1. Manuals
  2. Brands
  3. St. Bernard Manuals
  4. Network Hardware
  5. iPrism
  6. Installation and configuration manual

St. Bernard iPrism Installation And Configuration Manual

Hide thumbs Also See for iPrism:
Table of Contents

Advertisement

Quick Links

Download this manual
800
782
3762
www.stbernard.com
Installation and Configuration Guide
Version 6.2

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the iPrism and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for St. Bernard iPrism

Summary of Contents for St. Bernard iPrism

  • Page 1 3762 • • www.stbernard.com Installation and Configuration Guide Version 6.2...
  • Page 2 ©2001 – 2009 St. Bernard Software Inc. All rights reserved. The St. Bernard Software logo, iPrism and iGuard are trademarks of St. Bernard Software Inc. All other trademarks and registered trademarks are hereby acknowledged. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

  • Page 3: Table Of Contents

    Installation..............Installation Instructions............CHAPTER 3 iPrism Testing ................Test #1: Accessing the iPrism Main Menu ......Test #2: Using the iPrism as a Proxy Server ......CHAPTER 4 Familiarizing Yourself with iPrism .......... CHAPTER 5 Deploying iPrism in Production ..........

  • Page 4: Chapter 1 Iprism Overview

    This guide will help you understand the basic functions of your iPrism as well as get you started using it. Let’s begin with the basic functionality of...
  • Page 5 The iPrism is designed to operate in either proxy mode or bridge (transparent) mode: In proxy mode, iPrism uses a single internal interface to connect to the Internet. Proxy mode uses 1 network (NIC) connection, as only the internal interface is connected to the local network. The iPrism acts as a filtering web proxy;...
  • Page 6 Bridge (transparent) mode is an “in-line installation” which has 2 network (NIC) connections. All network traffic destined for the Internet (e.g., email and web) flows through the iPrism, and a single IP address is used by both interfaces. iPrism filters web and IM/P2P traffic only. It is best to position iPrism between the outbound Internet connection and an internal switch to limit traffic handling to outbound Internet traffic.
  • Page 7 Overview Bridge (Transparent) Mode FIGURE 2.

  • Page 8: Chapter 2 Iprism Installation

    (see Appendix B: “Configuring Your Browser for Proxy Mode” on page 43). After the iPrism is up and running, it can be deployed in one of the following modes: Bridge (Transparent) Mode (the preferred operating mode): Connect the iPrism between your internal network and the Internet, inside the firewall if you have one.

  • Page 9: Installation Instructions

    Proxy Mode: Inform your user community that they must use the iPrism as a proxy or create a domain policy that makes the iPrism the proxy for everyone. Change the firewall rules to block any http traffic that does not come from the iPrism.
  • Page 10 IP Address......: 192.168.1.10 Subnet Mask....... : 255.255.255.0 Default Gateway....: 192.168.1.1 Select an IP address for the iPrism on the same IP network. Using the example above, you can choose any available IP address in the 192.168.1.1 – 192.168.1.254 range.

  • Page 11: Hardware Setup

    2.1.2.1 Mounting the Hardware Appliance If you have not already done so, now is a good time to unpack the iPrism appliance and physically mount it in its final location (e.g., a 19” rack). If...
  • Page 12 LEDs and Lights The LEDs and lights on the iPrism control panel keep you informed of the system status. The following LEDs and lights are available on the h-Series: UID: Unit identifier. Depressing the UID button illuminates an LED on both the front and rear of the appliance to allow you to easily locate the appliance in large stack configurations.
  • Page 13 Installation Reset: Reboots the system. Important: Do not press this button until you have shut down the iPrism from the Exit > Shutdown menu option. This cleanly terminates the current iPrism services and network connections and prepares iPrism to be powered down using this button.
  • Page 14 100h...
  • Page 15 Installation Rear Panels Power This connects power to iPrism (115 – 230 VAC auto- connector sensing). Mouse Unused port Keyboard Unused port USB ports Unused Console Access to this port is only under the direction of St. port Bernard Technical Support for a specific reason.
  • Page 16 Power This connects power to iPrism (115 – 230 VAC connector auto-sensing). Mouse port Unused Keyboard port Unused USB ports Unused Console port Access to this port is only under the direction of St. Bernard Technical Support for a specific reason.
  • Page 17 Installation 30h, 50h and 100h Power These connect power to iPrism (100 – 240 VAC auto- connectors sensing). Mouse port Unused Keyboard Unused port USB ports Unused Console Access to this port is only under the direction of St.
  • Page 18 Connect the other end of the cable into the hub/switch that serves the local subnet. Important: Do not connect the external side of the iPrism at this point. This configuration is used for initial setup and testing so as not to interrupt network traffic.
  • Page 19 Software technical support for assistance. 2.1.3.1 Installing and Starting the Appliance Manager Before you begin, ensure that the iPrism is properly connected to your network and powered on. Any firewall software running on your computer, such as the Microsoft Windows XP Firewall or Norton Internet Security™, must be disabled before continuing.
  • Page 20 Appliance Manager Introduction FIGURE 3.
  • Page 21 Installation Select the folder where you want the Appliance Manager installed (Figure 4), and click Next. Installation Folder FIGURE 4.
  • Page 22 Select a location to create the Appliance Manager icons (Figure 5), and click Next. Choose Shortcut Folder for Appliance Manager icons FIGURE 5.
  • Page 23 Installation Verify that your installation information is correct, then click Install. If you need to make any changes, click Previous. Pre-Installation Summary FIGURE 6.
  • Page 24 The Manage Appliance List window appears. In the IP Address field, type the value you wrote on line D (IP Address) of the information sheet. IP Assignment Wizard 1. If your iPrism has been configured with an IP address, the System Configuration will be skipped and the tool will start.
  • Page 25 Step 4. If the IP address is set successfully, a “Success” window will appear. Click Finish. The iPrism configuration software will now be launched and the login window will appear. In the User field, type iprism.
  • Page 26 Note: If this is not your first installation of an iPrism and you have a backup of a previous configuration, you can select Restore an archived configuration. The iPrism will use your existing configuration as the base for configuring the new iPrism.
  • Page 27 Installation Note: The iPrism is initially set up in proxy mode for testing. Only the internal interface is connected to the Internet and the iPrism acts as a filtering web proxy. The iPrism may later be set to a dual-interface configuration using bridge (transparent) mode when it is ready for production.
  • Page 28 The Notice window provides one last chance (via the Cancel button) to make any changes to your configuration. If you are satisfied with your configuration, click OK. Your iPrism will be configured and be ready for testing in approximately two (2) minutes.

  • Page 29: Chapter 3 Iprism Testing

    CHAPTER 3 Testing It is now time to run tests to verify that your iPrism has been installed successfully. If any of the tests fail, do not proceed to the next test until the problem is resolved and the test passes.

  • Page 30: Test #1: Accessing The Iprism Main Menu

    3.1 Test #1: Accessing the iPrism Main Menu In this test, you will use a web browser to access the iPrism configuration utility. This ensures that the iPrism is being recognized on your network with the new network settings you entered in the setup wizard in Chapter 2.
  • Page 31 If you do not see the iPrism Main Menu - Administrator window, try the following to resolve the issue: • Use the ping command to check if you can access the iPrism over the network, and verify that you are using the correct IP address.

  • Page 32: Test #2: Using The Iprism As A Proxy Server

    • Type a different URL, refresh the page, or clear your cache. If the test page you are trying to access is stored in your cache, the iPrism will not be able to block it.
  • Page 33 Testing • Verify the proxy settings. Ensure that you entered the iPrism’s IP address properly and specified a port value of 3128. If you are unable to load a web page that is not blocked: • Verify the existence and/or validity of your default gateway within the iPrism Configuration Manager (located in the System section’s...

  • Page 34: Familiarizing Yourself With Iprism

    Yourself with iPrism Your iPrism is now installed and set up so that you may configure it, test the results, run reports, and generally experiment with your system before deploying it in a production environment. iPrism has an extensive list of features for you to explore;...

  • Page 35: Deploying Iprism In Production

    Production It is recommended that installation, setup and testing be done in proxy mode, and the iPrism be switched to bridge (transparent) mode in production. For additional descriptions of these modes, see Chapter 1. 5.1 Bridge (Transparent) Mode...
  • Page 36 Network Settings FIGURE 11. Note: When the iPrism is off, the internal and external interfaces are connected directly through a relay. Both interfaces must use the same mode if this feature is to work properly. If they do not (i.e., are connected to networks of different speeds), errors may result.
  • Page 37 To identify the crossover cable, look at the color-coding of the wires in each connector that came with your iPrism. If the colors are in the exact same order, it is a standard Ethernet patch cable. If the colors are in a...
  • Page 38 Turn on the iPrism. Note: If you are using a VLAN or other intelligent switch, the default route for your iPrism must be set to an address outside your local network; i.e., the firewall or a location past the firewall.

  • Page 39: Proxy Mode

    The first two workstations in Figure 14 have been configured to use the iPrism as their proxy, so all of their web traffic goes through the iPrism. The iPrism then filters the traffic and sends it to the Internet through the firewall.
  • Page 40 Deployment in Proxy Mode FIGURE 14.

  • Page 41: Appendix A: Windows Xp/Sp2 Firewall Configuration

    The default settings of the Windows XP Firewall (part of Service Pack 2) prevent the Appliance Manager from working properly. If the Appliance Manager does not detect your iPrism, it may be due to the firewall preventing vital communications between the iPrism and workstations.

  • Page 42: Turning Off The Firewall

    To turn the Windows firewall off from the default Windows XP Start menu, select Start -> Control Panel -> Windows Firewall. To turn the Windows firewall off from the Classic Start menu, select Start -> Control Panel -> Windows Firewall. Select Off, and click OK.

  • Page 43: Configuring The Firewall

    6.4 Configuring the Firewall To ensure the Appliance Manager works properly, you must configure the firewall. When you first run the Appliance Manager, you may see the message “No appliances were found”, with a Windows Security Alert message displayed in the title bar (see Figure 15). If you do not see the Windows Security Alert message, but you do see the message “No appliances were found”, continue to section 6.4.1 to learn how to set up an exception for the Appliance Manager’s javaw.exe program.
  • Page 44 Click Refresh List in the Appliance Manager window. A list of connected iPrisms should appear. 6.4.1.1 Manual Exceptions You can manually change your firewall settings or check your existing settings using the steps outlined in this section. Note: You do not need to complete these setps if you have followed the steps in section 6.4.1 above.
  • Page 45 Exceptions Tab FIGURE 16.

  • Page 46: Appendix B: Configuring Your Browser For Proxy Mode

    Configuring APPENDIX B Your Browser for Proxy Mode To configure your browser for proxy mode, follow the instructions below for your specific Internet browser.

  • Page 47: Internet Explorer

    Internet Explorer Select Tools -> Internet Options. Select the Connections tab. Connections tab FIGURE 17. Click LAN Settings.
  • Page 48 LAN Settings FIGURE 18. Check “Use a proxy server ... “ and type the IP address of your iPrism in the Address: field. Type 3128 in the Port: field. Click OK, then OK again. Note: Port 3128 is the default. The iPrism administrator can change this...
  • Page 49 FIGURE 19. In the Connection Settings window, select “Manual proxy configuration” and type the IP address of your iPrism in the HTTP Proxy: field. Type 3128 in the Port: field. Click OK. Note: Port 3128 is the default. The iPrism administrator can change this...
  • Page 50 Connection Settings FIGURE 20.

  • Page 51: Appendix C: Support Information

    • If you have concerns about your network’s ability to interact with the iPrism. If you are unable to resolve your issue using the provided documentation, please contact St. Bernard Software’s technical support team. Contact information is available on the St. Bernard Software website: http://www.stbernard.com/products/support/iprism/support_iprism.asp...
  • Page 52 When contacting tech support, have the following information ready: • All relevant information about how iPrism is configured on your network (topology, other hardware, networking software, etc.). • Your iPrism serial number and registration key. • In order to help our support staff resolve your issue, it is helpful to send...

  • Page 53: Appendix D: Information Sheet

    Information APPENDIX D Sheet The information listed on this page is needed to configure your iPrism. Refer to section “Completing the Information Sheet” on page 6. A. iPrism Serial Number: _______________________________________ B. Permanent Registration Key:________-________-________-________ C. Permanent Registration Key Expiration Date:____/____/________ D.

  • Page 54: Appendix E: Upgrading Your Iprism

    Upgrading your APPENDIX E iPrism Note: iPrism units running v4.1 or earlier must upgrade to v4.2 before upgrading to v5.x/6.x via field upgrade. iPrism units running either 5.x or 6.0 can upgrade directly to 6.010. Upgrade enhancements include improved diagnostics, scheduling, and progress updates.

  • Page 55: Upgrade Process Overview

    Note: The upgrade process (notifications and iPrism Upgrade Manager) will be the same as you move from one iPrism v5.x/6.x build to another, although of course the upgrade may vary in terms of what is being updated.

  • Page 56: Upgrade Process Example

    7/1/ 2007 at 10:00 AM as the automatic system update time. The iPrism Upgrade Manager link shown in the sample email above provides additional status detail. If your email does not contain the link...
  • Page 57 Rather than wait for 3 days, we have elected to change the upgrade to ASAP and clicked Apply new setting. Note: You must consider how this will affect your users. Using an automatic system update time as the default is specifically provides for performing updates at a time when users are unlikely to be accessing the Internet.
  • Page 58 Upgrade Process Overview The sample email below confirms the upgrade process has begun. In this example, it arrived about 15 minutes after the scheduling was changed to ASAP. The sample email below confirms the upgrade process is complete.

  • Page 59: What Do I Do If

    (hosted reporting). 10.6 What do I do if ... ? If there is a HotFix, Disk or Central Management issue, it will be noted in the initial upgrade email and the iPrism Upgrade Manager page (see below).
  • Page 60 HotFix issues can typically be resolved through uninstalling the HotFix. Important: Currently, if an incompatible HotFix issue is reported in the email and iPrism Upgrade Manager page, you must wait 5 minutes before using HotFix Manager to uninstall the incompatible HotFix, or you may receive an error.
  • Page 61 • If Disk Issues are reported, contact iPrism Technical Support for assistance. Cleanup may be required to create enough free space for the upgrade. The following sample demonstrates the kind of email that may be generated to report disk issues:...

  • Page 62: How To Upgrade Iprisms In A Central Management Configuration

    • Central Management is only an “issue” in regard to the fact that there is an optimal way to upgrade the iPrism units and keep the Master/Slave relationship in sync. Refer to the How to Upgrade iPrisms in a Central Management Configuration below for details.
  • Page 63 Set Mode to stand alone. Select Exit, then Save and Exit. Log back in to the System Configuration tool. Log back in to the System Configuration tool. Select the System section, then the Preferences tab. In the System Updates frame, select ASAP.
  • Page 64 If you do not want to decouple master and slave iPrisms before upgrading, follow the steps in the KnowledgeBase article “Upgrading your iPrism”, available at www.stbernard.com/products/support/iprism/help/iprism.htm Once you have upgraded your master iPrism, all slave(s) will be automatically synchronized and updated.

  • Page 65: Index

    Firefox testing Internet Explorer blocked site filtering error decoupling Master and Slave iPrisms unblocked site disk issue using iPrism as proxy server fixing using web browser turning on exceptions Upgrade Manager automatic upgrading javaw.exe web and IM/P2P filtering...
  • Page 66 ASAP scheduled upgrading Windows XP SP2 firewall configuration...
  • Page 69 Installation and Configuration Guide Version 6.2 ©2001-2008 St. Bernard Software, Inc. All rights reserved. The St. Bernard Software logo, iPrism and iGuard are trademarks of St. Bernard Software Inc. All other trademarks and registred trademarks are hereby acknowledged. Corporate Office - USA...

Table of Contents