT THE ERVER Install the Bezel on the 500, 700, and 730 Model Chassis After rack mounting a 500, 700, or 730 model server, the bezel should be installed on the front end of the chassis. NOTE: This portion of the installation process requires you to unpack the bezel. The bezel has been packaged separately from the unit to prevent damage during shipping.
Page 26: Check The Power Supply
WARNING: If the server is used in a manner not specified by the manufacturer, the protection provided by the server may be impaired. WARNING: M86 Security is not responsible for regulatory compliance of any server that has been modified. Altering the server’s enclosure in any way other than the installation operations specified in this document may invalidate the server’s safety certifications.
Page 27: Ac Power Cord And Cable Precautions
RELIMINARY ETUP ROCEDURES ENERAL AFETY NFORMATION • To ensure proper cooling, always operate the server with its covers in place. Do not block any openings on the chassis. Do not place the server near a heater. • Always exit the software application properly before turning off the server to ensure data integrity.
Page 28: Motherboard Battery Precautions
RELIMINARY ETUP ROCEDURES ENERAL AFETY NFORMATION Motherboard Battery Precautions CAUTION: The battery on the motherboard should not be replaced without following instruc- tions provided by the manufacturer. Only qualified service personnel should replace batteries. The battery contains energy and, as with all batteries, a malfunction can cause heat, smoke, or fire, release toxic materials, or cause burns.
Page 29: Install The Server
This step requires you to set up parameters for the SR to function on the network. If using a 300, 500, 700, or 730 server, you have the option of using the text-based Quick Start setup procedures described in Step 1A, or the LCD panel setup proce- dures described in Step 1B.
Page 30: Step 1A: Quick Start Setup Procedures
A. Using the serial port cable (and USB DB9 serial adapter, if necessary), connect the laptop to the rear of the chassis (see “serial port” in Fig. 1 for a 300 model, Fig. 2 for a 500 model, Fig. 3 for a 700 or 730 model, and Fig. 4 for a 705 or 735 model).
Page 31: Power On The Sr
C. Go to the LCD panel on the front of the chassis, and press down the green checkmark key for three seconds (Fig. 4). Fig. 4 - 300 model LCD panel and keypad D. When the LCD panel displays a message that indicates the SR is running, proceed to the following set of instructions: •...
Page 32: Power Up A 500, 700, Or 730 Model
1A: Q NSTALL THE ERVER UICK TART ETUP ROCEDURES Power up a 500, 700, or 730 Model A. Make sure the power cord(s) is/are plugged into the back of the chassis. B. Plug the power cord(s) into a power source with an appropriate rating. WARNING: It is strongly suggested you use an uninterruptible power supply.
Page 33: Hyperterminal Setup Procedures
1A: Q NSTALL THE ERVER UICK TART ETUP ROCEDURES HyperTerminal Setup Procedures If using a serial console, follow these procedures on a Windows XP machine to create a HyperTerminal session. NOTE: HyperTerminal is no longer included with Windows as of Microsoft’s Vista system. Please note on Microsoft’s Web page “What happened to HyperTerminal?”...
Page 34 1A: Q NSTALL THE ERVER UICK TART ETUP ROCEDURES C. At the Connect using field, select the COM port assigned to the serial port on the laptop (probably “COM1”), and then click OK to open the Properties dialog box, displaying the Port Settings tab: D.
Page 35 1A: Q NSTALL THE ERVER UICK TART ETUP ROCEDURES F. In the HyperTerminal session window, go to File > Properties to open the Prop- erties dialog box, displaying the Connect To and Settings tabs: G. Click the Settings tab, and at the Emulation menu select “VT100”. H.
Page 36: Login Screen
1A: Q NSTALL THE ERVER UICK TART ETUP ROCEDURES Login screen The login screen displays after powering on the SR unit using a monitor and keyboard, or after creating a HyperTerminal session. NOTES: If using a HyperTerminal session, the login screen will display with black text on a white background.
Page 37: Quick Start Setup
1A: Q NSTALL THE ERVER UICK TART ETUP ROCEDURES Quick Start setup A. At the Press the number of your selection prompt, press 2 to select the “Quick Start setup” process. The Quick Start setup process takes you to the following configuration screens to make entries: •...
Page 38: Configure Network Interface Lan1
1A: Q NSTALL THE ERVER UICK TART ETUP ROCEDURES Configure network interface LAN1 A. From the Quick Start menu, press 3 to go to the Configure Network Interface screen for LAN1. B. At the Enter interface LAN1 IP address prompt, type in the LAN1 IP address and press Enter.
Page 39: Time Zone Regional Setting
1A: Q NSTALL THE ERVER UICK TART ETUP ROCEDURES Time Zone regional setting A. From the Quick Start menu, press 8 to go to the Time Zone regional configura- tion screen. B. Select a region using up-arrow and down-arrow keys. Press Y when you have selected the appropriate region, or press Esc to cancel this change.
Page 40: Non-Quick Start Procedures Or Settings
1A: Q NSTALL THE ERVER UICK TART ETUP ROCEDURES Non-Quick Start procedures or settings The options described below do not pertain to the quick start setup process. Reboot system A. From the Quick Start menu, press B to go to the Reboot confirmation screen. B.
Page 41: System Status Screen
1A: Q NSTALL THE ERVER UICK TART ETUP ROCEDURES System Status screen The System Status screen contains the following information: • lan1 IP address and netmask specified in screen 3, and current status (“Active” or “Inactive”) • lan2 IP address and netmask specified in screen 4, and current status (“Active” or “Inactive”) •...
Page 42: Step 1B: Lcd Panel Setup Procedures
LCD screen. The keypad consists of the following keys: • On a 300 model: Up arrow, down arrow, left arrow, right arrow, checkmark, and “X” keys. • On a 500, 700, or 730 model: Up, down, left, right, CANCEL, and ENTER keys.
Page 43: Lcd Menu
1B: LCD P NSTALL THE ERVER ANEL ETUP ROCEDURES LCD Menu The LCD Menu tree includes the following two main menu selections: • LCD Options - This choice includes options for viewing the LCD display and monitoring the SR once it is configured and running on the network. Information about using LCD Options is included in this document after the M86 menu sub- section.
Page 44: Ip / Lan1 And 2
1B: LCD P NSTALL THE ERVER ANEL ETUP ROCEDURES IP / LAN1 and 2 When the IP / LAN 1 (2) option is selected, the IP / LAN 1 (2) screen displays with the following menu items: • Configure LAN 1 (2) IP •...
Page 45: Host Name
1B: LCD P NSTALL THE ERVER ANEL ETUP ROCEDURES Host Name When the Host Name option is selected, the Host Name screen displays with the Configure Hostname menu item. A. Choose Configure Hostname and press the checkmark key to go to the Configure Hostname screen.
Page 46: Non-Quick Start Procedures Or Settings
1B: LCD P NSTALL THE ERVER ANEL ETUP ROCEDURES Non-Quick Start procedures or settings The options described below do not pertain to the quick start setup process. SR Patch Level When the SR Patch Level option is selected, “Security Reporter” and the version number of the currently installed software build displays.
Page 47: Lcd Options Menu
1B: LCD P NSTALL THE ERVER ANEL ETUP ROCEDURES LCD Options menu When “LCD Options >” is selected, the following menu items display on the screen: Heartbeat, Backlight, LCD Controls >. Make a selection from the menu, and press the checkmark / ENTER key to go to that screen. Heartbeat When the Heartbeat option is selected, the Heartbeat screen displays.
Page 48: Step 2: Physically Connect The Unit To The Network
A. Plug one end of a standard CAT-5E cable into the SR’s LAN 1 port, the port on the left. Rear of 300 model chassis with LAN ports identified Portion of 500 model chassis rear with LAN ports identified Portion of 700 / 730 model chassis rear with LAN ports identified Portion of 705 / 735 model chassis rear with LAN 1 and LAN 2 ports identified B.
Page 49: Step 3: Access The Sr And Its Applications Online
Enter.) • If pinging the IP address of the SR is unsuccessful, try restarting the network service or rebooting the SR. • If still unsuccessful, contact an M86 Security solutions engineer or technical support representative. M86 S...
Page 50: Accept The Security Certificate In Firefox
3: A NSTALL THE ERVER CCESS THE AND ITS PPLICATIONS NLINE Accept the Security Certificate in Firefox A. If using a Firefox browser, in the page “This Connection is Untrusted,” click the option I Understand the Risks: B. In the next set of instructions that display, click Add Exception...: Clicking Add Exception opens the Add Security Exception window: M86 S ECURITY...
Page 51 3: A NSTALL THE ERVER CCESS THE AND ITS PPLICATIONS NLINE C. In the Add Security Exception window, click Get Certificate and wait a few seconds until the security certificate is obtained by the server. D. With the checkbox Permanently store this exception selected, click Confirm Security Exception to open the Security Reporter login window: Proceed to Accept the End User License Agreement.
Page 52: Temporarily Accept The Security Certificate In Ie
3: A NSTALL THE ERVER CCESS THE AND ITS PPLICATIONS NLINE Temporarily Accept the Security Certificate in IE If using an IE browser, in the page “There is a problem with this website's security certificate.”, click Continue to this website (not recommended): Selecting this option displays the Security Reporter login window with the address field and the Certificate Error button to the right of the field shaded a reddish color: Proceed to Accept the End User License Agreement.
Page 53: Accept The Security Certificate In Safari
3: A NSTALL THE ERVER CCESS THE AND ITS PPLICATIONS NLINE Accept the Security Certificate in Safari A. If using a Safari browser, the pop-up window "Safari can't verify the identity of the website..." opens: Click Show Certificate to open the certificate information box at the bottom of this window: B.
Page 54: Accept The End User License Agreement
3: A NSTALL THE ERVER CCESS THE AND ITS PPLICATIONS NLINE Accept the End User License Agreement A. In the Security Reporter login window, enter your Username and Password, and then click Login to proceed: You may be prompted to accept a security exception for the SR application, after which the EULA Agreement dialog box opens: B.
Page 55: Log In To The Security Reporter Wizard
3: A NSTALL THE ERVER CCESS THE AND ITS PPLICATIONS NLINE Log in to the Security Reporter Wizard A. In the Username field of the Login window, type in the username specified in the Configure setup wizard user screen of the Quick Start Setup Procedures (Step 1A), or the Configure Setup Wizard User screen in LCD Panel Setup Procedures (Step 1B): B.
Page 56: Enter Bandwidth Range
3: A NSTALL THE ERVER CCESS THE AND ITS PPLICATIONS NLINE C. Enter the Password to be used with that username, and enter the same pass- word again in the Confirm Password field. Enter Bandwidth Range A. Enter the bandwidth IP Address range the Security Reporter will monitor. B.
Page 57: Step 4: Generate Ssl Certificate
4: G SSL C NSTALL THE ERVER ENERATE ERTIFICATE Step 4: Generate SSL Certificate Generate a Self-Signed Certficate for the SR This step requires you to generate a self-signed certificate so your browser will recognize the SR as an accepted device. A.
Page 58 4: G SSL C NSTALL THE ERVER ENERATE ERTIFICATE c. Organizational Unit Name - Name of your department, such as Administration. d. Locality (City) - Name of your organization’s city or principality, such as Orange. e. State or Province Name - Full name of your state or province, such as California.
Page 59: Ie Security Certificate Installation Procedures
4: G SSL C NSTALL THE ERVER ENERATE ERTIFICATE IE Security Certificate Installation Procedures Accept the Security Certificate in IE Go to the appropriate sub-section if using the following Windows operating system and IE browser: • Windows XP or Vista with IE 7 or 8 •...
Page 60 4: G SSL C NSTALL THE ERVER ENERATE ERTIFICATE Figure A2: Windows XP, IE 7 B. Click Certificate Error to open the Certificate Invalid pop-up box: Figure B: Windows XP, IE 7 C. Click View certificates to open the Certificate window that includes the host name you assigned to the SR: M86 S ECURITY...
Page 61 4: G SSL C NSTALL THE ERVER ENERATE ERTIFICATE Figure C: Windows XP, IE 7 D. Click Install Certificate... to launch the Certificate Import Wizard: Figure D: Windows XP, IE 7 E. Click Next > to display the Certificate Store page: Figure E: Windows XP, IE 7 M86 S ECURITY...
Page 62 4: G SSL C NSTALL THE ERVER ENERATE ERTIFICATE F. Choose the option “Place all certificates in the following store” and then click Browse... to open the Select Certificate Store pop-up box: Figure F: Windows XP, IE 7 G. Choose “Trusted Root Certification Authorities” and then click OK to close the pop-up box.
Page 63: Windows 7 With Ie 8
4: G SSL C NSTALL THE ERVER ENERATE ERTIFICATE Now that the security certificate is installed, you will need to map the SR’s IP address to its host name. Proceed to Map the SR’s IP Address to the Server’s Host Name.
Page 64: Map The Sr's Ip Address To The Server's Host Name
4: G SSL C NSTALL THE ERVER ENERATE ERTIFICATE Now that the security certificate is installed, you will need to map the SR’s IP address to its host name. Proceed to Map the SR’s IP Address to the Server’s Host Name.
Page 65 4: G SSL C NSTALL THE ERVER ENERATE ERTIFICATE C. Enter a line in the hosts file with the SR’s IP address and its host name—the latter entered during the Configure host name screen of the Quick Start Setup Procedures (Step 1A), or the Host Name screen in LCD Panel Setup Proce- dures (Step 1B)—and then save and close the file.
Page 66: Step 5: Add Web Filter, Swg To Device Registry
5: A , SWG NSTALL THE ERVER ILTER EVICE EGISTRY Step 5: Add Web Filter, SWG to Device Registry Before you begin configuring the Web Filter and/or SWG to send logs to the SR, you will need to add the Web Filter/SWG in the SR’s Device Registry panel. A.
Page 67: Add An Swg Device
5: A , SWG NSTALL THE ERVER ILTER EVICE EGISTRY Add an SWG Device A. At the bottom of the Device Registry panel, click New Policy Server to open the New Policy Server pop-up window: The following information displays and cannot be edited: Device Type (SWG), ID, Username.
Page 68: Step 6: Set Up Web Filter, Swg Log Transfers
6: S , SWG L NSTALL THE ERVER ET UP ILTER RANSFERS Step 6: Set up Web Filter, SWG Log Transfers This step can be performed any time during SR setup, but must be completed in order for the SR to receive logs from the Web Filter and/or SWG. Web Filter Setup Web Filter Configuration A.
Page 69: Web Filter Log Transfer Verification
6: S , SWG L NSTALL THE ERVER ET UP ILTER RANSFERS Web Filter Log Transfer Verification You can see if log files have transferred by following these steps in the SR: A. Access the System Configuration administrator console. B. Go to the Database pull-down menu and choose Tools to display the Tools screen: C.
Page 70: Set Self-Monitoring
6: S , SWG L NSTALL THE ERVER ET UP ILTER RANSFERS Set Self-Monitoring A. In the SR Report Manager navigation toolbar, select Administration > System Configuration to display the Server Status panel screen of the System Config- uration administrator console. B.
Page 71: Swg Setup
SR. Additionally, in such a configuration (with multiple policy servers sending logs to one SR), a known issue exists in which SR reports may be inaccurate. M86 Security is planning to resolve this issue in the next software release. In the interim, M86 recom- mends backing up archive logs and textmaps from each policy server, and then re- importing this data after applying the software update that contains this fix.
Page 72: Policy Settings
6: S , SWG L NSTALL THE ERVER ET UP ILTER RANSFERS • Password: Type in the password you entered for the SWG in the Device Registry. NOTE: Be sure “Extended Format” is selected for Archive format, and the Log Archive Scheduling frame specifies the correct interval you wish to use for sending logs from the SWG to the SR.
Page 73: Swg Configuration For Software Version 9.2.5
6: S , SWG L NSTALL THE ERVER ET UP ILTER RANSFERS SWG Configuration for Software Version 9.2.5 Configure SWG to Send Logs to the SR A. Access the SWG user interface. B. Navigate to Administration > System Settings > M86 Devices. C.
Page 74: Policy Settings
6: S , SWG L NSTALL THE ERVER ET UP ILTER RANSFERS Policy Settings A. Navigate to Policies > Default Policy Settings and verify if the settings in the Enable Emergency Policy frame and Default Policy Values frame are the ones you wish to use for sending logs to the SR.
Page 75: Single Sign-On Access, Default Username/Password
NSTALL THE ERVER INGLE CCESS EFAULT SERNAME ASSWORD Single Sign-On Access, Default Username/Password Single Sign-On Access If using a Web Filter, the Single Sign-On (SSO) access feature is available for the global administrator account set up during the wizard hardware installation process.
Page 76: Conclusion
. NOTE: If you cannot view reports, or if your specific environment is not covered in the Security Reporter User Guide, contact an M86 Security solutions engineer or technical support representative. IMPORTANT: M86 Security recommends proceeding to the Best Reporting Practices section to implement setup procedures for the reporting scenarios described within that section.
Page 77: Best Reporting Practices
EPORTING RACTICES EPORTING RACTICES This Best Reporting Practices section is provided to help you get started using the Report Manager user interface. The main areas of focus in this section are creating basic reports, real time reporting, and security reporting. In the Report Manager Usage Scenarios sub-section you will learn how to: •...
Page 78: Report Manager Usage Scenarios
EPORTING RACTICES EPORT ANAGER SAGE CENARIOS Report Manager Usage Scenarios This collection of reporting scenarios is designed to help you use the Report Manager to create typical snapshots of end user Internet activity. Each scenario is followed by setup information. Please consult the “How to” section in the index of the Security Reporter User Guide for pages containing detailed, step-by-step instructions on configuring and/or using the tools and features described in that scenario.
Page 79: Step B: Further Investigate Using A Summary Drill Down Report
EPORTING RACTICES EPORT ANAGER SAGE CENARIOS This report shows the top 20 categories that were most frequently visited by users yesterday. Review the list of categories in this canned report. In a later step you will need to select the category to be further investigated. NOTE: Click the left or right arrow in the dashboard to view additional thumbnails.
Page 80: Step C: Create A New Report Using Yesterday's Date Scope
EPORTING RACTICES EPORT ANAGER SAGE CENARIOS Note that this drill down report view has been generated for today’s activity by default. To continue this investigation using data from yesterday’s Summary Report, you must create a new report from this current report view by first changing the date scope.
Page 81: Step D: Create A Double-Break Report With Two Sets Of Criteria
EPORTING RACTICES EPORT ANAGER SAGE CENARIOS In the Security Reporter User Guide index, see: • How to: create a new report from the current report view Step D: Create a double-break report with two sets of criteria 1. To continue this exercise, select the record for the category you wish to further investigate.
Page 82: Step E: Create A Detail Drill Down Report To Obtain A List Of Urls
EPORTING RACTICES EPORT ANAGER SAGE CENARIOS For the last step of this exercise, you will select a user from the current Summary Drill Down Report view and then drill down further to see which URLs that user visited, thereby creating a Detail Drill Down Report view. Step E: Create a Detail Drill Down Report to obtain a list of URLs 1.
Page 83: Ii. Double-Break Report And Export Report Exercise
EPORTING RACTICES EPORT ANAGER SAGE CENARIOS II. Double-break Report and Export Report exercise In this exercise you will learn how to display only the top 10 records of a summary drill down double-break report view, export that report view in the PDF output format, and then view the results of the generated PDF file.
Page 84: Step B: Modify The Report View To Only Display Top 10 Site Records
EPORTING RACTICES EPORT ANAGER SAGE CENARIOS Note that URLs/IP addresses of sites users visited in the category now display in the first column of the modified report view, instead of category names. In the Security Reporter User Guide index, see: •...
Page 85: Step C: Export The Report View In The Pdf Output Format
EPORTING RACTICES EPORT ANAGER SAGE CENARIOS Step C: Export the report view in the PDF output format 1. To export the current report view in the PDF format, at the bottom of the report view click Export to open the Export pop-up window: By default, “PDF”...
Page 86: Iii. Save And Schedule A Report Exercise
EPORTING RACTICES EPORT ANAGER SAGE CENARIOS 3. Print or save the PDF file using available tools or icons in the PDF file window, or close the PDF file. In the Security Reporter User Guide index, see: • How to: export a summary Drill Down Report •...
Page 87: Step B. Schedule A Recurring Time For The Report To Run
EPORTING RACTICES EPORT ANAGER SAGE CENARIOS 3. Choose the Save and Schedule option from the “save” options at the bottom of the window. The three “save” options are as follows: • Save and Schedule - this option lets you save criteria from the current report view and then set up a schedule to run the report using that criteria.
Page 88: Iv. Create A Custom Category Group And Generate Reports
EPORTING RACTICES EPORT ANAGER SAGE CENARIOS In the Security Reporter User Guide index, see: • How to: schedule a report to run You have now learned how to save a report and schedule a recurring event for running this report. Reports created for a variety of purposes can be scheduled to run on different dates and times to capture records of specified user activity as necessary.
Page 89: Step B: Run A Report For A Specified Custom Category Group
EPORTING RACTICES EPORT ANAGER SAGE CENARIOS In the Security Reporter User Guide index, see: • How to: add a Custom Category Group Step B: Run a report for a specified Custom Category Group 1. To create a report for a Custom Category Group, choose Reports > Drill Down Reports >...
Page 90: Create A Custom User Group And Generate Reports
EPORTING RACTICES EPORT ANAGER SAGE CENARIOS V. Create a custom User Group and generate reports In addition to running reports for various custom category groups, you might want to create one or more custom user groups and run reports for these user groups. NOTE: In order to generate reports for a custom user group, the user group must be created a day in advance, since the list of users is updated each day automatically based on group definitions and latest usage data.
Page 91: Step B: Generate A Report For A Custom User Group
EPORTING RACTICES EPORT ANAGER SAGE CENARIOS 3. Type in the Group Name and check the box(es) corresponding to “Patterns”, “IP Ranges”, and/or “Single Users/Exclude” to activate the frames in the section below. For this example, select “IP Ranges”. 4. Specify criteria for the group. In this example, enter an IP address within the range of the parent group.
Page 92: Real Time Reports Usage Scenarios
EPORTING RACTICES EPORTS SAGE CENARIOS Real Time Reports Usage Scenarios This collection of setup and usage scenarios is designed to help you understand and use basic tools in the console for enforcing your Internet usage policy. Each scenario is followed by console setup information. Please consult the “How to” section in the index of the Security Reporter User Guide for pages containing detailed, step-by-step instructions on configuring and/or using the tools and features described in that scenario.
Page 93: Step B: Navigate Panels In The Policy Section
EPORTING RACTICES EPORTS SAGE CENARIOS • Overall Ranking - view details about current gauge activity for all end users affecting gauges • Lockouts - prevent the end user from accessing specified URLs, the Internet, or the entire network • Add/Edit Gauges - create and maintain gauges used for monitoring end users’ Internet activity •...
Page 94 EPORTING RACTICES EPORTS SAGE CENARIOS NOTE: The Gauge Ranking panel is also accessible by right-clicking a dashboard gauge and then selecting View Gauge Ranking from the pop-up menu. 2. Find the library category with the highest score, and click that score to open the Category View User panel: Note the left side of this panel is populated with rows of records for Categories affected by the selected end user.
Page 95: Step B: Investigate A User's Activity In A Specified Gauge
EPORTING RACTICES EPORTS SAGE CENARIOS Step B: Investigate a user’s activity in a specified gauge 1. To find out which URLs the top end user visited in the high-scoring library cate- gory, select the category with the highest score and then click it to display a list of URLs the user visited in the right side of this panel: 2.
Page 96: Step C: Investigate The User's Internet Activity In Other Gauges
EPORTING RACTICES EPORTS SAGE CENARIOS Step C: Investigate the user’s Internet activity in other gauges 1. To find out which other gauges the same user is currently affecting, return to the Gauge Ranking table by going to the lower left corner of the Category View User panel and clicking the Back button.
Page 97: Iii. Create A Gauge Exercise
EPORTING RACTICES EPORTS SAGE CENARIOS 4. To find out which URLs the user is viewing in a particular library category, choose the category from the list, and then click the URL in the URLs list. In the Security Reporter User Guide index, see: •...
Page 98: Step B: Add A Url Gauge
EPORTING RACTICES EPORTS SAGE CENARIOS In the Security Reporter User Guide index, see: • How to: access the Add/Edit Gauges panel Step B: Add a URL Gauge 1. Click New Gauge at the bottom left of the panel to open the URL Gauge panel: 2.
Page 99 EPORTING RACTICES EPORTS SAGE CENARIOS 5. From the Available User Groups list, select the user group to highlight it. 6. Click add > to move the user group to the Assigned User Groups list box. 7. After adding users, click Save at the bottom right of the panel to return to the Add/Edit Gauges panel that now includes the name of the gauge you just added: In the Security Reporter User Guide index, see:...
Page 100: Iv. Create An Email Alert Exercise
EPORTING RACTICES EPORTS SAGE CENARIOS Now that you know the basics of creating a gauge, you will soon be able to create and use gauges to monitor various groups of users who frequent URLs in library categories you wish to restrict, and deal in real time with Internet usage issues that endanger your network and/or consume an excessive amount of bandwidth resources.
Page 101 EPORTING RACTICES EPORTS SAGE CENARIOS 4. Type in the Alert Name to be used for the alert that will be delivered to the group administrator. 5. Specify the User Threshold ceiling of gauge activity that will trigger the alert. The default and recommended value is 200 for a URL gauge. 6.
Page 102: Step B: Select Email Alert Action
EPORTING RACTICES EPORTS SAGE CENARIOS Step B: Select Email Alert Action 1. In the Alert Action section, choose the “Email” alert notification option. Note that this action opens and activates the Email Addresses accordion at the right side of the panel. 2.
Page 103: Step C: Receiving An Email Alert
EPORTING RACTICES EPORTS SAGE CENARIOS Step C: Receiving an email alert When an end user’s activity in a gauge reaches the threshold limit established for an alert, it triggers an alert notification. If the email alert option was selected, an email is sent to the email address that was specified.
Page 104: Security Reports Usage Scenarios
EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS Security Reports Usage Scenarios This collection of reporting scenarios is tailored towards familiarizing you with tools for generating, exporting, saving, and scheduling security reports. Each scenario is followed by user interface access information. Please consult the “How to” section in the index of the Security Reporter User Guide for pages containing instructions on using the tools and features described in that scenario.
Page 105: Step B: Navigate To The Security Policy Violations Report
EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS Step B: Navigate to the Security Policy Violations report Click the Security Policy Violations tab to display the the Security Policy Viola- tions report view: This report provides information on each instance in which an end user breached a security policy.
Page 106: Step D: Navigate To The Rule Transactions Report
EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS Step D: Navigate to the Rule Transactions report Click the Rule Transactions tab to display the Rule Transactions report view: This report includes each instance in which an end user triggered a threshold in an SWG Security Policy.
Page 107 EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS • Click this icon to re-display the top six graphs and table of records (the default view) • Click this icon to display the table of records only: In the Security Reporter User Guide index, see: •...
Page 108: Ii. Create A Customized Security Report
EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS II. Create a customized Security Report Once you become familiar with the basic four security reports, you may want to create your own customized reports. This exercise will show you two different methods for running security reports. One method is by using the Report Settings’ Run feature, and the other is by generating a report view using the Report Wizard.
Page 109 EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS For a Traffic Analysis or Rule Transactions report, you can narrow your search result by including filters: a. Click >> Filters at the bottom right of the panel to display the filter results panel: b.
Page 110: Exercise B: Use The Report Wizard To Run A Custom Report
EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS Exercise B: Use the Report Wizard to run a custom report 1. Navigate to Reports > Security Reports > Report Wizard to display the Secu- rity Report Wizard panel where you will need to specify criteria to include in the report you wish to generate: 2.
Page 111: Iii. Export A Security Report
EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS III. Export a Security Report In this exercise you will learn how to export the current security report view in the PDF format by selecting one of two export options. Step A: Specify records to include in the report Go to the bottom right of the panel and either click Export All Records, or choose specific records from the table and then click Export Selected.
Page 112: Step D: View The Exported Security Report
EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS 2. Specify the Delivery method for the email address: “To” (default), “Bcc”, or “Cc”. 3. Enter the Subject for the email message. 4. If you wish, enter text to be included in the Body of the message. 5.
Page 113: Iv. Save A Security Report
EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS In the Security Reporter User Guide index, see: • How to: export a Security Report IV. Save a Security Report A security report can be saved only by using the “Report Settings” Save option. Step A: Select Report Settings, Save option In the current security report view, navigate to the bottom left of the panel, mouse over Report Settings, and choose Save to display the Security Report Wizard...
Page 114: Step B: Specify Criteria In The Report Details Frame
EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS Step B: Specify criteria in the Report Details frame 1. In the Report Details frame, type in the Report Name. 2. Specify the Report Time Span by choosing one of two options: • Predefined Ranges - If choosing this option, make a selection from the pull- down menu: “Today”...
Page 115: Step D: Populate The Email Settings Frame
EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS Step D: Populate the Email Settings frame 1. In the Email Settings frame, enter at least one Email address and then click Add to include the email address in the list box below. 2. Specify the Delivery method for the email address: “To” (default), “Bcc”, or “Cc”.
Page 116 EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS 2. In the Report Details frame, type in the Report Name. 3. Specify the Report Time Span by choosing one of two options: • Predefined Ranges - If choosing this option, make a selection from the pull- down menu: “Today”...
Page 117 EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS a. Click >> Filters at the bottom right of the panel to display the filter results panel. b. Choose a filter type from an available accordion (Policies, Rules, Action, Content Type) and indicate criteria to use in the filter: •...
Page 118: Exercise B: Use The Wizard To Create And Schedule Reports
EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS Exercise B: Use the Wizard to create and schedule reports 1. Navigate to Reports > Security Reports > Report Wizard to open the Security Report Wizard panel: 2. In the Report Details frame, type in the Report Name. 3.
Page 119: Access The Report Schedule Panel
EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS Access the Report Schedule panel To access the Report Schedule panel that includes all productivity and security reports scheduled to run, navigate to Reports > Report Schedule: Reports scheduled to be run display as rows of records. The following information is included for each record: Name assigned to the scheduled report, Interval when the report is scheduled to run, date and time of the Last Run, date and time of the Next Run, Custom Report Name, and Start Time for the report to run.
Page 120 EPORTING RACTICES ECURITY EPORTS SAGE CENARIOS The following information displays in this frame: Name assigned to the scheduled event; selected Report to Run; interval When to Run the report; Day of the Week the report will run if the report is a daily report, or Day of the Month the report will run if the report is a monthly report, and Start Time to run.
Page 121: Important Information About Using The Sr In The Evaluation Mode
MPORTANT NFORMATION ABOUT USING THE IN THE VALUATION VALUATION MPORTANT NFORMATION ABOUT USING THE VALUATION Evaluation Mode Pop-Up When evaluating the SR in the evaluation mode, the SR Status pop-up box opens after logging in to the System Configuration administrator console: Click the ‘X’...
Page 122: Report Manager Server Information Panel
MPORTANT NFORMATION ABOUT USING THE IN THE VALUATION EPORT ANAGER ERVER NFORMATION ANEL Report Manager Server Information Panel In the Server Information window, the Mode section displays “EVALUATION - MAX DATA STORAGE ‘X’ WEEKS”. The Expiration Info section to the right displays the amount of data space allocated to the SR and used by the SR, as well as data expiration criteria calculated for this SR if activated in the registered mode.
Page 123: Led Indicators And Buttons
LED I 500, 700 730 M NDICATORS AND UTTONS RONT ONTROL ANELS ON ODELS LED I NDICATORS AND UTTONS Front Control Panels on 500, 700 and 730 Models Control panel buttons, icons, and LED indicators display on the right side of a 500, 700 and 730 model’s front panel.
Page 124: Rear Panel On The 700 And 730 Model
This LED remains lit until the UID button is pressed again. Front Control Panel on a 300 Model In addition to executing functions listed in the LCD panel menu, the keypad on the front of the server is also used for performing basic server functions.
Page 125: Regulatory Specifications And Disclaimers
EGULATORY PECIFICATIONS AND ISCLAIMERS ECLARATION OF THE ANUFACTURER OR MPORTER EGULATORY PECIFICATIONS AND ISCLAIMERS The information in this section pertains to SR models 500, 700, and 730. Declaration of the Manufacturer or Importer Safety Compliance USA: UL 60950-1 1st ed. 2007 Europe: Low Voltage Directive (LVD) 2006/95/EC to CB Scheme IEC 60950-1: 2001 Canada...
Page 126: Ec Declaration Of Conformity
ECLARATION OF THE ANUFACTURER OR MPORTER EC Declaration of Conformity European Community Directives Requirement (CE) Declaration of Conformity Manufacturer’s Name: M86 Security 828 W. Taft Avenue Manufacturer’s Address: Orange, CA 92865 Application of Council Directive(s): Low Voltage • 2006/95/EC • 2004/108/EC...
Page 127: Appendix A: Fibre Channel Connected Storage Device
Carefully unpack the unit from the carton and verify that all accessories are included. Save all packing materials in the event that the unit needs to be returned to M86 Security. The carton should contain the following items: • 1 Nexsan Technologies unit •...
Page 128: Rack Mount The Server
A: F PPENDIX IBRE HANNEL ONNECTED TORAGE EVICE RELIMINARY ETUP ROCEDURES Rack Mount the Server Rack Mount Components The following items are needed to install rails for rack mounting: • 1 slide kit and mounting hardware • 1 pair Accuride slide rails Rack Setup Precautions WARNING: Before rack mounting the unit, the physical environment should be set up to safely...
Page 129: Step 1
A: F PPENDIX IBRE HANNEL ONNECTED TORAGE EVICE RELIMINARY ETUP ROCEDURES Step 1 Remove inner slide rail as shown. Press down on latch to release. Step 2 Attach inner slide rail to chassis using 3 screws as shown. NOTE: When attaching the extended brackets, attach them loosely at first. Adjust the length to fit the cabinet, and then tighten.
Page 130: Step 4
A: F PPENDIX IBRE HANNEL ONNECTED TORAGE EVICE RELIMINARY ETUP ROCEDURES Step 4 Attach left and right front (short) extended brackets to the outer rail using 2 screws, 2 washers, and 2 nuts for each bracket. NOTE: Make sure the flange is on the bottom edge. Step 5 Attach outer rail to chassis using 4 screws and cage nuts per rail, 2 at each end.
Page 131: Install The Unit
A: F PPENDIX IBRE HANNEL ONNECTED TORAGE EVICE NSTALL THE Install the Unit Link the SR Unit with the Fibre Channel Connected Device This step is a continuation from the Storage Device Setup (for Attached Storage Units) portion of Step 1A or 1B in the SR section. The procedures outlined in this step require the use of a CAT-5E crossover cable and the fibre channel cable.
Page 132: Shut Down, Restart Procedures
A: F PPENDIX IBRE HANNEL ONNECTED TORAGE EVICE NSTALL THE F. Plug the loose ends of the AC power cords into a power source with an appropriate rating. It is strongly suggested you use an uninterruptible power supply. WARNING: Be sure all drives are installed in the storage device unit before powering on the unit.
Page 133: Physical Components
A: F PPENDIX IBRE HANNEL ONNECTED TORAGE EVICE HYSICAL OMPONENTS Physical Components M86 S ECURITY NSTALLATION UIDE...
Page 134: Led Display
A: F PPENDIX IBRE HANNEL ONNECTED TORAGE EVICE HYSICAL OMPONENTS LED Display Temperature and Ventilation Status When the LED is green, the blowers are operating at an acceptable RPM, and the internal temperature sensors are within accept- able limits. The LED alternates green and red to indicate a predicted failure of one blower or an alarmingly...
Page 135 Preliminary Setup Procedures The instructions in this section pertain to the use of a NetOptics 10/100BaseT Tap that can be purchased from M86 Security. Unpack the Ethernet Tap Unit from the Box Open the NetOptics Ethernet Tap box and verify that all accessories are included.
Page 136 B: O PPENDIX PTIONAL THERNET NSTALLATION NSTALL THE THERNET Diagram showing Ethernet Tap installation on the network If the designated Web Filter/SWG has not yet been installed, disregard this sub- step and proceed to sub-step C. C. Using a crossover cable, connect one end to the Switch’s port configured to be the destination port of the Port Mirror.
Page 137 NDEX Access the Report Schedule panel 111 Add to Report Schedule 79 boot up 300 series server 116 500, 700 series server 115 Change Quick Start password 32 Configure Setup Wizard User 37 Create a customized Security Report 100 Create a gauge 89...
Page 138 Power Supply Precautions 18 Quick Start menu 28 Rack Setup Precautions 8 RAID 126 reboot 32 300 series server 116 500, 700 series server 115 report for a custom user group 83 Reset Admin Account 38 Reset Admin account 32...
Page 139 NDEX wizard installation procedures 67 M86 S ECURITY NSTALLATION UIDE...
Page 140 NDEX M86 S ECURITY NSTALLATION UIDE...
Page 142 M86 Security Corporate Headquarters (USA): 828 West Taft Avenue Orange, CA 92865-4232 • Tel: 714.282.6111 or 888.786.7999 Fax: 714.282.6116 (Sales/Technical Support) • 714.282.6117 (General Office)

This manual is also suitable for:

500 700 705 730 735

M86 Security 300 Installation Manual

M86 Sr Appliance Introduction

About this Document

Security Reporter Models 705 and 735

Conventions Used in this Document

Service Information

M86 Technical Support Call Procedures

IBM System X3620 M3 Support

Preliminary Setup Procedures

Unpack the Unit from the Carton

Select a Site for the Server

Rack Mount the Server

Check the Power Supply

General Safety Information

Step 1: Setup Procedures

Step 1A: Quick Start Setup Procedures

Step 1B: LCD Panel Setup Procedures

Step 2: Physically Connect the Unit to the Network

Step 3: Access the SR and Its Applications Online

Step 4: Generate SSL Certificate

Step 5: Add Web Filter, SWG to Device Registry

Step 6: Set up Web Filter, SWG Log Transfers

Single Sign-On Access, Default Username/Password

Conclusion

Best Reporting Practices

Report Manager Usage Scenarios

Real Time Reports Usage Scenarios

Security Reports Usage Scenarios

Evaluation Mode Pop-Up

Report Manager Server Information Panel

Led Indicators and Buttons

Front Control Panels on 500, 700 and 730 Models

Rear Panel on the 700 and 730 Model

Front Control Panel on a 300 Model

Chassis Panels on a 705 and 735 Model

Regulatory Specifications and Disclaimers

Declaration of the Manufacturer or Importer

Appendix A: Fibre Channel Connected Storage Device

Preliminary Setup Procedures

Install the Unit

Physical Components

Quick Links

INSTALLATION GUIDE

Related Manuals for M86 Security 300

Summary of Contents for M86 Security 300