WIXLIB

INTEGRATIONSetup and Configuration2SETUP AND CONFIGURATIONThis section outlines the basic set up for configuring the SurfControl Web Filter Monitor and Reporter system.Before creating filtering policies, you need to: Set up the SurfControl Web Filter Monitor & Reporter. Configure the Blue Coat Proxy SG appliance.SETTING UP THE SURFCONTROL WEB FILTER MONITOR AND REPORTEROn the SurfControl Web Filter Monitor and Reporter:1Install MSDE or Microsoft SQL server.2Install the SurfControl Web Filter Monitor and Reporter. See “Installation considerations” on page 21.‘3Stop the SurfControl Web Filter service through Administrative Tools Services in the Control Panel.Note: You must stop the SurfControl Web Filter service before using the SurfControl Monitor andReporter with the Blue Coat appliance.4Create a directory on the SurfControl Web Filter Reporter and Monitor that will be used to receive the logfile (flat file) from the Blue Coat appliance.You must also specify the same directory when configuring the client on the Blue Coat appliance foruploading the log files. See Figure 2-6.56Configure either the default FTP site or a virtual directory.–Make sure that the default path is the same as the path that you have created to receive the flat file.–Make sure you configure accounts that can access the FTP server.Using the Scheduler, create a Database Update event to import the log data (flat files) into the SurfControldatabase.You should configure manual database updates so that the database can be updated regularly (for example,every hour). For details of database updates, see the SurfControl Web Filter for Blue Coat Administrator’s Guide.7Using the Scheduler, create events for database maintenance (purge, archive, and compact).8Using SurfControl Report Central, create Report events to meet your company’s requirements. For details,see the SurfControl Report Central Administrators Guide.Note: The Rules Administrator and Real-Time Monitor are not supported in this release.SurfControl Web Filter for Blue CoatInstallation Guide9

2INTEGRATIONSetup and ConfigurationCONFIGURING THE BLUE COAT PROXYSG APPLIANCETo configure the Blue Coat ProxySG appliance:1From the Management Console, select Configuration Content Filtering General.2Select SurfControl as your content filtering provider (Figure 2-2).Figure 2-2Select your content filter3Select Configuration Content Filtering SurfControl.10Installation GuideSurfControl Web Filter for Blue Coat

INTEGRATIONSetup and Configuration4Set up SurfControl categories using your user name and password (Figure 2-3). For additionalinformation, see the Blue Coat ProxySG Configuration and Management Guide.Figure 2-352The SurfControl user name, password and download URLSelect Configuration Content Filtering SurfControl Automatic Download.SurfControl Web Filter for Blue CoatInstallation Guide11

26INTEGRATIONSetup and ConfigurationSchedule updates to the Internet Threat Database (Figure 2-4). For additional information, see the BlueCoat ProxySG Configuration and Management Guide.Figure 2-4Schedule automatic updates to the Internet Threat Database7Select Configuration Access Logging Logs Logs.8Click New.9Create a new log file to use the SurfControl format (Figure 2-5). SurfControl recommends the following:12–Maximum size of each remote file 50 MB–Early upload value 100 MB.Installation GuideSurfControl Web Filter for Blue Coat

INTEGRATIONSetup and Configuration2If you set the early upload value to 0, Blue Coat will only upload the files using the defined UploadSchedule.Figure 2-5Create a SurfControl log file10 Select Configuration Access Logging Logs Upload Client.11 Configure the client for uploading log files by FTP to the SurfControl Web Filter Monitor and Reporter(Figure 2-6). For additional information, see the Blue Coat ProxySG Configuration and Management Guide.Set the following:–Save the log file as text file.–Set the Client type as FTP Client, and then click Settings.12 In the FTP server connection dialog box:–Enter the Host IP address of the SurfControl server.–Enter the path (/)–Enter the user name required by the FTP server.SurfControl Web Filter for Blue CoatInstallation Guide13

2INTEGRATIONSetup and Configuration–Set the transfer type to text file.–Enter the Filename format of the log: %m-%d-%H-%M-%S SGT %f %l.tmp.Figure 2-6Configure the upload clientIf the Blue Coat appliance has three Network Interface Cards (NICs), SurfControl recommends that youset up a dedicated FTP connection between Blue Coat and SurfControl. To do this, set up the SurfControlserver on its own network, and then connect the third Blue Coat NIC to this network. This configurationremoves delays on the Blue Coat server that is caused by the amount of data being transferred to theSurfControl server.13 Select Configuration Access Logging Logs Upload Schedule.14Installation GuideSurfControl Web Filter for Blue Coat

INTEGRATIONSetup and Configuration214 Set the Upload type: to periodically, and then set up the upload schedule (Figure 2-7). For additionalinformation, see the Blue Coat ProxySG Configuration and Management Guide.Figure 2-7Configure the upload schedule15 Select Configuration Access Logging General Default Logging.SurfControl Web Filter for Blue CoatInstallation Guide15

2INTEGRATIONSetup and Configuration16 Log all HTTP/HTTPS traffic to the SurfControl log file (Figure 2-8).Figure 2-816Log HTTP/HTTPS trafficInstallation GuideSurfControl Web Filter for Blue Coat

INTEGRATIONSetup and Configuration2CREATING FILTERING POLICIESTo create filtering policies, you launch the Blue Coat Visual Policy Manager. For details of how to use thescreen, please see the relevant Blue Coat documentation.1Select Configuration Policy Visual Policy Manager.Figure 2-9Launch Visual Policy Manager2Click Launch.3Create your filtering policies as required (Figure 2-10).Figure 2-10 Visual Policy ManagerSurfControl Web Filter for Blue CoatInstallation Guide17

218INTEGRATIONSetup and ConfigurationInstallation GuideSurfControl Web Filter for Blue Coat

Chapter 3Installation decisionsIntroductionInstallation considerationsDatabase ConsiderationsOther Considerationspage 20page 21page 22page 26

3INSTALLATION DECISIONSIntroductionINTRODUCTIONThis section discusses the decisions you must make before installing SurfControl Web Filter and is divided intothe following sections:INSTALLATION CONSIDERATIONS You need to consider where you want to install the Virtual Control Agent (VCA). You need to consider where you want to install SurfControl Report Central.See “Installation considerations” on page 21 for more details.Warning: Without SurfControl Report Central you will not be able to run reports.USER NAME RESOLUTIONThe resolution of user names is handled by Blue Coat. There is no need to install any SurfControl user nameresolution method as part of the SurfControl Web Filter Monitor and Reporter.DATABASE OPTIONS What database do you plan to use (MSDE or SQL)? How do you want Web Filter to connect to the database (Windows authentication or SQL authentication)?See “Database Considerations” on page 22 for more details.OTHER CONSIDERATIONS Content information Which e-mail notifications should Web Filter send? What administrative privileges do you need to set up?20Installation GuideSurfControl Web Filter for Blue Coat

INSTALLATION DECISIONSInstallation considerations3INSTALLATION CONSIDERATIONSDuring installation, you can set the following options for SurfControl Web Filter’s basic behavior: Install Virtual Control Agent (VCA).Note: VCA categorizations will not be used in any filtering policy; they are for reporting only. Install SurfControl Mobile Filter Administrator. You must have the Mobile Filter server installed on yournetwork for the Administrator to work properly – not applicable for this release. Install SurfControl Report Central.INSTALL VIRTUAL CONTROL AGENTThe Virtual Control Agent (VCA) uses the latest neural network techniques to intelligently classify unknown or‘None’ Web sites into one of 54 categories. The VCA categorizes English, German, French, Spanish andDutch content focusing on non-business areas such as "adult," "gambling" and "sports." The VCA is targetedto identify non-business sites that affect productivity in the workplace.SurfControl recommends installing VCA onto a single Web Filter computer within a multi installationenvironment, where the traffic volume is low.Before installation, make sure the server where VCA is installed meets the minimum requirements for VCA inTable 3-1:Table 3-1Minimum Requirements for VCAComponentMinimumRecommendedProcessorIntel Pentium IIIIntel Pentium IVMemory256 Mbytes RAM1 Gbyte RamSupported Operating Systems (with latest ServicePacks)Windows 2000 ServerWindows 2000 Advanced ServerWindows Server 2003 Standard EditionWindows Server 2003 Enterprise EditionDisk space1 Gbyte freeDuring installation, you can choose to install and register VCA or install it for a 30-day evaluation period.Note: The service side of the VCA only functions for a registered version of the VCA. See Chapter 6 ofthe Administrator’s Guide for more details on the VCA service.SurfControl Web Filter for Blue CoatInstallation Guide21

3INSTALLATION DECISIONSDatabase ConsiderationsSURFCONTROL WEB FILTER REPORT CENTRALTo be able to produce reports on your company’s Internet activity you need to install SurfControl ReportCentral. If you decide not to install Report Central as part of the Web Filter installation, you can do so laterfrom the executable (setup.exe) in the following folder depending whether you have a product CD, or a Website download: Product CD: webstd\English\Reporting Filter Web site download: English\ReportingNote: Because SurfControl Report Central can contain confidential information on its database, youshould install it in a secure environment.DATABASE CONSIDERATIONSWeb Filter is supplied with Microsoft SQL Server 2000 Desktop Engine (MSDE 2000), but can also create thedata structure in a fully-licensed version of SQL 2000. If you plan to use a fully-licensed version of SQL, makesure the software is installed and running before attempting to install Web Filter.Using a fully-licensed version of SQL (rather than MSDE) allows more flexibility and the ability to fine-tunedatabase performance. Web Filter performs extremely well in either case.Web Filter connects to the database using a fully-qualified connection string. This string contains all the detailsrequired to connect to a database including database type, name of the server, user id, password, and databasename. Using a connection string does not require the creation of DSNs. Therefore, any Web Filter client orserver on the network can access the database without creating a link through the ODBC.MSDE DATABASEIf you are not using a SQL Server database, you need to install MSDE. SurfControl recommends you installMSDE before installing Web Filter.Warning: There are limitations to the maximum size of any database. Please read the relevant databasedocumentation for details.MSDE allows a seamless upgrade to a SQL database in the future. You can access MSDE data tables using theWindows OSQL utility from the command prompt. For more details about the OSQL utility, visitwww.microsoft.com.22Installation GuideSurfControl Web Filter for Blue Coat

INSTALLATION DECISIONSDatabase Considerations3If you install MSDE onto the Web Filter Monitor & Reporter, make sure the server meets the minimumresources listed in Table 3-2:Table 3-2MSDE minimum requirements on Web Filter Monitor & Reporter# UsersComputer Specification 500Intel Pentium IV, 2 GBytes RAM, 1.2 GHz processor, 10GBytes hard drive.500 - 1000Intel Pentium IV, 3 GBytes RAM, 1.4 GHz processor, 20GBytes hard drive. 1000SurfControl recommends a dedicated SQL Server installation.Note: These resources are in addition to the curently stated requirements.SQL SERVERIf you have a Microsoft SQL Server on your network, you should plan to create the database on that server(you can create and configure the database during the installation process).Note: SurfControl recommends installing SQL Server on a dedicated server.If you plan to use SQL Server, but have not installed it, complete the following tasks before installing WebFilter:Warning: Install SQL Server with the default settings of case insensitivity, including Dictionary Order.Choosing case sensitivity may cause problems when installing Web Filter.1Install the SQL Server Client Connectivity Pack onto the server where you install Web Filter.2Install SQL Server on the designated server; this can be the same machine as the Web Filter Monitor &Reporter.3Make sure your server has the minimum resources listed in Table 3-3:Table 3-3SQL Server minimum requirements on Web Filter Monitor & Reporter# UsersComputer Specification 500Intel Pentium IV, 2 GBytes RAM, 1.2 GHz processor, 10GBytes hard drive.500 - 1000Intel Pentium IV, 3 GBytes RAM, 1.4 GHz processor, 20GBytes hard drive.(Sheet 1 of 2)SurfControl Web Filter for Blue CoatInstallation Guide23

3INSTALLATION DECISIONSDatabase ConsiderationsTable 3-3SQL Server minimum requirements on Web Filter Monitor & Reporter# UsersComputer Specification1000 - 5000Intel Pentium IV, 5 GBytes RAM, 1.4 GHz processor, 40GBytes hard drive. 5000Intel Pentium IV, 7 GBytes RAM, 1.8 GHz processor, 60GBytes hard drive.(Sheet 2 of 2)4Configure SQL Server to l

SurfControl Web Filter for Blue Coat provides organizations with the ability to manage policy at a granular level and provides full monitoring and reporting capabilities. There are two main components to this release: Embedded Internet Threat Database. SurfControl Web Filter Monitor and Reporter. The Blue Coat ProxySG appliance, using .