Iboss Secure Web Gateway - Ctedunet
2y ago
64 Views
1 Downloads
4.90 MB
159 Pages
Report/dmca
Download PDF

Transcription

iboss Secure WebGatewayUser Manual

Note: Please refer to the User Manual online for the latest updates at www.iboss.com.Copyright by iboss, Inc. All rights reserved. No part of this publication may be reproduced, transmitted,transcribed, stored in a retrieval system, or translated into any language or computer language, in chemical,manual or otherwise, without the prior written permission of iboss, Inc.iboss Network Security makes no representations or warranties, either expressed or implied, with respect tothe contents hereof and specifically disclaims any warranties, merchantability or fitness for any particularpurpose. Any software described in this manual is sold or licensed "as is". Should the programs prove defectivefollowing their purchase, the buyer (and not this company, its distributor, or its dealer) assumes the entirecost of all necessary servicing, repair, and any incidental or consequential damages resulting from any defects.Further, this company reserves the right to revise this publication and make changes from time to time in thecontents hereof without obligation to notify any person of such revision of changes.All brand and product names mentioned in this manual are trademarks and/or registered trademarks of theirrespective holders.www.iboss.comOpen Source CodeThis product may include software code subject to the GNU General Public License (“GPL”), GNU LesserGeneral Public License (“LGPL”), or other open–source software licenses. Copies of the GPL and LGPL licensesare available upon request. You may also visit www.gnu.org to view more information regarding open–sourcelicensing.The GPL, LGPL and other open–source code used in iboss, Inc. products are distributed without any warrantyand are subject to the copyrights of their authors. Upon request, open–source software source code isavailable from iboss, Inc. via electronic download or shipment on a physical storage medium at cost. Forfurther details and information please visit www.iboss.com/.Version 7 – June 24, 2014Page 1 of 159

Table of Contents12IBOSS ENTERPRISE WEB FILTER . 151.1OVERVIEW . 151.2KEY FEATURES . 151.3MANUAL STRUCTURE . 151.4SYSTEM REQUIREMENTS. 16SPECIFICATIONS . 172.1IBOSSENTERPRISE SWG MODEL SPECIFICATIONS. 172.2FRONT PANEL & BACK PANELS . 182.2.1Ethernet Ports . 182.2.2Console Port. 182.2.2.13GETTING STARTED . 193.1OPERATION MODE OVERVIEW . 193.1IBOSSNETWORK SETTINGS CONFIGURATION . 203.1.1Configuring Network Settings via Serial Console . 203.1.2Configuring Network Settings via the Network . 213.1.2.14Console Port Settings . 18Configuring Network Settings via iboss User Interface . 21INTERFACE . 224.1DASHBOARD . 224.2WIDGETS. 224.2.1Filtering Status . 224.2.2Quick Links . 234.2.3Bandwidth Shaping Pools . 234.2.4Firmware . 234.2.5URL Lookup . 234.3MAIN MENU . 23Version 7 – June 24, 2014Page 2 of 159

4.45TOP SHORTCUT BAR . 24NETWORK MENU SETTINGS . 255.1CONFIGURE INTERNET CONNECTION . 275.1.1Basic Configuration . 275.1.2Inline or Tap . 285.1.3Remote Authentication Integration . 285.1.4Internal Report Manager Listen Port . 295.1.5Status . 295.2GATEWAY SSL DECRYPTION . 295.2.1Overview . 295.2.2Understanding HTTPS/SSL Decryption . 305.2.2.1The HTTPs/SSL Protocol . 305.2.3General Settings . 325.2.4User SSL Decryption Alert . 335.2.5SSL Decryption IP Address Bypass . 375.2.6Selective SSL Decryption . 375.2.7Additional SSL Decryption DNS Servers . 385.2.8Conclusion . 395.3SSL CERTIFICATE SETTINGS . 405.4BYOD SETTINGS . 405.5SNMP SETTINGS . 415.6LDAP SETTINGS . 425.6.1Global Settings . 425.6.2Add LDAP Server . 435.6.2.15.7Match Active Directory Groups with iboss Filtering Groups . 45ACTIVE DIRECTORY & PROXY SETTINGS . 465.7.1Settings . 46Version 7 – June 24, 2014Page 3 of 159

5.7.25.8Proxy Cache Settings . 495.7.2.1Proxy Mobile Devices (Source IP) . 495.7.2.2Automatic GPO Setup for NTLM with Login/Logoff Scripts. 50ACTIVE DIRECTORY PLUGIN/NETWORK ACCESS CONTROLLER INTEGRATION . 565.8.1Global Settings . 575.8.2Last Communication Info. 585.8.3Registered AD Servers / NAC Agents . 585.8.3.1Stats . 585.8.4Add Active Directory Server . 595.8.5iboss Active Directory Plugin Configuration. 605.95.8.5.1Edit AD Plugin Orca. 625.8.5.2AD Plugin Radius Audit Log . 635.8.5.3Active Directory Audit Logon Events . 645.8.5.4NAC Integration . 66MOBILE CLIENT & LOCAL SSL INSPECTION AGENT . 665.10IBOSSNETIDSINGLE SIGN–ON AGENT. 685.11EDIRECTORYSETTINGS . 695.11.1iboss eDirectory Transparent Integration . 695.11.1.1 Overview . 705.11.2Global Settings . 705.11.3eDirectories. 715.11.4Insert eDirectory – Server Registration Settings. 725.12CLUSTERING . 755.12.1Local Settings . 765.12.2Cluster Members. 765.12.3Add Cluster Member . 775.13ADD ADDITIONAL ROUTES . 785.14BYPASS IP RANGES. 80Version 7 – June 24, 2014Page 4 of 159

5.15BYPASS INTERFACE . 815.16ADD ADDITIONAL LOCAL SUBNETS . 825.16.1Overview . 825.16.2Insert Local Subnets/IP Ranges . 845.17REGISTER INTERNAL GATEWAYS . 855.17.1Overview . 865.17.2Global Settings . 865.17.3Insert Internal Gateway . 875.1865.18.1General Settings . 885.18.2Group Cache Settings. 89INSTALLING THE IBOSS ON THE NETWORK . 896.17TRANSPARENT INLINE BRIDGE . 89THREAT CONSOLE. 907.18EDIT ADVANCED NETWORK SETTINGS . 88REPORTSETTINGS . 907.1.1General Settings . 907.1.2Log Web Statistics . 917.1.3Additional Settings . 927.2URL PATTERN IGNORE LIST . 937.3REPORTER . 93CONFIGURE CONTROLS. 948.1.1Web / SSL Categories . 968.1.1.1Category Scheduling . 968.1.1.2Additional Settings . 978.1.1.3Categories . 988.1.1.4Identify Theft (Phishing)/ IP Address Blocking Page . 998.1.28.1.2.1Application Management . 100Chat Applications . 100Version 7 – June 24, 2014Page 5 of 159

8.1.2.2Gaming Applications. 1018.1.2.3File Sharing Applications. 1028.1.2.4Ultrasurf / Tor / High–Risk Activity Device Lock . 1038.1.2.5Additional Settings . 1048.1.3Advanced Social Media & Web 2.0 Controls . 1058.1.3.1Social Chat App Controls . 1058.1.3.2Social Streaming Radio Controls. 1068.1.3.3Pinterest Controls . 1068.1.3.4Facebook Controls . 1078.1.3.5Twitter Controls . 1088.1.3.6Linked–in Controls . 1088.1.3.7Encrypted Search Controls. 1098.1.3.8YouTube & Video Controls . 1098.1.3.9Google Controls . 1108.1.3.10 Gmail Controls . 1118.1.4Allowlist . 1128.1.4.1Preferences . 1128.1.4.2Allowlist . 1138.1.4.3Custom Allow list Categories . 1148.1.4.4Allowlist Import . 1158.1.5Block Specific Websites . 1168.1.5.1Custom Block list Categories . 1178.1.5.2Block list Import . 1188.1.6Keyword Blocklist/Allowlist. 1198.1.6.1Pre–Defined Keyword Lists . 1198.1.6.2Keywords . 1198.1.6.3Keyword Import. 1208.1.7Bandwidth Shaping .

Version 7 – June 24, 2014 Page 2 of 159 Table of Contents 1 IBOSS

Related Books

Gateway Health & Gateway Medicare Assured (Gateway

Gateway Health & Gateway Medicare Assured (Gateway

QuickTip: Override Web Filter in iBoss

QuickTip: Override Web Filter in iBoss

Achieving CIPA Compliance with iBoss SWG Web Filter

Achieving CIPA Compliance with iBoss SWG Web Filter

Enterprise Threat Protector Cloud Secure Web Gateway

Enterprise Threat Protector Cloud Secure Web Gateway

SSG140 Secure Services Gateway - Chicago web hosting

SSG140 Secure Services Gateway - Chicago web hosting

iBoss Enterprise Deployment Guide

iBoss Enterprise Deployment Guide

Detailed Internet Activity Reporting - iboss

Detailed Internet Activity Reporting - iboss

Reflection for Secure IT Gateway

Reflection for Secure IT Gateway

SSG140 Secure Services Gateway - DHK

SSG140 Secure Services Gateway - DHK

DESIGNING SECURE IOT DEVICES STARTS WITH A SECURE

DESIGNING SECURE IOT DEVICES STARTS WITH A SECURE

Websense, Inc. V10000 G2 Web Gateway Appliance v7.6 .

Websense, Inc. V10000 G2 Web Gateway Appliance v7.6 .

Websense Web Security Gateway: Integrating the Content .

Websense Web Security Gateway: Integrating the Content .

PopularTags

Recent Views