Page 1 Order toll-free in the U.S.: Call 877-877-BBOX (outside U.S. call 724-746-5500) Customer FREE technical support 24 hours a day, 7 days a week: Call 724-746-5500 or fax 724-746-0746 Support Mailing address: Black Box Corporation, 1000 Park Drive, Lawrence, PA 15055-1018 Information Web site: www.blackbox.com • E-mail: info@blackbox.com...
Page 2 You’ll be live with one of our technical experts in less than 20 seconds. TRADEMARKS USED IN THIS MANUAL Black Box and the Double Diamond logo are registered trademarks, and Optinet is a trademark, of BB Technologies, Inc. Any other trademarks mentioned in this manual are acknowledged to be the property of the trademark owners.
Page 3: Table Of Contents
Table of Contents Table of Contents ........................ii Chapter 1: Introducing Optinet ....................1 Chapter 2: Installing Optinet ...................... 3 Gathering Initial Information ............................4 Connecting to Optinet ..............................5 Running the Setup Wizard ............................. 7 Cutting-Over ..................................
Page 4 Getting Started ................................ 26 Hardware Settings ..............................26 System ..................................26 General Reporting Options ............................26 Selected Date ................................27 Search ..................................27 Correlated by ................................27 Result Type ................................27 Group ..................................
Page 5 Registration Settings ............................... 70 Miscellaneous (Misc.) Settings ..........................70 Update Settings ............................... 72 Custom Category Rules ............................72 Custom Category Options ............................73 Remote Subnets ..............................74 User Preferences ..............................75 Static Routes ................................76 ...
Page 6 Troubleshooting GPO Issues ..........................113 Troubleshooting Directory Client ......................... 114 Chapter 8: Implementing HTTPS/SSL Filtering with Optinet ..........117 Certificate Authorities ............................... 118 SSL Anonymous Proxies ............................118 SSL CGI Proxy ..............................119 SSL Full Proxy ..............................119 ...
Page 7 Optinet User’s Guide Federal Communications Commission and Industry Canada Radio Frequency Interference Statements This equipment generates, uses, and can radiate radio-frequency energy, and if not installed and used properly, that is, in strict accordance with the manufacturer’s instructions, may cause inter ference to radio communication. It has been tested and found to comply with the limits for a Class A computing device in accordance with the speci cations in Subpart B of Part 15 of FCC rules, which are designed to provide reasonable protection against such interference when the equipment is operated in a commercial environment.
Page 8 NOM Statement Instrucciones de Seguridad (Normas O ciales Mexicanas Electrical Safety Statement) 1. Todas las instrucciones de seguridad y operación deberán ser leídas antes de que el aparato eléctrico sea operado. 2. Las instrucciones de seguridad y operación deberán ser guardadas para referencia futura. 3.
Page 9: Chapter 1: Introducing Optinet
Chapter 1: Introducing Optinet Welcome to Optinet. Optinet is a smart gateway appliance from Black Box Network Services that offers network administrators an in-depth view on network traffic and resources. With Optinet, you can monitor and manage traffic generated by specific applications within the network as well as traffic generated by specific users or computers.
Page 10 Optinet can quickly increase bandwidth for high priority traffic, ensure employee productivity, provide appropriate web content, add an additional layer of security, and prevent users from compromising your network. This user guide will instruct you on how to use and deploy the various functions of Optinet.
Page 11: Chapter 2: Installing Optinet
If you have questions or are unsure about the installation of Optinet, please contact your Black Box Technical Support at 724-746-5500, your Authorized Black Box Network Services Reseller, and/or the person responsible for the service of your network.
Page 12: Gathering Initial Information
Gathering Initial Information Under this section are listed the information and basic definitions of terms you will need to know before installing Optinet. Begin by reviewing the information and filling out the following table for documentation. You will need the subsequent information: License Key Licenses that have been purchased with your system will ship as a license key on a card in the Documentation &...
Page 13: Connecting To Optinet
Time Zone: Amounts used in the Total Download Bandwidth and Total Upload Bandwidth will restrict total throughput through Optinet. Please make sure the amounts you enter in these fields are correct. If you would like to receive email alerts when users attempt to access viral web sites, you must fill out the Email Settings.
Page 14 Running the Setup Wizard requires an active Internet connection from the network where Optinet will be installed. If you do not have an active Internet connection available, or you do not wish to use the Setup Wizard, please consult the section Using Alternative Configuration Methods.
Page 15: Running The Setup Wizard
Running the Setup Wizard 1. To access the Setup Wizard, open Microsoft’s Internet Explorer (IE) 6 or 7 and enter http://192.168.1.80 in the address bar. 2. Login to the system using: a. Default User Name: admin (all lowercase) b. Default Password: blackbox (all lowercase) 3.
Page 16: Cutting-Over
Please note that advanced configuration options such as Directory Integration or Ethernet Settings require additional steps that are not covered in the Setup Wizard. For additional information, please review their corresponding chapters. Cutting Over Only perform these next steps when network traffic can be momentarily interrupted.
Page 17: Accessing Optinet
Figure 2.3 Optinet Installation Connectivity If you are able to browse to the Internet, you have completed the installation of Optinet. The device should now be sitting inline with your Internet traffic and monitoring web requests. Accessing Optinet After completing the configuration and installation processes, you can access Optinet by using the IP address you assigned to the device during the Setup Wizard.
Page 18: Manual Configuration
Using Alternative Configuration Methods The previous sections discuss the most common steps for installing Optinet. However, there are alternative methods that can be used for initial configuration of the device as well as different modes that Optinet can accommodate. In this section, the topics of installing Optinet without the assistance of the Setup Wizard as well as Proxy Mode will be discussed.
Page 19: Text Menu Interface
The suggested settings on the local workstation/laptop are the following: • IP address—10.1.1.2 • Subnet Mask—255.255.255.0 4. From the Management/Auxiliary port, you can access Optinet via the GUI or Text Menu (covered in the following section). If you choose to configure Optinet via the GUI, please follow the steps listed under the section Setup Wizard.
Page 20 Figure 2.4 PuTTY Configuration 6. Login with the default credentials. 7. Type 1 to access Configure IP addresses submenu. Figure 2.5 Text Menu Interface...
Page 21 8. Enter in the information collected in the IP Settings table under Gathering Initial Information. Serial Access The following section lists steps on how to connect to the Optinet Text Menu using HyperTerminal. Although there are other terminal simulators that can work with the Optinet serial connection, the steps listed below are for a workstation/laptop with Windows XP and HyperTerminal.
Page 22: Proxy Mode
We strongly recommend that you change the default password for the menu account to limit access to the Text Menu. Select Option 3—Change Menu Password under the main menu to make this change. Proxy Mode For full functionality of Optinet, we recommend placing the device inline with traffic. However, if you do not want to place the device inline with network traffic, or if you have users on the WAN side of Optinet that you want to filter, you can configure Optinet as a web proxy.
Page 23 5. Under the Connection section, click the Settings button. 6. Select the radio button next to Manual proxy connection. 7. Enter in the IP address of Optinet in the HTTP Proxy field. 8. Enter in the number 8888 in the Port field. 9.
Page 24: Configuring Port Settings
Policy Manager Internet Usage Directory Users & Nodes Web Hits Overview Directory Users Web Bandwidth Overview Directory Agent Web Hits by Network Node Network Nodes Web Bandwidth by Network Node Web Time Online System Reports Broadcast Manager Active Users CPU Utilization IP Connections Latency Packets per Second...
Page 25: Configuring Cabling
Configuring Cabling In addition to confirming the port and duplex settings, you should also confirm cables connected to Optinet. Typically, layer 3 devices connected to Optinet require a cross-over cable while layer 2 devices connected to Optinet require straight-through cables. In a standard installation, the Optinet WAN port will connect to the firewall via a cross-over cable while the Optinet LAN port will connect to the core network switch via a straight- through cable.
Page 26: Bypass Mode
Optinet will initiate the supported Bypass Mode (Fail to Wire or No Failover). This is indicated by the LEDs on all ports, which will blink and scroll in unison. If this happens, please contact Black Box Network Services Technical Support at 724-746- 5500 or your Authorized Black Box Network Services Reseller. Diagnosing and troubleshooting the problem may require that you physically remove Optinet from the network.
Page 27 As with Fail to Wire, there are other scenarios that can cause Optinet to fail besides powering down the device. If Optinet is entering No Failover unintentionally, please contact Black Box Network Services Technical support at 724-746-5500 and/or your Authorized Black Box Network Services Reseller for diagnosis and troubleshooting.
Page 28: Chapter 3: Navigating Optinet
Chapter 3: Navigating Optinet This section contains guides and tips on how best to navigate through The Optinet Graphical User Interface (GUI). The chapter is divided into three sections: • General Navigation • Task Pane • Help Pane To access Optinet, open up Microsoft’s Internet Explorer (IE) 6 or higher and enter in the IP address assigned to Optinet in the address bar (Optinet only supports IE 6 and above).
Page 29 You can navigate back between tabs and reports by using the back arrow button located next to the Admin tab . Do not use the back arrow button available on your web browser since this will take you back to the Optinet login page. You can have multiple tabs open for ease of use by right-clicking a selection and choosing Open in new tab.
Page 30: Tasks Pane
Tasks Pane The Tasks Pane is located in the upper–right corner of any of the Optinet screens. The Tasks Pane lists actions or options that can be selected for the active page. Because of this, the contents displayed in the Tasks Pane will change depending on the screen currently displayed.
Page 31: Help Pane
—Network Node: Correlate report by Network Node profiles —None: No correlation —Service: Correlate IM reports by IM Client service Export —Email: Send the report in an email —Excel Document: Export the report or polices into a Comma Separated Value (CSV) format —Print: Print the report or polices currently displayed on screen —XML Document: Export the report or policies into an Extensible Markup Language...
Page 32 You can stop participating at any time by disabling the checkbox located in the Product Enhancement Program. One last item under the Help Pane is Black Box Network Services Optinet Privacy Policy. The privacy policy covers how Black Box Network Services will handle personal information collected and received with Optinet.
Page 33: Chapter 4: Generating Reports
Chapter 4: Generating Reports The Report tab will present information concerning network traffic, web sites visited, and system health. This chapter is divided into each report available and also general reporting rules that will apply to each different report. • Home Page •...
Page 34: System Notifications
Box Network Services Technical support if needed. If your ASM is not current, Optinet will not be able to update firmware, software, content filtering, spyware or anti-virus nor will Black Box Network Services Technical support be available. To renew your ASM please contact Black Box Technical Support at 724-746-5500, your Authorized Black Box Network Services Reseller, or a Black Box Network Services Sales Office.
Page 35: Selected Date
Figure 4.1 Reporting Options For example, click on the Application Overview report (Report -> Applications -> Application Overview). This will post the top applications passing traffic through the network within the last 24 hours. However, if you would like to search for traffic from a specific device within the last 30 days, you may adjust the Selected Date and search for device under Network Node.
Page 36: Network Node
Network Node This field will allow you to search for specific Network Nodes (devices on the network). Clicking this field will populate the Select Filter Network Node box. Search the Available Network Node list for the desired Network Node Profile, select the profile and click the Add button.
Page 37: Drop-Down Arrows
Drop-Down Arrows Another option that allows you to customize reports is the Drop-Down Arrows. Any of the reports available can be collapsed by using the Up arrow icon on the right side of the corresponding menu bar. You can also expand an area in the Report tab using the Down arrow icon Bar-Pie Graph Drop-Down Some reports allow you to choose the graph types of either Bar Graphs or Pie Graphs.
Page 38: Users Tab
resources for other operations. If a report cannot complete within the five minutes, you will receive a timeout message. If you receive a timeout message, you may alter the time limit under the Advanced Setup menu (Admin -> Configuration -> Advanced Setup -> Database Timeout). You can allocate up to 15 minutes for reports to complete.
Page 39: Dashboard Reports
the last 24 hours. However, this time frame is customizable as well as sorting features. This report will display total network traffic as well as total download and upload for the corresponding criteria. The reports available are Directory User Overview, Group Overview, and Network Node Overview.
Page 40 Directory User, Group or application will be posted next to a colored bar. When data is presented as a column graph, the most recent data is presented at the right end of the graph with the green column representing download traffic and the blue column representing upload traffic.
Page 41: Threats Tab
• Network Routing—this is the amount of bandwidth consumed by network routing applications (RIP, NCP, etc). • Network Utility—this is the amount of bandwidth consumed by network utility applications (DHCP, NSW, etc.). • Peer 2 Peer—this is the amount of bandwidth consumed by Peer 2 Peer applications. •...
Page 42: Internet Usage Tab
• Virus Infected Users—these are devices that may be infected with web viruses. • Virus Threat Names—these are names of web virus threats present on the network. Internet Usage tab Internet Usage tab reports on all web sites requested by users. This is a great report to give a general indication of which web sites and categories users are visiting or attempting to visit.
Page 43: System Reports Tab
System Reports tab System Reports tab reports on the actual system health of Optinet. This report posts the CPU and RAM utilization of the device. The report will also post the active connections in the network as well as requests for Directory Users. Understanding this report will allow you to schedule maintenance, plan for upgrades, and prevent problems on the network or with Optinet.
Page 44 Figure 4.5 Real Time Monitor Figure 4.6 Real Time Monitor Legend...
Page 45 Another capability of RTM is the ability to correlate within the last hour to display the most bandwidth consuming users. For example, in the above diagram RTM has HTTP as the highest amount of traffic. If you right-click on this traffic, you will be presented with the options to correlate by Directory User, Group, or Network Node.
Page 46: Chapter 5: Managing Optinet
Chapter 5: Managing Optinet Optinet allows you to control and identify network traffic based on applications and users. Optinet also allows you to separate problematic users from general traffic or problematic applications based on different criteria, time of day, and priority. The device can also block web sites or categories protecting users and your network from improper content.
Page 47: Policies & Rules Tab
corresponding groups. Each menu under the Policies & Rules tab addresses these principles: • Groups—who will be in the group? • Time of Day Rules—when will the rules take effect? • Internet Usage Rules—what web sites can group members visit? •...
Page 48 • Deny Access Group—members of this group will not be able to access any Internet traffic. All web sites and application traffic will be denied for this group. Users in this group will be assigned the Deny Access Usage Rules. •...
Page 49 Please note that the member type Network Node will post devices already discovered by Optinet. If you have integrated Directory Users with Optinet, Directory User will post Profiles already discovered by Optinet. All other fields will present an Enter New field that will allow you to manually add a user.
Page 50: Time-Of-Day Rules
To create groups, you can click the Create button under the Group Manager. This will post the Choose a Group Type dialog box. You can use the previous steps to create a Optinet Group. If you would like to create groups based on Directory Users, please see Chapter 7: Integrating Directory Users with Optinet.
Page 51: Traffic Flow Rule Sets
First, we’ll define general options available in all IURs, including Traffic Flow Rule Sets (TFRS). Second, we’ll list the default IURs and the associated policies. Third, we’ll give an example on how to customize IURs and other advanced policies. Traffic Flow Rule Sets Click on Manage ->...
Page 52: Content Filtering
HTTP traffic on any port other than port 80 or a designated proxy port (Anonymous Proxy Guard). • Web Filter + Anonymous Proxy Guard + SSL Block—this TFRS performs content filtering, web logging, spyware scanning, virus scanning for HTTP traffic (Web Filter), prohibits HTTP traffic on any port other than port 80 or a designated proxy port (Anonymous Proxy Guard), and prohibits all HTTPS traffic from passing through Optinet (SSL Block).
Page 53 • Blocked URLs—this sub-tab allows you to enter in a specific Universal Resource Locator (URL) address to be blocked. There are three compare strings that can be used to enter Blocked URLs: URL–Regular Expression, URL, and Domain. URL-Regular Expression—this compare string uses regular expressions to block web sites.
Page 54: Advanced Filtering
• Other settings available in the Content Filtering tab are Import, Export options, Remove Selected Rows, Remove All Rows, and Edit Selected Rows under Blocked URLs and White List URLs. Import, Export options allow you to import or export a plain text (.txt) version of your Blocked URLs and White List URLs, allowing you to back up your lists or share lists with multiple IURs.
Page 55 Filter Avoidance • Enable Filter Avoidance Real-Time Filter—this setting performs a real-time scan on web sites to validate if the web page is hosting proxy services. • Enable Filter Avoidance Deep HTTP Inspection—this setting scans content for the retrieved web pages from a proxy web site. •...
Page 56: Internet Usage Rules
• Block IP Address URLs—this setting prohibits users from browsing any web sites via IP addresses instead of domain names. • Allow Non-HTTP Traffic Through the Web Filter—this setting allows Non-HTTP traffic to pass through port 80 or the designated parent proxy port for web traffic. •...
Page 57 Enable Spyware ClassID Blocking Filter Avoidance Web Policy Enable Filter Avoidance IP Real-Time Filter, Allow Non-HTTP Lookup, Enable Filter Traffic Through the Web Filter, Avoidance Real-Time Filter, Non-HTTP Traffic Socket Timeout Enable Filter Avoidance (60 minutes) Deep HTTP Inspection Deny Access Policy Rules denies all Web traffic and cannot be altered. Filter Bypass Policy Rules allows all network traffic to pass and only reports on bandwidth and applications used.
Page 58 Monitor Only Policy Rules TFRS Filter Avoidance Web Policy Web Filter Enable Filter Avoidance IP Apply White List to Lookup, Enable Filter Avoidance Referring URLs, Real-Time Real-Time Filter, Enable Filter Filter, Allow Non-HTTP Avoidance Deep HTTP Inspection Traffic Through the Web Filter, Non-HTTP Socket Timeout (60 Minutes) Monitor Only with Threat Protection Policy Rules are intended for users that will only be...
Page 59: Shaping Rules
Strict Policy Rules TFRS Blocked Categories Blocked File Types Web Filter + Anonymous Adult, Alcohol and Tobacco, Cars aac, adp, aiff, asx, avi, Proxy Guard + SSL Block and Motorcycles, Cheating and bat, cab, cmd, com, dll, Plagiarism, Crime, Criminal dmg, ed2k, emo, exe, flac, Related, Cults, Dating, Filter flv, fpt, ini, iso, kmz, lit,...
Page 60 Optinet has no default shaping rules. As such, you will need to create them under the Shaping Rule Manager (Manage -> Policies & Rules -> Shaping Rules). Here you will be presented with three tabs: Group, Application, and Web Content. Group shaping rules manage total bandwidth for users and groups.
Page 61 • If you choose to enter a custom amount for the upload and download restrictions, remember that this amount is presented in kilobits per second (Kbps). You will need to compute your bandwidth into this amount (1024Kbps = 1 Mbps). •...
Page 62: Policy Manager
interface, i.e., applying shaping rules, denying traffic, etc. Flushing the Optinet forwarding plane will drop all connections and reassign traffic accordingly. Because of this, we recommend that you only make changes to shaping rules during off peak hours. Once you have created a shaping rule, don’t forget to Save the changes. Also remember that shaping rules are not active until you assign them to a group in the Policy Manager.
Page 63: Network Nodes
profile and list it accordingly under Directory Users & Nodes. These profiles (devices or users) will then be available for group membership assignment under the Group menu (Manage -> Policies & Rules -> Groups). Directory Users & Nodes lists three separate options: Network Nodes, Directory Users, and Directory Agent.
Page 64 sometimes incorrectly associate traffic to the wrong Network Node with asymmetrical networks. If you have an asymmetrical network, you can select Ignore Multiple IP Addresses from this Network Node, which will permanently associate the IP address to the MAC address listed. Thus if Optinet sees the MAC address being used by another IP address, Optinet will assume this is due to asymmetrical routing and group the traffic based on the IP address and attempt to discover the true MAC address of the original sending device.
Page 65 Network Node Manager. If individual MAC addresses are listed, then Optinet is essentially issuing a license to those MAC addresses. However, if an entry of all zeros is listed under the column of MAC address, then Optinet is licensing based on IP addresses (typical of routed networks as MAC address remain in local subnets).
Page 66: Directory Users
License Selected Nodes. These profiles will now be issued a license and counted towards the total license count. If you need to purchase additional licenses, you may do so from Black Box Network Services or your Authorized Black Box Network Services Reseller. Additional licenses are issued in the form of a license key and may be entered during the Setup Wizard (Step 1) or under Admin ->...
Page 67: Broadcasts Tab
Because the data is leaving Optinet, some technical considerations may need to be implemented in order for the recipients to receive email reports. For example, if a spam filter is present on the network, you may need to allow email transmissions from Black Box Network Services’ Internet Service Provider (IP.XMISSION.COM).
Page 68: System Access Tab
Optinet allows you to create multiple login accounts used to access the system. All accounts are listed under the Manage -> System Access -> Logins menu. By default only one account is present on the device (the admin account with a password of Black Box Network Services).
Page 69: Application Sets
There are several default TFRS that can do some of these options; however, there is no one TRFS that has all components (Web Filter + Deny IM + SSL Block). Nevertheless, the Traffic Flow Rule Set Manager allows you to combine or delete components of the TFRS to tailor how traffic will be handled.
Page 70 • Chat and IM—this application set comprises signature definitions for chat and IM applications, e.g., Windows Live Messenger, Yahoo! Messenger, etc. • Databases—this application set comprises signature definitions for database applications, e.g., SQL, Oracle, etc. • DNS/Naming/Locators and Information—this application set comprises signature definitions for services that identify domains, users, and devices on a network, e.g., Domain Name Service (DNS), Lightweight Directory Access Protocol (LDAP), etc.
Page 71: Applications
• RPC/Remote Execution and Message—this application set comprises signature definitions for programs that execute other programs or routines remotely, e.g., Remote Procedure Call (RPC), IBM’s Tivoli, etc. • Security, Auditing, and Auth—this application set comprises signature definitions for network protocols that authenticate and secure users or devices, e.g., Kerberos, Pretty Group Privacy (PGP), etc.
Page 72 Like other menus under the Applications menu, this menu is intended for expert use. The Applications menu will allow you to finish creating the custom TFRS. You can also finish altering the Application Set to add or remove specific applications for an Application Set. Lastly, this menu allows you to search for individual applications, values (ports), and application sets to see how traffic is being categorized.
Page 73 • Value—this will list the corresponding measures from the Type field. For example, under the application of HTTP, the Type is listed Destination and Port; hence, the Value is listed as 80 as this is the Destination and Port number for HTTP traffic. Other entries listed here will be the XLi values, File Type values, MIME values, and all other associated values for Types.
Page 74 Paging, and Collaboration and tie it to the custom Application set of SMTP (created in the previous section). Click on the first SMTP application (On Demand SMTP Relay). This will post the Add/Edit Application Detail. Here, change the Application Set to SMTP from E-mail, Paging, and Collaboration.
Page 75: Chapter 6: Administrating Optinet
Chapter 6: Administrating Optinet The Admin tab of Optinet provides you with administration functions for initial configuration of the device. Also available are maintenance options such as backup settings and diagnostic tools that allow you to prevent failures or down time. Lastly, the Admin tab has advanced configuration options for Directory Users, SSL Certificate, custom redirection pages, and Spyware Removal.
Page 76: Configuration Tab
Configuration tab The Configuration tab provides you with a variety of tools that can help manage the installation and maintenance of Optinet. The options available under this tab allow you to optimize and customize your Optinet to meet the organization’s needs. Among these settings are basic and advanced settings, license settings, remote subnets, backup settings and static routes.
Page 77 • HTTP Keep-Alive Mode HTTP—this allows Optinet to use the same connection to send and receive multiple HTTP requests and responses, as opposed to opening new connections for every single HTTP request or response. This option can improve performance on frequently visited web sites and should be checked. This option is also necessary if you want to enable HTTPS/SSL Filtering.
Page 78: Ethernet Settings
• Database Timeout—this setting places a limit (in minutes) of how much time Optinet has to complete a report. Because Optinet runs several different functions simultaneously (filtering, shaping, reporting, etc.), priority is given to filtering and shaping so that reporting does not consume resources that may impact network performance.
Page 79 Please note that the amounts listed in the available upload and download under Miscellaneous Settings will restrict total traffic through Optinet. Make sure that the amounts entered in these fields are the correct amounts for your network. The next option, Web Time Online seconds per hit, is used to calculate the amount of time for the Web Time Online Report (Report ->...
Page 80: Update Settings
Also, please note that Object Identifier (OID) for Optinet is 1.3.6.1.4.1.31010. With the above listed values and The Optinet OID, you should be able to use the SNMP Get command: snmpget –v 2c –c public localhost 1.3.6.1.4.1.31010.1. The WALK command allows you to use the SNMP GETNEXT request to query Optinet for several pieces of information.
Page 81: Custom Category Options
• URL-Regular Expression—this compare string utilizes regular expressions to categorize web sites. Regular expression (regex) is a method used to describe a string of text using metacharacters or wildcard symbols. To use URL-Regular Expression, you will need to understand the functions of regular expression metacharacters.
Page 82: Remote Subnets
As you add web sites to these new categories, the names of these categories will appear in the new category list under Admin -> Configuration -> Custom Category Rules ->. Assign a Category as well as under the Edit Blocked Categories list. To add a new category, enter the name of category in the Add/Edit Category Name field and click the Update button.
Page 83: User Preferences
Figure 6.2 Routed Network Topology In this example, the network subnets of 10.0.0.0 and 172.16.0.0 will be identified as remote subnets. Optinet can track Internet traffic by IP addresses once these networks are identified as remote subnets. Optinet will not be able to track by MAC addresses for remote subnets as layer three devices maintain MAC addresses within their corresponding subnets.
Page 84: Static Routes
Default Rows per Page indicate how many results will be posted for each report. For example, if you want to see how many users have passed Peer to Peer traffic, you can access this information under Report -> Applications -> Peer to Peer -> Correlate by Network Node.
Page 85 Figure 6.3 Static Routes Diagram Please take special notice of the different gateways. The 10.0.0.0 has a default gateway of 10.0.0.1. This is not the gateway for the Optinet static route as this address is not the next hop for the remote subnet. The gateway will be 192.168.255.3 as this is the next hop for Optinet to communicate to users on the 10.0.0.0 network.
Page 86: Ssl Certificate Settings
For full functionality of Optinet, you will need to have sufficient licenses for all active connections on your network. You can purchase the license key from Black Box Network Services or your Authorized Black Box Network Services Reseller. Once purchased, you can enter in the License Key by selecting the Update button.
Page 87: Ldap Settings
the user is being assigned, and if the correct rules are being applied. To use Web Filter Info, enter the URL into a web browser (default setting is info.blackbox.com), and the Web Filter Status Report will post the results. Please note that any changes to these two settings will require correct Domain Name Service (DNS) resolution.
Page 88: Proxy Settings
As such, you will need to contact Black Box Network Services Support or your Authorized Black Box Network Services Reseller for assistance with installing Optinet with this scenario.
Page 89: Device Status
Device Status Device Status posts the condition of Optinet and several key components of the device. Here you can confirm that the IP address for the bridge interface is correctly assigned. You can also verify the status of all Ethernet ports, WAN, LAN, and Management/Auxiliary. Lastly, you can validate device settings (Device Key, Serial Number) and device status in regards to uptime (how long the device has been up), CPU load, and Used Disk Space.
Page 90: No Ldap Network Nodes
No LDAP Network Nodes This menu is covered in more detail under Chapter 7: Integrating Directory Users with Optinet. PING Packet Internet Groups (PING) is a useful troubleshooting tool for computer networks. This tool is used to test whether or not network hosts are reachable by sending an ICMP Echo Request packet.
Page 91: Downloads Tab
Downloads tab The Downloads tab stores the Directory Agent, Directory Client, and SSL Certificate necessary for Directory Users integration and SSL Filtering respectively. These topics are covered in Chapter 7: Integrating Directory Users with Optinet and Chapter 8: Implementing HTTPS/SSL Filtering with Optinet. Logs tab As Optinet completes its day-to-day tasks, the device will track important events, activities, and errors in log files.
Page 92: Kernel Log
Broadcast messages come from the e-mail broadcast system. Alert messages are not currently used. Kernel Log The Kernel is the central component of the Optinet Operating System (OS). The Kernel’s responsibilities include managing communication between the hardware and software components. As the Kernel does this, it keeps several key entries in a log file that can be reviewed.
Page 93: Directory Agent Login Page
Optinet. Utilities The Utilities menu offers several functions that are used for troubleshooting and also deleting information. Also available are the menus of Support Link (allows Black Box Network Services Technicians to access your device for remote assistance) and Spyware...
Page 94: System Resets
Access to the device is reset to the username of admin and a password of Black Box Network Services. If you select this option, you must connect a system to The Optinet LAN port and run the initial configuration of the device.
Page 95 Custom Application Sets Custom Applications Default Settings after Resetting the Database Manage Admin All users assigned to Default Domain set to Black Box Network Services.com Group Default IUR set to Web Filter Enable Port Scanning/OS Detection selected + IM System Access Enable TCP Window Scaling selected admin;...
Page 96: Support Link
Support Link Support Link is a utility that allows a Black Box Network Services technician to access your Optinet remotely and assist in troubleshooting or configuring the device. To activate a support link, you must first call Black Box Network Services Technical Support at 724-746- 5500 for a port number.
Page 97: Spyware Removal Tool
This tool can be activated by accessing the GUI of Optinet from the infected device or having the user browse to http://spyware.Black Box Network Services.com. Once activated, the Spyware Removal Tool will prompt the user to download and install a program called WebDeploy.cab.
Page 98: Chapter 7: Integrating Directory Users With Optinet
Chapter 7: Integrating Directory Users with Optinet Optinet by default tracks all web and application traffic based on device addresses (MAC addresses or IP addresses). By default Optinet will report traffic by each individual device located on the network and list the traffic by Network Nodes. However, reporting by these criteria may be daunting or insufficient as IP addresses can change constantly or users will move from one machine to another on the network.
Page 99 The Directory Client and Web Authentication are processes that signal to Optinet when users are logging onto the network. These processes correlate the Directory User profile to the corresponding Network Node in use. Review the following diagram. Figure 7.1 Directory Integration with Optinet Optinet uses both processes to identify Directory Users and filter accordingly.
Page 100: Directory Options
Directory Options Use the following Directory User Decision Tree to help you decide which Directory Option is correct for your environment. Each Directory Option is designed for specific scenarios or networks to facilitate Directory User integration. You will need to decide which level of Directory User integration is right for your organization and which requirements can be met by your network.
Page 101: Directory Option 2: Directory Agent With Ip Lookup
notified of the user and will be able to associate all traffic to the corresponding Directory User. The Directory Client supports Windows 64-bit, 32-bit (2000 SP4 or above), and Macintosh OSX (10.3 or above) Operating Systems (OS). Some of the disadvantages with this option are that it only supports Microsoft Active Directory and computers that are members of the Active Directory domain.
Page 102: Directory Option 4: Directory Agent With Login Page
In addition to this, you will need to create two groups; one Network Node Group that will include the Terminal Services servers or Citrix Servers, and one Directory User Group that will include the Directory Users. Both groups will use the same Internet Usage Rule set to Web Authentication-NTLM.
Page 103: Directory Configurations
Directory Configurations After deciding which Directory Option to use, you will need to follow the individual steps for the corresponding option. Below are listed the instructions on how to configure the various Directory Options. Directory Instructions Directory Option 1 Directory Option 2 Install Directory Agent Install Directory Agent Create Directory Agent...
Page 104 (Start -> Administrative Tools -> Services) and search for the service called Black Box Network Services Directory Agent. Right-click on the Black Box Network Services Directory Agent service and select Properties. On the Recovery Tab, you can select Restart the Service under First Failure, Second Failure, and Subsequent Failures.
Page 105: Create Directory Agents
Figure 7.5 Black Box Network Services Directory Agent Properties Create Directory Agents The second part to using the Directory Agent is to establish an association with Optinet. This is done by creating the Directory Agent on Optinet, which will allow the device to synchronize directory groups, OUs, and user attributes.
Page 106: Create Directory Agent Group
you are using Directory Option 3: Directory Agent with NTLM, you will place the Citrix servers or Terminal Services servers into this group. Later, you will create a single Internet Usage Rule that will be used by both the Network Node Group as well as the Directory Users Group.
Page 107 Common Directory Attributes CN (Common Name) CN=John Doe displayName displayName=John Doe givenName givenName=John objectCategory objectClass =user sAMAccountName sAMAccountName=jdoe userPrincipalName userPrincipalName=jdoe@mycompany.com mail mail=jdoe@mycompany.com c (Country) c=usa company company=mycompany department department=IT location location=remote site manager manager=boss postalCode postalCode=11111 st (State) st=New York streetAddress streetAddress=123 Main telephoneNumber...
Page 108 Attributes or Custom, please contact your Authorized Black Box Network Services Reseller or Black Box Network Services Support. One last note is that you can also combine Directory Users into one group using a combination of the different member types.
Page 109: Deploy Directory Client Client
names to adjust group precedence. After you have synchronized your Directory Agent Groups, make sure to Save your changes. Deploy Directory Client The Directory Client is a small executable file that sends user information to Optinet. These transmissions are called heartbeats. They allow Optinet to identify the specific user that is generating network traffic from a particular computer.
Page 110 Figure 7.8 Directory Client Help Dialog Box Without any parameters set for the Clients, you should receive a help dialog box like the one posted above. This help dialog box will post when the Clients are unable to send heartbeats to Optinet or have other communication errors. This box will also appear if there are syntax errors or if no Optinet IP address is provided.
Page 111 /tcp switch—this option is used to force the Clients to use TCP connections instead of UDP. UDP connections are preferred as they do not require static routes; however, this option is available for backwards compatibility and troubleshooting. If you enable this option, you will need to create static routes accordingly.
Page 112 Now that you have confirmed that the Client can communicate to Optinet, you are ready to deploy the Client in your network. Because each network is unique, the User Guide and Black Box Network Services cannot make specific recommendations as to how you should integrate the Directory Client into your network and directory server.
Page 113 4. Enter the following text into the file: start /d “\\server\share\folder” cymdir.exe /silent IP address of Optinet (in this example we will use the path of \\mydomain.tld\netlogon\Black Box Network Services and the IP address of 192.168.255.2). a. Using Windows shell environment variables can add power and flexibility to the batch file.
Page 114 6. Click the Add button. 7. Scroll down and select Group Policy Object Editor. Figure 7.12 Add Standalone Snap In 8. Click the Add button (this will launch the Group Policy Object Wizard). 9. Press the Browse button. 10. Select Default Domain Policy. 11.
Page 115 14. Click OK on the Add/Remove Snap-in dialog box (you should now be looking at the MMC screen with the Console Root Folder above the new Default Domain Policy you have just added. Figure 7.14 Console Root 15. Expand the Default Domain Policy. 16.
Page 116 23. Click Add to open the Add a Script dialog box. 24. Click Browse to open the Logon Script Folder. 25. Select Directory Client and click Open (you should now be in the Add a Script Dialog box; Directory Client should appear in the Script Name box). 26.
Page 117: Create Directory Internet Usage Rules
1. Create a Windows registry file (you can do this from notepad and change the file extension to .reg). 2. Insert the following text. (You may need to adjust the path depending on your settings. Also the last line requires the IP address of Optinet. In this example, we will use 192.168.255.2) Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]...
Page 118 • Inactivity Timeout—this setting allows you to identify how much inactive time can pass before Optinet re-confirms Directory Users. For example, if you use Directory Option 4: Directory Agent with Login Page, Optinet will present a user with a login page on his/her first initial web (HTTP) request. If after logging in, the user does not pass any more web traffic within a certain amount of time, Optinet will again present the login page to the user.
Page 119: Directory Troubleshooting
the instructions listed under Internet Usage Rules in Chapter 5: Managing Optinet for your IURs. Afterwards, click on the Web Authentication tab and select Require Web Based Authentication. Users will now be presented with a Login Page as soon as they initiate a web (HTTP) request.
Page 120 Common Name, Directory Agent Group (the synchronized group for Optinet), the Directory Agent Group (the actual user group from the Directory Server), the Distinguished Name, and the time taken to run the test. If the test is unsuccessful, confirm that File and Print share rights are enabled on the end user’s device.
Page 121: Troubleshooting Gpo Issues
not posting the correct Directory User profile, you can then confirm that the Directory Client is not executing correctly. Review your deployment of the Directory Client as a possible culprit for this problem. • No LDAP Network Nodes—this menu lists all devices currently passing traffic that do not have an associated Directory heartbeat.
Page 122: Troubleshooting Directory Client
REM If both are missing, this script is not being run REM if both are present, send cymdir.log to support@Black Box Network Services.com The purpose of this script is the put the date, time, and username of the last login in a text file called login.txt located in the user’s %TMP% directory.
Page 123 cymdir.exe is being loaded at login by checking the Process list in the Windows Task Manager. If not, there may be a script problem. If one or more users are not sending heartbeats, network routing issues can prevent packets from reaching Optinet. Use the /tcp switch to test for connection failures. Please note that you will not be able to use the /silent option for this test.
Page 124 Lastly make sure that you use the correct Directory Client for your Operating System. There are three versions (32-bit, 64-bit, and Macintosh) and should be deployed accordingly.
Page 125: Chapter 8: Implementing Https/Ssl Filtering With Optinet
Chapter 8: Implementing HTTPS/SSL Filtering with Optinet Secure Socket Layer (SSL) is a technology that is used to encrypt data sent over the network. (Newer versions of SSL are called Transport Layer Security or TLS. Statements in this User Guide regarding SSL also apply to TLS.) This encryption is done to insure that the data transmission is secure and only readable by the intended recipients.
Page 126: Certificate Authorities
• Enabling SSL Certificate-Based Filtering • The Optinet Digital Certificate • Installing The Optinet Digital Certificate • Enabling Full SSL Content Filtering • Confirming The Optinet Digital Certificate • Reporting on HTTPS/SSL Web Sites • Viewing Sensitive Content on HTTPS/SSL Web Sites Certificate Authorities For Web sites to use SSL to post secure data, they employ a digital certificate signed by Certificate Authorities (CA), like VeriSign or Thawte.
Page 127: Ssl Cgi Proxy
SSL CGI Proxy This type of proxy has users enter the Universal Resource Locator (URL) of the web site they want to browse to into a web form. The web site then processes the request and retrieves the page on behalf of the user. The web sites changes the links and images within the page so that the requests are actually hosted by the proxy web site and not the original web site.
Page 128: Enable Denied Access Page For Ssl Certificate-Based Content Filtering
Because of the additional steps required to enable Full SSL Content Filtering, you will not be able to turn on this option without first contacting a Black Box Network Services Support Technician. If you are interested in enabling Full SSL Content Filtering, please call Black Box Network Services Technical Support.
Page 129: Https/Ssl Blocking
As such, if you want to block a specific web category or web site that is using HTTPS, enter the web site as blocked in the Content Filtering tab, select a TFRS that has SSL Filtering and choose one of the HTTPS/SSL Filtering options. HTTPS/SSL Blocking There is an additional TFRS for SSL traffic entitled SSL Block.
Page 130: Enabling Ssl Certificate-Based Filtering
Advanced Setup) that will allow Optinet to support HTTPS/SSL filtering. These two options are HTTP Keep-Alive Mode and Enhanced Bridging Mode (EBM). HTTP Keep-Alive Mode allows Optinet to use the same connection to send and receive multiple HTTP requests and responses, as opposed to opening a new connection for every single HTTP request or response.
Page 131: Web Filter + Anonymous Proxy Guard + Ssl Filter
Web Filter + Anonymous Proxy Guard + SSL Filter This TFRS performs content filtering, web logging, spyware scanning, virus scanning for both HTTP (Web Filter) and HTTPS traffic (SSL Filter). This TFRS also prohibits HTTP traffic on any port other than port 80 or a designated proxy port and SSL traffic on any port other than port 443 (Anonymous Proxy Guard).
Page 132: Installing The Optinet Digital Certificate
In essence, Optinet establishes two SSL connections, one to the user and one to the web site. After these connections are established, the user sends the SSL request to Optinet. Optinet reviews the SSL request, verifies filtering rules, and then sends a SSL request on behalf of the user to the web site.
Page 133 However, HTTPS can also be used fraudulently to conceal web traffic and pose a danger to users and the network. Filtering HTTPS web sites will improve our ability to protect the network and ensure safe web browsing. You will need to import a digital certificate into your web browser that will allow you to access legitimate web sites that use HTTPS.
Page 134 1. Open up Internet Explorer 7. 2. Click on Tools -> Internet Options 3. Select the Content tab and click the Certificates button (this will bring up the Certificate dialog box) 4. Select the Trusted Root Certification Authorities tab and then click the Import button (this will bring up the Certificate Import Wizard) 5.
Page 135: Deploying The Optinet Certificate Via Active Directory
6. When asked, Place the certificate in the Trusted Root Certification Authorities store. 7. Complete the Certificate Import Wizard by selecting Next when prompted. 8. After you have completed the Certificate Import Wizard click the Finish button (you may receive a security warning about installing the certificate; select Yes to allow the import).
Page 136 2. Open a Windows Run Prompt (Start -> Run). 3. In the Open field type "mmc" (Microsoft Management Console). 4. Click OK. 5. In the File menu, select Add/Remove Snap-in. Figure 8.2 Console Prompt 6. Click the Add button. 7. Scroll down and select Group Policy Object Editor. Figure 8.3 Add Standalone Snap-in 8.
Page 137 9. Press the Browse button. 10. Select Default Domain Policy. 11. Click OK. Figure 8.4 Group Policy Object 12. Click Finish on the Add Group Policy Wizard. 13. Close the Add Standalone Snap-in dialog box. 14. Click OK on the Add/Remove Snap-in dialog box (you should now be looking at the MMC screen with the Console Root Folder above the new Default Domain Policy you have just added).
Page 138: Enabling Full Ssl Content Filtering
SSL Content Filtering. You can also enable Only Allow Trusted Certificate Authorities and Non-Expired Certificates. Enabling Full SSL Content Filtering Now that you have installed The Optinet certificate, you will need to contact Black Box Network Services Technical Support to enable Full SSL Filtering. Because Full SSL Filtering...
Page 139: Confirming The Optinet Digital Certificate
Black Box Network Services Technician reviews the device settings. This precaution has been taken to avoid unnecessary interruption with secure Web sites. You can contact Black Box Network Services Technical Support at 724-746-5500.
Page 140 numbers are normally encrypted at an additional layer within the SSL tunnel. As such, Optinet normally cannot decipher these items. Typically Optinet will only capture the URL and Hypertext Markup Language (HTML) of the web site accessed and not the additional encrypted items.
Page 141: Customer Support And Feedback
Customer Support and Feedback Getting Help For additional help, please consult Black Box Network Services Support at 724-746-5500. Additionally, you can contact your Authorized Black Box Network Services Reseller for support. For more information contact Black Box Network Services at 724-746-5500.
Page 142: Appendix A: Web Filtering Categories
Appendix A: Web Filtering Categories Optinet has several distinct layers to identify and filter web sites depending upon the settings you employ on the device. Among the most distinct layers are URL checks against database entries, key-word searches, real-time analysis on web page context, digital certificate scans, and full payload decryption on HTTPS/SSL traffic.
Page 143 Category Description Examples Filtering (Typical) Adult These are sites directed to adults, not necessarily fhm.com Unacceptable pornographic sites. Adult clubs: strip clubs, swingers cybereroticanews.com clubs, escort services, strippers; general information about sex, non-pornographic in nature; genital piercing; adult products, adult greeting cards; information about sex not in the context of health or disease.
Page 144 Category Description Examples Filtering (Typical) Computers and Internet Information about computers and software such as: dell.com Business hardware, software, software support sites; update.microsoft.com information for software engineers, programming and networking; website design, and the web and Internet in general; computer science; computer graphics and clipart.
Page 145 Category Description Examples Filtering (Typical) Games Various card games, board games, word games, games.yahoo.com Non-business video games; computer games, Internet games worldofwarcraft.com (RPGs and D&D); combat games; sports games; downloadable games; game reviews; cheat sheets. Gay and Lesbian Gay, lesbian, bisexual, transgender: gay family, gay gay.com Non-business parenting, coming out, gay pride sites;...
Page 146 Category Description Examples Filtering (Typical) Lottery and Sweepstakes, contests and lotteries. powerball.com Sweepstakes calottery.com Non-business Miscellaneous Cannot be categorized—often because the web Non-business page is secured from outside visibility or there’s either no text or too little text to access it. Nature Natural resources;...
Page 147 Category Description Examples Filtering (Typical) Real Estate Information that would support the search for real remax.com Non-business estate. This includes: office and commercial space; century21.com real estate listings: rentals, apartments, homes; house building; roommates, etc. Science and Sites involving science and technology: aerospace, space.com Technology electronics, engineering, mathematics, etc.;...
Page 148 Category Description Examples Filtering (Typical) Uncategorized Cannot be categorized—often because the web Non-business page is secured from outside visibility or there’s either no text or too little text to access it. Vice Sites involving illegal drugs, alcohol, tobacco, and viceland.com Non-business gambling.
Page 149: Appendix B: Mime Types
Appendix B: MIME Types The following lists contain the MIME types you can block on your network. MIME type MIME type application/EDI-Consent application/hyperstudio application/EDI-X12 application/iges application/EDIFACT application/im-iscomposing+xml application/activemessage application/index application/andrew-inset application/index.cmd application/applefile application/index.obj application/atomicmail application/index.response application/batch-SMTP application/index.vnd application/beep+xml application/iotp application/cals-1840 application/ipp application/cnrp+xml application/isup...
Page 150 MIME type MIME type application/ogg application/xml-external-parsed-entity application/parityfec application/xmpp+xml application/pdf application/xop+xml application/pgp-encrypted application/zip application/pgp-keys audio/32kadpcm application/pgp-signature audio/3gpp application/pidf+xml audio/AMR application/pkcs10 audio/AMR-WB application/pkcs7-mime audio/CN application/pkcs7-signature audio/DAT12 application/pkix-cert audio/DVI4 application/pkix-crl audio/EVRC application/pkix-pkipath audio/EVRC-QCP application/pkixcmp audio/EVRC0 application/postscript audio/G.722.1 application/prs.alvestrand.titrax-sheet audio/G722 application/prs.cww audio/G723 application/prs.nprend audio/G726-16 application/prs.plucker audio/G726-24 application/qsig...
Page 151 MIME type MIME type text/parityfec audio/prs.sid text/plain audio/telephone-event text/prs.fallenstein.rst audio/tone text/prs.lines.tag image/cgm text/rfc822-headers image/fits text/richtext image/g3fax text/rtf image/gif text/sgml image/ief text/t140 image/jp2 text/tab-separated-values image/jpeg text/uri-list image/jpm image/jpx text/xml image/naplps text/xml-external-parsed-entity image/png video/3gpp image/prs.btif video/BMPEG image/prs.pti video/BT656 image/t38 video/CelB image/tiff video/DV image/tiff-fx video/H261 message/CPIM...
Page 152: Appendix C: File Types
Appendix C: File Types The following lists contain the file types you can block on your network. File type File extension File type File extension Active Server Page .asmx Compressed Active Server Page .asp Compressed .zip Active Server Page .aspx DOS Batch .bat ActiveX Control...
Page 153 File type File extension File type File extension Image .tga PowerPoint .ppt Image .tiff Quark Express .qxd Initialization .ini .sql Internet Certificate .cer Spreadsheet .xls Java Archive .jar Spreadsheet .xlt JavaScript Spreadsheet .xlw .log Swap .sqp Lotus .wk1 .tar Lotus Database .ns2 Text .txt...
Page 154: Appendix D: Cidr Cheat Sheet
Appendix D: CIDR Cheat Sheet Classless Inter-Domain Routing (CIDR) is the latest refinement on how to present IP Addresses and Subnet masks. CIDR replaces the previous generation of IP Address syntax, Classful networks. Rather than allocating address blocks in 8-bit (octet) boundaries, it uses a technique of a variable subnet mask to allow more allocation.
Page 155 1024 255.255.252.0 2048 255.255.248.0 16 C 4096 255.255.240.0 32 C 8192 255.255.224.0 64 C 16384 255.255.192.0 128 C 32768 255.255.128.0 256 C 1B 65536 255.255.0.0 512 C 2 B 131072 255.254.0.0 1024 C 4 B 262144 255.252.0.0 2048 C 8 B 524288 255.248.0.0 4096 C 16 B...
Page 156: Appendix E: End User License Agreement (Eula) & Warranty
This license does not grant you any rights to patents, copyright, trade secrets, trademarks or any other rights with respect to the Software and Appliance. Black Box Network Services and its suppliers retain all ownership of, and intellectual property rights in (including copyright), the Software and Appliance. However, certain components of the Software are components licensed under the GNU General Public License (version 2).
Page 157 Purchaser) under normal and proper use and service for the period of one (1) year from the date of purchase from an Authorized Black Box Network Services Reseller. In the event that this product fails to meet this warranty within the applicable warranty period, and provided that Black Box Network Services confirms the specified defects, Purchaser’s sole remedy is to have Black Box Network Services, at Black Box Network Services’...
Page 158 If Black Box Network Services does not find the product to be defective, the Purchaser will be invoiced for said inspection and testing at Black Box Network Services’...
Page 159 About Black Box Black Box Network Services is your source for more than 118,000 networking and infrastructure products. You’ll find everything from cabinets and racks and power and surge protection products to media converters and Ethernet switches all supported by free, live 24/7 Tech support available in 20 seconds or less.

This manual is also suitable for:

Optinet fe408100xa Optinet fe408020xa Optinet fe408200xa Optinet fe408020aa Optinet fe408045xa

Black Box Optinet FE408005AA User Manual

Chapter 1: Introducing Optinet

Chapter 2: Installing Optinet

Chapter 3: Navigating Optinet

Chapter 4: Generating Reports

Chapter 5: Managing Optinet

Chapter 6: Administrating Optinet

Chapter 7: Integrating Directory Users with Optinet

Chapter 8: Implementing HTTPS/SSL Filtering with Optinet

Customer Support and Feedback

Appendix A: Web Filtering Categories

Appendix B: MIME Types

Appendix C: File Types

Appendix D: CIDR Cheat Sheet

Appendix E: End User License Agreement (EULA) & Warranty

Quick Links

Troubleshooting

Related Manuals for Black Box Optinet FE408005AA

Summary of Contents for Black Box Optinet FE408005AA

This manual is also suitable for:

Table of Contents