Webwasher 6.5 SSL Scanner User's Guide - McAfee

More documents

Recommendations

Info

SSL Scanner 4–30 Using this section, you can inspect and manage incidents relating to SSL-encrypted communication. The Incident Manager enables you to retrieve incident.dat files from Webwasher instances. It synchronizes and displays them, adding hosts or certificates to the policy-dependent or independent (global) certificate list.e Note that an incident.dat file will only be written if you have configured an Allow&LogIncidentor Block & Log Incident action or a user defined action that leads to writing a log file. You can view and edit the incidents list on the Incident Management page. It is opened with or without a refresh by clicking on one of the following buttons: or: For a description of this page, see the next section. Incident Management Using the Incident Management page, you can inspect SSL incidents and add them either to the policy-dependent or independent (global) certificate list. On this page, a table is provided listing all incidents that occurred after the last refresh of this list was performed. All of them have not yet been processed. To perform a refresh, click on the Refresh Incident List button, which is located above the left side of the table: This will process the stored incidents and add them to the list. If Webwasher is running in a cluster, a refresh will lead to a synchronization with the subscribed sites. Depending on the sites load, the refresh may take a moment. The list will be cross-checked with the policy-dependent and independent certificate lists to avoid multiple entries.
A list entry consists of the following fields: • Host - URL that caused the incident. SSL Scanner Incidents can be added to the certificate lists either by host or by certificate, as is shown in the fields used for configuring the policy-dependent and independent certificate lists. If by host was selected, the input shown here under Host becomes available. A wildcard may be used to include a range of URLs, e. g. *.webwasher.com. • C (short for Common Name) - If an incident was caused by a Common Name mismatch, it is indicated here by a red lamp symbol. Otherwise there will be a green lamp symbol. • E (short for Expired) - If a certificate has expired, this incident is indicated here by a red lamp symbol. • S (short for Self-signed) - If an incident was caused by a self-signed certificate, it is indicated here by a red lamp symbol. • R (short for Root Certificate Authority) - If an incident was caused by a failure during validation of the root certificate authority, it is indicated here. • Policy - Policy belonging to the certificate list this incident is going to be added to. • Action - Action configured for the policy and host/certificate that will apply when the incident is added to a certificate list. The list is sortable by Host and the C(ommon Name), E(xpired), S(elfsigned) and R(oot Certificate Authority) failure attributes. Note: An incident that occurred for two or more different reasons, cannot be added by certificate. Whenever a certificate is added this way, errors that were caused by the certificate are ignored. Different reasons may occur, however, when a certificate is inspected with regard to different policies. If errors cannot be determined unambiguously, as is the case when there are two or more reasons for an incident, the by certificate method cannot be applied. Incidents can then only be added by host. You can select several incidents from the list and add or delete them in one go by clicking on the Add or the Delete button. If you wish to process an entry separately, use the Add and Delete buttons in the same line. If an incident was deleted from the list, it will not be ignored in the future, but be generated again should it occur. 4–31
Page 1 and 2:
USER’S GUIDE Webwasher SSL Scanne
Page 3 and 4:
Contents Chapter 1 Introduction ...
Page 5 and 6:
Introduction Chapter 1 Welcome to t
Page 7 and 8:
1.3 Using Webwasher Introduction A
Page 9 and 10:
1.3.2 Configuring a Sample Setting
Page 11 and 12:
3. Make settings effective Click on
Page 13 and 14:
Introduction The click history is o
Page 15 and 16:
1.4 Introduction After modifying th
Page 17 and 18:
1.4.2 Documentation on Special Prod
Page 19:
Introduction These two products hav
Page 22 and 23:
Home 2.1 Overview 2.2 The following
Page 24 and 25:
Home 2-4 On the right side of a sec
Page 26 and 27:
Home 2-6 Since only the categories
Page 28 and 29:
Home 2.2.1 Executive Summary 2-8 Th
Page 30 and 31:
Home 2-10 • Spam level low This c
Page 32 and 33:
Home 2-12 • Emergency Prefix List
Page 34 and 35:
Home 2-14 The lower part looks like
Page 36 and 37:
Home 2-16 CPU Utilization The CPU U
Page 38 and 39:
Home 2.3 Overview (Feature) 2-18 Th
Page 40 and 41:
Home 2-20 System Alerts The System
Page 42 and 43:
Home 2-22 To enable the emergency m
Page 44 and 45:
Home Assistance The Assistance sect
Page 46 and 47:
Home 2-26 E-mails that were release
Page 48 and 49:
Home 2-28 E-mails can be sent manua
Page 50 and 51:
Home Use the following item to conf
Page 52 and 53:
Home 2-32 To sort the list in ascen
Page 54 and 55:
Home 2.6 Manuals 2-34 URL Filter Da
Page 56 and 57:
Home 2-36 To view any of the docume
Page 58 and 59:
Home 2-38 Instant Message Filter Do
Page 60 and 61:
Home 2.7 Preferences 2.7.1 Preferen
Page 62 and 63:
Home 2-42 If you are only intereste
Page 64 and 65:
Home 2.8 License 2-44 — Allow rea
Page 66 and 67:
Home 2-46 License Information The L
Page 68 and 69:
Home 2.8.2 Notification 2-48 The No
Page 70 and 71:
Home 2-50 Using this section, you c
Page 72 and 73:
Common 3.1 Overview 3-2 The followi
Page 74 and 75:
Common 3.2.1 Quick Snapshot 3-4 The
Page 76 and 77:
Common 3-6 There is, however, a pro
Page 78 and 79:
Common 3.3 MediaTypeFilters 3-8 The
Page 80 and 81:
Common 3-10 Media Type Filter The M
Page 82 and 83:
Common 3-12 Furthermore, you need t
Page 84 and 85:
Common 3-14 Media Type Black List T
Page 86 and 87:
Common 3.3.3 Media Type White List
Page 88 and 89:
Common 3-18 — Add to Media Type W
Page 90 and 91:
Common 3.4.1 Document Inspector 3-2
Page 92 and 93:
Common 3-22 To view or modify the a
Page 94 and 95:
Common 3-24 Document Types The Docu
Page 96 and 97:
Common • Structured Storage docum
Page 98 and 99:
Common 3-28 Archive Handling The Ar
Page 100 and 101:
Common 3.6.1 Generic Header Filter
Page 102 and 103:
Common 3.7 Generic Body Filter 3-32
Page 104 and 105:
Common 3-34 Body Filter List The Bo
Page 106 and 107:
Common 3.8.1 Settings 3-36 The Sett
Page 108 and 109:
Common 3-38 The meaning of the chec
Page 110 and 111:
Common 3-40 Their meaning is as fol
Page 112 and 113:
Common 3-42 • Prevent modificatio
Page 114 and 115:
Common 3.8.2 Link Filter List 3-44
Page 116 and 117:
Common 3-46 — do not filter Enabl
Page 118 and 119:
Common 3-48 Dimension Filter List T
Page 120 and 121:
Common 3.9 Privacy Filters 3-50 The
Page 122 and 123:
Common 3-52 Using this section, you
Page 124 and 125:
Common 3-54 Cookie Filter The Cooki
Page 126 and 127:
Common 3.9.2 Cookie Filter List 3-5
Page 128 and 129:
Common 3.10 The Cookie Filter List
Page 130 and 131:
Common 3-60 Text Categorization The
Page 132 and 133:
Common 3-62 Text Categorization Lis
Page 134 and 135:
Common 3.11 Use the following items
Page 136 and 137:
Common 3-66 HTTP Method Filter List
Page 138 and 139:
Common Use the following items to p
Page 140 and 141: Common 3-70 FTP Command Filter List
Page 142 and 143: Common 3-72 The FTP Command Filter
Page 144 and 145: Common 3.13.1 Welcome Page 3-74 The
Page 146 and 147: Common 3-76 • Show again Click on
Page 148 and 149: Common 3.14 White List 3-78 The Whi
Page 150 and 151: Common 3-80 White List The White Li
Page 152 and 153: Common 3-82 To sort the list in asc
Page 154 and 155: Common 3-84 User Defined Categories
Page 156 and 157: Common 3.16.1 Media Type Catalog 3-
Page 158 and 159: Common 3-88 The media type tells th
Page 161 and 162: SSL Scanner Chapter 4 The features
Page 163 and 164: SSL Scanner Before this is done, ho
Page 165 and 166: • Wildcard Match SSL Scanner A wi
Page 167 and 168: Furthermore, there is this section
Page 169 and 170: SSL Scanner To do this, select a po
Page 171 and 172: — Bypass SSL Scanner SSL Scanner
Page 173 and 174: 4.5 Certificate List SSL Scanner Th
Page 175 and 176: To add an exception to the list, us
Page 177 and 178: 4.6 SSL Scanner If the number of en
Page 179 and 180: SSL Scanner Using this section, you
Page 181 and 182: SSL Scanner To make the addition va
Page 183 and 184: There is one section on this tab:
Page 185 and 186: SSL Scanner For the meaning of thes
Page 187 and 188: Trusted Certificate Authorities The
Page 189: They are described in the upcoming
show all

Webwasher 6.5 SSL Scanner User's Guide - McAfee

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?