M86 Security 700 Instruction sheet

M86 Security Reporter

EVALUATION GUIDE

Models: 300, 500, 700, 705, 730, 735

Software Version: 3.0.00

Document Version: 10.30.10

II M86 SECURITY EVALUATION GUIDE

M86 SECURITY REPORTER INSTALLATION GUIDE FOR

300, 500, 700, 705, 730, 735 MODELS

This document may not, in whole or in part, be copied, photocopied, reproduced, trans-

lated, or reduced to any electronic medium or machine readable form without prior writ-

ten consent from M86 Security.

Every effort has been made to ensure the accuracy of this document. However, M86

Security makes no warranties with respect to this documentation and disclaims any

implied warranties of merchantability and fitness for a particular purpose. M86 Security

shall not be liable for any error or for incidental or consequential damages in connec-

tion with the furnishing, performance, or use of this manual or the examples herein.

Due to future enhancements and modifications of this product, the information

described in this documentation is subject to change without notice.

Trademarks

Other product names mentioned in this manual may be trademarks or registered trade-

marks of their respective companies and are the sole property of their respective man-

ufacturers.

Part# SR-EG-101030

M86 SECURITY EVALUATION GUIDE 1

CONTENTS

ECURITY

EPORTER

VALUATION

UIDE

.......................................................1

Product Overview............................................................................................................ 1

Note to Evaluators. ......................................................................................................... 1

Install, Configure, and Test the Security Reporter. ..................................................... 2

About this Evaluation Guide. ......................................................................................... 2

ECTION

1: P

RODUCTIVITY

EPORTS

..............................................................3

Understand the most common and useful features. ................................................... 3

Use Custom Category Groups to narrow your search................................................ 4

How to add a Custom Category Group .................................................................................... 4

Use custom User Groups to narrow your search. ....................................................... 5

How to create User Groups ......................................................................................................5

Patterns frame ...................................................................................................................6

IP Ranges frame ................................................................................................................7

Single Users/Exclude frame . .............................................................................................8

How to Rebuild a User Group ..................................................................................................8

Use Security Reporter to conduct an investigation..................................................... 9

Use Summary Reports for a high level overview....................................................... 10

How to generate a Summary Report ......................................................................................11

How to export a Summary Report ..........................................................................................13

Use Drill Down Reports for an investigation. ............................................................. 14

How to generate a Summary Drill Down Report .................................................................... 14

Summary Drill Down Report navigation ........................................................................... 15

Count columns and links ............................................................................................ 15

Bandwidth and Time columns ....................................................................................16

Column sorting tips ................................................................................................... 17

Record exportation.....................................................................................................17

Navigation tips............................................................................................................ 17

How to generate a Detail Drill Down Report ..........................................................................18

Detail Drill Down Report navigation ................................................................................. 18

Report type columns .................................................................................................. 18

Detail Drill Down Report exercise ....................................................................................19

Step A: Select a specific user by Category ................................................................ 19

Step B: Sort by “Filter Action” column ........................................................................19

Step C: Full URL review.............................................................................................19

Step D: Sort by “Content Type”..................................................................................20

Step E: Sort by “Search String”.................................................................................. 20

Create a custom report for a specific user................................................................. 21

How to use the Report Wizard for a single user report ..........................................................21

Step A: Create either a Summary Report or a Detail Report ........................................... 21

Step B: Specify the Report Type .....................................................................................22

Summary report .........................................................................................................22

Detail report................................................................................................................ 22

CONTENTS

2M86 SECURITY EVALUATION GUIDE

Step C: Specify Filters .....................................................................................................22

Step D: Specify Other Report Components .....................................................................23

Step E: Specify when to Generate the Report .................................................................23

Step F: Save the Report . .................................................................................................24

Export Summary Drill Down Reports. ......................................................................... 27

How to export selected records .............................................................................................. 27

Step A: Select records to be exported ............................................................................. 27

Step B: Specify Data to Export ........................................................................................27

Step C: Export data via Email or PDF Download ............................................................ 27

Email option ............................................................................................................... 27

View and print options................................................................................................28

Sample report file formats ......................................................................................................29

Summary Drill Down Reporting tools. ........................................................................ 30

How to use other Summary Drill Down Report tools ..............................................................30

Limit Detail Result ............................................................................................................30

Report fields ....................................................................................................................30

Type field.................................................................................................................... 30

Date Scope and Date fields .......................................................................................30

# Records fields .........................................................................................................31

Filter and Filter String fields ...................................................................................... 32

Sort By and Limit summary result to fields.................................................................32

Break Type field .........................................................................................................32

Format field ................................................................................................................ 32

For additional-break reports only .............................................................................. 33

For pie and bar charts only ........................................................................................ 33

Hide un-Identified IPs checkbox.................................................................................33

E-Mail / For e-mail output only fields ..........................................................................34

Commonly used reports............................................................................................... 35

How to generate a Sample Report .........................................................................................35

Report format ...................................................................................................................36

Examples of available Sample Reports . .......................................................................... 37

Sample Report 1: “Top 20 Users by Category/User” .................................................37

Sample Report 2: “Top 20 Sites by User/Site” ...........................................................37

Sample Report 3: “By Category/User/Site” ................................................................38

ECTION

2: R

EAL

IME

EPORTS

..................................................................39

Understand the most common and useful features. ................................................. 39

Monitor URL gauges. .................................................................................................... 39

How to drill down into a URL gauge .......................................................................................40

Step A: How to read a URL gauge ..................................................................................40

Gauge Name..............................................................................................................40

Gauge Score .............................................................................................................. 40

Timespan ................................................................................................................... 40

Threat Level .............................................................................................................. 41

Step B: Identify the source of a gauge’s activity ..............................................................41

Step C: View a list of Threats the end user accessed . ....................................................42

Step D: View URLs visited by the end user .....................................................................42

Step E: Further investigate a user’s activity .....................................................................43

How to view URL Trend Reports ............................................................................................ 44

Step A: View overall activity in URL gauges .................................................................... 44

Step B: View a line chart for a single URL gauge ............................................................45

How to view a pie chart for a URL gauge ...............................................................................46

CONTENTS

M86 SECURITY EVALUATION GUIDE 3

Monitor Bandwidth gauges. ......................................................................................... 47

How to view the Bandwidth gauges Dashboard ..................................................................... 47

How to drill down into a Bandwidth gauge .............................................................................48

Step A: View Bandwidth protocol traffic information ........................................................48

Step B: View a user’s protocol usage information ...........................................................48

Step C: View a user’s port usage information .................................................................. 49

How to view Bandwidth Trend Chart activity ..........................................................................50

Step A: View overall activity in Bandwidth gauges .......................................................... 50

Step B: View a line chart for a single Bandwidth gauge . .................................................51

How to view charts for a specific Bandwidth gauge ...............................................................52

Get the complete picture.............................................................................................. 53

How to view Overall Ranking of user activity ......................................................................... 53

How to create a New Gauge ..................................................................................................54

Step A: Select Add/Edit Gauges ...................................................................................... 54

Step B: Add a New Gauge .............................................................................................. 54

Step C: Specify Gauge Information .................................................................................55

Step D: Select users to be monitored by the gauge ........................................................56

Step E: Save gauge settings ........................................................................................... 57

How to create an automated gauge alert ...............................................................................57

Step A: Set up a new alert ...............................................................................................57

Step B: Specify Alert Information ..................................................................................... 59

Step C: Specify criteria in the right side of the panel .......................................................60

Step D: Save the alert .....................................................................................................60

ECTION

3: S

ECURITY

EPORTS

...................................................................61

Understand the most common and useful features. ................................................. 61

Use security reports for a view of network activity. .................................................. 61

How to modify the current report view .................................................................................... 62

Page navigation tool ........................................................................................................62

Report view icons ............................................................................................................ 62

Create a customized security report........................................................................... 64

How to generate a customized security report ....................................................................... 64

Step A: Choose a Run option ..........................................................................................64

Option 1: Report Settings’ Run feature ......................................................................64

Option 2: Report Wizard’s Run feature ...................................................................... 64

Step B: Populate the Report Details frame ......................................................................65

Step C: Use accordions in the Users frame ..................................................................... 66

Step D: Run the report .....................................................................................................67

Capture the security report in PDF format. ................................................................ 68

How to export current report view data ..................................................................................68

Step A: Specify records to include in the report .............................................................. 68

Step B: Specify Break Type and URL limitation criteria ................................................... 68

Step C: Download or email the report . ............................................................................ 69

Option 1: Download the report ...................................................................................69

Option 2: Email the report .......................................................................................... 69

Security Report format ...........................................................................................................70

Save the security report you generated...................................................................... 72

How to save a security report .................................................................................................72

Step A: Select Report Settings, Save option ...................................................................72

Step B: Specify criteria in the Report Details frame .........................................................73

Step C: Select the users or group in the Users frame .....................................................73

CONTENTS

4M86 SECURITY EVALUATION GUIDE

Step D: Populate the Email Settings frame . ....................................................................74

Step E: Save the report ................................................................................................... 74

Two methods for scheduling security reports. .......................................................... 75

How to use Wizard panels for scheduling reports ..................................................................75

Step A: Choose the method for scheduling the report .....................................................75

Method 1: Use the current report view ....................................................................... 75

Method 2: Create a report using the Wizard .............................................................76

Step B: Fill in the Report Details frame ............................................................................76

Step C: Include the users or group in the Users frame ....................................................77

Step D: Complete information in the Email Settings frame .............................................. 77

Step E: Set the schedule for running the report . ............................................................. 78

Step F: Save the report ................................................................................................... 78

How to access and view the Report Schedule panel .............................................................79

View Details for a Scheduled Report Run Event . ............................................................ 80

SECURITY REPORTER EVALUATION GUIDE PRODUCT OVERVIEW

M86 SECURITY EVALUATION GUIDE 1

SECURITY REPORTER EVALUATION GUIDE

Product Overview

The Security Reporter (SR) from M86 Security consists of the best in breed of M86

Professional Edition reporting software consolidated into one unit, with the capa-

bility to generate productivity reports of end user Internet activity from M86 Web

Filter and/or M86 Secure Web Gateway (SWG) appliance(s), real time reports

from a Web Filter, and security reports from an SWG.

Using a Web Filter, you have the option to use an SR 300, 500, 700 or 730 Equus

model, or an SR 705 or 735 IBM model.

Using an SWG, you have the option to use an SR 705 or 735 IBM model.

Using both a Web Filter and an SWG, you have the option to use either an SR 705

or 735 IBM model.

Logs of end user Internet activity from a Web Filter and/or SWG are fed into SR,

giving you an overall picture of end user productivity in a bar chart dashboard, and

the ability to interrogate massive datasets through flexible drill-down technology,

until the desired view is obtained. This “view” can be memorized and saved to a

user-defined report menu for repetitive, scheduled execution and distribution.

Web Filter logs provide content for dynamic, real time graphical snapshots of

network Internet traffic. Drilling down into the URL categories or bandwidth gauges

dashboard quickly identifies the source of user-generated Web threats. SWG logs

provide content for bar charts detecting security threats on the network so that

prompt action can be taken to terminate them before they become a liability on

your network.

Using the SR, threats to your network are readily targeted, thus arming you with

the capability to take immediate action to halt the source, secure your network, and

protect your organization against lost productivity, network bandwidth issues, and

possible legal problems that can result from the misuse of Internet and intranet

resources.

Note to Evaluators

Thank you for taking the time to review the M86 Security Reporter (SR) appliance.

Your interest in our company and product is greatly appreciated.

This Evaluation Guide Is designed to provide product evaluators an efficient way to

install, configure and exercise the main product reporting features of the Security

Reporter: Productivity Reports, Real Time Reports, and Security Reports.

SECURITY REPORTER EVALUATION GUIDE INSTALL, CONFIGURE, AND TEST THE SECURITY REPORTER

2M86 SECURITY EVALUATION GUIDE

Install, Configure, and Test the Security Reporter

To install the SR appliance, configure the server, and test the unit to ensure that

reporting is operational, please refer to the step-by-step instructions in the M86

Security Reporter Installation Guide provided inside the carton containing the

chassis.

Please note that prior to reviewing the SR, the M86 Web Filter and/or M86 Secure

Web Gateway (SWG) appliance(s) must already be installed. Either of these appli-

ances are required for this software release in order to send logs to the SR.

NOTE: See the M86 Web Filter Installation Guide or M86 WFR Installation Guide for infor-

mation on setting up the Web Filter on your network. See the M86 SWG Setup and

Configuration Guide for information on setting up the Secure Web Gateway on your

network.

About this Evaluation Guide

The M86 Security Reporter Evaluation Guide is divided into three sections to cover

each of the basic reporting types:

• Section 1: Productivity Reports

• Section 2: Real Time Reports

• Section 3: Security Reports

SECTION 1: PRODUCTIVITY REPORTS UNDERSTAND THE MOST COMMON AND USEFUL FEATURES

M86 SECURITY EVALUATION GUIDE 3

SECTION 1: PRODUCTIVITY REPORTS

Understand the most common and useful features

This section of the Evaluation Guide leads the evaluator through the most common

and useful features of the Security Reporter, starting with the elements that should

be configured first, then moving on to the usage of the many different types of

reports available in the SR. You are directed through the normal path of initial

setup, and then led through a standard use case that explains how to investigate a

violation of your Internet Acceptable Use Policy.

After stepping through this section of the Evaluation Guide, you will understand

how to set up powerful reports that can be e-mailed on a regular basis, thus mini-

mizing the effort required for ongoing configuration of the product. In short, by

pursuing these exercises, you will discover that the Security Reporter is both easy

to use while at the same time best in class in the level of detailed reporting it

provides.

TIP: After the SR appliance is installed, allow the Security Reporter to run for several days

prior to evaluating reports in order to optimize the evaluation experience. This will allow

the SR to accumulate multiple days of data and present more meaningful reports. Having

performed these preliminary steps, the SR will function properly on day one of the install

with some reports showing no data (e.g. “canned” Summary Reports).

SECTION 1: PRODUCTIVITY REPORTS USE CUSTOM CATEGORY GROUPS TO NARROW YOUR SEARCH

4M86 SECURITY EVALUATION GUIDE

Use Custom Category Groups to narrow your search

Prior to running any reports, there are a few recommended configuration steps that

create a more customized experience for the evaluator. The first step is to create

Custom Category Groups, which are customized groupings from the M86 Security

library of more than 100 filter categories. For example, most customers prefer to

set up a category group for those categories that are not allowed under their orga-

nization’s Acceptable Use Policy. Creating such a category group reduces the time

it takes to identify violations of this policy.

To create, edit, or delete a Custom Category Group, navigate to Administration >

Custom Category Groups to display the Custom Category Groups panel:

Custom Category Groups panel

The Custom Category Groups panel is comprised of two frames used for setting up

and maintaining category groups: Custom Category Group, and Custom Category

Group Detail.

How to add a Custom Category Group

1. At the bottom of the Custom Category Group frame, click Add.

2. In the Custom Category Group Detail frame, type in the Category Group

Name.

3. Specify the Service Type to use: “URL” or “Bandwidth”.

4. Include the following Member Categories based on the Service Type selec-

tion:

• URL - Select Available Categories from the list and click Add > to move the

selection(s) to the Assigned Categories list box.

This manual suits for next models

Table of contents

Other M86 Security Security System manuals

M86 Security

M86 Security HL User manual

M86 Security

M86 Security Threat Analysis Reporter User manual

Popular Security System manuals by other brands

Inner Range

Inner Range Concept 2000 user manual

Climax

Climax Mobile Lite R32 Installer's guide

FBII

FBII XL-31 Series installation instructions

Johnson Controls

Johnson Controls PENN Connected PC10 Install and Commissioning Guide

Aeotec

Aeotec Siren Gen5 quick start guide

IDEAL

IDEAL Accenta Engineering information

Swann

Swann SW-P-MC2 Specifications

Ecolink

Ecolink Siren+Chime user manual

Digital Monitoring Products

Digital Monitoring Products XR150 user guide

EDM

EDM Solution 6+6 Wireless-AE installation manual

Siren

Siren LED GSM operating manual

Detection Systems

Detection Systems 7090i Installation and programming manual

Se-Kure Controls

Se-Kure Controls MicroMini SK-4841 instructions

Siemens

Siemens FDM273 manual

DSC

DSC PC 4010 Programming manual

UniPOS

UniPOS 6202L quick start guide

AJAX

AJAX DoubleButton user manual

Rondish

Rondish Nexus User instructions