Setting Scanning Exclusions and Web Access Exceptions. Netgear STM600 - ProSecure Web And Email Threat Management Appliance, STM300 - ProSecure Web And Email Threat Management Appliance, STM150 - ProSecure Web And Email Threat Management Appliance

ProSecure Web/Email Security Threat Management (STM) Appliance

For reference, you can specify access control for the following applications:

•

Instant Messaging:

-

Google Talk

-

ICQ

-

mIRC

-

MSN Messenger

-

QQ

-

Yahoo Messenger

•

Media Applications:

-

iTunes (Music Store, update)

-

Quicktime (Update)

-

Real Player (Guide)

-

Rhapsody (Guide, Music Store)

-

Winamp (Internet Radio/TV)

•

Peer to Peer:

-

BitTorrent

-

eDonkey

-

Gnutella

•

Tools

-

Alexa Toolbar

-

GoToMyPC

-

Weatherbug

-

Yahoo Toolbar

Setting Scanning Exclusions and Web Access Exceptions

After you have specified which IP addresses and ports the STM scans for malware threats, you can set scanning exclusion rules for certain IP addresses and ports. Similarly, after you have specified which content the STM filters, you can set exception rules for users and members of a group.

Setting Scanning Exclusions

To save resources, you can configure scanning exclusions for IP addresses and ports that you know are secure. For example, if your network includes a Web server that hosts Web pages that are accessible by anyone on the Internet, the files that are hosted by your Web server do not need to be scanned. To prevent the STM from scanning these files, you can configure up to 127 scanning exclusion rules for your Web server.

130 | Chapter 4. Content Filtering and Optimizing Scans


To configure scanning exclusion rules:

1.

Select Global Settings > Scanning Exclusions from the menu. The Scanning

Exclusions screen displays. This screen shows the Scanning Exclusions table, which is empty if you have not specified any exclusions. (The following figure shows one exclusion rule in the table as an example.)

Figure 73.

2.

In the Scanning Exclusions section of the screen, specify an exclusion rule as explained in the following table:

Table 39. Add Scanning Exclusion Settings

Setting

Client IP

Destination IP

Description

The client IP address and optional subnet mask that are excluded from all scanning.

The destination IP address and optional subnet mask that are excluded from all scanning.

Port The number of the port that is excluded from all scanning.

Brief Description A description of the exclusion rule for identification and management purposes.

3.

In the Add column, click the Add table button to add the exclusion rule to the Scanning

Exclusions table. The new exclusion rule is enabled by default.

To disable a rule, select the check box in the Enable column for the rule.

To delete an exclusion rule from the Scanning Exclusions table, click the Delete table button in the Action column to the right of the rule that you want to delete.

Chapter 4. Content Filtering and Optimizing Scans | 131


Setting Access Exception Rules for Web Access

You can set up to 200 exception rules for users and members of a group to allow access to applications, file extensions and protocols, Web categories, and URLs that you have blocked for all other users, or the other way around, to block access to applications, file extensions and protocols, Web categories, and URLs that you have allowed access to for all other users.

If you have not created a custom group, an exception rule can apply to either one of the following groups or individual users:

•

All users

•

All authenticated users

•

All unauthenticated users

•

A local group or local user

•

A group or users that is defined by its IP address

•

A Lightweight Directory Access Protocol (LDAP) group or LDAP user

•

A RADIUS VLAN group

To further refine exception rules, you can create custom groups that allow you to include a combination of local groups and local users, groups and users that are defined by their IP address, LDAP groups and users, and RADIUS groups and users. For more information, see

Creating Custom Groups for Web Access Exceptions

on page 139.

Note:

Users and groups to which access exception rules apply are not the same as LAN groups. For information about how to specify members of a LAN group and to customize LAN group names, see

Managing Users, Groups, and Authentication

on page 147.

If you have not created a custom category, an exception rule can apply to either one of the following components:

•

One built-in application group or built-in individual application

•

A combination of files extensions and protocols

•

One URL or URL expression

•

One built-in Web category group or built-in individual Web category

To further refine exception rules, you can create custom categories that allow you to include either a selection of applications, or a selection of URLs, or a selection of Web categories.

For more information, see

Creating Custom Categories for Web Access Exceptions

on page 142.

Tip:

If you want to use a custom group and custom category, first create the custom group and custom category, then create the exception rule.



To set Web access exception rules:

1.

Select Global Settings > Exceptions from the menu. The Exceptions submenu tabs display, with the Exceptions screen in view. This screen shows the Exceptions table, which is empty if you have not specified any exception rules. (The following figure shows several exception rules in the table as an example.)

Figure 74.

Note:

If text in a field of the table exceeds the width of the column, hold the cursor over the field to display the entire text.

2.

Under the Exceptions table, click the Add table button to specify an exception rule. The Add

Exception screen displays:

Figure 75.



3.

Complete the fields and make your selections from the drop-down lists as explained in the following table:

Table 40. Add Exception Settings

Setting

Action

Description

From the drop-down list, select the action that the STM applies:

• Allow. The exception allows access to an application, Web category, or URL that is otherwise blocked.

• Block. The exception blocks access to an application, Web category, or URL that is otherwise allowed.

Domain

User/Group

Click the Edit button to open the Applies To screen, which lets you configure a domain, group, or individual user to which the exception needs to apply (see the screen later in this table).

If applicable, on the Applies To screen, click a Lookup button to retrieve a group or user.

When you have made your decision, click an Apply button to add the domain to the Domain field on the Add Exception screen and the group and user to the User/Group field on the Add

Exception screen.

Note:

The Domain field can remain blank for some special users or groups.

Following are the options on the Applies To screen.



Table 40. Add Exception Settings (Continued)

Setting

Domain

User/Group

(continued)

Description

All Users

Authenticated

Unauthenticated

Local Groups

Group Membership by IP

Local User Search

Click the Apply button to apply the exception to all users, both authenticated and unauthenticated.

Click the Apply button to apply the exception to all authenticated users. These are users who have actively logged in to the STM and who have been authenticated.

Click the Apply button to apply the exception to all unauthenticated users. These are users who have not actively logged in to the STM.

By default, these users are assigned the account name anonymous.

Do the following:

1. From the Name drop-down list, select a local group.

2. Click the Apply button to apply the exception to the selected local group.

You can specify local groups on the Groups screen (see

Creating and Deleting Groups by Name

on page 149).

Do the following:

1. From the Name drop-down list, select a group that is defined by its IP address.

2. Click the Apply button to apply the exception to the selected group.

You can specify groups that are defined by their IP address on the

IP/Subnet Groups screen (see

Creating and Deleting Groups by IP

Address and Subnet

on page 151).

Do the following:

1. In the Name field, enter a user name.

2. Click the Lookup button. If the user is found, he or she is listed to the left of the Apply button.

3. Click the Apply button to apply the exception to the selected user.




Setting

Domain

User/Group

(continued)

Description

LDAP

User/Group Search

RADIUS User

Do the following:

1. From the Domain drop-down list, select an LDAP domain.

2. From the Type drop-down list, select User, Group, or

User&Group.

3. In the Name field, enter the name of the user, group, or user and group, or leave this field blank.

4. Click the Lookup button. If the user or group is found, it is listed to the left of the Apply button. If you left the Name field blank, all users, groups, or users and groups are listed; in this case, make a selection.

5. Click the Apply button to apply the exception to the selected user or group.

You can specify LDAP domains, groups, and users on the LDAP

screen (see

Creating and Deleting LDAP and Active Directory

Domains

on page 161).

Do the following:

1. From the Domain drop-down list, select a RADIUS domain.

2. From the VLAN ID/Name drop-down list, select a VLAN ID or

VLAN name.

3. Click the Apply button to apply the exception to the selected

VLAN.

You can specify RADIUS domains and VLANs on the RADIUS

screen (see

Creating and Deleting RADIUS Domains

on page 167).

Custom Groups Do the following:

1. From the Name drop-down list, select a custom group.

2. Click the Apply button to apply the exception to the selected group.

You can specify custom groups on the Custom Groups screen (see

Creating Custom Groups for Web Access Exceptions

on page 139).

Start Time The time in 24-hour format (hours and minutes) when the action starts. If you leave these fields empty, the action applies continuously.

End TIme The time in 24-hour format (hours and minutes) when the action ends. If you leave these fields empty, the action applies continuously.




Setting Description

Category

(and related information)

From the Category drop-down list, select the category to which the action applies. Your selection determines which drop-down lists, fields, radio buttons, and check boxes display onscreen.

Applications

File Extensions

URL Filtering

The action applies to an application. Select an application from the

Sub Category drop-down list. For information about custom application categories, see

Creating Custom Categories for Web

Access Exceptions

on page 142.

The action applies to one or more file extensions and one or more protocols. The following field and check boxes display on screen:

• File Extensions. Manually enter up to 40 file extensions. Use commas to separate multiple file extensions. Wildcards (*) are supported. A single asterisk (*) matches any file extension. You can also use the drop-down list to the right of the File Extension field to automatically add file extensions from the following categories:

- None. No file extensions are added to the File Extension field.

This is the default setting.

- Executables. Executable file extensions (exe, com, dll, so, lib, scr, bat, and cmd) are added to the File Extension field.

- Audio/Video. Audio and video file extensions (wav, mp3, avi, rm, rmvb, wma, wmv, mpg, mp4, and aac) are added to the

File Extension field.

- Compressed Files. Compressed file extensions (zip, rar, gz, tar, and bz2) are added to the File Extension field.

• Protocols. Select one or multiple check boxes to specify which protocols the action applies to:

- SMTP

- POP3

- IMAP

- HTTP

- HTTPS

- FTP

The action applies to a URL. The following field and drop-down list display onscreen. Select a radio button to either enter a URL expression or select a custom URL list.

• URL Expression. Enter a URL or URL expression such as *video* or *chat*. Wildcards (*) are supported. The maximum supported size of the URL or URL expression is 1024 bytes.

• Custom URL List. Select a custom URL list from the Sub

Category drop-down list.

For information about custom URL lists, see

Creating Custom

Categories for Web Access Exceptions

on page 142.





Category

(and related information)

(continued)

Web Categories

Note

The action applies to a Web category. Select a Web category from the Sub Category drop-down list. For information about custom Web

categories, see

Creating Custom Categories for Web Access

Exceptions

on page 142.

A description of the exception rule for identification and management purposes or any other relevant information that you wish to include.

4.

Click Apply to save your settings. The new exception rule is added to the Exceptions table.

To return to the Exception screen without adding the rule, click Return.

5.

Select the check box to the left of the rule that you want to enable, or click the Select All table button to select all rules.

6.

Click the Enable table button to enable the selected rule or rules.

Note:

Enabled exception rules are preceded by a green circle in the ! column; disabled exception rules are preceded by a gray circle in the

! column.

To make changes to an existing exception rule:

1.

In the Action column to the right of to the exception rule, click the Edit table button. The

Edit Exception screen displays. This screen is identical to the Add Exception screen

(see

Figure 74

on page 133).

2.

Modify the settings that you wish to change (see the previous table).

3.

Click Apply to save your changes. The modified exception rule is displayed in the

Exceptions table.

To delete or disable one or more exception rules:

1.

Select the check box to the left of the rule that you want to delete or disable, or click the

Select All table button to select all rules.

2.

Click one of the following table buttons:

•

Disable. Disables the rule or rules. The ! status icon changes from a green circle to a

gray circle, indicating that the rule is or rules are disabled. (By default, when a rule is added to the table, it is automatically enabled.)

•

Delete. Deletes the rule or rules.

The table rank of the exception rule in the Exceptions table determines the order in which the rule ia applied (from the top down). To change the position of the rules in the table, select one or more a rules, and then click one of the following table buttons:

•

Up. Moves the rule or rules up one position in the table rank.

•

Down. Moves the rule or rules down one position in the table rank.



Creating Custom Groups for Web Access Exceptions

After you have specified groups and users (see

Managing Users, Groups, and Authentication

in Chapter 5), you can create up to 200 custom groups, each of which can include a

combination of local groups and local users, groups and users that are defined by their IP address, LDAP groups and users, and RADIUS groups and users. You use these custom

groups to set Web access exceptions on the Exceptions screen (see

Setting Access

Exception Rules for Web Access

on page 132).

To create and manage custom groups:

1.

Select Global Settings > Exceptions from the menu. The Exceptions submenu tabs display, with the Exceptions screen in view.

2.

Click the Custom Groups submenu tab. The Custom Groups screen displays. This screen shows the Custom Groups table, which is empty if you have not specified any custom groups. (The following figure shows one custom group in the table as an example.)

Figure 76.



3.

Under the Custom Groups table, click the Add table button to specify a custom group. The

Add Custom Group screen displays:

Figure 77.

4.


Table 41. Add Custom Group Settings

Setting

Name

Brief

Description

Members in this group

Description

A name of the custom group for identification and management purposes.

A description of the custom group for identification and management purposes.

When you click the Add button in the Add Users/Groups to this group section of the screen, the selected member is added to this field. You can add multiple members. To remove a member, highlight the member in this field, and then click the Delete button.



Table 41. Add Custom Group Settings (Continued)

Setting

Add

Users/Groups to this group

Description

Local Groups Do the following:

1. From the Name drop-down list, select a local group.

2. Click the Add button to add the selected local group to the custom group. Repeat this step to add more local groups to the custom group.

You can specify local groups on the Groups screen (see

Creating and

Deleting Groups by Name

on page 149).

Group Membership by IP

Do the following:

1. From the Name drop-down list, select a group that is defined by its IP address.

2. Click the Add button to add the selected group to the custom group. Repeat this step to add more users or groups, or both, to the custom group.

You can specify groups that are defined by their IP address on the

IP/Subnet Groups screen (see

Creating and Deleting Groups by IP

Address and Subnet

on page 151).

Local User Search Do the following:

1. In the Name field, enter a user name.

2. Click the Lookup button. If the user is found, he or she is listed to the left of the Apply button.

3. Click the Add button to add the selected local user to the custom group. Repeat this step to add more local users to the custom group.

LDAP

User/Group Search

Do the following:

1. From the Domain drop-down list, select an LDAP domain.

2. From the Type drop-down list, select User, Group, or

User&Group.

3. In the Name field, enter the name of the user, group, or user and group, or leave this field blank.

4. Click the Lookup button. If the user or group is found, it is listed to the left of the Add button. If you left the Name field blank, all users, groups, or users and groups are listed. In this case, make a selection.

5. Click the Add button to add the selected user or group to the custom group. Repeat this step to add more users or groups, or both, to the custom group.

You can specify LDAP domains, groups, and users on the LDAP

screen (see

Creating and Deleting LDAP and Active Directory

Domains

on page 161).



Table 41. Add Custom Group Settings (Continued)


Add

Users/Groups to this group

(continued)

RADIUS User Do the following:

1. From the Domain drop-down list, select a RADIUS domain.

2. From the VLAN ID/Name drop-down list, select a VLAN ID or

VLAN name.

3. Click the Add button to add the selected VLAN ID or VLAN name to the custom group. Repeat this step to add more VLAN IDs or

VLAN names to the custom group.

You can specify RADIUS domains and VLANs on the RADIUS screen

(see

Creating and Deleting RADIUS Domains

on page 167).

5.

After you have specified all members of the custom group, click Apply to save your settings.

The new custom group is added to the Custom Groups table. To return to the Custom

Groups screen without adding the group, click Return.

To make changes to an existing custom group:

1.

In the Action column to the right of to the custom group, click the Edit table button. The

Edit Custom Group screen displays. This screen is identical to the Add Custom Group

screen (see

Figure 77

on page 140).

2.


3.

Click Apply to save your changes. The modified custom group is displayed in the Custom

Groups table.

To delete one or more custom groups:

1.

Select the check box to the left of the custom group that you want to delete, or click the

Select All table button to select all custom groups.

2.

Click the Delete table button.

Creating Custom Categories for Web Access Exceptions

Use custom categories to set Web access exceptions on the Exceptions screen (see

Setting

Access Exception Rules for Web Access

on page 132). Custom categories can include a

selection of applications, or a selection of URLs, or a selection of Web categories, but no combination of applications, URLs, and Web categories. You can create up to 200 custom categories.



To create and manage custom categories:

1.

Select Global Settings > Exceptions from the menu. The Exceptions submenu tabs display, with the Exceptions screen in view.

2.

Click the Custom Categories submenu tab. The Custom Categories screen displays. This screen shows the Custom Categories table, which is empty if you have not specified any custom categories. (The following figure shows three custom categories in the table as an example.)

Figure 78.

3.

Under the Custom Categories table, click the Add table button to specify a custom category.

The Add Custom Category screen displays. The nature of the screen depends on your selection from the Category Type drop-down list, which is set by default to Applications (this selection is shown in the following figure). The URL Filtering and Web Categories settings

are shown in

Figure 80

on page 144 and

Figure 81

on page 144 respectively.

Figure 79. Category Type: Applications



Figure 80. Category Type: URL Filtering

Figure 81. Category Type: Web Categories



4.


Table 42. Add Custom Category Settings

Setting

Name

Description

A name of the custom category for identification and management purposes.

Brief

Description

Category

Type

A description of the category group for identification and management purposes.

From the Category Type drop-down list, select the type of category that you want to create.

Your selection determines the nature of the screen.

Applications Use the move buttons to move entire application categories (for example,

Instant Messaging), individual applications (for example, Instant

Messaging - Google Talk), or combinations of both from the Applications outside this Category field to the Applications in this Category field (or the other way around).

These are the functions of the move buttons:

• < or > moves one or more highlighted selections from one field to the other.

• << or >> moves all entries from one field to the other.

URL Filtering URLs in this Category field:

This field contains the URLs that are added to the custom category. To add a URL to this field, use the Add URL field or the Import from File tool (see explanations later in this table). You can add a maximum of 2000 URLs.

Note:

Wildcards (*) are supported. For example, if you enter www.net*.com in the Add URL field and then click the Add table button, any URL that begins with www.net and ends with .com is included in the custom category.

These are the functions of the table buttons to the right of the field:

• Delete. To delete one or more URLs, highlight the URLs, and click the

Delete table button.

• Export. To export the URLs, click the Export table button, and follow the instructions of your browser.

Add URL field:

Type or copy a URL in the Add URL field. Then click the Add table button to add the URL to the URLs in this Category field.

Import from File field:

To import a list with URLs into the URLs in this Category field, click the

Browse button and navigate to a file in .txt format that contains line-delimited URLs (that is, one URL per line). Then click the Upload table button to add the URLs to the URLs in this Category field.

Note:

Any existing URLs in the URLs in this Category field are overwritten when you import a list of URLs from a file.



Table 42. Add Custom Category Settings (Continued)

Setting

Category

Type

(continued)

Description

Web Categories Use the move buttons to move entire Web categories (for example,

Commerce), individual applications (for example, Commerce - Shopping), or combinations of both from the Web Categories outside this Category field to the Web Categories in this Category field (or the other way around).

These are the functions of the move buttons:

• < or > moves one or more highlighted selections from one field to the other.

• << or >> moves all entries from one field to the other.

5.

Click Apply to save your settings. The new category is added to the Custom Categories table. To return to the Custom Categories screen without adding the category, click Return.

To make changes to an existing custom category:

1.

In the Action column to the right of to the custom category, click the Edit table button.

The Edit Custom Category screen displays. This screen is identical to the Add Custom

Category screen (see

Figure 77

on page 140).

2.


3.

Click Apply to save your changes. The modified custom group is displayed in the Custom

Categories table.

To delete one or more custom categories:

1.

Select the check box to the left of the custom category that you want to delete, or click the Select All table button to select all custom categories.

2.

Click the Delete table button.


Setting Scanning Exclusions and Web Access Exceptions. Netgear STM600 - ProSecure Web And Email Threat Management Appliance, STM300 - ProSecure Web And Email Threat Management Appliance, STM150 - ProSecure Web And Email Threat Management Appliance

Setting Scanning Exclusions and Web Access Exceptions

Setting Scanning Exclusions

Setting Access Exception Rules for Web Access

Select All table button to select all rules.

Disable. Disables the rule or rules. The ! status icon changes from a green circle to a

Delete. Deletes the rule or rules.

Up. Moves the rule or rules up one position in the table rank.

Down. Moves the rule or rules down one position in the table rank.

Creating Custom Groups for Web Access Exceptions

Select All table button to select all custom groups.

Creating Custom Categories for Web Access Exceptions

Related manuals

Table of contents

Setting Scanning Exclusions and Web Access Exceptions. Netgear STM600 - ProSecure Web And Email Threat Management Appliance, STM300 - ProSecure Web And Email Threat Management Appliance, STM150 - ProSecure Web And Email Threat Management Appliance