NetOp Process Control Quick Guide
Contents
1. ss NetOp Process Control NetOp Process Control Quick Guide Copyright 2007 Danware Data A S All rights reserved Document Revision 2007205 Please send any comments to Danware Data A S Bregnerodvej 127 DK 3460 Birkerod Denmark Tel 45 45 90 25 25 Fax 45 45 90 25 26 E mail info netop com Internet http Awww netop com NetOp Process Control Quick Guide 2007 Danware Data A S Warranty Danware Data A S warrants the quality of the physical material of the user package that is manual and CD ROM If these items are defective we will exchange them at no cost within 60 days of purchase from Danware Data Disclaimer Danware Data A S denies any and all responsibility for damages caused directly or indirectly as a result of any faults with the enclosed programs and or documentation Licence Danware Data A S retains the copyright to the user manual All patent copyright and other proprietary rights in and to the programs will remain with Danware Data A S or its licensers Your purchase gives you the right to copy and use the programs as described on your Danware License Certificate included in your package Please save your Danware License Certificate It serves as your legal right to use the software You may also need them in order to receive future updates to the product Please be careful not to install or run the software on more PCs than your Danware License Certificates permits you to2. By checking Remember and clicking No this program will be added to the database with the firewall rule Deny Communication Thus you will not be prompted the next time Media Player tries to communicate In case you want to be prompted each time the program tries to communicate leave Remember 2007 Danware Data A S Configuring the Process Control 9 3 3 unchecked This enables you to change your decision the next time Windows Media Player tries to communicate To change the current rule for Windows Media Player select Firewall Rules Programs Locate the file Windows Media Player file called wmplayer exe right click it and choose between the options below File Description Rule Atrributes Message i Windows Media Player WY WINWORD EXE Microsoft Office Word d WHOFFice exe RoboHelp Office Fa vitawrap exe NetOp School VITAWRAP i VISIO EXE Microsoft Office visic ucstartup exe Ucstartup exe Y Allow Communication L g Frompt on Communication aa Deny Communication fy Unrestricted Communication Trusted Mek Only ee Tpkmap p exe Personalizaci n del tecl a s stdeploy exe MetOp School Student setup_wm exe Microsoft Windows Medi Attributes d ae RoboHTML exe RoboHelp HTML Applica Add OO realplay exe RealPlayer Remove Ctrl F Q Reactor exe MetOp Reactor Properties Bl python exe python exe Kill renger PR STIS ISIS SS DS 1S 9165 prowind2 exe prowins
3. other computers on your LAN By default NPC will not allow inbound communication from other computers on your Local Area Network This may not be convenient for your daily office routines like e g sharing folders and printers You will receive an error message like this Danware WpcO002 is not accessible You might not have permission to use this network resource Contact the administrator of this server to find out if you have access permissions The network path was not found At this point the Setup Wizard has already detected the domain controllers of the domain if present that you are currently logged on to and added a Trust with these This secures that your communication with the Windows Domain will not be blocked However this is still not enough to e g share files with a specific computer like your colleague s laptop First you must configure NPC to use a Trust between your computer and the laptop A Trust allows communication with the specified computer s IP address on all ports and protocols The Trust can be in one or both directions While the Trust is not established the Packet Log will show blocked traffic from your colleague s laptop 2007 Danware Data A S Configuring the Process Control 11 Process Name Protocol De Remote IP Address Remote Port Local IF Address Local Porl Ntoskmlese TCP Trans 192 168 102 851 2954 192 168 103 6 445 Ntoskmlese TCF Transmi 192 168 10
4. 040803 2158 is trying bo communicate on port 60 using the TCP Transmission Control protocol to the remote computer Unresolved File Mame iexplore exe File Location C Program Files Internet Explorer Local 4ddress LLMO01 danware local Local Pork 1309 Remote Address Unresolved Remote Port 50 OCsroank Dranr armo COTRIA S ee leawer awa By clicking Yes this program will be added to the database with the firewall rule Allow Communication The next time Internet Explorer is being launched the user will not be prompted for a decision Denying outbound communication for a program Today many programs by default establish a connection to the Internet to e g check for updates even though it is not necessary for the program to function correctly In these situations you may not wish to allow programs and services to communicate with other networked computers that could cause superfluous network traffic Unknown Program Windows Media Player is tying to communicate Do you want to allow communication Details amp Aules Remember In the above example Windows Media Player is trying to communicate to e g retrieve media information from the Internet If you wish to play only local media files there is no need for the Media Player to contact the Internet In this case you may wish to Deny Communication The firewall will then prevent any communication regardless of the settings in the Media Player Options
5. 2 581 2955 192 168 103 6 139 Htoskmlese ICMP Interme 192 168 102 81 0 192 768 70 3 67 0 Ntoskmnlexe ICMP Inteme 192 168 102 81 0 192 768 103 671 0 Ntoskmlese TCF Transmi 192 168 102 8 2955 192 168 103 6 139 To add your colleague s laptop to the the Trusted Nets open Firewall Rules Trusted Nets and click Add Enter the laptop s IP address and select Inbound Outbound Trust Add Trust F Colleague s Laptop Trusted IF Range From To Attributes Read only 2 Hidden _ System C Log Message Message Trust Inactive fol nbound Qutbound Trust 3 Outbound Trust FS Inbound Trust 8 Trust Inactive Now your colleague can access your shared folders and printers The Packet Log will look like this Process Name Protocol De Remote IP Address Remote Fort Local IF Address Local Forl Ntoskmlexe TCP Transm 192 168 102 891 2994 192 168 103 6 139 Ntoskmlese TCP Trane 192 168 102 8 2994 192 168 103 6 139 Htoskml exe TCP Transm 192 168 102 891 2994 192 168 103 6 139 Ntoskmlese TCF Trans 192 168 102 851 2994 192 168 103 6 139 2007 Danware Data A S
6. NetOp Policy Server For fault tolerance and load distribution the NetOp Policy Server has been implemented with a Master Server and multiple Replica Servers ensuring maximum system availability 1 2 Before you install 1 Read the NDFReadMe txt file that resides in the root directory of the CD 2 Remove any installed firewall 3 Scan your computer with an updated anti virus product 4 Save all data and shut down all running Windows applications 5 Make sure that the computer is connected to the Internet If connected to the Internet by a dial up connection the dial up connection must be running 2007 Danware Data A S 2 NetOp Process Control Quick Guide 1 3 Installation Once you have downloaded the installation file click Run and follow the on screen instructions ig NetOp Process Control Setup Welcome to NetOp Process Control Setup Wizard The Setup Wizard will install NetOp Process Control on your computer Click Next bo continue or Cancel bo exit the Setup Wizard Remember to have all required information ready at hand After installing choose Yes to restart the computer and complete the installation optionally choose No to postpone the restart Note NetOp Process Control will not be running until the computer has been restarted 1 4 Setup When the computer has been restarted the Setup Wizard will automatically be loaded The Setup Wizard assists you in creating a NetOp Process Control NPC s
7. do The programs may be copied for backup purposes only and only as long as the above mentioned rules are adhered to Trademarks NetOp and the red kite are registered trademarks of Danware Data A S All other products mentioned in this manual are trademarks of their respective manufacturers Publisher Danware Data A S Technical Editors Lars Lyhne Team Coordinator Allan Iskov NetOp Process Control Quick Guide Table of Contents Part Welcome faiigolelU eiTe p PAE sce E EE EE E E EE EEE EE es a enc ce ees EEE aa anime tee E Belore yot iNsStall a a a a aaa aA AE n Ea cunts E EEEa EEAS Stallati i anea a E O a a e E A O N SETUP starrar raK E SEAE E SEa Part Il Configuration of NPC 1 Firewall RUIGS sescweces tentecwia cd andaa a ru aaa asda nea a Aa A aula AE aaa 2N Or NaO a a a a a a gt e E E E E E E AE E EEE E E E E E EE AE A E E SES A AE IE AE E E E EEO EEE E ES Part Ill Configuring the Process Control Allowing outbound communication for a program ssssssnsssnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nnmnnn Denying outbound communication for a program ss sssssssssnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nnmnnn nnna Allowing inbound communication for a program s sssssssnnsnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nnmnnn A OO N Working with other computers on your LAN sssnsansnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nnnm 10 2007 Danware Data A S Welcome 1 1 Welcome Welco
8. etup for your current computer environment To create a default setup accept the Setup Wizard suggestions In the window shown below click Next gt to continue 2007 Danware Data A S Welcome 3 Setup Wizard NetOp Process Control Welcome to the MetOp Process Control Setup Wizard This wizard will guide you through the selection of certain setup options to make the NetOp module ready For use Click Mext to proceed NPC makes an initial detection of which programs and services are running after you logged on to your computer The wizard assumes that these are mandatory for your system to function correctly and lists them in the window below Setup Wizard NetOp Process Control Add these programs that are currently set to run automatically when Windows start up Automatically add all detected programs O Manually select programs needed for startup File Description Rule y explorer exe windows Explorer Allow Communication F ntoskrnl exe NT Kernel System Allow Communication Pisass exe L54 Shell Export version Allow Communication P smiss exe Windows NT Session Ma Allow Communication ti Winlogon exe Windows MT Logon Appl Allow Communication To edit to the list of detected programs select Manually select programs needed for startup In general it is not recommended to make any changes to the automatically detected programs since it may cause malfunction of your system Click Next g
9. exe Allowing inbound communication for a program Certain computers offer networking services and may need to allow inbound communication coming from other networked computers Examples of these services are web file database and computer management services like remote control Inbound communication means that the communication is initiated from other computers coming in through NPC Unknown Program NetOp 32 Host Application is trying to communicate l Do you want to allow communication Details Remember In this example NetOp Host tries to communicate with the network during the initial startup using outbound communication As such NPC prompts the user to allow this program to communicate By checking Remember and clicking Yes this program will be added to the database with the firewall rule Allow Communication From a user point of view this program should now be ready for communication However when trying to communicate with the NetOp Host using TCP from other computers on the network no connection can be established because NPC by default is not open for inbound communication The NetOp Host is the server part of a remote control program and as such requires an inbound port to be open in order to work properly To configure the Firewall Rules correctly for this program use the Packet Log to observe 2007 Danware Data A S 10 NetOp Process Control Quick Guide information about the blocked
10. g on your computer programs may need to communicate with other networked computers to execute their tasks For programs not listed and approved during the initial setup wizard NetOp Process Control will display this window when a program tries to communicate with other computers Unknown Program A Internet Explorer i trying to communicate l Do you want to allow communication Details J Aa Remember In this example Microsoft Internet Explorer is trying to start outbound communication with a web server This is OK if you just launched this internet browser and entered a web address to visit Outbound communication means that the communication is initiated from your own computer going out through your firewall In case you do not want to be prompted each time the program tries to communicate check Remember If the program name does not seem familiar you can optionally select the Details button to display a lower extension of the window with details on the communication attempted by the program and additional program firewall rule options Based on this information you have a better chance of deciding whether or not the program should be allowed to communicate 2007 Danware Data A S NetOp Process Control Quick Guide 3 2 LL Unknown Program oe Internet Explorer is trying to communicate Do vou want bo allow communication Remember Details Internet Explorer version 6 00 2900 2160 xpsp_sp2_rtm
11. ific rule can be applied to decide whether the program may run and if communication is allowed As a general setting for all programs Ports and Protocols can be used to restrict communication Trusted Nets and Banned Nets are used for controlling which IP addresses the computer can communicate with Information This section displays historic event information and real time details about network traffic The Event Log gives information about e g programs starting and stopping changes in your networking environment and results of unknown programs requesting network access The Packet Log the Traffic Matrix and Statistics give a real time picture of the actual networking 2007 Danware Data A S Configuration of NPC 7 2 3 3 1 activity and is a valuable tool for deciding if a firewall rule should be modified to block or allow communication To get a list of currently running programs and processes access the Program Manager From here you can stop a program or you can add it to the database for later editing Profiles A Profile is a complete set of firewall rules that can be used on a specific network All of the rules that are created will affect the Main Profile until you actually decide to create new profiles When creating a new profile an exact copy of the Main Profile is used as template for the new definition Configuring the Process Control Allowing outbound communication for a program While workin
12. inbound communication Process Name Protocol De Remote IP Address Remate Port Local IF Address Local Port Nhstw32 exe TCF Transmi 192 168 109 52 1654 192 168 103 651 6502 Nhstw32 exe TCF Transmi 192 168 109 52 1654 192 168 103 651 6502 Look for Nhstw32 exe which is the NetOp Host file name and locate the Local Port number In this case you need to open Port 6502 to allow inbound communication from the NetOp Guest that is the client part of the remote control program To change the current rule for Port 6502 select Firewall Rules Ports Locate NetOp Remote Control and change the rule in the drop down list at the bottom to Inbound Outbound Traffic NPC is now configured correctly to let the NetOp Host be remotely controlled You can also see the effect of the changed setting in the the Packet Log Process Name Protocol De Remote IP Address Remote Port Local IF Address Local Por Nhstw32 exe TCF Transmi 192 168 109 52 1682 192 168 103 651 6502 Nhstw32 exe TCF Transmi 192 168 109 52 1682 192 168 103 651 6502 Nhstw32 exe TCF Transmi 192 168 109 52 1682 192 168 103 651 6502 Nhstw32 exe TCF Transmi 192 168 109 52 1682 192 168 103 651 6502 Nhstw32 exe TCF Transmi 192 168 109 52 1682 192 168 103 651 6502 Nhstw32 exe TCF Transmi 192 168 109 52 1682 192 168 103 651 6502 Nhstw32 exe TCF Transmi 192 168 109 52 1682 192 168 103 651 6502 Nhstw32 exe TCF Transmi 192 168 109 52 1682 192 168 103 651 6502 3 4 Working with
13. me to NetOp Process Control a Danware Data security software This quick guide will lead you through a default installation and startup of NetOp Process Control Additionally it will present examples of how to configure programs to work with the firewall Available options are explained in the NetOp Process Control User s Manual which you can find in the install directory or as an online help system which can be activated by pressing the F1 button or by clicking the Help button Furthermore it is possible to find information on our KnowledgeBase on the NetOp homepage or using the Support form The NetOp Product Services Team 1 1 Introduction The NetOp Process Control is an extremely powerful tool that offers process control and dynamic packet filtering Process control gives you the ability to deny any program process to run at all allow communication only allow communication of a trusted network or prevent any communication Packet Filtering is used for restricting the computer s inbound and outbound traffic based on IP addresses ports and protocols Packet Log and Traffic Matrix are two built in tools used for displaying real time network activity details such as which IP addresses ports and protocols a program is trying to use for communication Make use of this information to configure the firewall Note The NetOp Process Control configuration can either be managed locally on each computer or centralized by the optional
14. ntrol Quick Guide 2 1 2 2 NetOp Process Control 4 0 Firewall Rules File Description Rule Atrributes Message o npcsvc exe NetOp Proce E Allow TOMMI a Programs m NPMAgent exe NetOp PMA E Allow TOMMI fy Ports amp NPMHelper exe NetOp PMH E Allow TOMMI Ak Protocols Y NPMFolicyLoade NetOp PM F E Allow TOMMI W Trusted Nets 2 NPMRM exe NetOp PMR BE Allow Commu a NPSGuard exe Netop Policy E Allow TOMMI a NPSMaster exe Metop Policy E Allow TOMMI d NFSReplica exe Netop Policy we Allow Comma Information da nirsiw exe Registration BE Allow Commu eee Se Oe ce E Blab Oo Cb BS Alles arara JM Event Log kS SY Packet Log Traffic Matrix add Statistics d Program Manager va NPSReplica exe Description WNetop Policy Server Replica Version 4 0 0 152 Path C Program Files Danware DatalNetOp Policy Server ReplicalWPSRer Select Profile Size 954 680 Bytes If Banned Nets Show Hidden Selected File Information Profile rules Rule Allow Communication E Rule Last Active Processes enabled IP 192 168 102 70 Process ControlOk This product is a Trial ersion This is the NetOp Process Control main user interface that specifies Firewall Rules accesses Information utilities and specifies Profiles Firewall Rules This section allows the user to configure rules for program execution and communication For each Program a spec
15. s For programs that need access to the network Note Some outbound ports are open by default and replies are accepted User defined rules Select this option iF you wank to configure your own selection of ports and programs that need access to the network Note All ports are closed by default Initially NPC allows traffic that is necessary for your programs to function smoothly This means that the programs will be allowed to communicate with e g the Internet and accept replies to this specific communication Your computer will still be blocked for undesired incoming traffic lt is recommended at this time to keep the default Click Next gt to continue 2007 Danware Data A S Welcome 5 Setup Wizard NetOp Process Control Setup Wizard completed Your MetOp Process Control is now set up and ready For Use To change the setup use the Open Process Control menu items Click Finish to leave the setup wizard NetOp Process Control is now set up and running 9 Configuration of NPC When NetOp Process Controlis installed on a computer this button will by default appear in the notification area in the lower right corner of the screen Right click this button to display this menu 1 1 lan Block All Communication Switch Profile About NetOp Process Control Exit The Open Process Control provides access to the NetOp Process Control window 2007 Danware Data A S NetOp Process Co
16. t to continue 2007 Danware Data A S 4 NetOp Process Control Quick Guide Setup Wizard NetOp Process Control Define Trusted Nets Automatically detect domain controllers connections if present O Manually define Trusted Nets connections Trust From To Attributes Rule DE UR _MPNY O1 192 165 100 8 192 166 100 4 Inbound Gu US UR _MPNY O2 10 350 12 10 30 1 2 Inbound Gu DE UR _MPNY O35 10 50 1 1 10 50 1 1 Inbound Gu UE UR _MPNY 04 10 40 1 1 10 40 1 1 Inbound Gu E5 UR _MPNY 05 192 166 100 192 166 10 Inbound Gu NPC automatically detects the domain controllers of the domain that you are currently logged on to This enables you to set up a trust for these securing that your communication with the Local Area Network will not be blocked The list is empty if you are presently not logged on to a domain or if no domain controller is present To edit the list of detected domains select Manually define Local Area Network Click Next gt to continue Setup Wizard NetOp Process Control Select Permissions for Outbound Traffic Permit all outbound traffic Default Select this option iF you do not have sufficient information to configure ports For programs that need access to the network Note All outbound ports are open by default and replies are accepted Limit outbound traffic Select this option iF you want the Process Control to open a predefined selection of port
Download Pdf Manuals
Related Search