Current iBoss Reporter Manual
Contents
1. 12 Figure 6 Current Top Bandwidth Consumers Full 12 Figure Real time URL Access ACH VIL sa 13 SN SM CUI PER 14 Figure 9 Bandwidth 16 16 Figure 11 Data Movement Maps due esc bb tuts DUE 17 Figure 12 Real Time nennen esses 18 Figure 15 Real Time Bandwidth PlOUer is 19 Figure 14 Connection Detail 19 Bandwidth 22 Figure 16 Downstream Bandwidth Overview eese eene eene eene nnns 22 Figure 17 Upstream Bandwidth Overview 22 Ds e E nsnapedl Dandy foils cc es 23 POO lbe EESE EES EEEE 24 Figure 20 Threat dashboard PER 23 Teie Time cnius S DENEN 26 e io E E E 27 Rev 6 0 23 25 December 17 2013 Page 4 of 103 Phantam Technologies SECURITY Peme 28 B2. General Semings iBoss Enterprise SWG IP 10 128 24 55 Logout Drill Down Threat Reports Controls b E Video Desktop Sienature Report Schedules Protected Objects System Info Bypass 1 Settings Gateway threat gateway THREAT CATEGORIES Attack Communication Bad Traffic Detection Botnet Communication Distributed DOS Denial of Service File Identification Malicious File Exploits Finger Exploits Ping Detection IMAP Email Exploits Obfuscation Attempts Multimedia Communication NetBIOS Communication Oracle Exploits Monitor v Monitor v Monitor v Monitor gt Monitor Monitor v Monitor v Monitor gt Monitor v Monitor v Monitor v Disabled Monitor gt Monitor v Rev 6 0 23 25 December 17 2013 Backdoor Communication Malicious Destinations Chat Communication DNS Server Attacks Misc Exploits Microsoft Office Exploits PDF Exploits FTP Exploits Suspicious Ping Compromise Indicators Misc Network Activity MySQL Exploits NNTP Exploits P2P Communication Monitor Monitor v Monitor Monitor Monitor Monitor v Monitor Monitor Monitor v Monitor v Monitor v Monitor Monitor v Monitor Page 40 of 103 Phantom SS gn Techn
3. End Date z MM DD YYYY Comp MAC Category All 7 End Time 11 59 Source IP Action All Audit Event Al Comp Name All Y Location Callout Only No EMAIL THIS REPORT NOW Email to WEB LOG SEARCH RESULTS Report Group Format Turbo Tab Delim OR Download Items 1 25 Items Per Page 25 z Prev Next Date amp Time V User Source IP URL Domain Destination IP Description Action 06 12 13 07 39 10 128 31 105 10 128 31 105 ib6102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 37 AM 10 128 31 105 10 128 31 105 ib 102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 35 AM 10 128 31 105 10 128 31 105 ib6102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 33 AM 10 128 31 105 10 128 31 105 ib6102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 31 10 128 31 105 10 128 31 105 ib 102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 28 AM 10 128 31 105 10 128 31 105 ib6102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 26 AM 10 128 31 105 10 128 31 105 ib6102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 24 AM 10 128 31 105 10 128 31 105 ib 102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 24 AM administrator 10 128 16 120 update microsoft com 157 56 77 158 Technology Allowed 06 12 13 07 22 AM 10 128 31 105 10 128 31 105 ib6102 iboss com 206 125 41 137 Techno
4. TO DOMI 82 Figure Top Blocked DOPBIQDDIS 83 Figure 67 Top Users by Category Time 85 Figure 68 Top Users by Category Web Hlits esses nnne 86 Rev 6 0 23 25 December 17 2013 Page 5 of 103 Technologies SECURITY Figure 6 Top Users By Overall Web 87 Pisure 70 Top Users by Overall Time 88 Pisure J Top Blocked 89 Sc Trendans wc sens eens ens ene eee meee ee see eee 90 SUS O PENNE TT RTT 91 SEM E A E 92 VO ANC c 93 A esd sour tob E SUPR E UNE ENSE 94 E 95 Lione Down ire Ald 96 Top Us Mean USOS 97 EM T 98 Figure Top Overall 99 Fig re 52 Top Outbound 100 Froure 5 5 Top Inbound 101 Top Users DV 102 Rev 6 0 23 25 December 17 2013 Page 6 of 103 TM 9 m _ Technologies SECURITY 1 Enterprise Report Manager The iBoss is equipped with an advanced rep
5. REF EHE 8 1 4 REPORT GENERATION AND MANAGEMENT ssssenecccececeeeceeesseseesssaaaeeeeeeeeeeeeeeeeeeeeseseaaaaeeeeeeeeeeeeeeeseeeeegas 9 1 4 1 TOG BIBIT UE E 9 141 1 VM SN 9 LAT 14 1 4 1 3 Bandwidth UEM er 18 1 4 1 4 Bandwidth Shaping cc cc ccccssccssssssccessssscecesssceccssssnsecssceseccssssesecesssesecesssessecesssaeeecesseaseeesssasecesesenseseens 20 1 4 1 5 TEE Po riore AG NN TREE Tm 24 1 4 1 6 TMP NG IG 27 1 4 2 Po 28 1 4 2 1 29 1 4 2 2 AU TAS IVAN YY NNI TN 30 1 4 3 DOT OVI TCI OTIS 32 1 4 3 1 o M M 34 1 4 3 2 E E E 34 1 4 3 3 PIDE R UTE Mac UD Ku RUE 34 1 4 3 4 Generaas a REPON error 34 1 4 4 OTE 38 1 4 4 1 General BUS cee paceman ane ous 38 1 4 4 2 IE REED EM 40 1 4 4 3 lo T ee
6. Gambling 0 Seconds More E Games Seconds More Government O Seconds More E Guns amp Weapons 0 Seconds More Health 0 Seconds More 4 Image Search 1 min 24 secs More 1 Jobs 0 Seconds More Mobile Phones Seconds More News 3 mins 17 secs More Organizations 0 Seconds More Personal Websites 1 min 24 secs More Political Seconds More Porn Nudity 0 Seconds More Proxies Seconds More Real Estate 0 Seconds More Religion 0 Seconds More 1 Restaurants Food O Seconds Search Engines 28 mins 29 secs More Services 3 mins 8 secs More SexEd 0 Seconds More Shops 0 Seconds More Sports 0 Seconds More E Streaming Radio TV 0 Seconds More Technology 9 hrs 40 mins 34 secs Toolbars 0 Seconds More E Transportation 0 Seconds More Travel 0 Seconds More Violence 0 Seconds More Virus amp Malware 0 Seconds More E Web Hosting 4 secs More Webmail 0 Seconds More Total Time 17 hrs 34 mins 31 secs 2013 Phantom Technologies Inc All rights reserved ed trademarks on this website are the property of their respective owners Rev 6 0 23 25 December 17 2013 Page 84 of 103 10955 Technologies SECURITY Figure 67 Top Users by Category Time Use 1 5 2 7 Top Users By Category Web Hits This section lists
7. IPS SIGNATURE TUNING ENTRIES 1to4 ID IP Port IP Bypass 10 128 16 205 32 10 128 25 70 32 38 96 15 131 32 10 128 16 0 24 D Enabled Note Source Source Source Source 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 36 Bypass IP Port 1 4 5 Report Schedules This section allows for the configuration of report generation schedules Schedules allow you to generate reports for a specified interval of time and have them stored or emailed on a recurring basis Report schedules also allow for the daily report to be emailed daily to specified recipients Rev 6 0 23 25 December 17 2013 Page 45 of 103 Technologies jbo ss SECURITY Real time Dashboard Logs REPORT SCHEDULES ID Name Select All io ss SECURITY iBoss Enterprise SWG IP 10 128 31 175 Logout Drill Down Report System Reports Schedules Desktop Settings Info Reporting Group Default Reporting Group 0 v Select Create New Renort Schedule Create Date Next Processing Time Status Edit Remove O 1 EddieTest Overall 05 20 2013 06 13 13 12 00 AM R Create New Renart Schedule 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 37 Repo
8. Results Username Full khit Figure 59 Find User Regardless of whether you have all users selected or a particular user the information presented will look the same and is consistent The only thing that changes is the information on the page not the structure 1 5 1 2 Quickly switching between reports The top right section of the report information bar has a drop down list which allows you to quickly switch between reports Simply select a report from the drop down list and the current report page will be updated with the information from the newly selected report This is useful for comparing information between two or more reports 1 5 2 Web Usage Statistics This section contains information related to web browsing This includes websites visited top visited domains top blocked domains web category usage as well as other statistics As stated above most of the items are clickable and can be drilled down for more detail Bandwidth Threats amp Malware Web Hit Web Hits By Time Use Top isited Top Blocked Trends Category By Category Domains Domains Top Users By Top Users By Top Users By Top Users By Top Blocked Category Time Use Category Web Hits Overall Web Hits Overall Time Use Users Trending Now Suspicious IKE TIR Filter Avoidance Figure 60 Web Usage Statistics Rev 6 0 23 25 December 17 2013 Page 76 of 103 255 1 SECURITY Technologies 1 5 2 1 Web Hit Trends
9. T r areNt 42 1 4 4 4 rome E O UU iiM aga PUR ree E d ster Ned PUR Dd 43 1 4 4 5 Sonae E TU 3 1 SRI m 44 1 4 4 6 MS 45 1 4 5 V RID EVO 45 1 4 5 1 CO NS 46 1 4 5 2 Editi Report Scheduled ER sg MEE aed Hess n 46 1 4 5 3 BeporL5chedule PLOCESS IO REP REP Op Foo du ELO E DEP vo OUS Rp Ad aut I UU 46 1 4 5 4 Report Schedule Ty MEER E 46 1 4 5 5 Cene a Repor NS IN so eaten 46 1 4 6 Automatic Desktop Monitor Control Record 32 1 4 6 1 rn dh ihc E hen S A EE EE H OO 32 1 4 6 2 Registering Computer to BUS dr 32 Loo video Deski EK T 53 1 4 6 4 Vid o Desktop Recordings secerneren rena a e aea vests RE EEEa a EEA ETa a reer aeeai 54 1 4 6 5 Thre MTS OST TTE E 54 1 4 7 Nom S 55 1 4 7 1 MT E H 55 1 4 7 2 ees
10. Recanng Schedule Ves Custom Genereted Repon Schedule SCHEDULE TIME Note Report cenerston may take long Ome to complete You wil be able tn access the data within the report wh e the feport is being generated is recommended that report schedules be set to generate reports dunng non peak network hours or dunng non business hours i of every mor Create New Report On Schedule ido Actorty m Generated report fram Include the Following Users amp Groups Deleg sec Eeoporbna p Group s find Include All Users amp Groups Include Selected Users amp Groups induce Groups Limit Report Te Renge Start IF fatto Delete Processed Data ater reports are sent yes No Note Thes option appbes to the processed data chosen above If you choose to Auto Delete Processed Data after reports are fent these data statistics will be deleted and you wil no longer be able to send POF reports wah this data You wil need to process the data with to this data to send PDE reports tert again EMAIL RECIPIENT Email Message Information Message Body m m p Report Custom Introduction and Conclusion Ir roducemor Cor Additional Information Report Prepared Prepared For Report Type 2 t x E E E led X 5 d 3 m t 2 8 i E 5 Report Rep
11. 40 Kbits sec 35 Kbits 5ec 30 Kbits sec 25 Kbits sec 10 48 1 Figure 16 Downstream Bandwidth Overview 1 4 1 4 2 Upstream Bandwidth Overview This section has three graphs all relating to upstream bandwidth The first shows the overall upstream bandwidth The second shows the bandwidth settings in pie chart form The third shows a similar pie chart detailing how the bandwidth is actually used The two charts share the same colors for easy comparison UPSTREAM BANDWIDTH OVERVIEW Realtime Overall Upstream Bandwidth Bandwidth Pool Settings Current Bandwidth Pool Rates 26 Kbits sec 24 Kbits 22M bKEs sec 20 Kbits sec r M m 10 55 30 10 56 1 Figure 17 Upstream Bandwidth Overview 1 4 1 4 3 Unshaped Bandwidth This section has several graphs dedicated to revealing problems with bandwidth that is unshaped by the QoS rules There are two sets of graphs The first three are dedicated to Downstream Bandwidth The second three are dedicated to Upstream Bandwidth both Rev 6 0 23 25 December 17 2013 Page 22 of 103 PhantQm 1609055 Technologies SECURITY cases the first graph details the bandwidth in real time The second details it over the past hour The third details it over the past day UNSHAPED BANDWIDTH DIRECTION DOWNSTREAM BANDWIDTH DURING SATURATION 22900 00 kbps BANDWIDTH HARD CAP 98000 00 kbps DIRECTION UPSTREAM BANDWIDTH DURING SA
12. 5 IP 10 128 24 55 NETWORK SECURITY Unified Threat amp Event Console Login Please login User Name Password 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 1 iBoss Reports Login 1 4 Report Generation and Management 1 4 4 Real Time dashboard After logging into the report manager the iBoss presents a page detailing the current activity This page contains information regarding what is currently occurring on the network There are several other sections within the report management section that include viewing and creating generated reports viewing and creating report schedules configuring report settings and viewing system information 1 4 1 1 Web Dashboard The current activity section shows active real time information about the network This information is updated in real time automatically Rev 6 0 23 25 December 17 2013 Page 9 of 103 Phant amp m Technologies 10 55 NETWORK SECURITY Bc NN Drill Down Threat Keport Dashboard Logs Reports Controls Schedules Faldita lili 1 ticam MENTAT Reporting Group REALTIME ACTIVITY Pa iBoss Enterprise SWG HE TEM 24 99 E capiat Video System _ Desktop ES Info IEEE ETT rampant Lh ibis Uul Gateway boss Real Time Bandwidth 10 Mbits ser
13. M 64 1 4 7 3 Os Ke DIR eee een etn Cree Emr Cr ee nt E Dc 66 1 4 7 4 ots alas eens Eon tun eU 67 1 4 7 5 B SEE V S AE chen Re RU O A NA TE ade eg EE an dap E TA AT 70 IP NE T T Mme 72 1 4 7 7 Network SEELTITB So pP T2 1 4 7 8 gt 92121 5 71 OCc Q 73 1 4 7 9 BUNS Up 73 1 4 8 Report Manager System Information 74 ene ene eee eee ae ee eee ee ee ee ee ee re 74 1 5 1 Report Information Section 75 1 5 1 1 Showing Report Information for Particular 175 Rev 6 0 23 25 December 17 2013 Page 3 of 103 jb ss Technologies SECURITY 1 5 1 2 Onickly switehine between E 76 1 5 2 WC AOE SITIENTIS 76 1 5 2 1 WEER NEAN EE EUER T4 1 5 2 2 Web HAUS dona SCIT NND uU 77 1 5 2 3 Time Ue TRE wren ner teen nee teen rete E E creer 80 1 5 2 4 Top Visited Domains 82 1523 IC vU mE 82 1 5 2 6 Top Users DIme 83 1 5 2 7 Users By Category
14. 1 SS IP 10 128 24 55 NETWORK SECURITY Logout Real time Drill Down Threat Report Dashboard Reports Controls Schedules I REPORT SYSTEM INFORMATION Successfully cleared log Version 6 0 22 105 View Release Notes Uptime 472 Hours 43 Minutes 56 Seconds SYSTEM EVENT LOG Date amp Time Message DATABASE SIZE INFORMATION gt Current Database Size 18 28 GB gt Max Database Size 95 GB gt Space Available 76 72 GB gt Percent Space Used 19 24 gt Percent Space Available 80 76 Reboot System Poweroff System Restore Database 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 57 System Info 1 5 Viewing Reports You may view reports by clicking on the report you wish to view from the View Reports section of the report manager When you click on the report you will be taken to the web statistics section of the report Most of the items within the report manager are clickable The report manager allows deep drilldown functionality to provide very detailed information very easily Rev 6 0 23 25 December 17 2013 Page 74 of 103 Phant m 10955 Technologies SECURITY 1 5 1 Report Information Section When viewing any of the report pages the report information section will be visible at the top of the page This section gives you information regarding the curr
15. 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 64 Time Use By Category Rev 6 0 23 25 December 17 2013 Page 81 of 103 255 1 SECURITY Technologies 1 5 2 4 Top Visited Domains This section lists the top visited domains as well as the top blocked domains You get a full list of domains with the ability to sort by a variety of parameters by clicking on the More button iBoss Enterprise SWG io ss SEGURITY IP 10 128 31 175 Logout IL O T Real time Drill Down Report Video System Dashboard Reports Schedules Desktop Info Generated Report Jump to Report Daily report Overall 06 07 2013 v Report Name Daily report Overall Date 06 07 2013 06 08 2013 User Blank All Users Bandwidth Ud Web Hit Web Hits By Time Use Top isited Top Blocked Trends Category By Category Domains Domains Top Users By Top Users By Top Users By Top Users By Top Blocked Category Time Use Category Web Hits Overall Web Hits Overall Time Use Users Trending Now Suspicious Liability Filter Avoidance Domain Hit Count rss2search com akamaiedge net iboss com google com apple com 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 65
16. 5 05 o gt 2 iphantom com 2 43 MB sac 2 gt 3 google com 2 36 MB co gt 4 apple com 1 34 MB gt 5 gstatic com 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 80 Domains Rev 6 0 23 25 December 17 2013 Page 98 of 103 Phantom 10955 Technolgies SCURRY 1 5 4 Threats amp Malware The Threats amp Malware section provides information from IPS units that are attached to the Reporter Please refer to the IPS Guide for more information 1 5 4 1 Top Overall Threats This section contains the top overall threats as determined by the IPS You may click the More button for a full list iBoss Enterprise SWG iboss IP 10 128 31 175 SEGURITY Logout Real time Drill Down Report Video System Dashboard Logs Reports Schedules Desktop Settings Info Generated Report Jump to Report Daily report Overall 06 07 2013 v Report Name Daily report Overall Quick Date 06 07 2013 06 08 2013 User Blank All Users Web Bandwidth Top Overall Threats Top Outbound Threats Top Inbound Threats Top Users By Threats Threat Priority 1 High Threat Hit Count m P CO oC C CO No Threats Hits 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the prope
17. Ab Lue Banauwidthiwogs L MANAGE INTRUSION LOG ARCHIVES Name ips log current Start Date 01 30 2013 End Date Current Size 57 34 KB 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 51 IPS Logs This section allows you manage the IPS logs You may Roll IPS logs into archives This allows you to bunch bandwidth statistics and then back them up or delete them Rev 6 0 23 25 December 17 2013 Page 69 of 103 Phant amp m Technologies SECURITY You may also setup a Backup Share under the General Settings to have the Log archives backed up to With Backup Share folder setup on the General Settings the list of backed up Bandwidth Log archives will be displayed If the Backup Share has not yet connected it may take a couple minutes for this page to load as it is establishing a connection to the backup share 1 4 7 5 Register Gateways lt lt ee Real time Drill Down Report Dashboard Logs Reports Schedules General Report Users Report Groups Archives REPORT MANAGER REGISTERED DEVICES IP Address iboss lab 10 128 16 116 ibfirewall1224346648 10 128 16 117 johniboss 10 128 17 140 Video Desktop Hime 9 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective ow Figure 52
18. Callout Only No Audit Event Al Type All Y Report Group All v EMAIL THIS REPORT NOW Email to Format Turbo Tab Delim Send OR Download Figure 25 Web Log Search Filters 1 4 2 1 2 Site Callouts These are callouts in which site logos are displayed and search terms are tagged For example sites like Google will show the logo of Google and the term that was used to search with 06 10 13 01 13 PM khit 10 128 16 119 NOAUSYVTSUSTMADNACHONT 216 239 32 20 Search Engin Allowed zi E 06 10 13 01 13 khit 10 128 16 119 phat onp lel syp iadmphandiak 216 239 32 20 Search Engin Allowed 06 10 13 01 13 PM khit 10 128 16 119 www google com xjs js k 2xjs s en US h6ozd5YZptc O 216 239 32 20 Search Engin Allowed 06 10 13 01 13 PM khit 10 128 16 119 www google com search safe active amp sclient2psy abg amp qzw 216 239 32 20 Search E Allowed Google Google search web filter view 3 zi A 06 10 13 01 13 PM khit 10 128 16 119 qnogiecam gan 284PatypeilciwdAcaded lesmwen 216 239 32 20 Search Engin Allowed i i 06 10 13 01 13 khit 10 128 16 119 google com s gs m 168gs ri psy ab amp suggest P 216 559 5250 Search Engin Allowed i r 06 10 13 01 13 PM khit 10 128 16 119 google com s gs rn i amp gs ri psy ab8suggest P 516 559 3220 Search Engin Allowed i 06 10 13 01 13 khit 10
19. SECURITY iBoss Enterprise Reporter User Manual Technologies www iboss com Phant m iboss Note Please refer to the User Manual online for the latest updates at www ibosswebfilters com Copyright by Phantom Technologies Inc All rights reserved No part of this publication may be reproduced transmitted transcribed stored in a retrieval system or translated into any language or computer language in chemical manual or otherwise without the prior written permission of Phantom Technologies Inc Phantom Technologies Inc makes no representations or warranties either expressed or implied with respect to the contents hereof and specifically disclaims any warranties merchantability or fitness for any particular purpose Any software described in this manual is sold or licensed as is Should the programs prove defective following their purchase the buyer and not this company its distributor or its dealer assumes the entire cost of all necessary servicing repair and any incidental or consequential damages resulting from any defects Further this company reserves the right to revise this publication and make changes from time to time in the contents hereof without obligation to notify any person of such revision of changes All brand and product names mentioned in this manual are trademarks and or registered trademarks of their respective holders www iBoss com Open Source Code This product may
20. This section shows web hit trends for the current report over time It displays both Hit Count and Block Count You can click and drag to zoom into a more specific time iBoss Enterprise SWG iboss SEGURITY IP 10 128 31 175 Logout Real time Drill Down Report Video System Dashboard Reports Schedules Desktop Settings Info Generated Report Jump to Report Daily report Overall 06 09 2013 gt Report Name Daily report Overall EZ Date 06 09 2013 06 10 2013 deser User Blank All Users ind Apply Bandwidth Ula els ETVEICG Web Hit Web Hits By Time Use Top Visited Top Blocked Trends Category By Category Domains Domains Top Users By Top Users By Top Users By Top Users By Top Blocked Category Time Use Category Web Hits Overall Web Hits Overall Time Use Users Trending Now Suspicious Liability Filter Avoidance 130 120 110 100 90 80 70 60 06 08 13 11 48 PM 06 09 13 05 51 AM 05 08 13 11 52 AM 06 09 13 05 53 PM Hit Count Block Count lt lt 9 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 61 Web Hit Trends 1 5 2 2 Web Hits By Category This section shows overall web category usage by hits It displays both total accesses and blocked accesses relative to each other You can double click any of these bars to drill down and get more detail about the par
21. 05 07 2013 Report Name Daily report Overall E Date 06 07 2013 06 08 2013 Report User Blank All Users Find App Bandwidth Threats Web Hit Web Hits By Time Use Top isited Top Blocked Trends Category By Category Domains Domains Top Users By Top Users By Top Users By Top Users By Top Blocked Category Time Use Category Web Hits Overall Web Hits Overall Time Use Users Trending Now Suspicious Liability Filter Avoidance User Hit Count 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 69 Top Users By Overall Web Hits Rev 6 0 23 25 December 17 2013 Page 87 of 103 it 255 1 5 2 9 Top Users Overall Time Use This section lists the top five users by overall time use You may click the More button to show all users listed by over time use iBoss Enterprise SWG iboss IP 10 128 31 175 SECURITY E a Real time Drill Down Report Video i System Dashboard Logs Reports Schedules Desktop Settings Info Generated Report Jump to Report Daily report Overall 06 07 2013 Report Name Daily report Overall Ed Date 06 07 2013 06 08 2013 separ User Blank All Users Finc Apply Bandwidth Threats amp 1Malware Web Hit Web Hits By Time Use Top Yisited Top Blocked Trends Category By Category Domains Domains Top Users By Top Users By Top U
22. Behavioral DLP Rev 6 0 23 25 December 17 2013 Page 42 of 103 Phant m 10055 Technologies SECURITY 1 4 4 4 Protected Objects iBoss Enterprise SWG 10 55 NETWORK SECURITY Logout Real time Drill Down Threat Report Video System Dashboard Reports Controls Schedules Desktop iar Info General Sethines l HreatGategories Behavioral DUP Signature d Aming Bypass 1P Port Gateway threat gateway PROTECTED NETWORK OBJECT SETS SEARCH FILTERS Name Object Type All IP Address Enabled e Subnet Mask PROTECTED NETWORK OBJECT SETS 1 8 First ID Name Type IP Subnet Enabled 5 Core Network 10 0 0 0 8 General Network Computer 10 0 0 0 8 Yes 6 Core Network 192 168 0 0 16 General Network Computer 192 168 0 0 16 Yes 7 Core Network 172 16 0 0 12 General Network Computer 172 16 0 0 12 Yes 8 Core Server Group 1 General Network Computer 10 128 16 0 24 Yes 9 Core Server Group 2 General Network Computer 10 128 17 0 24 Yes 10 Company Mail Server Mail Server 10 128 16 16 32 Yes 11 Pauls Computer General Network Computer 10 128 25 70 32 Yes 12 Chris Laptop General Network Computer 10 128 18 240 32 Yes 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website the property of their respective owners Figure 34 Protected Objects Rev 6 0 23 25 December 17 2013 Page 43 of 103 Phant m 10955
23. Mats ENG Presi Hanfend a tier p ak LUE LE TETEN Santa dita d rui ot Use Source Bytes Connectlons vi View All By Desti ation Bytes Connections vier All By Source Connections Packets View All 1 Active Applications By Bytes view All Active Applications Connections view All Active Applications By Packets View All Source Top Byles View Source Top Connections View All By Source Top Packels iew All Rev 6 0 23 25 December 17 2013 Page 15 of 103 Phant m iboss Technologies SECURITY Figure 9 Bandwidth Dashboard 1 4 1 2 1 Real Time Activity This section has a series of graphs detailing the real time bandwidth activity Hovering the mouse over the fields will yield additional information The Real Time Bandwidth and the Real Time Connections are identical to the fields on the Web Dashboard The three bar graphs all look at activity by destination They list the top five by bytes connections and packets In all three clicking on the View AII link yields a full list REALTIME ACTIVITY Real Time Bandwidth Real Time Connections Real Time Packets 5 Mbits sec 1 0 Kpackets sec 2 05 Kconnections 0 9 Kpackets sec 3 4587540743453578 0 8 Khackets se 2 00 Kconnections 2 Mbits sec 0 7 Kpa ec 1 Mbits sec 1 95 Kconnections 0 6 Kpackets sec ee OS Ll 13 58 13 58 10 13 13 58 13 58 10 13 58 20 13 58
24. Video Dashboard Logs Reports Controls Schedules Desktop Leve Info D HreatGategories Protected Signature daming Bypass IP Port Gateway threat gateway INTRUSION PREVENTION Enable Real Time Intrusion Malware amp Virus Protection No BEHAVIORAL DATA PROTECTION Data Sensors Enabled Behavioral Data Profiling Enabled Profiling Sensitivity minutes Data Monitor Sensitivity seconds Monitor IP Exclusion CIDR Format separated TRAFFIC PROCESSING Process High Risk Threats Process Medium Risk Threats Process Low Risk Threats Process Very Low Risk Threats Rev 6 0 23 25 December 17 2013 Page 38 of 103 Phant m 10955 Technologies SECURITY DETAILED SETTINGS Detect Incorrect Packet Size No Inspect TCP Signatures 8 Heuristics Yes Inspect UDP Via Signatures amp Heuristics Yes Detect ARP Spoofing No Inspect SSH Yes Inspect RPC Yes Detect DNS Anomalies Yes Detect SSL Anomalies Yes Sensitive Data Inspection Yes Inspect SIP VOIP Yes Inspect IMAP Yes Inspect POP Yes 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 31 General Settings Rev 6 0 23 25 December 17 2013 Page 39 of 103 Phanta m Technologies 1 4 4 2 Threat Categories Iomss NETWORK SECURITY Real time
25. 6 0 23 25 December 17 2013 Page 34 of 103 m Technologies iBoss Enterprise SWG ETT Real tima Drill Dewn R port video ix System Dashboard Aiport Schedules Desktop Settings Infa Generate Report r Note Report genaration may take a long tima camplaete Y L will be able t access the data within th repart while the report is being genarated It 15 recommended that report genaratian run during non peak network maurs or during non business hours GENERAL Repart Ham generated left blank Diascriptian Include the Following Users amp Groups Delegated Reporting B ooo Group 0 rimi Include All Users amp Groups Include Salacted Users amp Groups Indude Groups indude Jeers Limit Report IP Range start ip suto Gelete Processed Data after reports are sant This aptian apples t thi processed date dazan above Of you Chie t Auta Deleme Proosed Cato oft reports ari sent data statistics wil be deleted and you will no longar be able ta send PDF reports with this data You wil ba process the data agam f you wish to have POF reports vent again EMAIL PDF REPORT RECIPIEHT Email Message Information Emal Emal Fran acc Subject Message Body Report Contact Information Company Name Address amp ddrass 2 CE Stabe Provwnee Email p Prone Report Cust
26. Atlantic Mediterranean Syria k MD Tunisia Sea Afghanista 5 Om 5 25 Iran GA LA 7 A Pakis Algeria Gulf of Wesen 3 Libya Egypt m Mexico Sahara Arabia Cuba va Puerto aay uL Oman e Rico Mauritania 12 Ni lt 7 lt Caribbean S a j dep Nicaragua xi L E Burkina Map data 2013 Google INEGI MapLink Terms of Use Figure 22 Real Time High Risk Threat Map 1 4 1 5 3 Threat Activity This section is a real time scrolling display of events as they occur The list can be filtered to monitor for specific threats Rev 6 0 23 25 December 17 2013 Page 26 of 103 m 10955 Technologies _ SECURITY THREAT ACTIVITY Filters User Find Sig ID Priority All Src Date amp Time Threat Source IP Figure 22 Threat Activity 1 4 1 6 Endpoint Security This section displays information about the iBoss Endpoint Security system Please refer to the iBoss Endpoint Security guide for more details about these features Rev 6 0 23 25 December 17 2013 Page 27 of 103 m 10955 Technologies i SECURITY SECURITY i 10 128 31 175 iBoss Enterprise SWG Real time Drill Down Report Video System Dashboard cogs Reports Schedules Desktop Settings Info Web Dashboard BandwidthiDashboard 1 BandwidthiShap
27. Enabled C Yes Delegated Reporting Group 2013 Phantom Technologie website are the property s Inc All rights reserved 10055 SECURITY iBoss Enterprise SWG IP 10 128 31 175 Logout 7 System Settings Info AGS a 5 of their respective owners All other options remain the same except for the name of the group or OU you want to give report access to 1 4 7 3 Report Groups ijboss SECURITY Real time Dashboard Logs General REPORT GROUPS Group Report users Figure 47 Report Groups Drill Down Reports Video Desktop Report Schedules Log Archives RegisteraBoss Devices Group Name Students 2013 Phantom Technologies Inc All rights reserved iBoss Enterprise SWG IP 10 128 31 175 Logout A System Settings ios Time Network Settings Subscription Remove All trademarks and registered trademarks on this website are the property of their respective owners Rev 6 0 23 25 December 17 2013 Page 66 of 103 Phantom 10955 This section allows you to add edit Reporting Groups that can log users into separate groups The Report Users can then be assigned to see just these reporting groups These delegated admins of the reports will only see the reporting groups assigned to them The default group is Default Group and is group 0 When making a user part of a different reporting group the user would then be
28. Logs Reports Schedules Desktop Settings Info iBoss Enterprise SWG General Report Users Report Groups Log Archives RegisteriBoss Devices Time Network Settings REPORT MANAGER SUBSCRIPTION Subscription Key 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 56 Subscription This section allows you to enter the subscription key You may click Edit to enter the key Once you enter the key click Edit to save the key and then Confirm The report manager will need to be connected to the Internet to be able to confirm this key Please make sure it is plugged into the network to be able to verify the subscription key Note The report manager will not process log data and will not fully function if your subscription is not active Rev 6 0 23 25 December 17 2013 Page 73 of 103 Phant amp m LOSS Technologies 3 SECURITY 1 4 8 Report Manager System Information This section contains system information pertaining to the iBoss This includes the system log the system uptime and the database size From this page you can view and clear the system event log In addition you can view how much disk space the report manager is consuming and how much disk space is available When the maximum is reached the database will automatically shrink on the maintenance interval iBoss Enterprise SWG
29. More E Guns amp Weapons 0 0 More Health 0 0 More Image Search Ti 5 Jobs 0 0 More Mobile Phones 0 0 More News 1 0 More EF Organizations 0 0 More Personal Websites 20 IT Political 0 0 More Porn Nudity 12 12 More Proxies 1448 1448 More Real Estate 0 0 More Religion 1 0 More Restaurants Food 0 0 More Search Engines i75 21 More Services 4 0 More Sex Ed 0 0 More Shops 0 0 More Sports 0 0 Streaming Radio TV 1 0 More Technology 609 8 More Toolbars 0 0 More Transportation 0 0 E Travel 0 0 More Violence 0 0 More E Virus amp Malware 2 2 More E Web Hosting 5 0 More E Webmail 22 22 More Total Hit Count 3751 Total Block Count 1604 013 Phantom Techno All trademarks and registered trademarks on th Figure 68 Top Users by Category Web Hits Rev 6 0 23 25 December 17 2013 Page 86 of 103 SS RITY Phant amp m Technologies SEC 1 5 2 8 Top Users By Overall Web Hits This section lists the top five users by overall web hits You may click the More button to show all users listed by web hits iBoss Enterprise SWG IP 10 128 31 175 SECURITY 31 175 Real time Drill Down Report Video System Dashboard Logs Reports Schedules Desktop Settings Info Generated Report Jump to Report Daily report Overall
30. PDF Report Enter the Name Company Name Address City State Zip Email Phone and Fax 1 4 3 4 2 3 Report Custom Introduction and Conclusion This information shows up on the second page for the introduction and the last page which is the conclusion Enter a custom introduction and a custom conclusion 1 4 3 4 2 4 Additional Information This information shows who the report was prepared by add a logo and who it was prepared for This allows you to customize the report to show that you were the one who prepared it and who it was prepared for The Logo URL allows you to add a link to an image gif or jpg to the cover page of the iBoss Report 1 4 3 4 2 5 Report Type This allows you to choose which type of report to send There are four options to choose from Executive I T Full and Custom The Executive report has the least information in the report but is used for a quick overview The I T Report show more information such as statistics Port statistics Application Statistics and Bandwidth statistics The Full Report shows all of the contained data The Custom Report allows you to choose which you may choose which options to include in the report You may also choose to have the report automatically deleted once it is emailed Please note that email reports only provide a high level summary of the report If you would like to keep the report so that you can access the details and all of the drill down capability do not se
31. Phant amp m Technologies 1 5 2 12 Suspicious SS 1 ECURITY This section lists searches that match words on the Suspicious word list The Edit Words button opens the list for editing iboss SECURITY Real time Dashboard Reports Generated Report Report Name Daily report Overall Date 06 07 2013 06 08 2013 User Blank All Users Bandwidth Web Hit Trends Web Hits By Category Top Users By Category Time Use Top Users By Category Web Hits Trending Now Suspicious NU RR C C J CO D C 2 2013 All trademarks Figure 73 Suspicious m 9 Drill Down and registered traden coke iBoss Enterprise SWG IP 10 128 31 175 Logout Video Desktop System Info Jump to Report Daily report Overall 06 07 2013 7 Quick POF iftoss Report Report Schedules Settings m Threats amp Malware Top isited Domains Time Use By Category Top Blocked Domains Top Blocked Users Top Users By Overall Web Hits Top Users By Overall Time Use Liability Filter Avoidance Hit Count No Phrase Techno n this Phanto All rights reserved of their respective o logies Inc website are the property wners Rev 6 0 23 25 December 17 2013 Page 91 of 103 Phant amp m Technologies 1 5 2 13 Liability SS 1 ECURITY This section lists searches that match words on the Liability word list The Edit Wor
32. Register iBoss Devices iBoss Enterprise SWG IP 10 128 31 175 Logout System Settings Info Network SettingszsSubscription ners This section allows you to add edit remove iBoss Devices to log to the external Report Manager You will need to register any iBoss devices that you wish to have reporting to the external report manager To add an iBoss Device click Add Device 1 4 7 5 1 Register Gateway Rev 6 0 23 25 December 17 2013 Page 70 of 103 Phantom 10955 SECURITY IP 10 128 31 175 Logout iBoss Enterprise SWG EE osi Real time Drill Down Report Video r System Dashboard Logs Reports Schedules Desktop Settings Info General Report Users Report Groups Hime Network Settings gt 5 REPORT MANAGER REGISTERED DEVICES Name Type iBoss SWG IP Address Subscription Key Alerts email address URL requests email address Description Note The security key must be 32 hex digits Valid values are 0 9 and 4 F this key into the iBoss device that you are registering by going to Preferences gt Report Settings gt General Report Settings and then select External Report Manager Security Key F8FCCFOADDE85D1 384 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 53 Register Gateway To add an iBoss Device enter
33. Technologies SECURITY 1 4 4 5 Signature Tuning iBoss Enterprise SWG i 1 SS IP 10 128 24 55 NETWORK SECURITY Logout Real time Drill Down NN Threat Report Video System Dashboard E Reports Controls Schedules Desktop Info General Settings 1 Categories Behavioral Protected Objects bypass Gateway threat gateway IPS SIGNATURE TUNING SEARCH FILTERS Type Enabled Signature ID l Note IPS SIGNATURE TUNING ENTRIES 1to7 First ID Sig ID Track By Enabled Supression GID 1 SID 18 Supression GID 1 SID 16 Disable Signature GID 1 SID 12 15 Limit GID 129 SID 15 Src IP Yes 17 Limit GID 138 SID 5 Src IP Yes GID 128 SID 4 2013 Phantom Technologies Inc All rights reserved All trademarks and registered tademarks on this website are the property of their respective owners Figure 35 Signature Tuning Rev 6 0 23 25 December 17 2013 Page 44 of 103 Phant m Technologies 1 4 4 6 Bypass IP Port Leos NETWORK SECURITY Real tine Dashboard General Settings Logs Ihreat Categories Reports 7 Controls 10955 SECURITY iBoss Enterprise SWG IP 10 128 24 55 Logout Video Desktop Report Schedules Protected Objects System Settings RE Gateway threat gateway IPS SIGNATURE TUNING SEARCH FILTERS Type IP Address Port
34. Use This section lists categories and allows you to expand to show the top five users for each category by time use You may click the More button to show all users for a specific web category Note If a User is selected this field will not show Rev 6 0 23 25 December 17 2013 Page 83 of 103 Phant amp m SS 14 SECU Technologies RITY SS iBoss Enterprise SWG IP 10 128 31 175 SEGURITY Real time Drill Down Report Video System Dashboard Reports Schedules Desktop Info Generated Report Jump to Report Daily report Overall 06 07 2013 Report Name Daily report Overall EU Date 06 07 2013 06 08 2013 Report User Blank All Users Fit Apply Bandwidth Threats amp Malware Web Hit Web Hits By Time Use Top Visited Top Blocked Trends Category By Category Domains Domains Top Users By Top Users By Top Users By Top Users By Top Blocked Category Time Use Category Web Hits Overall Web Hits Overall Time Use Users Trending Now Suspicious Liability Filter Avoidance Category Time Ads 6 mins 1 sec Adult Content 0 Seconds Alcohol Tobacco 0 Seconds Art 0 Seconds Auctions 0 Seconds Audio Video 0 Seconds Bikini Swimsuit 0 Seconds H Business 12 mins 9 secs Dating Seconds Dictionary 0 Seconds Drugs 0 Seconds Education 7 mins 31 secs Entertainment 2 secs File Sharing 0 Seconds Finance 0 Seconds Forums 1 min 24 secs More Friendship 0 Seconds More
35. by the ID PS Rev 6 0 23 25 December 17 2013 Page 24 of 103 Phant m 10955 10955 SEGURITY IP 10 128 31 175 Logout iBoss Enterprise SWG Real time Drill Down Report Video System po Dashboard Logs Reports Schedules Desktop Settings Info Web Dashboard Bandwidth Dashboard BandwidthiPlotter BandwidthiShaping EndpointiSecurity iBoss IPS ibfirewalll 224346648 Refresh 15 Sec Apply REALTIME ACTIVITY Top Inbound Threats Top Outbound Threats Top Overall Threats Map Satelite CC Ukraine TS A 7 Kazakhst Ceo Tg a 4 Bay of France gt Romania f VM RN gt Italy 5 See NN Spain 3 cy BRS c Uzbekistan TM p d a a S E 2 Portugal S Turkmenistan R quiet CERA sd i NYC IS North 4 E UN ei Mr YA iterranean Syria 3 rage Poa at SIUE 4 Sea 1g x X Afghanista cean e Iraq Iran L Morocco m V2 DAS ew Libya Egypt West i ENS S gt Arabia Gulf of ES _ Mexico 44 6 mm Lc ae c Mauritania Qm oU ds gt Caribbean Mali Niger ho Sea ne 3999005 AI Yemen Te m Por PAA WON Nicaragua 7 5 data 22013 Google INEGI MapLink Terms of Use THREAT ACTIVITY Filters User nd Si Keywor
36. computer If you are first setting it up you may start the VNC server program and go to the Admin Properties This will allow you to configure the port password and other settings of the VNC program Please keep the settings you set for this program handy as you will need it to register the computer to the iBoss DMCR feature Uncheck the options for removing the wallpaper For Multi viewer connections select Keep existing connections and check the Allow Loopback Connections Here is an example of recommended settings Query on incoming connection Accept Socket Connections Do Nothing Display Query Window Display Number or Ports to use Lock Workstation wW 2K Timeout seconds O Display 0 Logoff Workstation action O Ports Main es Auto Keyboard amp Mouse Multi viewer connections Http Disconnect all existing connections Enable JavaViewer Http Connect C Disable Viewers inputs Keep existing connections Allow Loopback Connections C Disable Local inputs Refuse the new connection Loopback nly C Japanese Refuse all new connection Authentication Misc C Remove Aero Vista VNC Password Remove Wallpaper for Viewers Require MS Logon User Pass Domain Enable Blank Monitor on Viewer Request TEM Enable Alpha Blending Monitor Blanking C Capture Alpha Blending C DisableTraylcon File Transfer Forbid the user to close down winy NC Enable User imper
37. feature Cloud Host address of the Cloud hosting the anti virus service API Key CC Key to link to the local program Security Key Key Linking the reporter and cloud 1 4 7 1 6 Report Manager Database Settings Report Manager Database Settings Report Database Password LIII Pudsus Url https pudsust myibos Brawse Time Sensitivity 180 Remote Diagnostics 9 Enable Disable Figure 43 Report Manager Database Settings This section allows you to configure the Enterprise Reporter Database Settings for the iBoss to report to Report Database Password The default Password is ibossdb This can be left by default as the Enterprise Reporter will only allow connections from registered iBoss units however it is recommended to change this password Keep this password handy as you will need it to register iBoss units to it Pudsus Url This is the URL where the iBoss Enterprise Reporter gets its updates from Do not change this URL unless told to do so by a Phantom Technologies Technician This may cause the Enterprise Reporter to function improperly if changed Browse Time Sensitivity This option is for the time usage statistics of how long a URL is counted as being viewed after first accessed This is only if there is no more traffic after hitting a website as it limits to this amount in seconds Remote Diagnostics This option allows you to enable Remote Diagnostics for a Phantom Technologies technician to assis
38. include software code subject to the GNU General Public License GPL GNU Lesser General Public License LGPL or other open source software licenses Copies of the GPL and LGPL licenses are available upon request You may also visit www gnu org to view more information regarding open source licensing The GPL LGPL and other open source code used in Phantom Technologies Inc products are distributed without any warranty and are subject to the copyrights of their authors Upon request open source software source code is available from Phantom Technologies Inc via electronic download or shipment on a physical storage medium at cost For further details and information please visit www iphantom com opensource Rev 6 0 23 25 December 17 2013 Page 2 of 103 10955 Technologies SECURITY Table of Contents TABEEOBRRFIGURES IEEE EIE XR Inde TID EIE NIIS III MR I T E NE ITIN E 4 1 ENTERPRISE REPORT MAINA GER 7 LJ EXTERNAL ENTERPRISE REPORTER ee rr re 7 1 1 1 Installing the External iBoss Enterprise Reporter on the network 7 I 2 Setup Steps to Register iBoss to External Enterprise L2 JAUCCESSBIC THEJTSEPOR FINI ypu sea conics ore 8 1 5 bOGGOINGINIO THE REPORT MANAGER
39. logged in with no activity Browse Time Timeout J 1 O Trending statistics the Real Time Dashboard updates Remote Data Connect Timeout Connect Timeout setting for the Remote Data Service Remote Data Read Timeout Read Timeout setting for the Remote Data Service Current Activity Bandwidth Users How often the badwidth users refresh on the Refresh Real Time Dashboard 1 4 7 1 12 Real Time Bandwidth Settings This area allows you to exclude IPs from the Real Time Bandwidth display by single IP or range 1 4 7 1 13 Real Time Map Settings Map Center Public Network IP External IP of the Reporter Map Center Latitude Latitude of the server location Map Center Longitude Longitude of the server location Rev 6 0 23 25 December 17 2013 Page 63 of 103 Phant amp m LOSS Technologies SECURITY 1 4 7 2 Users iBoss Enterprise SWG IP 10 128 31 175 Logout bc Real time Drill Down Report Video System Dashboard Reports Schedules Desktop Settings Info General REport Groups Log Archives Register iboss Devices ime 5 5 5 REPORT MANAGER USERS AND GROUPS Username Name Type Edit User Settings Remove EddieM Local User test Local User reportusers LDAP Group OU admin Local User mmm Tim Local User dt 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property
40. may need to include the IP address in the address SMB User Name This option is for the username used for the backup share folder to be able to connect to it username used for the backup shared folder this to your servers NetBIOS name when backups are made 1 4 7 1 10 LDAP Settings This section enables integration with directory services for the purposes of both user login and integration with MDM server Example iphantom com or 10 0 0 1 This allows you to change the port number that is used to communicate to your LDAP server Port 389 is most common and is recommended Admin Username This is the Username of an administrative or root user which has administrative rights to your LDAP server The user must be able to perform searches on your LDAP server This user is used to look up user logins Example administrator iphantom com Admin Password This is the password to your LDAP administrator user above Some Special characters are not accepted Search Base This is the base by which searches for users will be made If you have a large directory you may choose a base other than the top as long as all users that need to be authenticated are under this base It is recommended that you set this to the top of your LDAP directory Example If your LDAP domain is iphantom com you would use the 22177 settings dc iphantom dc com Name Key __ cn bydefault Match Type LDAP can match by gro
41. rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 84 Top Users by Threats Rev 6 0 23 25 December 17 2013 Page 102 of 103 Phant m 10955 2 REGULATORY STATEMENT FCC This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of FCC rules CE This equipment has been tested and found to comply with the limits of the European Council Directive on the approximation of the law of the member states relating to electromagnetic compatibility 89 336 EEC according to EN 55022 Class B FCC and CE Compliance Statement This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 this device may not cause harmful interference and 2 this device must accept any interference received including interference that may cause undesired operation Any changes or modifications not expressly approved by the party responsible for compliance could void the authority to operate equipment Safety This equipment is designed with the utmost care for the safety of those who install and use it However special attention must be paid to the dangers of electric shock and static electricity when working with electrical equipment Rev 6 0 23 25 December 17 2013 Page 103 of 103
42. the iBoss Device Name Device IP Address Description and Security key You may change the security key to a 32 hex digit key Please keep this key handy as you will need it when registering the iBoss settings to point to the external report manager Please refer to the Report Settings of the iBoss Interface for instructions on how to configure the External Report Manager Settings Rev 6 0 23 25 December 17 2013 Page 71 of 103 SS Phant amp m 1 SECURITY Technologies 1 4 7 6 Time iboss NIS Ore IP AS 125 Real time Drill Down Report r System Dashboard Logs Reports Schedules Desktop Settings Info iBoss Enterprise SWG General Report Users Log Archives Register iBoss Devices Network Settings sSubscription d CONFIGURE TIME Date n fi 2013 Time 2 hr s 2 minute s Hour 0 23 Minute 0 59 Timezone AmericeuLos Angeles v NTP Server lime nistgy 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 54 Configure Time This section allows you to set the time zone and time for the external report manager After changing the correct time zone click Save The iBoss Enterprise Reporter will need to reboot after saving In addition if you have a local NTP server you can use that instead of the national time server 1 4 7 7 Net
43. 0 kbps 10955 SECURITY BANDWIDTH HARD CAP 98000 00 kbps Downstream Bandwidth Realtime 8 Kbits sec 6 Kbits sec 4 Kbits sec 2 Kbits sec BANDWIDTH DURING SATURATION 75000 00 kbps Downstream Bandwidth This Hour 8 Kbits sec 6 Kbits sec 4 Kbits sec 2 Kbits sec BANDWIDTH HARD CAP 98000 00 kbps Downstream Bandwidth Today 8 Kbits sec 6 Kbits sec 4 Kbits sec 2 Kbits sec 0 Kbits sec 0 Kbits sec 11 03 Upstream Bandwidth Realtime 8 Kbits sec 6 Kbits sec 4 Kbits sec 2 Kbits sec 10 30 Upstream Bandwidth This Hour 8 Kbits sec 6 Kbits sec 4 Kbits sec 2 Kbits sec 1 Jun 10 03 00 06 00 Upstream Bandwidth Today 8 Kbits sec 6 Kbits sec 4 Kbits sec 2 Kbits sec 0 Kbits sec 0 Kbits sec 11 03 BANDWIDTH POOL 2 BYOD 10 30 1 Jun 10 DIRECTION DOWNSTREAM Downstream Bandwidth Realtime 8 Kbits sec 6 Kbits sec 4 Kbits sec 2 Kbits sec BANDWIDTH DURING SATURATION 100 00 kbps Downstream Bandwidth This Hour 8 Kbits sec 6 Kbits sec 4 Kbits sec 2 Kbits sec 0 Kbits sec 0 Kbits sec 11 03 Figure 19 Bandwidth Pools 1 4 1 5 Threat Dashboard BANDWIDTH HARD CAP 500 00 kbps Downstream Bandwidth Today 8 Kbits sec 6 Kbits sec 4 Kbits sec 2 Kbits sec 1 Jun 10 This page is only active if you have linked the Reporter to an iBoss Firewall with Intrusion Detection Prevention It allows you to see the threats detected
44. 08 229412241337 Technotoer Abowd 04 97 13 11 2 110 120 31 103 ib6102 5o s com 22 Techroleer Abe CASTES 11 29 396 829 91 105 ib6102 com 3 4234 41 111 Technology 11 23 90 10 178 31 103 ib6107 ibuces com ZOLAN Technology Aud 94 9719 10 323 31 108 ib6102 buts com IDAAZRALAAT Technology aset 04 97 33 11 21 f 10323 31 105 6102 boss cam 19 1224113 technology Abo 94 97 19 110 128 31 103 ib6102 bo s com IOLIZLALLI Fechnolser Abd 4 97 13 11 18 f 39 23 31 108 ib6192 bees Com 414 42444 112 Techneloer Ab LIOS 16102 1 Technology ARE Aa Technelegy 2 1 6 0 23 25 December 17 2013 SS RITY Page 79 of 103 TM Phant m 1696565 1 5 2 2 1 1 and Block Category Detail Graph The Hit and Block Activity graph show the activity for the currently selected category This will give you an indication of use throughout the report period for the category selected Remember the information reflected on this page and the graph pertain to either the currently selected user or all users if that option is selected in the report information section at the top 1 5 2 2 1 2 Top Users for Web Category This section lists the top users for the selected category Users are ordered by highest hit count first Click on the More button to get a full list of users for this category The full list
45. 128 16 119 pelt lel etal al al italia iii 216 239 32 20 Search Engin Allowed 06 10 13 01 13 PM khit 10 128 16 119 www google com xjs _ js k xjs s en_US h ozd5YZptc O 216 239 32 20 Search Engin Allowed Figure 26 Site Callouts 1 4 2 2 Threats amp Malware This section displays the log files from the IPS units that are attached to the reporter It displays the results in reverse chronological order Rev 6 0 23 25 December 17 2013 Page 30 of 103 Phantom ib ss b iBoss Enterprise SWG iboss _ SEGURITY IP 10 128 31 175 Logout Real time Drill Down Video System Dashboard Reports Schedules Desktop Settings Info Web THREAT SEARCH FILTERS Archive ips_log_current 01 30 2013 Present gt Export Apply Start Date 06 12 2013 MM DD YYYY User Keyword i 1 wildcards Start Time 12 v AM v Group nc Dest IP a End Date MM DD YYYY Priority Class lt lt End Time 117 59 PM Source IP Direction v Protocol ha Comp Name Report Group a v EMAIL THIS REPORT NOW Email Log to Maximum 500 Format Html Send OR Create Report Schedule Truncate THREAT SEARCH RESULTS Items 0 0 Items Per Page 25 gt Date amp Time V User Source IP Threat Direction Dest IP Category Prev Next 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of
46. 13 06 03 2013 x 138 Daily report Overall 06 01 2013 06 02 2013 x Delete Selected USER GENERATED REPORTS ID Name Status Date Range Delete View 159 EddieTest Overall rl m 06 10 2013 06 12 2013 Q 157 EddieTest Overall Nei at 06 11 13 6 09 2013 06 11 2013 e Q 155 EddieTest Overall idola D 06 08 2013 06 10 2013 e Q 154 EddieTest Overall Mad A E 06 07 2013 06 09 2013 e Q e 151 EddieTest Overall eted at 06 08 13 06 06 2013 06 08 2013 Report completed at 06 07 13 12 00 14 4M 149 EddieTest Overall 06 05 2013 06 07 2013 e Report completed at 06 06 13 147 EddieTest Overall 12 00 54 AM 06 04 2013 06 06 2013 e Report completed at 06 05 13 7 145 EddieTest Overall 06 03 2013 06 05 2013 Q Report completed at 06 04 13 143 EddieTest Overall 06 02 2013 06 04 2013 Q A Report completed at 06 03 13 D 141 EddieTest Overall ELA 06 01 2013 06 03 2013 e Q 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 29 Drop Down Reports Rev 6 0 23 25 December 17 2013 Page 33 of 103 8 m jb ss Technologies 1 SECURITY 1 4 3 1 Report Types Generated reports come in two basic types auto generated daily reports
47. 13 58 10 13 58 20 By Destination Top Bytes View All By Destination Top Connections View All By Destination Top Packets View All 80 300 60 40 20 0 1 2 3 5 1 2 3 5 1 2 3 5 Figure 10 Real Time Activity 1 4 1 2 2 Data Movement Map This section has a pair of maps The first map shows the data connections and is centered on the physical location of the filter The second map focuses in on the physical location of the destination consuming the most bandwidth Both maps can be moved and re sized to show different locations Rev 6 0 23 25 December 17 2013 Page 16 of 103 Technologies REAL TIME BANDWIDTH AND DATA MOVEMENT MAP Figure 11 Data Movement Maps 1 4 1 2 3 Real Time Bandwidth Yuba City Roseville Santa Rosa S cramento Napa 2 Fairfield zar eStockton 2 Ent oModesto NA Jose 101 o vi Migtson ille g Salinas 4 Pinnacles National Park i Sa Califor Madera 4 Clovis o Fresno Hanford Paso Robles Santa Maria Map data 2013 Google INEGI eTerms of Use This section has a series of graphs detailing bandwidth activity from the perspective of the local hosts Hovering the mouse over the fields yields more information The first three fields offer a scatter plot with larger dots representing more bandwidth used The second three have pie charts show
48. 140 174 24 80 140 174 24 90 208 70 74 0 208 70 74 255 38 96 15 0 38 96 15 255 Comma Separated Ranges OK Save REAL TIME MAP SETTINGS Map Center Public Network IP 38 96 13 132 Map Center Latitude 117 16609954833984 Map Center Longitude 33 143402099609375 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 42 Report Manager Settings 1 4 7 1 1 Email Server Settings This section allows you to configure the SMTP server you would like the iBoss to use in order to send email reports mail server you would like to use from your SMTP server password set this option to Yes This is the username for servers that require E NN login If the Requires Login option is set to false you can leave this option blank that require login Enter a valid email address and click test Rev 6 0 23 25 December 17 2013 Page 58 of 103 Phantam Technologies SECURITY provided 1 4 7 1 2 System Domain Name This area allows you to set the domain name of the reporter 1 4 7 1 3 External Display Real Time Network Health Integration These settings allow you to configure the Real Time Network health Display This display Shows the locations and bandwidth for a filter without having to log in to the reporter Enabled Enables the feature Security Key s the security key that is shared with the filter Scroll Int
49. 4 3 Drop Down Reports This section allows you to view the generated reports that exist within the report manager You can generate and delete reports within this section In addition this is where you access individual reports for viewing The generated reports page contains a breakdown of the auto generated daily reports as well as the user generated reports There is also a drop down menu allowing you to display reports that only pertain to certain reporting groups Rev 6 0 23 25 December 17 2013 Page 32 of 103 1609055 Technologies SECURITY iBoss Enterprise SWG 10955 COE SECURITY IP QH MM ogou Real time Drill Down Report Video System Dashboard Logs Reports Schedules Desktop Settings Info lt June 2013 Month Month Reporting Group Default Reporting Group 0 Select DRILL DOWN REPORTS Create New Report ID Name Date Range O 160 Daily report Overall 06 12 2013 06 13 2013 L 158 Daily report Overall 06 11 2013 06 12 2013 O 156 Daily report Overall 06 10 2013 06 11 2013 453 Daily report Overall 06 09 2013 06 10 2013 E 152 Daily report Overall 06 08 2013 06 09 2013 x C 150 Daily report Overall 06 07 2013 06 08 2013 R C 148 Daily report Overall 06 06 2013 06 07 2013 144 Daily report Overall 06 04 2013 06 05 2013 x 140 Daily report Overall 06 02 20
50. 5 e Mbits sec 11 51 40 13 51 50 13 54 WEBSITE ACTIVITY Real Time Web lits 1 D wrhhmser 13 51 40 13 51 50 13 52 Real Time Top Bandwidth Consumers User Bandwidth Plau alhzvr 20 30 seconds lor dala bo appear a Filters User Cit croun action Ail 1 Cease Hore Category All Det Date amp Time User URL Source IP Description Action x CURRENT ACTIVITY view rending Now Suspicirus Liability Term Hits Term Hits Term Hits Top Web Categories Category Hits More Top Bandwidth Consumers User Bytes More Top Threats Overall Name Hits Top Virus Malware Owerall Name Hits Visited Domains Domain Count More Top Users Ey Tint User rime Mome Top Threats Inbound Name Hits More Virus Malware Inbound Name Hits 2013 Phantom Technologies Tec All rights ruris Figure 2 Web dashboard Blocked Domains Domain Count Top Blocked Users User Count Mere Top Threats Outbound Name Hits Top Virus Malware Chothoundl Name Hits SS RITY 1 SECU Rev 6 0 23 25 December 17 2013 Page 10 of 103 PhantQm 10955 Technologies SECURITY 1 4 1 1 1 Real time Bandwidth Activity Graph The first section includes real time Bandwidth Activity that includes Ba
51. Contact Information This information shows up on the cover page of the Emailed PDF Report Enter the Name Company Name Address City State Zip Email Phone and Fax 1 4 5 5 2 1 3 Report Custom Introduction and Conclusion This information shows up on the second page for the introduction and the last page which is the conclusion Enter a custom introduction and a custom conclusion 1 4 5 5 2 1 4 Additional Information This information shows who the report was prepared by add a logo and who it was prepared for This allows you to customize the report to show that you were the one who prepared it and who it was prepared for The Logo URL allows you to add a link to an image gif or jpg to the cover page of the iBoss Report 1 4 5 5 2 1 5 Report Type This allows you to choose which type of report to send There are four options to choose from Executive I T Full and Custom The Executive report has the least information in the report but is used for a quick overview The I T Report show more information such as statistics Port statistics Application Statistics and Bandwidth statistics The Full Report shows all of the contained data The Custom Report allows you to choose which you may choose which options to include in the report Rev 6 0 23 25 December 17 2013 Page 49 of 103 m 109855 1 4 5 5 3 Custom Generated Report Schedule Settings The custom report schedule settings involve configuring extra para
52. GURITY IP Real time Drill Down Report Video tti System Dashboard Logs Reports Schedules Desktop setungs Info iBoss Enterprise SWG General REpOrt Users Report Groups Register 18055 Devices Hime Network Settings zSubscription Ab Eug 3andwidth Loc IPSOS MANAGE BANDWIDTH LOG ARCHIVES Name usage_stat_current Start Date 01 30 2013 End Date Current Size 6 66 MB 9 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 50 Manage Bandwidth Log Archives This section allows you manage the Bandwidth logs You may Roll Bandwidth logs into archives This allows you to bunch bandwidth statistics and then back them up or delete them You may also setup a Backup Share under the General Settings to have the Log archives backed up to With Backup Share folder setup on the General Settings the list of backed up Bandwidth Log archives will be displayed If the Backup Share has not yet connected it may take a couple minutes for this page to load as it is establishing a connection to the backup share 1 4 7 4 3 IPS Logs iboss SEGURITY IP 10 128 31 175 Logout iBoss Enterprise SWG i Real time Drill Down Report Video Setti System Dashboard Logs Reports Schedules Desktop erungs Info General Report Users Report Groups Register IBOSS Devices Network Settings 5
53. L logs combined can occupy in the database Smaller values will increase the amount of time the daily reports will be stored in the database as more space will be available for reports vs URL logs This option is the maximum size of the Max Bandwidth Partition Size Bandwidth Log the bandwidth partition tables before rolling into a new table Max Total Bandwidth Log Size This option is the maximum size of all bandwidth logs combined can occupy in the database Smaller values will increase the amount of time the daily reports will be stored in the database as more space will be available for reports vs URL logs Shrink Database By when full The percentage of the database size that will decrease when full Automated Log Rolling Schedule This option allows you to set a schedule for the Logs to be rolled into a different log This will make archives in different sections to be able to backup later You can set it to disabled daily weekly or monthly 1 4 7 1 9 Backup To Network Share These settings allow you to configure the maintenance options for the report manager Maintenance occurs once per day Backup Logs To Share When Deleted This option allows you to enable the URL log archives to be backed up to a shared folder before it is deleted Rev 6 0 23 25 December 17 2013 Page 61 of 103 Phant m 10955 Technologies SECURITY SMB Folder Name This option allows you to the full path of the backup share folder You
54. Match Top 25 By Data Usage REAL TIME BANDWIDTH PLOTTER 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 13 Real Time Bandwidth Plotter Clicking on one of the dots brings up details about all of the connections CONNECTION DETAIL FULL LIST IP Start Match By Source Items Per Page PROT SPORT DPORT TX BYTE 10 128 31 186 239 255 255 250 udp 59865 1900 423 83 KB 2 75 423 83 10 128 31 186 255 255 255 255 8 udp 51749 1211 87 69 640 87 69 Figure 14 Connection Detail Full List Rev 6 0 23 25 December 17 2013 Page 19 of 103 Phant m 1609055 1 4 1 4 Bandwidth Shaping This page reveals information relating to the bandwidth shaping function of the iBoss SWG Web Filter Rev 6 0 23 25 December 17 2013 Page 20 of 103 1609055 Technologies SECURITY 10955 SECURITY Lodges iBoss Enterprise SWG Grill Bowrn Raport Video z Seater Dashboard Logs Reports Schedules Desktop ela Info LUE soe Ed AG ee T d Bande both Band width Plotter InreatiDasnboard End ppointiiecurity iBoss SWG 55 5 120 DOWNSTREAM BANDWIDTH OVERVIEW Realtime Overall Dovenstream Bandwidth Bandwidth Pool Settings Current Bandwidth Pool Rates 15 10 kbitz sac 5 Khrts sec 20 14 20 30 U
55. PSTREAM BANDWIDTH OVERVIEW Reallime Overall Upstream Bandwidth Bandyidth Pool Setlings Current Bandrridth Pool Bales 16 kbitz sec 14 Kbitz sec 12 Kbits sec Ay res soe B Reread anu 14 20 30 UNSHAPED BANDWIDTH DIRECTION DOWNSTREAM BANDWIDTH DURING SATURATION 2237 r BANDWIDTH HARD CAP 20000 00 kbps fil RECT IN LES Abe BAVDWIDTH DLE MG BAT LOLA a SU DIE apt HARD CAP GEO00 00 kis Downstream Bandwidth Downstream Bandwidth This Hour Downstream Bandwidth Today 6 000 Kbits sec 0 000 kbite saz Kbit se 6 000 Khits sec 6 000 Khits sec 4000 kbite sec 4 000 Kbitez zac 2 000 Khits sec 2 000 Khits sec 4 o Kbits vec 14 20 14 20 20 12 20 EBUN 00 00 Upstream Bandwidth Realtime Lipstream Bandvrldth This Hour Upstream Bandwidth Today 50 3 000 10 Kbits sec amp U0 2 000 Kbits sec 40 5 khite sac 1 1 000 EKbitz sac Khitz sec Kbets cec i 14 15 14 17 14 18 l 13230 BANDWIDTH POOL 1 Streaming Audio Video DIRECTION DOWNSTREAM BANDWIDTH DURING SATURATION 75000 00 kbps BANDWIDTH HARD CAP 2200 DIRECTION UPSTREAM BANDWIDTH DURING SATURATION 75000 00 kbps BANDWIDTH HARD CAP S600 Downstream Bandwidth Realtime Downstream Bandwidth This Hour Downstream Bandvridth B bits sec B Kbez sec Ebits sec amp Elubi iet 4 4 Kbez sec 4 Kbits
56. T ACTIVITY customize view Trending Now Suspicious Liability Term Hits Term Hits Term Hits Top Web Categories Top Visited Domains Top Blocked Domains Category Hits Domain Count More Domain Count More Top Bandwidth Consumers Top Users By Time Top Blocked Users User Bytes User Time User Count More Figure 8 Current Activity 1 4 1 2 Bandwidth Dashboard This page allows you to view overall trends in your bandwidth usage Rev 6 0 23 25 December 17 2013 Page 14 of 103 Phant amp m Technologies OSS URITY iBoss Enterprise SWG SS NETS Lise Drill Doven Report wideo System Dashboard Reports Seheacdules Desktop setings Info WeblDashboard BandwidtniPlotter Band with Sha ping Threat ED red Endpoint Security iBoss SWG ibosstab Refresh 120 Sec Apply REALTIME ACTIVITY RealTime Bandwidth ReabTime Connections Real Time Packets By Destination Aviles View All n Destinatiwn Connections View All By Destination Top Packets View Satelite T Manchester Roseville State Park E sanis Rosa Sacramento Mapa gt Concord 2 Stockton Sane oakland Francizee DIU v e Modesto Sunny T Jane 1 Te ass AA 5 a j 4 Manrerey les
57. TURATION 23000 00 kbps BANDWIDTH HARD CAP 98000 00 kbps Downstream Bandwidth Realtime Downstream Bandwidth This Hour Downstream Bandwidth Today 10 Kbits sec 60 000 Kbits sec 500 Kbits4gec 40 000 Kbits sec Kbits sec 20 000 Kbitsis00 M IEL Z 119 Saranan 6 Kbits sec 4 Kbits sec 0 Kbits sec 10 58 10 00 10 30 Jun 10 03 00 06 00 09 00 Upstream Bandwidth Realtime Upstream Bandwidth This Hour Upstream Bandwidth Today 30 Kbit its sec 6 000 Kbits sec 30 Kbits sec 28 Kbits sec 4 000 Kbits sec 26 Kbits sec 2 000 Kbits sec 24 Kbits sec 10 Kbits sec 0 Kbits sec CCo 10 58 10 00 10 30 Jun 10 03 00 06 00 09 00 Figure 18 Unshaped bandwidth 1 4 1 4 3 1 Bandwidth Pools The last section on this page deals with the bandwidth pools as detailed in the iBoss SWG Web Filter The number and shape of the pools will be determined by the number of pools and the rules assigned to them Similar to the way the Unshaped Bandwidth is displayed in figure 18 each pool and the rules within each pool are displayed as a series of graphs These are Real Time This Hour and Today In addition to the graphs the bandwidth limits are displayed for easy reference Rev 6 0 23 25 December 17 2013 Page 23 of 103 Technologies BANDWIDTH POOL 1 Streaming Audio Video DIRECTION DOWNSTREAM DIRECTION UPSTREAM BANDWIDTH DURING SATURATION 75000 0
58. Top Visited Domains 1 5 2 5 Top Blocked Domain This section lists the top visited domains as well as the top blocked domains You get a full list of domains with the ability to sort by a variety of parameters by clicking on the More button Rev 6 0 23 25 December 17 2013 Page 82 of 103 CURITY iBoss Enterprise SWG 1 Technologies S 10 955 SEGURITY IP 10 128 31 175 Logout Real time Drill Down Report Video System Dashboard Logs Reports Schedules Desktop Settings Info Generated Report Jump to Report Daily repart Overall 06 07 2013 Report Name Daily report Overall Quick Date 06 07 2013 06 08 2013 negent User Blank All Users Find Bandwidth Threats amp Malware Web Hit Web Hits By Time Use Top isited Top Blocked Trends Category By Category Domains Domains Top Users Top Users By Top Users By Top Users By Top Blocked Category Time Use Category Web Hits Overall Web Hits Overall Time Use Users Trending Now Suspicious Liability Filter Avoidance Domain Block Count gt 1 rss2search com 1 41K 2 gt 2 live com 22 Q 2 gt 3 nocookie net 19 gt 4 rad msn com 18 2 4 gt 5 googleuserconte 17 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 66 Top Blocked Domains 1 5 2 6 Top Users By Category Time
59. VT c 29 Fisute 25 Web Log Search Fillers 30 sa cece cca sae ERES EUMDEM RSEN 30 Figure ee Threats amp NIAE 31 Search a seoeomiep uina dept inr amant E inerant in toan tees 32 Figure 29 Drop Down uS Ox 33 Poor 50 36 e CIenebal SEHE PS cea beue e 39 Me B OPCS 4 DIM c 42 CCUG ueneno REI EORUM EM UN MESE 43 Figure Sipnature TONINO 44 20 45 o7 en ee 46 55 reate a Report Sce OU 49 Pe op web VINE PROD ls 52 Figure 40 Video Desktop Monitoring 53 Figure 41 Live Desktop 1 54 Report Mainas er E 58 Figure 43 Report Manager Databa
60. Web TR T 85 1 5 2 8 Top Users By Overall WV 87 1 5 2 9 Top Users By Overall TIME U 88 NE op TOC UNE Rm Tum 89 IN OY RETE 90 IVA ME 91 IN S MEE T 92 IBS ETAYIN RN TT IE 93 1 5 3 TAU mm 04 1 5 3 1 EE A 94 1 5 3 2 Top Overall USCS eeoa 95 ES e 96 1 5 3 4 Top 97 13 35 NR T I mc E 98 1 5 4 CATS Oe ELIT PPO 99 1 5 4 1 Tor TIE CS RR 99 1 5 4 2 Top Outbound S esaeen sinter ser sam oer eetee E ert ran OE rar DUM AUS 100 1 5 4 3 Top TMD OU TC CAS tones oe bs xo Heer nore tial votes cul TseuehuiubenscctensbaitubicesWeabeseneesccenountios 101 1 5 4 4 oM UT T cT 102 2 REGULATORY STATEMENT isossa iiaa EEEa aa 103 Table of Figures 1B055 Repons 9 Pisure 2 COs ASD Oal G 10 Fieu 2 essesi e a e 11 Figure 4 Real Time Web Hits 11 Figure 5 Current Top Bandwidth
61. al time Drill Down Report Video System Dashboard Reports Schedules Desktop Settings Info Generated Report Jump to Report Daily report Overall 06 07 2013 v Report Name Daily report Overall E 5 Date 06 07 2013 06 08 2013 User Blank All Users Threats ALLEL Top Overall Users Top Downstream Users Top Upstream Users Top Domains Total Packet Bytes Count gt Df E 184 15 2 71M Dp 2 135 84 137 02 p 3 B 40 77 529 92K 4 7 72 MB 15 09 K Username Ps 4 28 MB 36 78 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 79 Top Upstream Users Rev 6 0 23 25 December 17 2013 Page 97 of 103 55 1 SECURITY Technologies 1 5 3 5 Domains This section contains the top five domains by bandwidth usage You may click the More button for a full list iBoss Enterprise SWG vere ere rm IP 10 128 31 175 irte tti _ Logout Logs EOS System Generated Report Jump to Report Daily report Overall 06 07 2013 v Report Name Daily report Overall Report Date 06 07 2013 06 08 2013 User Blank All Users Web Wile So ALL Graph Top Overall Users Top Downstream Users Top Upstream Users Top Domains Domain Bytes gt 1 windowsupdate c
62. anager User To add a user enter the Username First Name Last Name and Password Then select which sections of the report the user can access The options to choose from are Can Generate Reports Can Delete Reports Can Access Report Settings Can Access Report System Info Can Access Report Current Activity Can Access Report Schedules and Can Access Live Desktop After you are done settings all of the settings click Save To add an LDAP Group first configure the LDAP settings on the General page then select LDAP Group in the dropdown Rev 6 0 23 25 December 17 2013 Page 65 of 103 Technologies SECURITY RM NN Real time Dashboard Logs General REPORT MANAGER USERS Type All trademarks and registered trademarks on this Figure 46 LDAP User config Report Groups Group OU Name Can Access Reports Can Generate Reports Can Delete Reports Can Access Report Settings Can Access Report System Info Can Access Report Current Activity Can Access Report Schedules Can Access Live Desktop Delegated Administrator No Video Desktop Report Schedules Drill Down Reports Log Archives Register iBoss Devices LDAP Group OU gt Disabled Enabled Disabled Enabled 3 Disabled Enabled Disabled Enabled D Disabled Enabled Disabled Enabled D Disabled Enabled e e fe Disabled
63. and user generated reports Auto generated daily reports are automatically created by the iBoss There is one daily report generated per day that includes statistics for usage on that day User generated reports are reports that are created by the user These reports can contain custom date ranges include particular groups and include only certain statistics among other things 1 4 3 2 Deleting Reports Reports are deleted as space becomes necessary but you can select and delete any report on this page by clicking on the Delete button next to the report or selecting the checkboxes of the reports you wish to delete and clicking on the Delete Selected button Please note that deleting reports may take a while to process as the iBoss will clean out all related data pertaining to the report 1 4 3 3 Exporting PDF Reports To export a report click on the QuickPDF button when viewing the report This will generate a PDF Report which you can select which options to include in the report 1 4 3 4 Generating a Report To generate a report click on the Generate New Report button toward the bottom of the list of generated reports This will lead to a page that presents the options available when creating a report There are many options available that can be configured when generating a report such as the included group users the types of statistics you would like to include in the report as well as the date range for the report Rev
64. can be sorted by a variety of parameters 1 5 2 2 1 3 Last Visited Sites This section lists the sites in recent order of this web category 1 5 2 3 Time Use By Category This section shows you the top categories based on time usage This will also show you in Hours Minutes and seconds of the amount of time spent on each category You may press the expand button to see the Top 5 Users for a specific category Rev 6 0 23 25 December 17 2013 Page 80 of 103 Technologies SS RITY 1 SEC SS iBoss Enterprise SWG IP 10 128 31 175 SECURITY 31 175 Real time Drill Down Report Video System Dashboard Logs Reports Schedules Desktop Settings Info Generated Report Jump to Report Daily report Overall 06 07 2013 Report Name Daily report Overall Quick Date 06 07 2013 06 08 2013 User Blank All Users Apply Bandwidth Uii Trends Category By Category Domains Domains Top Users Top Users By Top Users By Top Users By Top Blocked Category Time Use Category Web Hits Overall Web Hits Overall Time Use Users Web Hit Web Hits By Time Use Top isited Top Blocked Trending Now Suspicious Liability Filter Avoidance Ei Browse Time _ EWS Organizations Personal Websites St SSS SS SS SS EEEN Webmail 5 000 10 000 15 000 20 000 25 000 30 000 35 000 40 000 TotalTime 10hrs 45 mins 27 secs
65. categories and allows you to expand to show the top five users for each category by web hits You may click the More button to show all users for a specific web category Note If a User is selected this field will not show Rev 6 0 23 25 December 17 2013 Page 85 of 103 Phant amp m Technologies SECU SS RITY iBoss Enterprise SWG 0955 10 128 31 175 SECURITY na Real time Drill Down Report Video System Dashboard Logs Reports Schedules Desktop Settings Info Generated Report Jump to Report Daily report Overall 06 07 2013 Report Name Daily report Overall EJ Date 06 07 2013 06 08 2013 desh User Blank All Users Bandwidth We SAL Web Hit Web Hits By Time Use Top isited Top Blocked Trends Category By Category Domains Domains Top Users By Top Users By Top Users By Top Users By Top Blocked Category Time Use Category Web Hits Overall Web Hits Overall Time Use Users Trending Now Suspicious Liability Filter Avoidance Category Hit Count Block Count Ads 29 18 Adult Content 11 11 Alcohol Tobacco 0 0 Art 0 0 HF Auctions 0 0 Audio Video 3 3 Bikini Swimsuit 0 0 Business 19 0 Dating 0 0 Dictionary 8 8 Drugs 0 0 Education 18 0 Entertainment 18 14 File Sharing 14 14 Finance 0 0 Forums 80 66 Dr Friendship 16 16 More E Gambling 0 0 More Games 35 35 More Government 0 0
66. d Priority All Dst Date amp Time Threat Source IP Description 9 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 20 Threat dashboard Rev 6 0 23 25 December 17 2013 Page 25 of 103 PhantQm 1609055 Technologies SECURITY 1 4 1 5 1 Real Time Activity This section is a real time display of threats as they come in It is divided into the top inbound threats top outbound threats and top overall threats REALTIME ACTIVITY Top Inbound Threats Top Outbound Threats Top Overall Threats Figure 21 Real Time Activity 1 4 1 5 2 Real Time High Risk Threat Map This section shows where the main threats to your network are coming from on the world map There is a drop down menu at the top allowing you to display just the highest level threats down to the less severe threats REAL TIME HIGH RISK THREAT MAP Ireland Poland c eer 6 ON de Germany kb Map Satellite AEN C Ukraine 57 m TAL Austria N Kazakhst MN s Bay of France 10997 Romania SD wi NS Biscay Co Se MI by NY er Italy j gt per lt 3 F NE IN NOM Spain i Uzbekistan ucc MO E SN Portugal DG Turkmenistan V Y KV RI Eg gt y North OK AR TN DER
67. ds button opens the list for editing iboss SEGURITY Real time Dashboard Reports Generated Report Report Name Daily report Overall Date 06 07 2013 06 08 2013 User Blank All Users Bandwidth Web Hit Trends Web Hits By Category Top Users By Category Time Use Top Users By Category Web Hits Trending Now Suspicious P C amp amp CI C J CO D 2013 and registered trademarks All trademarks Figure 74 Liability at tt iil Drill Down Video Desktop Report Schedules Settings iBoss Enterprise SWG IP 10 128 31 175 Logout System Info Jump to Report Daily report Overall 06 07 2013 m Threats amp IMalware Top isited Domains Time Use By Category Top Users By Overall Web Hits Top Users By Overall Time Use EELS Filter Avoidance Phrase No Phrase Phantom Technologies Inc on this website are the property All rights reserved Rev 6 0 23 25 December 17 2013 5 Top Blocked Domains Top Blocked Users Hit Count of their respective owners Page 92 of 103 Phant m it 255 1 5 2 14 Filter Avoidance This section lists searches that match words on the Filter Avoidance word list The Edit Words button opens the list for editing iBoss Enterprise SWG IP 10 128 31 175 SECURITY ut Real time Drill Down Report Video System Dashboard Logs Reports Schedules Desktop Setti
68. e Disabled Roll logs daily at 12 00 am Roll logs weekly Sunday at 12 00 am Rolllogs on day 1 of every month at 12 00 am Last Run Time Next Run Time Wed Jan 01 00 00 00 PST 2014 BACKUP TO NETWORK SHARE E Backup Logs To Share When Deleted SMB Folder Name SMB User Name SMB Password SMB User Domain Reports Backup Alerts Email LDAP SETTINGS LDAP Enabled Yes v Test Host IP 10 128 30 36 Port 389 Admin Username Admin Password Search Base Common Name Key Match Type Group Key Group Match Sub Key Email Key DN Match Sub Key User Search Filter Use SSL Allow Self Signed Certs administrator ibossdome dc ibossdomain2003 dc cn Group Membership And OU memberOf CN userPrincipalName OU sAMAccountName s No Yes Rev 6 0 23 25 December 17 2013 Page 57 of 103 PhantQm 1609055 Technologies SECURITY ADDITIONAL SETTINGS Default Delegated Reporting Group Contains Overall Report iboss Threat Gateway Present iboss SWG Cache Antivirus Present Admin Interface Session Timeout Seconds Browse Time Timeout Seconds Process Trending Stats e 5 Seconds Current Activity URL Refresh Milliseconds SWG Threat Console Integration Port Remote Data Connect Timeout Seconds Remote Data Read Timeout Seconds Current Activity Bandwidth Users Refresh Milliseconds REAL TIME BANDWIDTH SETTINGS Exclude IP List
69. e a custom report on a schedule that includes specific statistics user groups and more You can additionally have the custom report emailed whenever a generation occurs 1 4 5 5 Creating a Report Schedule To create a report schedule click on the Create New Report Schedule located at the bottom of the report schedule list Rev 6 0 23 25 December 17 2013 Page 46 of 103 PhantQm 16055 Technologies SECURITY 1 4 5 5 1 General Information The general information section allows you enter the following information schedule required schedule Run Schedule This is the option to turn the schedule active or inactive Schedule Type This indicates the type of report schedule you would like to create Report schedule types are described above Daily report schedules allow you to email the auto generated reports to specified email addresses while custom report schedules allow for the generation of custom reports on a schedule You may also choose Url List Email Report Schedule Format if Url List Email Report chosen This is the format in which the URL list will be emailed Options are Html and Tab Separated Values TSV Rev 6 0 23 25 December 17 2013 Page 47 of 103 1 Technologies SEC iBoss Enterprise SWG SS RITY ib ss SECU RITY 178 x a dec ETT Rm Real time Drill Down Video Sytten Dashboard Logs Reports Desktop Settings Info Create Report Schedule GENERAL
70. egration Enabled Security Key Encryption Key MDM MobileEther Public IP s iboss SWG Settings Sync IP Address iboss SWG Settings Sync Port Cloud Reporting Port Cloud Reporting Key Cloud Reporting Requires Reporting Group Enable Disable mdmsync1 EDF952166CA0DD8423C 206 125 41 133 10 128 18 10 128 29 6 8080 8095 EB4A382C3376A376BE512B35FAFEB8 Yes Q9 No IBOSS CLOUD VIRUS MALWARE INTEGRATION Enabled Cloud Host API Key Security Key REPORT MANAGER DATABASE SETTINGS Report Database Password Pudsus Url Remote Diagnostics Remote Diagnostics Source IP Rev 6 0 23 25 December 17 2013 Enable Disable 38 96 15 139 70239AD293D23F 5131244df8eb1cb2790000 https pudsus1 ibossconr Enable Disable 10 128 25 75 64 Hex Characters 32 Hex Characters Page 56 of 103 Phant m iboss Technologies SECURITY SNMP SETTINGS SNMP Enabled Yes No SNMP Community ibossthreatconsole Allowed Query Subnet 10 128 0 0 16 10 20 30 0 24 Save REPORT MAINTENANCE SETTINGS Perform Maintenance At 2 00 AM Daily Maximum time to perform maintenance 2 Hours 0 d 0 delete wh Hold Logs Before Deleting ays needed Max URL Log Partition Size 1250 MB Max Total URL Log Size 47500 MB Max Bandwidth Parition Size 1000 MB Max Total Bandwidth Log Size 3000 MB Shrink Database By 25 when full Automated Log Rolling Schedul
71. ent report and allows you to switch between reports easily iBoss Enterprise SWG iboss IP 10 128 31 175 SEGURITDY Logout ee NEL Real time Drill Down Report Video System Dashboard Logs Reports Schedules Desktop Settings Info Generated Report Jump to Report Daily report Overall 06 09 2013 v Report Name Daily report Overall Quick gt Date 06 09 2013 06 10 2013 Report User Blank All Users ply Bandwidth s eo Figure 58 Report Information Section The report information bar contains the name of the report as well as the date range that this report covers 1 5 1 1 Showing Report Information for Particular Users Under the option User you have the capability of entering in which users to show the report for If nothing is typed into the text box the information in the report pages you are viewing will contain information regarding all users in the report If you would like to view information for a particular user in the report type the username in or click the Find button You can then enter part of the user s name and click find this will populate the list of usernames You can then click select next to the username and then Done button once you re finished Next click the Apply button to show Once a user is selected all statistics on the page pertain to the particular user Rev 6 0 23 25 December 17 2013 Page 75 of 103 Phantgm iboss Select User
72. erval Controls how often the display scrolls allowed to use this service I ntegrate With This drop down displays all of the filters attached to the reporter Only one can be selected at a time 1 4 7 1 4 IBoss MobileEther MDM Integration This section controls the link between the reporter and the MobileEther MDM system This section controls not only data reporting for the MDM system but also integration with directory services and synchronization of filter settings Please refer to the iBoss MobilEther MDM guide for more details Integration Enabled Enables the feature Security Key This security key is shared with the MDM unit Encryption Key This key is also shared with the MDM unit 64 Hex characters MDM MobileEther Public I P s addresses of the MDM systems integrated with this reporter iBoss SWG Settings Sync IP Addresses Filters that are associated with this reporter and MDM for filter settings sync iBoss SWG Settings Sync Port Port used for sync 8080 by default Cloud Reporting Port Port used to integrate with MDM 8095 by default Cloud Reporting Ke Key associated with MDM 1 4 7 1 5 IBoss Cloud Virus Malware Integration Rev 6 0 23 25 December 17 2013 Page 59 of 103 PhantQm 10955 Technologies SECURITY This section details the settings for integration with Cloud Antivirus malware protection Please refer to the iBoss Cloud Antivirus Malware manual for more information Enabled Enables the
73. fic to applications used on the network Note Selecting More Performance or External Report Manager from within the iBoss Report Settings will only report Web and Bandwidth Statistics 1 4 5 5 3 3 Email Settings Rev 6 0 23 25 December 17 2013 Page 50 of 103 Phant m 16955 Technologies SECURITY The email settings allow you to configure options relating to the emailing of the generated report The following describes the settings in this section Email Report To This is the email address where you would like the report sent to You can use a semicolon between email addresses to add multiple recipients to another recipient be sent to another recipient Email Message Body This allows you to customize the body of the email message Auto delete after report is sent If this option is enabled the generated report will automatically be deleted once the report is emailed This can be used to save disk space and to reduce the number of used generated reports 1 4 5 5 3 4 Report Schedule Time This section allows you to configure what time you would like the report schedule to run and the email report sent There are several options for this section You can choose to have the report sent daily at a specified time weekly at a specified time or on a specific day of the month at a specified time Select the appropriate option and configure the time you would like to have this report generated and emailed 1 4 5 5 3 5 User
74. g categories The list will highlight URLs that were blocked by the iBoss This list is updated in real time without the need to refresh the page This section also has a filter to only show a specific User and or Action Allowed or Blocked You may simply click the username in this list to automatically set the filter to a specific user You may also click the Pause button to stop the list from scrolling Rev 6 0 23 25 December 17 2013 Page 12 of 103 Technologies WEBSITE ACTIVITY Ea _ _ Filters User Find Find Action All Category All gt Date amp Time Source IP Description Action Figure 3 Real time URL Access Activity 1 4 1 1 5 Current Activity This section provides at a glance information about the overall trends on the filtered network It is divided up in to cubes all of which can be tasked to show a different field Fields available are Trending Now Suspicious Liability Top Web Categories Top Visited Domains Top Blocked Domains Top Bandwidth Consumers Top Users By Time Top Blocked users Top Threats Overall Top Threats Inbound Top Threats Outbound Top Virus Malware Overall Top Virus Malware Inbound Top Virus Malware outbound In addition all of the fields have a MORE button which brings up more details about the item in question Rev 6 0 23 25 December 17 2013 Page 13 of 103 PhantA m 10955 Technologies SECURITY CURREN
75. hnolog Allowed Prev Next 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 24 Web Logs 1 4 2 1 1 Web Log Search Filters This section contains the filter controls that mold the results displayed below These filters allow hiding other URLs and only showing results you d like to see This makes it easier to diagnose and look through the URLs You can search for date ranges users groups Mac Rev 6 0 23 25 December 17 2013 Page 29 of 103 8 0955 Technologies SECURITY addresses source IP addresses computer names URL or keyword filter location category action and callout Once you have made these filters click the Apply button above the search filters You can export this You may also send this report directly from this page by entering email information under the section for Email This Report Now and clicking the Send button You may also generate a report schedule by clicking on the Create Report Schedule button WEB LOG SEARCH FILTERS URL Archive url_log_entry_current 04 22 2013 Present Export Apply Start Date 06 10 2013 MM DD YYYY User URL Keyword fo wildcards Start Time 12 oo AM v Group Destination IP fo End Date MM DD YYYY Comp MAC fo Category All End Time n 7 59 PM Source IP Action All Location
76. ice and click on Preferences Configure Report Settings gt Edit General Report Settings gt change the Configure iBoss for option to External Report Manager please refer to the iBoss Report Settings section for more information 6 Enter the I P address database password and security key of the iBoss Enterprise Reporter and click Save please refer to the iBoss Report Settings section for more information Note Please be sure to identify the report manager within the iBoss interface to bypass any filtering rules 1 2 Accessing the Report Manager You can access the report manager only while on the same network as the iBoss You can access the iBoss reports from any computer on the network that has access to the iBoss interface Note The default IP address of the iBoss Enterprise Reporter is 192 168 1 20 1 3 Logging into the Report Manager The default username for the report manager is admin There is no password by default You will need to change this setting Additional users are created in the settings portion of the Report Manager These users can either be local to the reporter or if LDAP is configured users from Active directory eDirectory or OpenDirectory You can also configure specific privileges for the user to restrict the types of operations the user can perform within the report manager Rev 6 0 23 25 December 17 2013 Page 8 of 103 Phant m 1 SS Technologies CURITY iBoss SWG 1
77. ing ThreatiDashboard Refresh 120 Sec Top Detected Malware View All Top Blocked Malware view All Top Quarantined Malware View All Top Deleted Malware view All Top Cleaned Malware view All Top Resolved Malware view All Endpoints With Detected Malware view All Endpoints With Blocked Malware view All Endpoints With Quarantined Malware View All Endpoints With Deleted Malware View All Endpoints With Cleaned Malware View All Endpoints With Resolved Malware view All 9 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective ow Figure 23 Endpoint Security 1 4 2 Logs This section allows you to view the logs of activity There are two sections The first is for web activity The second is for threat activity Rev 6 0 23 25 December 17 2013 Page 28 of 103 10955 SECURITY Phantam Technologies 1 4 2 1 Web This section displays the logs of web activity from the iBoss Web Filters that are connected to the unit iBoss Enterprise SWG iboss SECURITY En M R 2 Real time Drill Down Dashboard Logs Reports 10 128 31 175 Logout Video Desktop System Info Report Schedules Settings Threats cA Malware WEB LOG SEARCH FILTERS URL Archive url log entry current 04 22 2013 Present X Start Date 06 12 2013 MM DD YYYY User Start Time 12 y oo AM v Group Destination IP I o
78. ing how the bandwidth is divided up The last three show the top five sources as opposed to destination They list the top five by bytes connections and packets In all of them clicking on the View link yields a full list Rev 6 0 23 25 December 17 2013 Page 17 of 103 Phant m Technologies By Source Bytes Connections View All By Destination Bytes Connections View All Active Applications By Bytes View All Active Applications By Connections View All Active Applications By Packets view All By Source Top Bytes View All By Source Top Connections View All By Source Top Packets view AII Figure 12 Real Time Bandwidth 1 4 1 3 Bandwidth Plotter This section shows a single graph of kbytes sec vs number of connections The larger dots indicate more bandwidth being used by the sources identified This graph being much larger gives a great deal more information Hovering the mouse over the dots reveals details about the source Rev 6 0 23 25 December 17 2013 Page 18 of 103 PhantQm iboss Technolgies gt SECURITY iBoss Enterprise SWG ib ss SECURITY IP 10 128 31 175 Logout Real time Drill Down Report Video System Dashboard Logs Reports Schedules Desktop Settings Info Web Dashboard Bandwidth Dashboard Bandwidth Shaping Dashboard EndpointiSecurity iBoss SWG ibossab Start IPEnd Match By SewcelP gt
79. l trademarks and registered trademarks on this website are the property of their respective owners Figure 77 Top Bandwidth Users Rev 6 0 23 25 December 17 2013 Page 95 of 103 m 1 DSS 1 5 3 3 Top Downstream Users This graph shows the top 5 downstream bandwidth users Clicking the MORE button gives a complete list iBoss Enterprise SWG ib 55 _ Real time Report Video System Dashboard Schedules Desktop Settings Info Generated Report Jump to Report Daily report Overall 06 07 2013 Report Name Daily report Overall Date 06 07 2013 06 08 2013 User Blank All Users IP 10 128 31 175 Logout Mad elu Top Overall Users Top Downstream Users Top Upstream Users Top Domains Total Packet Bytes Count gt 1 B 22 47 GB 15 08M Username p 2 m 4 11 GB 26M gt 381 51 MB 255 83K BH D 4 24 16 MB 19 49 Ps 23 64 2584 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 78 Top Downstream Users Rev 6 0 23 25 December 17 2013 Page 96 of 103 DSS Phant amp m 1 SECURITY Technologies 1 5 3 4 Top Upstream Users This graph shows the top 5 upstream bandwidth users Clicking the MORE button gives a complete list iO SS iBoss Enterprise SWG DEO IP Re
80. lect this option Note You must have a configured SMTP server for the email setting to work This is configured through Settings tab of the report manager 1 4 3 4 3 Creating the Report Once you have configured these options click on the Create Report button on the bottom of the page This will trigger the generation of the report and take you back to the Generated Report screen Please note that only one report generation can occur simultaneously If there is another report generation in progress this report will be queued and scheduled for generation Rev 6 0 23 25 December 17 2013 Page 37 of 103 Phant m KO Technologies SECURITY You can view the status of the report generation by refreshing the generated reports page To do this click on the Generated Reports button on the top of that page You can access the report while it is being generated however the data will continue to change as more data is added to the report until the report generation process is complete If the report includes the current day statistics will continue to accumulate until the report complete at which point no more data for the current day will be added to the report 1 4 4 Threat Controls This section defines controls the iboss IPS systems attached to this reporter More details can be found in the IPS manual 1 4 4 4 General Settings iBoss Enterprise SWG jomss NETWORK SECURITY Logout Real time Drill Down Threat Report
81. logy Allowed 06 12 13 07 20AM 10 128 31 105 10 128 31 105 ib 102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 18 AM 10 128 31 105 10 128 31 105 ib6102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 16 AM 10 128 31 105 10 128 31 105 ib6102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 14 AM 10 128 31 105 10 128 31 105 ib 102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 12 AM 10 128 31 105 10 128 31 105 ib6102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 10 AM 10 128 31 105 10 128 31 105 ib6102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 07 AM 10 128 31 105 10 128 31 105 ib 102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 07 AM 10 128 31 105 10 128 31 105 ib6102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 05 AM 10 128 31 105 10 128 31 105 ib 102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 03 AM 10 128 31 105 10 128 31 105 ib 102 iboss com 206 125 41 137 Technology Allowed 06 12 13 07 01 AM 10 128 31 105 10 128 31 105 ib6102 iboss com 206 125 41 137 Technology Allowed 06 12 13 06 59 AM 10 128 31 105 10 128 31 105 ib 102 iboss com 206 125 41 137 Technology Allowed 06 12 13 06 57 AM 10 128 31 105 10 128 31 105 ib6102 iboss com 206 125 41 137 Technology Allowed 06 12 13 06 55 AM 10 128 31 105 10 128 31 105 ib6102 iboss com 206 125 41 137 Technology Allowed 06 12 13 06 53 AM 10 128 31 105 10 128 31 105 ib 102 iboss com 206 125 41 137 Tec
82. meters in addition to those for the daily report schedule settings The custom report schedule will generate a new report on the schedule unlike the daily report email schedule 1 4 5 5 3 1 General Settings The general information section allows you enter the following information schedule schedule Schedule Type This indicates the type of report schedule you would like to create Report schedule types are described above Daily report schedules allow you to email the auto generated reports to specified email addresses while custom report schedules allow for the generation of custom reports on a schedule 1 4 5 5 3 2 Statistics This section allows you to configure which statistics you would like in the custom generated report The following are statistic options Web stats include statistics relating to web browsing activity This includes top visited domains top blocked domains websites visited and website category statistics Port Stats More Logging Port Stats include statistics relating to TCP and UDP port usage on the network This includes top used ports top blocked ports etc IP Stats include statistics relating to IP traffic on the network This includes top accessed Addresses top blocked Addresses etc Bandwidth Stats include statistics relating to general bandwidth usage such as overall downstream and upstream usage Application Stats More Logging Application Stats include statistics speci
83. ndwidth in kilobits per second It is necessary to hover the mouse over the graph to view the numerical data Real Time Bandwidth D Mbits sec 13 55 30 13 55 40 13 55 50 Figure 2 Real time Bandwidth Graph 1 4 1 1 2 Real Time Web Hits The second section is a graph indicating number of web hits The yellow graph is the total number of web hits where the black line is the number of blocked web hits It is necessary to hover the mouse over the graph to get the numerical data Real Time Web Hits 13 56 30 Figure 4 Real Time Web Hits Graph Rev 6 0 23 25 December 17 2013 Page 11 of 103 10955 Technologies SECURITY 1 4 1 1 3 Real Time Top Bandwidth Consumers This section includes the top consumers of bandwidth updated in real time You can click on the More button for more details of users Real Time Top Bandwidth Consumers Please allow 20 30 seconds for data to appear Figure 5 Current Top Bandwidth Consumers CURRENT TOP BANDWIDTH CONSUMERS Items 1 4 Items Per Page 25 Prev Next Refresh User Total Bytes V Up Kbps Down Kbps Total Packets Bandwidth E EI E Figure 6 Current Top Bandwidth Consumers Full List 1 4 1 1 4 Real time website activity This section shows the current websites being visited The URLs are updated in real time as users on the network access website destinations It will also provide details about the URL access includin
84. ng Settings section for more information Rev 6 0 23 25 December 17 2013 Page 54 of 103 10955 1 4 7 Settings This section holds several sub sections for settings 1 4 7 4 General This section contains settings used globally for the report manager which include email server settings and other configurable options Before any email report can be sent via email the email server settings must be configured Rev 6 0 23 25 December 17 2013 Page 55 of 103 Phant amp m Technologies omss NETWORK SECURITY Real time Dashboard Users Drill Down E Reports Report EMAIL SERVER SETTINGS SMTP Server Address SMTP Server Port Requires Login Username Password Send Email From Address Test Email Address SYSTEM DOMAIN NAME Domain Name Threat Controls Log Archives Keport Schedules Register Gateways lame ur ror mm donotreply iboss com todd lapittus iboss com Test myiboss com Save Video Desktop iBoss Enterprise SWG IP 10 128 24 55 Logout Settings Netivork SSL System Info Subscripuon EXTERNAL DISPLAY REAL TIME NETWORK HEALTH INTEGRATION Enabled Security Key Scroll Interval Allowed IP Addresses Integrate With Integration URL Enable Disable uGzaUMfwpd9yK8q 10 192 168 10 62 10 128 25 iboss 10 128 29 6 seconds Comma Separated List 18055 MOBILEETHER MDM INTEGRATION Int
85. ngs Info Generated Report Jump to Report Daily report Overall 05 07 2013 Report Name Daily report Overall EU Date 06 07 2013 06 08 2013 User Blank All Users Find Apply Bandwidth Threats Web Hit Web Hits By Time Use Top isited Top Blocked Trends Category By Category Domains Domains Top Users By Top Users By Top Users By Top Users By Top Blocked Category Time Use Category Web Hits Overall Web Hits Overall Time Use Users Trending Now Suspicious Liability Filter Avoidance Phrase Hit Count C OO M No Phrase Hits 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 75 Filter Avoidance Rev 6 0 23 25 December 17 2013 Page 93 of 103 Phant m 10955 1 5 3 Bandwidth Statistics The Bandwidth statistic section provides information regarding general bandwidth usages from your network General bandwidth includes overall downstream and upstream usage 1 5 3 1 Graph This graph shows the total bandwidth activity throughout the report period ib SS iBoss Enterprise SWG SECURITY IP Be fase ie _ U ttC Real time Drill Down Report Video System Dashboard Logs Reports Schedules Desktop Settings Info Generated Report Jump to Report Daily report Overall 06 07 2013 gt Quick Report Name Daily rep
86. of their respective owners Figure 44 Report Users This section allows you to add edit users that can log into the Enterprise Reporter The default user is admin which has no password by default It is recommended to click Edit and set a password for the Administrator To add a user click Add Report User Rev 6 0 23 25 December 17 2013 Page 64 of 103 Phantom 10955 1 4 7 2 1 Add Report User 10955 XECURIPI Real time Drill Down Report Video a System Dashboard Logs Reports Schedules Desktop Settings Info iBoss Enterprise SWG General Report Groups Log Archives Register iBoss Devices Network Settings Subscription REPORT MANAGER USERS Type Username First Name Last Name Password Confirm Password Can Access Reports Disabled Enabled Can Generate Reports Disabled Enabled Can Delete Reports Disabled Enabled Can Access Report Settings Disabled Enabled Can Access Report System Info Disabled Enabled Can Access Report Current Activity Disabled Enabled D Can Access Report Schedules Disabled Enabled e 9 9 le Can Access Live Desktop Disabled Enabled Delegated Administrator No Yes Delegated Reporting Group 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 45 Add Report M
87. ologies CURITY Phishing Spam Detection Monitor Proxy amp Filesharing Monitor Social Networking Detection Monitor POP2 Email Exploits Monitor Email Exploits Monitor Malicious Toolbars Monitor RPC Exploits Monitor Remote Login Communication Monitor SCADA Exploits Monitor Network Scanner Communication Monitor Mail Server Exploits Monitor Shellcode Detection Monitor SMTP Exploits Monitor SNMP Communication Monitor Targeted Threats Monitor Spyware Monitor SQL Exploits Monitor Telnet Exploits Monitor Exploits Monitor Virus Communication Monitor VOIP Exploits Monitor ActiveX Exploits Monitor Web Attacks Monitor CGI Server Exploits Monitor Coldfusion Server Exploits Monitor Front Page Server Exploits Monitor IIS Server Exploits Monitor Misc Web Server Exploits Monitor PHP Server Exploits Monitor X11 Exploits Monitor Data Leak Preventions Monitor Web Client Risks Monitor 20 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 32 Threat Categories Rev 6 0 23 25 December 17 2013 Page 41 of 103 Phant m LOSS Technologies SECURITY 1 4 4 3 Behavioral DLP iBoss Enterprise SWG le E l SS IP 10 128 24 55 NETWORK SECURITY Logout Real time Drill Down Threat Report Video Sy
88. om Introduction and Conclusion Introduccion Condusion Additional Information Report Prepared Logo URL Company Prepared For Logo wedth 300 x height 1 in get or eg format Report Type Recipent Settings You must click Add Recipient ki Y executive LT Full Report Report Report Executive C LT Report Foli Custinm CURRENT PDF EMAIL REPORT RECIPIENTS gt Note These are tha current POF Emad Raport Recipients These ara the only recipients that will recaiva tha POF reports 1 you have entered mfonnaton above and do not sow the table below vou must fest anter the information and click tho add Email Recipient button to save the recipiant settings Rev 6 0 23 25 December 17 2013 Page 35 of 103 PhantQm 16055 Technologies SECURITY Figure 30 Generate Report 1 4 3 4 1 General Report Settings This section contains the general settings for the report to be generated Below is a description of the options Report Name This is the friendly name for the report report Start Date This is the date from which to start including data for this report All report statistics within this report will be based on this start date End Date This is the end date which you wish to stop including data for the report The end date is not included in the statistics for this report All data up to this end date is included The end date mu
89. ort S Executive Report LT Report C Full Report C Report CURRENT EMAIL RECIPIENTS Note These the current POF Emad Report Recipients These the only recceerks that will recene the PDF reports If you have entered information above and do not see it in the table below you must frst enter the formation and chick the Add Peopmnt button to save the settings Rev 6 0 23 25 December 17 2013 Page 48 of 103 PhantQm 16055 Technologies SECURITY Figure 38 Create a Report Schedule 1 4 5 5 2 Daily Report Email Schedule Settings The options available for the daily report email schedule differ from the custom daily report The daily report email schedule occurs once daily You must specify email settings and the time you would like to have the daily report schedule processed Daily report email schedules will contain information for the current day up to the time selected 1 4 5 5 2 1 Report Schedule Email Settings This section allows you to enter the details of where you would like to have the email sent to when it is ready You can include a custom message in the email message body to create Specialized reports 1 4 5 5 2 1 1 Email Message Information Enter the email information including the recipient sender cc bcc subject and message body This will send the email to another person which looks like it comes from you with a personalized message 1 4 5 5 2 1 2 Report
90. ort Overall PDF Date 06 07 2013 06 08 2013 Report User Blank All Users iid ALL Top Overall Users Top Downstream Users Top Upstream Users Top Domains 70 000 60 000 Q s 50 000 9 40 000 E 30 000 20 000 lt 10 000 06 06 13 11 31 08 07 13 05 31 05 07 13 11 31 AM 05 07 13 05 32 PM ge Total Bandwidth Upstream Downstream 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 76 Graph Rev 6 0 23 25 December 17 2013 Page 94 of 103 DSS Technologies Phant amp m 1 SECURITY 1 5 3 2 Top Overall Users This graph shows the top 5 bandwidth users Clicking the MORE button gives a complete list ib SS iBoss Enterprise SWG SEGURITY IP 10 128 31 175 Logout m E i Real time Drill Down Report Video System Dashboard Reports Schedules Desktop Settings Info Generated Report Jump to Report Daily report Overall 06 07 2013 Report Name Daily report Overall ES 5 Date 06 07 2013 06 08 2013 User Blank All Users Find Uis ALL Top Overall Users Top Downstream Users Top Upstream Users Top Domains Total Packet Bytes Count 22 66 GB 17 8 4 15 GB 3 29 M 384 32 301 89 150 74 221 14K 27 92 62 62 2013 Phantom Technologies Inc All rights reserved Al
91. ort manager capable of tracking and generating statistics and a variety of aspects of network traffic This includes web statistics such as web sites visited and top visited domains as well as detailed port and IP Address accesses The report manager provides a deep drill down capability that can identify potential risks as well as help optimize the network The high level of report detail also includes a variety of information that can be summarized for all users in a report or information specific to a particular user This includes bandwidth usage and graphs showing accesses throughout the report period The report manager is separated into two major subsections The first deals with report management scheduling and generation while the other involves the report viewing 1 1 External Enterprise Reporter The External Report Manager or Enterprise Reporter is an appliance that offloads the reporting onto a different server appliance 1 1 1 Installing the External iBoss Enterprise Reporter on the network Please configure the network settings for the external iBoss Enterprise Reporter before placing it on the network Please refer to the Network Settings section for the Enterprise Reporter for more information on how to configure these settings Once the network settings have been configured the iBoss Enterprise Reporter is ready to be installed on the network The port you will be using is the LAN port located on the back of the iBoss En
92. oss Enterprise SWG ee Heal time rill Bown Deshbosri Reperts Generated Report Report Name Daly report Ovara Dete 06 07 2013 06 09 7011 User 22 PSU Web Category Detail Category Technology Total Users Total Hits Average Hits Total Blocks B Average Blocks 0 09 Total Use Time 9 hrs 40 mins 34 secs Average Use Time 1 hr 4 miris 20 secs HIT AND BLOCK ACTIVITY Below is report of the Technology web category hit and block activity Note You may dick and drag from pont acd an ending pont of the timeline to in 08 07 13 01 37 05 07 1306 40 06 07 13 1141 08 07 1304 43FM 06 07 13 09 44 PM Buc neck cot TOP USERS BY WEB HITS Below is report of the top users for web category Technology by web hits bz Note Tou may cick the More button 4 a acable for more entnes Username Hit Count gt iE 326 2 169 5a 32 5 10 TOP USERS BY TIME Below is a report of the top users for web category Technology by time usage Nete You may the More button avadable for more entries Username Total Time 7 hrs 58 mins Pa t 32 secs 43 mins 19 2 gt gt ee ba 16 mins 1 sec 5 6 mins secs LAST VISITED SITES Below is report of the last visited sites for ca
93. rt Schedules 1 4 5 1 Deleting Report Schedules You can select and delete any report schedule on this page by clicking on the Remove button next to the report schedule or selecting the checkboxes of the report schedules you wish to delete and clicking on the Delete Selected button This will terminate the schedule immediately 1 4 5 2 Editing Report Schedules To edit a report schedule click on the edit button next to the report schedule you wish to edit This will take you to the report schedule editing screen This screen is similar to adding a report schedule which is detailed in the next sections 1 4 5 3 Report Schedule Processing Report schedules are processed when the Next Processing Time has been reached which is detailed next to the report schedule The scheduler will automatically adjust the next processing time automatically If there are multiple schedules due to be processed at the Same time only one report schedule will be processed at a time The others will be queued and each processed one at a time until all of the due schedules have been processed 1 4 5 4 Report Schedule Types There are two report schedule types daily report email schedules and custom generated report schedules Daily report email schedules allow you to email the auto generated daily reports to specified recipients It also allows you to enter a customized email message for the email Custom generated report schedules allow you to creat
94. rty of their respective owners Figure 81 Top Overall Threats Rev 6 0 23 25 December 17 2013 Page 99 of 103 Phant m LOSS Technologies 1 SECURITY 1 5 4 2 Top Outbound Threats This section contains the top outbound threats as determined by the IPS You may click the More button for a full list iBoss Enterprise SWG lt lt IP 10 128 31 175 SECURITY Logout Real time Drill Down Report Video System Dashboard Logs Reports Schedules Desktop Settings Info Generated Report Jump to Report Daily report Overall 05 07 2013 Report Name Daily report Overall Quick Date 06 07 2013 06 08 2013 Report User Blank All Users Web Bandwidth Top Overall Threats l Top Outbound Threats Top Inbound Threats Top Users By Threats Threat Priority 1 High Threat Hit Count _ P C Cl C J OW No Threats Hits 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 82 Top Outbound Threats Rev 6 0 23 25 December 17 2013 Page 100 of 103 DSS Phant amp m 1 SECURITY Technologies 1 5 4 3 Top Inbound Threats This section contains the top inbound threats as determined by the IPS You may click the More button for a full list ib SS iBoss Enterprise SWG SEGURITY IP 10 128 31 175 Logout m Eee ae NETES E E
95. s This section allows you to select which user groups will be included in the report All users inside the selected groups will be included in the generated report The Other group contains miscellaneous traffic that might not have been identified on the network 1 4 5 5 3 6 Create the Report Schedule When you are done configuring the options for the report click on the Create Schedule button on the bottom of the page This will return you to the report schedules overview page This page will show the next processing time for the report schedule Rev 6 0 23 25 December 17 2013 Page 51 of 103 PhantQm 10955 Technologies SECURITY _ 1 4 6 Automatic Desktop Monitor Control Record DMCR This is an add on feature to the iBoss This section contains the setup the DMCR feature on the iBoss with the computers on your network The recording viewing and controlling of desktops is done by integrating with VNC VNC Virtual Network Computing is a desktop Sharing application that allows remote access to another computer There are many programs that are available that offer VNC and is compatible with Mac Windows and Linux We recommend using UltraVNC uvnc com 1 4 6 1 Installing VNC Once you have downloaded and installed the VNC program on the computer you will need to configure it If you already have it installed and setup you will need to know the port number and password that are in the settings for the VNC program on the
96. se 60 i is 64 45 Add Report Manager 0 96 ep ene stor deve 65 66 E 66 Add CIO RE 67 Figure 49 Manage URL Log 68 Figure 50 Manage Bandwidth Log Archives 69 69 PM Register 1056 70 PRU 59 RC Ose pac WAY UPPER UM REIN ER NUM EUM M Ne Mq UND E 71 Figure 54 C ODHPUFE Tne sessioni roses modi indica Ere M NU na SR 72 Figure 55 Configure IP Address Settings iets cc obe coul Eois 12 SC UO Mg EE E A EE E E 73 74 Figure 25 Report Information SOCOM 75 LUI c 76 00 Web Usate Las UC Sires ede ois anta tn cana 76 e pasa csp e Sagat vs A E 71 Web Hiis Dy Ce NER 78 Prete Oo Web Gate Cony De c NR 79 o4 Use By Sci uu T 81
97. sec 2 2 2 Bete sed Ebits sec 14 15 14 2 13 30 14 00 06 00 Upstream Bandwidth Realtime Upstream Bandwidth This Hour Upstream Bandwidth Today B Khi B b amp Kbas tac Kbits sec hien 4 Ebo 4 2 Kbite s c 2 Kbits sec Khitz zec Kbstz sec Kbits sec bee 14 13 30 14 00 BANDWIDTH POOL 2 BYOD DIRECTION DOWNSTREAM BANDWIDTH DURING SATURATION 100 00 kbp BANDWIDTH HARD GAP SO0 00 kegs Daovinstream Bandwidth Realtime Dovinstream Bandveldth This Hour Daovinstream bandwidth Today B Khi Kbetul dee B Klub 5 Kbitz sec sec b Kbits sec 4 Koes bec Kbits sec 2 Kbitz sac 2 Kbits sec 0 ee 14 05 13 30 Rev 6 0 23 25 December 17 2013 Page 21 of 103 PhantQm jboss Technologies SECURITY Figure 15 Bandwidth Shaping 1 4 1 4 1 Downstream Bandwidth Overview This section has three graphs all relating to downstream bandwidth The first shows the overall downstream bandwidth The second shows the bandwidth settings in pie chart form The third shows a similar pie chart detailing how the bandwidth is actually used The two charts share the same colors for easy comparison DOWNSTREAM BANDWIDTH OVERVIEW Realtime Overall Downstream Bandwidth Bandwidth Pool Settings Current Bandwidth Pool Rates 45 Kbits sec
98. sers By Top Users By Top Blocked Category Time Use Category Web Hits Overall Web Hits Overall Time Use Users Trending Now Suspicious Liability Filter Avoidance User Time 7 hrs 58 mins 32 secs 7 hrs 52 mins 29 gt 2 secs gt a EM 49 mins 23 secs gt 4 41 mins 14 secs 5 7 mins 20 secs 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 70 Top Users by Overall Time Use Rev 6 0 23 25 December 17 2013 Page 88 of 103 Phant m it 255 1 5 2 10 Top Blocked Users This section lists the top five blocked users You may click the More button to show all users listed by block count ib SS iBoss Enterprise SWG SEGURITY IP e Real time Drill Down Report Video System Dashboard Reports Schedules Desktop Settings Info Generated Report Jump to Report Daily report Overall 05 07 2013 Report Name Daily report Overall ES Date 06 07 2013 06 08 2013 User Blank All Users Bandwidth Threats amp Malware Web Hit Web Hits By Time Use Top Yisited Top Blocked Trends Category By Category Domains Domains Top Users By Top Users By Top Users By Top Users By Top Blocked Category Time Use Category Web Hits Overall Web Hits Overall Time Use Users Trending Now Suspicious Liability Filter Avoidance User Block Count 2013 Phantom Techno logies Inc All righ
99. sili Real time Report Video System Dashboard Schedules Desktop Settings Info Generated Report Jump to Report Daily report Overall 06 07 2013 Report Name Daily report Overall Date 06 07 2013 06 08 2013 User Blank All Users Web Bandwidth Top Overall Threats Top Outbound Threats Top Inbound Threats Top Users By Threats Threat Priority All Hit Count No Threats P C 4 OI C CO 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 83 Top Inbound Threats Rev 6 0 23 25 December 17 2013 Page 101 of 103 Phant m LOSS Technologies 1 _ 1 5 4 4 Top User by Threats This section contains the top users by threats as determined by the IPS You may click the More button for a full list b iBoss Enterprise SWG 10055 SECURITY IP 10 128 31 175 Logout Real time Drill Down Report Video System Dashboard Reports Schedules Desktop Info Generated Report Jump to Report Daily report Overall 06 07 2013 Report Name Daily repart Overall Date 06 07 2013 06 08 2013 User Blank All Users Fi Apply Web Bandwidth Top Overall Threats Top Outbound Threats Top Inbound Threats Top Users By Threats I Threat Count No Users Found OC CO DO 2013 Phantom Technologies Inc All
100. sonation for Service only Log debug infos to the WinV NC log file DSM Plugin Default Server Screen Scale 1 1 Figure 39 UVNC Properties 1 4 6 2 Registering a Computer to DMCR To register a computer to the DMCR feature you will need to identify the computer through the iBoss Please refer to the Identifying Computers section for more information There will be 3 additional settings that are present when identifying computers Enable Disable VNC Rev 6 0 23 25 December 17 2013 Page 52 of 103 Phant amp m Technologies SECURITY integration VNC password and VNC port Enter these settings for the computer that you are identifying Once you have identified this computer and enabled these settings the computer will show up under the Video Desktop section of the reports 1 4 6 3 Video Desktop 0955 SECURITY IP E Real time Drill Down Report Video System Dashboard Reports Schedules Desktop Settings Info VIDEO DESKTOP iBoss Enterprise SWG View Control Dimensions Native Computer Name Record Control View O HAY VIDEO DESKTOP RECORDINGS lt lt lt June 2013 Year Month ID Date amp Time Description Delete Download Play 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective own Figure 40 Video Desktop Moni
101. st be after the start date Groups Delegated Reporting Group This allows you to limit the data in the report to the specified reporting group number Otherwise the entire set of data is used Include All Users amp Groups Include Selecting Include Selected Users amp Groups Selected Users amp Groups enables the next two fields If Include All Users amp Groups is selected the data in the next two fields is irrelevant and all data is used regardless of user or group groups can be included WEE 7 dM users can be included Limit Report to I P Range If used all data in the report has to have a local IP address between the start and end P addresses put in 1 4 3 4 3 Email PDF Report Recipient This section allows the report to be emailed once generation is complete Since report generation may take a while to complete you may choose to configure these settings so that an email can be sent once the email generation process is complete to avoid having to wait for the report to complete 1 4 3 4 2 1 Email Message Information Rev 6 0 23 25 December 17 2013 Page 36 of 103 TM Phant m 16955 Technologies SECURITY Enter the email information including the recipient sender cc bcc subject and message body This will send the email to another person which looks like it comes from you with a personalized message 1 4 3 4 2 2 Report Contact Information This information shows up on the cover page of the Emailed
102. stem Dashboard 5 Reports Controls Schedules Desktop ET Info General Sethings Protected Objects Bypass Gateway threat gateway BEHAVIORAL DATA LEAK PREVENTION SEARCH FILTERS Name Sensor Description Threshold Type Enabled BEHAVIORAL DATA LEAK PREVENTION SENSOR LIST 1 0 11 First Prev Name Threshold Type Sensor Type Threshold em 2000001 High Risk Areas Data Quantity Data Movement To From Country 2000002 High Risk OrganizationsData Quantity Data Movement To From Organization 1 MB 2000003 Yousendit Data Quantity Data Movement To From Organization 1 MB 2000004 Dropbox Data Quantity Data Movement To From Organization 1 MB 2000005 Facebook Data Upload Data Quantity Data Movement To From Organization 2 MB 2000006 High Risk Connections Connection Count Data Movement To From Country 50 CON Yes 2000007 Server Data Loss Data Quantity Data Movement To From IP Subnet 5 MB 2000008 High Risk Transfer Data Quantity Data Movement To From IP Subnet 2 MB 2000009 Server Data Loss Data Quantity Data Movement To From Country 2000010 Unusual Data Behavior Data Quantity Abnormal Data Behavior 25 DEV 2000011 High Risk Transfers Data Quantity 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 33
103. t Size 294 18 MB Start Date 04 22 2013 Confiaure Backup Share BACKUP SHARE URL LOG ARCHIVES Log File Name url_log_entry Log File Name url_log_entry_04222013 10955 SECURITY iBoss Enterprise SWG IP 10 128 31 175 Logout Video Settings Schedules Desktop System Info Register iBboss Devices Network Settings Subscription End Date 01 30 2013 Backup Date 04 22 2013 End Date 04 22 2013 End Date Current BAHNIIDI I Al Pall URI laa Naw Size 5 12 KB Size 32 55 MB 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 49 Manage URL Log Archives This section allows you manage the URL logs You may Roll URL logs into archives This allows you to bunch URLs and then back them up or delete them You may also setup a Backup Share under the General Settings to have the URL Log archives backed up to With Backup Share folder setup on the General Settings the list of backed up URL Log archives will be displayed If the Backup Share has not yet connected it may take a couple minutes for this page to load as it is establishing a connection to the backup share Rev 6 0 23 25 December 17 2013 Page 68 of 103 Phant amp m LOSS Technologies SECURITY 1 4 7 4 2 Bandwidth Log Archives SE
104. t you remotely 1 4 7 1 7 SNMP Settings This area configures the SNMP settings Enabling the Community and the Allowed Query Subnet are included 1 4 7 1 8 Report Maintenance Settings These settings allow you to configure the maintenance options for the report manager Maintenance occurs once per day Rev 6 0 23 25 December 17 2013 Page 60 of 103 TM 9 m Technologies 1 1 SECURITY S Perform Maintenance At This is the time you would like maintenance to occur Configure this option for a time when the network has the lightest load Maximum time to perform maintenance This option allows you to limit the maximum maintenance time Although maintenance may not take too long to complete if the report manager is shrinking the database or performing other intensive routines maintenance may take a long time to complete It is important that the iBoss is given enough time to complete all of its tasks The Unlimited option is recommended Hold Logs Before Deleting When it becomes time to delete data the reporter can hold off from deleting the URL logs for the specified number of days The logs will be marked for deletion O deletes the table immediately as needed Max URL Log Partition Size This option is the maximum size of the URL Log size before rolling into another table Smaller values will increase performance and will generate more tables Max Total URL Log Size This option is the maximum size of all UR
105. taken out of Default Group O and put into the new reporting group To add a reporting group click Add Reporting Group 1 4 7 3 1 Add Reporting Group iBoss Enterprise SWG 10 128 24 55 NETWORK SECURITY Logout Real time Drill Down Threat Report Video System Dashboard ae Reports Controls Schedules Desktop Seine Info General Users Log Archives Register Gateways Fiu Nebyork Settings SSL 5 5 1 REPORT GROUPS Group Group Name Group Cloud Reporting Key 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 48 Add Reporting Group To add a reporting group put the group number and group name If it is a cloud filter include the Group Cloud Reporting Key After you are done settings all of the settings click Save 1 4 7 4 Log Archives This section holds the logs for URLs Bandwidth and IPS Rev 6 0 23 25 December 17 2013 Page 67 of 103 Phant amp m Technologies 1 4 7 4 1 URL Log Archives SECURITY Real time Drill Down Dashboard Logs Reports General Report Users Report Groups BandwidthiLogs 3 005 MANAGE URL LOG ARCHIVES Start Date 01 30 2013 Backed Up Yes Name url_log_entry Size 65 54 KB Location 10 128 16 120DownloadsiBossCIFS Name url log entry 04222013 Size 95 36 MB Start Date 01 30 2013 Name url log entry curren
106. tegory Technology Nete You may the adr l or IP You may ct tre button tor more ertnes You may moute cver re Shue teat w t acd User column for more mntormaeon about the entry 1 SEC IP Address Description Action Figure 63 Web Category Detail Date amp Time User 11 59 40 128 31 105 bees com 10 1225 4112 Technology Ae DAONA 11 5 19 128 31 108 ees com IOLA ALa Techneteey Ab 11 29 99 710 128 31 103 ib6102 beat com 219 12245112 7 Te hnedfegr p 04 07 13 11 03 390 82321 108 eee com SRL ALA Technology Abl UNIT 1151 16 128 31 108 ib6107 29 121251 2 Techneleey AM 94 92 19 11 08 9 10 1228 31 108 i1b6102 com 1404 144 44 422 Technology Aa SATA 310064 Ia 128 21 105 6197 cam 122 Tecthneteey 04 97 12 11 44 10 128 31 105 1 204 121444 1411 Vechnotesy 04 97 13 11 00 1408 1278 31 105 s3 courieraeesh apple com LLIULGIJ2AAMPE Vecheslegy Adame 04 47 13 11 44 35 129 31 105 16102 5 195121451122 Technology AM 64 67 12 11 49 M 31 103 10102 ast com 204 424 44 417 Yecheetegy 42 4 GUONI 11 39 19 128 311 105 bees 194112251127 Vechnetoey AB 09 07 33 11 29 105 23 30 105 ib6102 bus Com i10 amp 1154 1237 Technology Ad 04 01 33 31 29 0 10 128 11 1
107. terprise Reporter Place the iBoss Enterprise Reporter on the switch just as a computer would be For example add a network cable from your switch to the LAN port of the Enterprise Reporter Do not put the iBoss Enterprise Reporter in line like you would when setting up the iBoss filter After setting up the iBoss Enterprise Reporter on the network do not forget to identify the Enterprise Reporter from within the iBoss Filter web interface and Select No Bypass Filtering Rules 1 1 2 Setup Steps to Register iBoss to External Enterprise Reporter This section is a quick guide for registering iBoss devices to an Enterprise Reporter 1 Setup address for the iBoss Web Filter please refer to the iBoss address section to set this 2 Setup an IP address for the iBoss Enterprise Reporter please refer to the iBoss Enterprise Reporter Network Settings section to set this Rev 6 0 23 25 December 17 2013 Page 7 of 103 9 m _ Technologies SECURITY 3 Log into the report manager and click on Settings gt General gt then change the Report Database Password please refer to the iBoss Enterprise Reporter Settings section for more information 4 Click on Register iBoss Devices Add Device gt Then set the iBoss name iBoss I P address iBoss Web Filter subscription key and copy the Security key please refer to the iBoss Enterprise Reporter Settings section for more information 5 Log into the iBoss dev
108. their respective owners Figure 27 Threats amp Malware 1 4 2 2 1 Threat Search Filters This section contains the filter controls that mold the results displayed below These filters allow hiding threats and only showing filters in which you d like to see This makes it easier to diagnose and look through the threats You can search for date ranges users groups Mac addresses source IP addresses computer names protocol keyword filter location or class Once you have made these filters click the Apply button above the search filters You can export this You may also send this report directly from this page by entering email information under the section for Email This Report Now and clicking the Send button You may also generate a report schedule by clicking on the Create Report Schedule button Rev 6 0 23 25 December 17 2013 Page 31 of 103 PhantQm 1609055 Technologies SECURITY THREAT SEARCH FILTERS Archive ips log current 01 30 2013 Present Apply Start Date 05 1 0 2013 mMM DD vvvv User Keyword wildcards Start Time 12 00 AM Group Dest IP End Date MM DD YYYY Priority Class End Time 11 7 59 PM Source IP Direction All Protocol Report Group 7 EMAIL THIS REPORT NOW Email Log to Maximum 500 Format Html Send OR Create Report Schedule Truncate True Figure 28 Threat Search Filters 1
109. ticular category usage Rev 6 0 23 25 December 17 2013 Page 77 of 103 Phant amp m Technologies Bandwidth Threats amp Malware Web Hit Web Hits By Time Use Top isited Top Blocked Trends Category By Category Domains Domains Top Users By Top Users By Top Users By Top Users By Top Blocked Category Time Use Category Web Hits Overall Web Hits Overall Time Use Users Trending Now Suspicious Liability Filter Avoidance Bl Blocked Ads Adult Content Alcohol Tobacco Art Pate olvide Business Dictionary rugs E n ment Finance Forums Friendship Gambling ames Governmen Guns amp Weapons Health Image Search obs Mobile Phones NEWS Organizations Personal Websites Polit Real Estate E Restaurants Food Search Engines Services hops Orts ssi Rado TY echnology Toolbar Transportation Virus amp est Web Hostin Webmai BEE SE ee 200 400 600 800 1 000 1 200 1 400 1 600 Um Figure 62 Web Hits by Category 1 5 2 2 1 Web Category Detail If you click on the bar for a particular web category you are taken to a detail page showing information pertaining to that particular category Rev 6 0 23 25 December 17 2013 Page 78 of 103 Phant amp m Technologies iB
110. toring This section will show you all the computers that are identified with the DMCR feature enabled You will be able to manually Record Control and View the desktops straight from this screen 1 4 6 3 1 Live Desktop MultiView Rev 6 0 23 25 December 17 2013 Page 53 of 103 Phant m 10955 Technologies SECURITY iBoss Live Desktop MultiView ins Computer Figure 41 Live Desktop MultiView This option allows you to select multiple computers and view up to 10 different screens Simultaneously Select the computers you want to view and click the Live Desktop MultiView When viewing the desktops you may click the Fullscreen button under any of the windows to just view one desktop 1 4 6 4 Video Desktop Recordings This section will store all of the desktop recordings All of the recordings are saved as swf Adobe Flash files In this section you may delete download or play the recording Since they are swf files you may view them in any standard web browser with the flash plug In 1 4 6 5 Recording Thresholds Recording thresholds can be set to start recording a user s desktop automatically once a certain violation threshold is reached For example if a user goes to an Adult site 5 times within a minute it will start recording their desktop for 1 minute These settings can be configured within the iBoss interface under the Report Settings in Preferences Please refer to the Video Desktop Recordi
111. ts reserved All trademarks and registered trademarks on this webs a are the property of their respective owners Figure 71 Top Blocked Users Rev 6 0 23 25 December 17 2013 Page 89 of 103 Phant amp m Technologies 1 5 2 11 Trending Now This section details the top searches on your network of search terms SECURITY Real time Dashboard Reports Generated Report Report Name Daily report Overall Date 06 07 2013 06 08 2013 User Blank All Users Bandwidth Web Hit Trends Web Hits By Category Top Users By Category Time Use Top Users By Category Web Hits Trending Now Suspicious 2013 All trademarks Figure 72 Trending Now Drill Down and registered trademarks SS 1 ECURITY The More button brings up a full list iBoss Enterprise SWG IP 10 128 31 175 Logout Video Desktop Jump to Report Daily report Overall 06 07 2013 System Info Report Schedules Settings Threats ALL Time Use By Category Top isited Domains Top Blocked Domains Top Blocked Users Top Users By Overall Web Hits Top Users By Overall Time Use Liability Filter Avoidance Phrase Hit Count 000000000000 nc state university dialect survey Phantom Techno this logies Inc website are the property All rights reserved of their respective owners Rev 6 0 23 25 December 17 2013 Page 90 of 103
112. up name or OU or both Group Key Within LDAP this string is used for group matching AD it is memberOf Group Match Sub Ke In AD this is CN Email Key Key for using an e mail address with LDAP Rev 6 0 23 25 December 17 2013 Page 62 of 103 TM Technologies SECURITY pn AD this is userPrincipalName DN Match Sub Key If User DN is included within the Match Group Source option then this key is used to parse the User DN Active Directory Example OU User Search Filter This is the filter that is used to search for a username in the LDAP server This filter must result in a single user record The filter must also contain s which will be replaced by the username There must not be any other percent signs in the search filter Active Directory Example s Once you have finished entering information click the Test button This saves the information as well as tests the information against the LDAP server 1 4 7 1 11 Additional Settings This setting allows you to configure the email address used for sending Email Alerts to Default Delegated Reporting Group This is the option which allows you to include Contains Overall Report all reporting groups for statistics on the current activity page iBoss SWG Intrusion Malware Present Activates Sync with iBoss IPS iBoss SWG Cache Antivirus Present Activates Sync with Cache Antivirus remains
113. work Settings lt lt iBoss Enterprise SWG SECURITY _ E Real time E Report Video System Dashboard eS Reports Schedules Desktop Info General Report Users Report Groups Log Archives Register iBoss Devices Subscription CONFIGURE IP ADDRESS SETTINGS Ip Address 012816118 Subnet Mask 255 255 2400 Gateway 0128181 DNS 1 8888 DNS 2 2013 Phantom Technologies Inc All rights reserved All trademarks and registered trademarks on this website are the property of their respective owners Figure 55 Configure IP Address Settings This section allows you to set the network settings for the external report manager You may set the IP address Subnet Mask Gateway DNS 1 and DNS 2 After entering the settings click Save The iBoss Enterprise Reporter will need to reboot after saving Rev 6 0 23 25 December 17 2013 Page 72 of 103 10955 Technologies SECURITY Default 1 Enterprise Reporter IP Address Settings I P Address 192 168 1 20 Subnet Mask 255 255 255 0 Gateway 192 168 1 1 DNS 1 192 168 1 1 DNS 2 0 0 0 0 You may set these settings through the serial console Please refer to the serial console settings in the iBoss serial console section 1 4 7 8 SSL This area allows you to upload certificates for the reporter 1 4 7 9 Subscription iboss SEGURITY IP reis 0 D a E ae Real time Drill Down Report Video etti System Dashboard
Download Pdf Manuals
Related Search