User's manual Securepoint Personal Firewall & VPN Client Version
Contents
1. Fig Window Settings Alarm messages Fields of input and selection Sounds Activating playing of sounds in case of alarm notification Sound file Selection of sound file Other alarm notifications If you have a plugin you can make further settings Page 18 Securepoint Personal Firewall amp VPN Client Version 3 6 5 1 3 Log amp Advance gt Call up of the area via the menu area Setup Firewall gt General Settings gt selection of folder Log or Advance Settings General Alarm messages Advance Log settings Log all allowed events Create global log file wt CS Windows Eventdisplay write all allowed events to the event display write all denied events to the event display Write all error messages to the event display Fig Window Log Settings Log settings Log all allowed Normally are only non allowed events useful for analysing You have to activate this events option if you want to log also allowed events Please notice that the log file may get very big Create global file You can specify a global log file that log all events in a seperate file Windows Eventdisplay Since Version 5 1 of Windows there is a system called Event Management available Log Activate Write all allowed denied events to write allowed or denied events to the Event Management Error Activate Write2. Fig Security settings of the connection Description Authentification Enter the authentification method for the connection and select either a previously set up pre shared key or certificate Encryption Select the encryption algorithm which you would like to use This must be identical to the one on the VPN server Authentification type Enter to which algorithm the tunnel creation should be carried out Perfect forward secrecy Activates the session in PFS mode Advanced Settings Description Life cycle of the key Re Keying Indicate after which time the key should be re generated Page 41 Securepoint Personal Firewall amp VPN Client Version 3 6 5 4 A VPN with Securepoint Firewall amp VPN Server and X509 authentication e Your aim is to connect a Securepoint Firewall amp VPN server with a Securepoint Personal Firewall amp VPN Client roadwarrior via a X509 authentication For instance you would like to allow a notebook to access internal resources while on the way The roadwarrior should be able to access the internal file server via NetBios Windows Filesharing This should be done via a secured IPSec connection Follow the steps to create the IPSec connection Proceeding in 3 steps 5 4 1 Creating the firewall rules for IPSec connections 5 4 2 Creating X509 certificate 5 4 3 Configuring IPSec connection on the firewall The following screens are made on the Securepoint Securi
3. 3 ComPlus Applications 3 Gemeinsame Dateien 9 Internet Explorer 3 Messenger Se Cc The program requires at least 3 3 MB of disk space eee Tee ene Fig Setup Wizard Destination Directory gt Select the folder in which you would like to install the Securepoint Personal Firewall According to the standard the program will be saved in your folder Program Files gt Click on the button Next ie Setup Securepoint Personal Firewall amp YEN Client Ready to Install Setup i now ready to begin installing Securepoint Personal Firewall amp YPN Client On our Computer Click Install to continue with the installation or click Back if you want bo review or change any settings User information Your Hame Your Company Destination directory C ProgrammeS ecurepaint Personal Firewall Start Menu folder Securepoint Personal Firewall Install Cancel Fig Setup Wizard Ready to Install gt Click on the button Install to start with the installation gt Click on the button Back to change or check your settings The progress of the process of installation will be shown The process does usually only take a few seconds but can take more time depending on the system Page 8 Securepoint Personal Firewall amp VPN Client Version 3 6 ic Setup Securepoint Personal Firewall amp VPH Client Completing the Securepoint Personal Firewall amp VPN Client Setup Wizard To complete th
4. Fig Worksheet with firewall object gt Create a roadwarrior object named Roadwarriorx 509 gt Todo so click on icon New roadwarrior gt Since we do not know hat IP address the roadwarrior is given by the provider fill in the IP 0 0 0 0 Fig Roadwarrior object gt The newly created roadwarrior object now appears in the left object bar and can also be drawn on the worksheet by drag and drop S Firewalls VPN Road Warrior Name Roadwamnioc lt 509 o 0 0 0 0 Fig Roadwarrior object Page 57 Securepoint Personal Firewall amp VPN Client Version 3 6 Create IPSec connection Now the two objects located on the worksheet can be connected with each other and an IPSec connection can be established Connect objects with each other Proceed as follows gt Click on the icon New IPSec connection in the icon list and on the firewall object gt You receive a message which asks you to click on the targeted object in this case the roadwarrior object Fig IPSec connection gt The window for filling in the data for connection opens Fig Dialog window properties of IPSec connections Firewalls VPN Germany bmp Roadwarions 509 Fig Dialog window properties of IPSec connections Page 58 Securepoint Personal Firewall amp VPN Client Version 3 6 Configuration of connection type Proceed as follows Now select the type of connection and fi
5. Program nconfig create new client cert gt Selection Carry out point 3 Create new Client Cert gt Fill in the respective data You have to fill in the first password as your client certificate when creating the IPSec connection in the Security Manager With the second password you are able to sign your password with the local CA of 192 168 5 1 PuTTY Create new Client Cert Cormon Name myOrg Country DE Locality NDS Organization Org Unit Email Password Ci Password ourdomain Fig Program nconfig insert client cert data Fill in the following data Common Name Country Locality Germany State NDS Organisation Org Unit Email sales yourdomain Password CA Password myServerCert DE YourOrg Sales K OK OK OK K OK K OK K OK OK OK OK OK K OK Page 54 Securepoint Personal Firewall amp VPN Client Version 3 6 Exporting a certificate gt Now you can export the certificate to a floppy disk or USB stick The certificate will be saved under the following path on the firewall opt securepoint4 0 tmp client_cert You can also download it from the firewall later on for instance via sftp protocol 192 168 5 1 PuTTY Fig Export certificates on USB stick or disk Page 55 Securepoint Personal Firewall amp VPN Client Version 3 6 5 4 3 Configuring the IPSec connection on the firewall Now switch back to the Security Manager C
6. 0 1 1900 LISTEN Protocol 17 Address 0 0 0 0 1036 LISTEN Protocol 17 Address 197 168 4 10 123 LISTEN Protocol 17 Address 127 0 0 1 123 LISTEN Protocol 6 Address 0 0 0 0 5000 LISTEN Protocol 6 Address 0 0 0 0 135 msnsgs exe C Programme Messenger msmisgs exe LISTEN Protocol 17 Address 192 166 4 10 8706 LISTEN Protocol 17 Address 192 166 4 10 60070 LISTEN Protocol 6 Address 192 1668 4 10 9925 TETE RIS Cesnbkeeal 17 AHAH nom Ddo Page 65 Securepoint Personal Firewall amp VPN Client Version 3 6 7 Update The Update Wizard is providing assistent to look if there is a new version available for the Securepoint Personal Firewall and automatically installs the new version gt To start the Update Wizard click on the menu Help gt Search for updates The update process will continue fully automatically Gehen Sie folgenderma en vor gt If there is a new update Click Yes to start the installation of the update gt Follow the instruction of the update process Page 66 Securepoint Personal Firewall amp VPN Client Version 3 6 8 Uninstall the Securepoint Personal Firewall Prior to uninstall the Securepoint Personal Firewall In case the Securepoint Personal Firewall is active you first have to end the program to be able to start with uninstalling it gt End the Securepoint Personal Firewall Uninstalling the Securepoint Personal Firewall gt Clcik on
7. Also FTP should not be used as shell access on the system itself Page 68 Securepoint Personal Firewall amp VPN Client Version 3 6 FTP problems Firewall rules http service Mail service Name service DNS The classical problem with filtering FTP is that FTP has two totally different modes the active mode and the passive mode which is also called PASV It is standard that web browsers sign in at the passive mode Since FTP exchange data via a control and a data channel port 20 and 21 several problems arise While in active mode the server tries actively to establish a connection to the client for the data channel The firewall can not allow this process without completely activating all ports above 1024 While in passiv mode the client defines all channels that is the one for control and the one for data Firewall rules define how a firewall reacts to certain data or forms of communication A firewall rule contains a pattern of data and an action which is to be conducted in case the pattern is recognised The http service is one of the most frequently used services With its help you can receive websites on your browser The http service HyperText Transfer Protocol represents a problematic service since it offers several possibilities for misuse on the client s sites as well as on the web browsers and on the server sites Via this service not only information but also programs can be sent This in itself mea
8. Personal Firewall Network connection protection O Welcome E 5 Introduction Help and Support Choose a assignment Search for Updates B Allow or deny a Application Adjust Firewall Change to expert view Rule view Aner gt iew current connections Applications Rules General Settings G VPN Settings or a control symbol Block all connections to and from the computer Events l Deactivate the Firewall View Log Current Connections Fig Main Window Manually starting the Securepoint Personal Firewall via the Windows start menu Proceed as follows in case you would like to start the Securepoint Personal Firewall manually gt Click on the button Start in the windows task bar and select Programs gt Securepoint Personal Firewall gt Securepoint Personal Firewall The main window of the Securepoint Personal Firewall opens Page 12 Securepoint Personal Firewall amp VPN Client Version 3 6 3 2 Securepoint Firewall Symbol in the Windows task bar Open the main window of the Securepoint Personal Firewall via the Windows task bar When installing the firewall the symbol of the Securepoint Personal Firewall was added to the windows task bar Use this symbol to open the Securepoint Personal Firewall gt Double clicking on Securepoint Firewall Symbol in the windows task bar Securepoink Personal Firewall Li Aro 10 54 Fig Securepoint Firewall Symbol in the
9. T aE eiai ae ade leaa aa a Daaa 36 I3 TO SCEUD an KX 509 Cercate inr aa I A A AEE AAA ANE deel A A SENA 37 5 3 4 To set up edit and delete VPN connectionS s sesssssrsrerrsrsrorrrrrrrrsrerererrrrrrrrsrererrrrrrrene 39 S3 AO CONNGUre a VPN CONNECHOM si sieiascodsnauitikdda wlie ar i a a a a Aa 40 5 4 A VPN with Securepoint Firewall amp VPN Server and X509 authentication ccee cece ee eeees 42 5 4 1 Creating the firewall rules for IPSEC CONNECTIONS ccccceeceee cece ee eeeeeee seen ee eeeeeeeeeeeeeeeenanaas 43 52422 Creating A309 CeMinlCaleS cus atameseaguceaeerah ac ET A EAE ataabamadenient 51 5 4 3 Configuring the IPSec connection on the firewall ccccccccccee cece eee eeeeee eee eeeeeeeeeeeeeaneneees 56 6 Recording and reporting with the Securepoint Personal Firewall cccccceeeeeeeeeeeeeeeeeeeeaeeees 62 6 2 VIEWING TECO dirana nnen E aretebe ena venaun NEE pied evades tuum oeeeennmenersacen 62 622 OVEINVICW OF SCAS tC norane esea catniecten BeMoukdedancatayguncnseleaeuaderonuauenmet caceuauieutadeudnaeteennet 65 7 IO CALC Gaines ena dune examiner the cavk tian Otehandcamuaey nce a a a a a aaa Ea 66 8 Uninstall the Securepoint Personal Firewall ccccccccc cece cece eee eeeee eens eee e eee eeeeeeee eee seaaaeeeeenas 67 GIOSSONY sctwettuds iter sattvetdeotinahtientetionctecavestananbdhidesttaataaticnicekimetie utes caarvesdaentehtaadaniasentecsue Aaa 68 General questions and answers concerni
10. all error messages to the event display to write all erros to the Event Management Page 19 Securepoint Personal Firewall amp VPN Client Version 3 6 5 2 Configuraing rules An application program tries to communicate check with demand assistant By the demand assistant you will be notified when an application program tries to establish a connection You have the possibility to either allow this communication or to block it Firewall rules will be created automatically see chapter 5 2 1 The firewall rules have two user s modes A mode for inexperienced users the applications overview You have a complete overview of all applications that are communicating with your PC in the overview of applications Here you can add new applications change or delete them to allow or block them concerning communication see chapter 5 2 2 An experts mode for experienced users the overview of rules In the overview of rules you can explicitly define new firewall rules see chapter 5 2 3 In contrast to the overview of applications you have the possibility to define firewall rules that are to be applied to all applications due to the fact that numerous applications use the same services Several dialogues will help you to do this as efficient and comfortable as possible Furthermore you have additional possibilities to make settings concerning direction protocols port etc Page 20 Securepoint Pe
11. computers pinging me Add the two standard ICMP messages Echo Echo Reply from the library to your set of firewall rules How can I block a single internet address e g sex de Define a new TCP rule with the setting targeted address sex de and Port 80 Further information on creating rules in chapter 5 2 3 1 Can protect my settings from access by unauthorised people Yes You can protect your settings by a password You can define your password in the settings of the firewall chapter 5 1 Why does loading the record take so much time He larger a file is the longer it takes to load it You can avoid this by selecting a filter setting under the setting extended prior to selecting the respective log file Why is my game interrupted by the firewall Activate the application prior to starting the game Support When can get help You receive further help to the Securepoint Personal Firewall in the online forum under http www pcschutz de forum Page 80
12. create firewall rules gt Click on the icon Insert from Library After that the window library opens Fig Window Library Library DM xeu General Network Rules Internet Rules ICMP Rules ia ICMP Echo E ICMP Echo Reply Fig Window Library Menu bar library A Define rule Defining of a new rule E Edit rule Changing a rule x Delete rule Deleting a rule c gt Import rule Importing an already existing rule lA Export rule Exporting an already existing rule To provide for a better overview the library contains pre defined categories in which the several rule are put The categories can be extended or changed when creating new rules Categories of library of rules General Network rules Internet rules ICMP rule Page 32 Securepoint Personal Firewall amp VPN Client Version 3 6 Inserting a rule from the library gt Double clicking on the selected rule Or gt Single clicking on the selected rule and click on button Insert Defining of a new rule for the library gt Select the category in which the rule should be put gt Click on the icon Add Rule You find information on how to proceed when creating a new rule in chapter 5 2 3 1 Changing rule from the library gt Click on the rule you would like to change gt Click on the icon Edit Rule You find information on how to proceed when changing a new rule in chapter 5 2 3 1 Deleting a ru
13. that are not obeying the rules Nowadays you find an increasing number of internet users either in companies or in the private sector A little share of these users is interested in finding security gaps and to use them for his purposes The reasons for that range from childish interest and hunger for knowledge to intended sabotage Due to the numerous possibilities of distributing informatuion and applications on the internet also inexperienced users quickly find themselves in a position which allows them to spy out information and conduct attacks If you apply common statistics on criminal energy in our society to the internet community it would be several millions of people And why should internet users behave essentially different than in every day s life The more important and sensitive your data is the more you have to protect it J ust like you have at least one lock at your door you should have a firewall Daten und Software The first thing you have to consider is what data should be protected when connecting to the internet or to another net Basically you should protect the following Data and software this is your programs and information on your PC Hardware this is your PC on which the applications run and data is transported and yourself self protection One of the most important areas that has to be protected on your PC is your data Ponder yourself what would happen in case all or part of your da
14. which interactions are currently conducted by your computer with other systems The overview of statistics is similar to the output of the windows command netstat exe But the overview of Statistics shows you a lot more information gt Call up of the overview of statistics via the menu Events gt Current Connections After that the window with the overview of statistics opens Fig Statistic View o3 Securepoint Personal Firewall Andi File Advanced Help OQ Welcome Si Introduction Help and Support Search for Updates Adjust Firewall Applications 3 Rules gt General Settings 3 YPN Settings Events gt View Log 3 Current Connections Fig Window Statistic View Current connections In this display you can Follow in real time which connection are going in and out From your computer System System A LISTEN Protocol 0 Address 0 0 0 0 0 ESTABLISHED our Protocol TOP From address 192 168 4 10 1027 bo address 197 168 4 99 13 LISTEN Protocol 6 Address 192 168 4 10 139 LISTEN Protocol 17 Address 197 168 4 10 138 LISTEN Protocol 17 Address 197 166 4 10 137 Isass ene Ci WINDOWS systems sass exe LISTEN Protocol 0 Address 0 0 0 0 0 LISTEN Protocol 17 Address 0 0 0 0 500 svchost exe C WINDOWS System32 sychost exe LISTEN Protocol 6 Address 0 0 0 0 1025 LISTEN Protocol 17 Address 197 168 4 10 1900 LISTEN Protocol 17 Address 127 0
15. 10 13 34 10 13 34 10 13 35 11335 10 13 35 Gutgoing Packet From 192 168 4 10 to 224 Outgoing connection From msmsqs exe 19 Outgoing connection From msmsgs exe Gubgaing connection From msmsgs exe Gutgaing connection From msmsgs exe Outgoing connection From msmsgs exe Gutgaing connection From msmsgs exe Outgoing connection From msmsgs exe Outgoing connection From msmsgs exe Outgoing connection From msmsgs exe Outgoing connection From msmsgs exe Outgoing connection From msmsgs exe Page 62 Securepoint Personal Firewall amp VPN Client Version 3 6 Menu bar overview of records Choose date Today Fig Menu bar Rules View Menu overview of records ee Select date Selection of date filter via the choice field Qerweitert Extended Opens filter settings extended menu ho Cut Current log file will be deleted ey Print Current log file will be printed Extended overview of records R Filter entries Selection of filter which should be applied show all entries show allowed connections only show blocked connections only show package notifications only show server notifications only show program notifications only Maximum Limitation of number of log file entries Entry record Type of communication Description of communication Bpacket transported 10 09 44 Outgoing Packet From 192 168 4 10 to 224 0 0 22 Protoco a Denied Connection IEE aie Ou
16. 8 5 1 PuTTY myca DE Germany NR Fig Program nconfig insert CA data Fill in the following data the CA Common Name myca Country DE Locality Germany State NRW Organisation YourOrg Org Unit Sales Email sales yourdomain Password private key ae ene ae Page 52 Securepoint Personal Firewall amp VPN Client Version 3 6 Creating a server certificate Now create the new server certificate of 192 168 5 1 PuTTY Fig Program nconfig create new server cert gt Selection Carry out point 2 Create new Server Cert gt Fill in the respective data You have to fill in the first password as your server certificate when creating the IPSec connection in the Security Manager With the second password you are able to sign your password with the local CA of 192 168 5 1 PuTTY Create new Server Cer Common Name Country ocality Germany NDS Organization YourOrg Org Unit i Email Password Fig Program nconfig insert server cert data Fill in the following data Common Name myServerCert Country DE Locality Germany State NDS Organisation YourOrg Org Unit Sales Email sales yourdomain Password ee CA Password Soo Page 53 Securepoint Personal Firewall amp VPN Client Version 3 6 Creating a client certificate Now create the client certificate for the roadwarrior of 192 168 5 1 PuTTY Fig
17. PCA it first has to knock out PC B To do so it constantly asks PC B to build up a connection with it But it never signs those requirements Thereby PC B is too busy to keep up the communication with PC A PC C now has the possibility to pretend to be PC B and to break in PC A By doing so it exactly behaves like PC B This attack is based on way too large ICMP packages Teardrop and Bonk are attacks that are mainly aimed at WindowsTM servers They are based on overlapping fragments To avoid those attacks all fragments have to be blocked or a reassembling has to be conducted within the IP stack Back Orifice is a program which was created by the group Cult of the dead cow Communications This program allows you to control the PC of a user whom you actually do not know This can be done via a usual network or via the internet Back Orifice installs itself and allows an attacker to have complete control over a whole system Aimspy HackersParadise Doly Trojan SatanzBackdoor Sync Scan Fin Scan Barb wire etc c How can protect myself Few communication There exist several methods to protect one s self There is at least that security which is provided for by the producer of the system But that is not enough The first measure to provide for protection is to reduce communication Less communications means fewer points of possible attacks The extreme scenario would be that a totally isolated system is the saf
18. Securepoint Firewall and VPN servers or you must use the X 509 certificate provided by your administrator In order to be able to use a certificate you must first import it into the certificate administration in Windows Page 35 Securepoint Personal Firewall amp VPN Client Version 3 6 5 3 2 To set up a pre shared key In order to set up a pre shared key proceed as follows gt Call up the dialogue VPN settings via the menu Advanced and click on the folder Key administraion YPN Settings Policy Management Key Management RQ Simple Preshared Auth Pre shared Key Q 509 Certificate Certificate escription Key s and Certificate s are the basic for authentification Fig VPN settings Key administration gt Click on Add and select Pre shared key Then the pre shared key dialogue opens in which you can create a name for the key and set up the actual key Certificate General Pre shared key authentification is based on a shared secret that is known excluively by the parties involved Name imple Preshared 4uth 2 Shared secret Confirm secret Attention Since regular words and phrases are vulnerable to dictionary attacks do not use them as shared secrets Fig Pre shared Key Dialogue gt Close the dialogue by clicking on OK You can now use this pre shared key as an authorisation key in the rules administration Page 36 Securepoint Per
19. User s Manual Securepoint Personal Firewall amp VPN Client Version 3 6 Securepoint Personal Firewall amp VPN Client Version 3 6 Table of contents MOJUTO Siain eeu te teint in ans eect eat ane rent a haul bea Aerneneee hate esi elie se clea esate nee manuka ean 3 1 General information on the Securepoint Personal Firewall cccceee cece eee eseeeeeeeeeeeeeeeeeeeeeneneees 4 I gt TeCHAICALTCALULGS tcia cciauadut scevaswiabageauece cas aie saeeeangtoularauaondnn E cana A S 4 Le 2 SY SCM eG UI ClICMInCS ra a 2enusnd otasneanaratsetalaiiate tate bel anaiaeaetarsinats 4 gS SCrVICE ANG Ss UD DOlUia 4har si tial a a acme haa N ae anelesminien eta cake ad 5 2 Installation and registration of the Securepoint Personal Firewall ccccceeceeseeee cece eeeeeeeeeeeeas 6 2A VINSCAN AU OMe hceaciaientmndianevenaencs E cease nareia te neen maneeeauaneain ioe adenehabas Giaghasees ueaeeanaienne N 6 PIE E Uy AE OMMeritet aricnentd ce A ei tanta recital E gin Seether a A fetter Meta ane EE necator 10 2 2 Ae REGIST ANO Mnsan A A A RE oad ATA la oy Dinan ea tenen teeta horeatads 10 3 General information on the Securepoint Personal Firewall cccccceee cece esses cece eeeeeeeeeeeeeeeeneees 12 3 1 Starting the Securepoint Personal Firewall c cece ccc ceceeee eee ee ee eee eee eens eee seeeeeeeeeeneaaeenes 12 3 2 Securepoint Firewall Symbol in the Windows task DaP c cece cece cece eeeee sence ee eeeeeeeeneeee
20. are technical transmission protocols of the internet The telnet service allows users to use a distant system The telnet service is a very insecure service because all sent information is not encoded Therefore it is possible to overhear this service Besides telnet there are other services such as rlogin rsh and on The require a surrounding of reliable PCs Bur reliable PCs are not to be found on the internet since you should not trust any PC outside of your network You can never be sure where the received data packages really originate from Trojans are harm doing programs which are hidden in a so thought useful program Page 70 Securepoint Personal Firewall amp VPN Client Version 3 6 Virus A virus is a small little program or program code which accesses the computer without the user noticing it The virus takes influence on the computer against the user s will Most viruses are transmitted via the internet or mail programs such as Microsoft Outlook They use the respective address book for mass spreading Most viruses are caught by up to date anti virus programs Page 71 Securepoint Personal Firewall amp VPN Client Version 3 6 General questions and answers concerning security Why do need a firewall What is to be protected You read more and more often about security problems in newspapers journals and even on the internet Where does that come from In every society you find individuals
21. ary data via the dialog window gt Save and activate the rule by clicking on the button Ok General Rule Description Options Connection Protocol Direction Source Address Dest Address Other Log rule Fig Rules Editor Fields of input and selection Name Name of rule Connection Selection if rule should be allowed or blocked Protocol Selection of transmitting protocol Direction Selection of direction of application Address of source Address of source of the rule ANY All addresses 0 0 0 0 SELF Some addresses viewed from the outside LOCALHOST Local addresses 127 0 0 1 LOCALNET Local network Address of target Address of target of the rule Record By activating the connection will be recorded Page 30 Securepoint Personal Firewall amp VPN Client Version 3 6 5 2 3 2 Deleting firewall rules Proceed as follows in case you would like to delete a firewall rule gt Click on the rule you would like to delete and thereby select it the in the overview of rules gt Click on the icon Delete Rule Attention The rule will be deleted and deactivated immediately Page 31 Securepoint Personal Firewall amp VPN Client Version 3 6 5 2 3 3 Library of firewall rules You further have the possibility to insert pre defined rules from the already existing library This makes it easier for you to get familiar with and to learn how to
22. at means besides protection it is also important to record incidents This is one main feature of the firewall Log files should be regularly adjusted to have the best chances to detect an attacker Every attacker wishes to delete entries in log files as soon as possible to remain undetected The recording function includes a protection against being flooded by thousands of identical entries But there still exists no protection against sent attacks with changing method of attacking Page 76 Securepoint Personal Firewall amp VPN Client Version 3 6 Questions and answers to the Securepoint Personal Firewall Registration Why do I have to register the firewall To be able to use the firewall completely and without restrictions you have to register for it Thereby you get the possibility to use free email Support and updates receive the notification that am already registered and the firewall ends itself automatically You tried to install the firewall two times on the same PC Please contact Securepoint so that we can delete the registration from our data bank Please note that we can only do this during the testing time have made a mistakes when typing in the data Please contact Securepoint giving your registration key and the changes My license key does not work Fill in the exact license key in the respective field see chapter 2 2 2 Please contact Securepoint with your registration data in
23. b browsers Therefore only use those clients that surely do not allow this By the IP addresses a PC is clearly recognised in the internet Your computer is automatically given an IP address when connecting to the internet Within networks your administrator provides for IP addresses that are given to your computer IP addresses are necessary to send data to other computers or to receive data from other computers IP addresses are distributed by providers and Network Information centers This is necessary to make sure IP addresses are only distributed once Additionally routing is simplified Certain IP address areas are predestined for private usage by organisations These are Class A nets 10 0 0 0 to 10 255 255 255 Class B nets 172 16 0 0 to 172 31 255 255 Class C nets 192 168 0 0 to 192 168 255 255 Those nets will not be distributed officially and should only be used for internal networks The FTP service File Transfer Protocol serves for transferring files It is certainly possible that software which might be dangerous can be sent to users this way In case you allow external users to download data from your systems you also have to expect security problems Usually external users are allowed to access your FTP server via anonymous FTP In doing so the other users should have restricted rights You have to configure the FTP server in this manner that external users have no access to areas that are relevant for security
24. case you have furthermore problems with your license key Where can buy the firewall Click in menu Hilfe gt on Registrieren to start the contract of sale also see chapter Dita Basic configurations What steps does the firewall take in case of an attack The firewall first filters every package before it can cause any damage at the firewall itself The firewall operates on the Kernel level that means in the deepest layer of your PC The packages will be examined according to the filter rules and according to the result they will be forwarded or blocked Page 77 Securepoint Personal Firewall amp VPN Client Version 3 6 What is the basic configuration of the Securepoint Personal Firewall The basic configuration of the Securepoint Personal Firewall is Without permission everything is forbidden This means that only applications whose communication you have explicitly allowed are let through by the firewall Are there any ports open although did not activate them No Without explicit permission all ports are blocked Why can I not avoid that the firewall starts automatically After installing the firewall it is a part of the operating system and ue to that fact always started when the operating system is started Why does my Windows XP Desktop stand still when re register The computer has not broken down Press CTRG ALT Del to get back to the desktop Which protocols are a
25. clients and are further encoded or decoded by the Securepoint Firewall and VPN server or by another VPN server The Securepoint Firewall and VPN server and the Securepoint PCFirewall and VPN client use the protocol IPSec If you would like to set up a VPN gateway yourself you also here receive additional examples of setting up a VPN by means of a Securepoint Firewall and VPN server and to the Securepoint PC Firewall and VPN clients For further information about the Securepoint Firewall and VPN server please refer to the following web site http www securepoint cc Page 34 Securepoint Personal Firewall amp VPN Client Version 3 6 5 3 1 Authentification procedure The built in Securepoint Personal Firewall VPN support is able to support two authentification procedures gt Pre shared key The pre shared key authentification procedure is a very simple procedure which allows VPN connections to be set up quickly For this procedure you enter an authentification phrase This can be any character string similar to a password This phrase must be available for authorisation on the VPN server and to the Securepoint VPN client The pre shared key procedure should not be used by the Roadwarrior connections as all Roadwarriors must use the same key gt X 509 Certificates X 509 certificates are a very secure way of connecting VPN servers If you would to implement X 509 certificates you must either set up the certificates on the
26. code in any current application Numerous Trojans and viruses use this function Therefore the firewall observes this and automatically recognises changes in applications gt Select the folder Advance in the window Edit Application Anwendung Internet Explorer General Advance Description Active Process Protection The active process protection is used to discover trojans and other programs which are intruding applications with the help of DLL Injection to get access over them You can choose how the application will be handled if a change is recognized Warn on the next change Application is NOT allowed to be changed Application is allowed to be changed Log F ig Edit Application Advance You can define how the application program should be treated by the firewall in case a change concerning the application has occurred Fields of selection Warn when next change Notification by demand assistant in case another program e g Trojan program occurs tries to change the application This setting should remain unchanged due to security reasons Application is not to be The firewall will automatically block possible changes of the application changed Application can be The firewall will automatically allow changes of this application changed Page 26 Securepoint Personal Firewall amp VPN Client Version 3 6 5 2 2 3 Delete application Proceed as follows in case
27. curepoint Personal Firewall amp VPN Client Version 3 6 Net masks protocol Proxy Server SMTP TCP IP telnet service Trojans The net mask is responsible for the size of your net Net masks can also be given in bitcount Examples for net masks Net Net mask Net mask bitcount Entire net 0 0 0 0 gt 0 Class A net 255 0 0 0 gt 8 Class B net 255 255 0 0 gt 16 Class C net 255 255 255 0 gt 24 One PC 255 255 255 255 gt 32 Host A protocol is a connection language between two computers Protocols are rules which control communication and data transfer between computers Examples are HTTP FTP SMTP A proxy is a computer or program which protects data traffic between computers or networks from attacks from the outside A server is a computer or program which has central tasks within the network A mail srvere for instance is responsible for sending and receiving electronic mail The Simple Mail Transfer Protocol SMTP is the internet standard for sending and receiving emails The protocol itself does not represent a problem concerning security but it is not like this with SMPT servers Here log ins and passwords are transferred which can be caught Some mail servers can be misused for spam mails due to an insufficient protection and thereby masses of mails can cause the loss even of a powerful server These abbreviations stand for Transmission Control Protocol lnternet Protocol TCP IP
28. dd the two rules Windows file and printer activation and Windows ntwork activation in the category network rules from the library of rules No further applications should be recognised What can do Activate the check box no recognising of applications to be found in general settings see chapter 5 1 How is the interdependence of firewall rule and application rules regulated Firewall rules have a higher priority than application rules Can export my rules to the experts mode Only if you have created them with the help of the library What happens if do not allow svchost exe to access the internet svchost exe is the main service for communication between windows and internet or network You have to activate this application Remark under windows 2000 the file is named service exe Can de activate the application mode silent mode Yes activate the check box under Allgemeine Einstellungen gt folder Erweitert gt no recognising of applications Page 79 Securepoint Personal Firewall amp VPN Client Version 3 6 The resources of my system are exhausted since installed the firewall What can do De activate and extend the time of carrying out the applications protection under Allgemeine Einstellungen gt folder Erweitert How can prevent being pinged It is standard that all messages via ICMP protocol are blocked What can do to avoid other
29. e exe Fingerprint 258aef4 cSeafSe95el1d4caSa3dibbdfa Last changes 22 06 2004 10 26 47 Rule for this application W Callow R Odeny Don t include this application Fig Edit Application General Here you receive information on the selected applications and also change them Fields of input and selection Features Filename Shows the full file and pathname of the application Stamp Definite finger print of application Last change Date of last change of application Connections of this application by Allow If activating this option the application is allowed to communicate with the outside x Deny If activating this option the application is not allowed to communicate with the outside Connections of this application will be blocked Do not include this If activating this option this application will not be included This might be of interest application in case you are working with firewall rules Page 25 Securepoint Personal Firewall amp VPN Client Version 3 6 Extended The Active Process Protection serves to discover Trojans and other programs that might gain access on other applications via DLL injection The firewall includes a process protection which supervises the most important windows API commands CreateRemoteThread e WriteProcessMemory VirtualAllocEx VirtualProtectEx These functions allow users other than you to channel in any
30. e installation of Securepoint Personal Firewall amp VPN Chent Setup must restart your computer Would you like to restart now No will restart the computer later PERSONAL FIREWALL amp VPN Fig Setup Wizard End To finish the installation the Securepoint Personal Firewall the Setup Wizard has to restart your computer Your computer will only be protected after restarting gt Click on Yes restart the computer now to restart your computer immediately gt Click on No will restart the computer later to restart your computer sometime later gt Click on the button Finish After successful installing the Securepoint Personal Firewall and re starting the computer the Securepoint Personal Firewall is available and ready for usage Page 9 Securepoint Personal Firewall amp VPN Client Version 3 6 2 2 Registration After installing that means before firstly using the Securepoint Personal Firewall the Register Wizard will automatically be opened Fig Register Wizard 2 2 1 Registration Securepoint Personal Firewall PERSONAL FIREWALL amp VPN Welcome to Securepoint Personal Firewall Thank you For choosing the Securepoint Personal Firewall To get the complete access we are asking you to register your copy C Warning Click here iF you are using a proxy connection Attention This program is intended to used only For PRIVATE and NON COMMERCIAL IF you want to use this cop
31. e roadwarrior would like to access is 192 168 5 0 24 172 16 1 10 32 is the roadwarrior s IP address in the IPSec tunnel Fig Subnet secpoint40 ii Roadwarnions 509 Page 60 Securepoint Personal Firewall amp VPN Client Version 3 6 Running the IPSec connection If you filled in all the data correctly the connection line will be green Restart the IPSec service on the firewall to take over the data Proceed as follows gt Click on the icon with the green hook behind located in the icon list or gt Click on black rectangle between the objects with the right mouse key gt select Start VPN connection from the menu Note The roadwarrior wants to access the file server via the Internet The file server s IP address is 192 168 5 20 Now this is possible The firewall rules are created and also the VPN configuration on the firewall is completed the only thing that has to be done is the configuration of the roadwarrior S Firewalls VPN x Germany bmp Fig VPN connection Page 61 Securepoint Personal Firewall amp VPN Client Version 3 6 6 Recording and reporting with the Securepoint Personal Firewall One of the most important functionalities of a firewall is the recording and reporting of connections With the help of this functionality for instance it is possible to detect attackers or get aware of other unusual activities 6 1 Viewing record In the overview of records reco
32. ed One of the most common problems is the complete knock out of a system In case a service does not work properly any more this has in most cases effects on the whole system You surely remember the ILOVEYOU virus Other damages concerned for instance Yahoo The search engine was not available for hours Another common manes with often far reaching consequences is the theft of data Preferred data is log ins and passwords because with them you can conduct further actions As soon as an attacker has got to know the log in and password combination he is able to do everything to which only the actual user would be allowed In case of someone braking in your system an attacker wants to use your resources that is your applications and data for further actions Breaking ins in your system can be done by programs that were channelled into it for instance by hidden programs in email attachments or in downloaded programs In this case programs are run in the background of the PCs which allow manipulation and also conduct them without the user getting to know it For instance back office is such a program with which a whole system can get under control of an attacker What possibilities do attackers have to find out information Zufallige Anfrage Listen Sniffen There exist several common possibilities to do so Just to name a few A common variety is finding out information by application by chance Many people use easy co
33. ertifikatspeicher ausw hlen oder Sie k nnen einen Pfad f r die Zertifikate angeben Alle Zertifikate in Folgendem Speicher speichern Zertifikatspeicher Eigene Zertifikate Durchsuchen Fig Certificate import assistant Save certificate gt After the successful import you still need to name the certificate in the VPN configuration of the Securepoint Personal Firewall Proceed as follows in order to set up an X 509 certificate Call up the dialogue VPN settings via the menu Advanced and click on the folder Key administration Page 37 Securepoint Personal Firewall amp VPN Client Version 3 6 YPN Settings Policy Management Key Management Q Simple Preshared Auth Pre shared Key Q 509 Certificate Certificate escription Key s and Certificate s are the basic For authentification Fig VPN settings Key administration gt Click on Add and select Certificate Then the certificate dialogue opens in which you can give the certificate a name and you can enter the CA identification of the actual certificate Certificate General root certifcate that is known exclusively by the parties Q Certification authentification is based on a Client and involved Name x 509 Certificate 2 C Identification C DE S Niedersachsen L Lueneburg O Securepoint OU Administration CN MEXVPN E info securepoint de Fig Certificate dial
34. est system Since this does not make sense regarding the numerous advantages of communication only those services should be available that are actually needed Page 75 Securepoint Personal Firewall amp VPN Client Version 3 6 Using firewall The Securepoint Personal Firewall will protect your PC from unwanted attacks from the outside and thereby protect your personal data Nowadays the most common field of usage is the protection against attacks from the internet The Securepoint Personal Firewall represents the connection between your local PC and the internet It supervises all data traffic The personal firewall hides your PC automatically when being online That means it makes your PC invisibe for possible attackers It also catches suspicious connections Passing on personal data vuia the internet without noticing it is avoided The Personal Firewall of SecurepointTM suits for protecting from and supervising of e g TCP IP attacks It provides protection against attacks on the TCP IP stack and protects from SYN flooding attacks and a lot more What do need the protocols and statistics for which are provided by the firewall Basically no attacker would like to be identified Many attackers and especially the greenhorns among them are not successful in their intentions Because of this it is important that attacks are recognised and the conducted actions are logged to be able to identify an attacker by tracing back Th
35. ient Version 3 6 5 2 2 Overview of applications In the overview of applications you have the complete overview of all applications that are communicating with your PC Here you can add new applications change or delete them to allow or block communication with the same gt Call up of Application view via menu area Adjust Firewall gt Applications The window with the overview of applications opens Fig Application view ei Securepoint Personal Firewall Andi File Advanced Help O Welcome Allow and deny applications ash gt Add a application afl Introduction Help and Support P Ei x o Search for Updates Application Generic Host Proces Adjust Firewall e dA Messenger Applications 1 Rules System 3 General Settings Internet Explorer YPN Settings p gt 3 TCP IP Befehl Ping Events View Log Current Connections Fig Window Application view Windows Task Mana Action Allowed Allowed Allowed Denied Allowed Allowed Filename CAWINDOWS iS ystem32iswchost exe CProgrammeIMessengerlmsmsgs exe System CProgramme Untemet Exploreriiexplore exe CAWIND OWS is ysteni32 lping exe CHW TMD OWS Systems2 taskrigr ece Page 22 Securepoint Personal Firewall amp VPN Client Version 3 6 Menu bar overview of applications Fig Menu Application view Icons menu bar overview of applications P Add Adding a
36. ing with the installation 4 LICENCE AGREEMENT for Securepoint Personal Firewall and for all additionally recenved software components and documentations Thi Securepomnt GmbH Securepont End User License Agreement accompanies the Securepoint Personal Firewall product and related explanatory materials accept the agreement do not accept the agreement Cancel Fig Setup Wizard License Agreement gt Read the license agreement V Click on accept the agreement to go on with the installation gt Click on the button Next gt In case you do not agree with the licence agreement click on do not accept the agreement In this case you will not be able to go on with the installation ie Setup Securepoint Personal Firewall amp YEH Client User Information Please enter your information User Name Tour Name Organization four Company Cancel Fig Setup Wizard User Information gt Inthe fields User Name and Organization fill in your personal user s data gt Click on the button Next Page 7 Securepoint Personal Firewall amp VPN Client Version 3 6 ie Setup Securepoint Personal Firewall amp PN Client Select Destination Directory Where should Securepomnt Personal Firewall amp VPN Client be installed Select the folder where you would like Securepaint Personal Firewall amp YPN Client to be Installed then click Mest f Programme C Common Files
37. ions gt Computer groups or gt Open the window Rules table via Modify gt Rules table gt Click on the window s surface with the right mouse key and select Computer groups gt Create the computer group Grp fw external and add the newly created network object to the group e Modify computer network groups x BL Giptwesteme SS intemet ws Q Gipsdan amp Gip pptp user choosen computer network 88 Gip intermal w BL Giptw exteme internal workstations Mailgateway pptp foadwarrior 509 My webserver User administration Computer groups 32 O F Network basic setting Personal firewall Fig Create computer group Grp fw external Page 44 Securepoint Personal Firewall amp VPN Client Version 3 6 Create firewall rules Activate a rule with which everybody can access the external interface of the firewall from the Internet via IPSec protocol In this case we do not know which IP address the roadwarrior has because probably it will be given an IP address by the provider Proceed as follows gt Switch to the window Rules table and click on the icon New Rule si t il Grp fw external ACCEPT intenet ACCEPT i Grp fw external ACCEPT Qy GiptoadwariorX 509 Si Gipfileserver i ACCEPT Q Grp pptp user E Grp mailserver ACCEPT 0 r Modify rule card Grp internal workstations il Grp fw extema
38. irewall About Information on the firewall Main menu main program Menu area welcome Introduction Introduction to the personal firewall Help and support Opens help and support for the personal firewall Search for updates Opens update assistant to search for updates and for installation Menu area creating firewall applications Opens overview of applications what programs can do what Rules Opens overview of rules explicit setting of firewall rules General settings Basic firewall settings such as language password etc Menu area watch incidents View record Viewing record record of applications communication Current connections Overview of current connections what happens currently Actions starting page working area Task Activate application resp Block them Opens overview of applications what programs are allowed to do what Switch to expert s mode Opens overview of rules explicitly creating firewall rules View current connections Overview of current connections what happens currently Controlling Symbol Block connections Emergency off function all communication will be blocked Deactivate firewall Stopping firewall all communication will be allowed Page 15 Securepoint Personal Firewall amp VPN Client Version 3 6 5 Administrating the Securepoint Personal Firewall 5 1 Gene
39. irewall amp VPN Client Version 3 6 5 3 4 To configure a VPN connection To configure a tunnel proceed as follows gt Call up the dialogue VPN settings via the menu Advanced and click on the folder Rules administration General Settings Connection Connection Security Advance Name of Connection Tunnel Hamburg Security Gateway tunnel hamburg de Remote Network 197 165 4 0 Remote Subnet 755 255 255 0 Network Type Cancel Fig General connection settings Description Name of the rule Enter the name which identifies the connection Security Gateway This is the VPN server Enter either an IP address or a revocable Host name Remote network and remote subnetwork Enter the settings of the destination network Network type Indicate the type of connection to the VPN server RAS The connection is set up via a dial up connection LAN The connection is set up via a LAN RAS LAN Combined status Source and destination address Source and destination address of the rule Page 40 Securepoint Personal Firewall amp VPN Client Version 3 6 Settings for the security of the connection Connection Connection Security Advance Trust Pedi o S Authentification Certificate wt Pre shared Key Certificate 509 Certificate ka Encryption algorithm SIDES we Authentification mode MOS a Perfect Forward secrecy
40. l F Grp fw external x Ipsec ACCEPT User administration Kernel settinge en Computer Computer groups O a K S Network basic setting Extended routing Virtual IPs Reportmail Interfaces Personal firewall configuration E Rules table Fig Create firewall rule Page 45 Securepoint Personal Firewall amp VPN Client Version 3 6 Modify rule ID 13 from computer group ce Internet T cea 5 Save rule E Close Fig Dialog window modify rule gt Fill in the following data Fields of input and selection from computer group internet to computer group Grp fw external Service group ipsec Method ACCEPT Log S Time schedule false With this rule you allow access from the Internet on the external IPSec interface of the firewall Note The service group ipsec is a pre defined group which you do not have to create Page 46 Securepoint Personal Firewall amp VPN Client Version 3 6 Create network objects You have to define which resources in the internal network the authorised roadwarrior can access later on It is proceeded on the assumption that the network objects do not exist yet Therefore first create the network objects for the roadwarrior and for the file server Later on the roadwarrior should be able to access the internal file server via NetBios Windows Filesharing In the IPSec tunnel
41. l handbook Open mow Click on Next ko close khe wizard Fig Register Wizard Finish gt To finish the registration of your test version click on the button Next After successful registration you have a licensed copy of the Securepoint Personal Firewall Note that the Securepoint Personal Firewall is free of charge used as non commercial private version For comercial licensing please contact as sales securepoint cc Page 11 Securepoint Personal Firewall amp VPN Client Version 3 6 3 General information on the Securepoint Personal Firewall 3 1 Starting the Securepoint Personal Firewall Your computer is automatically protected by the firewall every time you start it You do not have to explicitly start the firewall to protect your computer The start screen of the firewall appears every time you re start your computer PERSONAL FIREWALL amp VPN VERSION 3 6 Fig Startscreen Securepoint Personal Firewall Furthermore the main window of the Securepoint Personal Firewall will be opened every time you re start your computer Via the main window the Securepoint Personal Firewall is administered You find information on the main window and on administering the Securepoint Personal Firewall in chapter 4 gt Close this window in case you do not wish any administration The firewall will remain active in the background Securepoint Personal Firewall Andi File Advanced Help Securepoint
42. le from the library gt Click on the rule you would like to delete gt Click on the icon Delete Rule Note The rule will be deleted immediately Importing a rule from the library gt Click on the icon Import Rules gt Select the file which is to be imported Exporting of a rule from the library gt Click on the icon Export Rules gt Fill in the file s name and save the file Page 33 Securepoint Personal Firewall amp VPN Client Version 3 6 5 3 VPN A VPN connects one or more computers or networks together in which it uses another network e g the internet aS a means of transmission It can for example be the computer of a colleague at home or at another branch which is connected to the mainframe network via the internet To the user the VPN looks like a normal network connection to the target computer The user does not see the actual transmission route The VPN provides the user with a virtual IP connection which is tunneled through an actual IP connection VPN Server In order to be able to use the Securepoint PCFirewall VPN clients and VPN programs you require a VPN server to which you would like to set up a VPN connection In principal this can be any VPN server To set up the VPN use the data provided by your administrator and enter it into the Securepoint PCFirewall and VPN clients The data packets which are transmitted via this connection are encrypted by the Securepoint PC Firewall and VPN
43. lient and select the point Firewalls VPN To do so open the window Firewalls VPN via the menu Modify gt Firewalls VPN or via the icon Firewalls VPN The window Firewalls VPN is subdivided into three parts e Icon bar with functions e Firewalls VPN list e Worksheet with map if desired Firewalls VPN a lt a oa T ro Fig Window Firewalls VPN The worksheet You have the possibility to integrate a map into the worksheet This provides for a better overview of your VPN net Select the map at will via the choice field here europe bmp Draw the desired firewall and roadwarrior objects by drag and drop to the worksheet In case the needed firewall and roadwarrior objects do not exist yet create them via the icons New Securepoint Firewall 4 X New other firewall and New roadwarrior Note You can use as many maps as you like Easy copying of the needed maps as BMP bitmap to the map folder of the Securepoint program makes them available for the client Note You can create as many empty worksheets as you like To do so copy empty bitmap files to the map folder under the names like name_at_will bmp Advantage is a fast building up of the screen picture with few flickering Page 56 Securepoint Personal Firewall amp VPN Client Version 3 6 Creating of a roadwarrior object Proceed as follows gt Select the worksheet at will here germany gmp gt Draw the firewall object on the worksheet
44. ll in the necessary data for the IPSec connection Fill in Certificate as method of authentication in the first folder generally Switch to the next folder secpoint4 0 This folder has the name of firewall object Select the server certificate that is to be used Local certificate Fill in the distributed password Local key Y Y Y V V Save your data Note Do not fill in the CA s password to sign your certificates but the password of the created certificate Introduction of data generally secpoint40 Roadwarrions 509 secpoint40 gt Roadwarian 5 Fig Dialog window properties of IPSec connections generally H Introduction of data generally secpoint40 Fioadwarrion lt 509 defaultroute B24 153 223 244 sesecces a roySernverClert emote host gatew any z emote nast tew ID 0 0 0 0 Remote key Start automatically no Save B Close Fig Dialog window properties of IPSec connections secpoint4 0O Page 59 Securepoint Personal Firewall amp VPN Client Version 3 6 Connecting nets in the IPSec tunnel Now fill in which nets you would like to connect in the IPSec tunnel Fig Connect networks in IPSec tunnel Proceed as follows gt Click on black rectangle which is located on the emerged Linie between firewall and roadwarrior object with the right mouse key gt Click on menu Modify subnet and fill it in The subnet which th
45. llowed by the firewall All protocols IP protocols that are registered at IANA http www iana org as well as the ICMP protocol are accepted Can also use the firewall under Windows 95 98 or ME No the firewall was only developed for versions of windows 2000 and higher Application and rules My browser Internet Explorer says The site for search could not be opened Please make sure that the internet explorer was activated as application or that a respective firewall rule exists My computer does not allow any communication and does not demand in case try to go online with an application Have you activated the emergency off function Please de activate the emergency off function to get back to normal working mode Page 78 Securepoint Personal Firewall amp VPN Client Version 3 6 How can I block applications so that they do not have access to the internet anymore Set the selected application to mode avoided Further information in chapter 5 2 2 2 Why can I not transfer data to the internet by my application Either activate the application via the overview of applications chapter 5 2 or you will be asked by the demand assistant if you would like to allow the procedure or block it My FTP program can not connect to my server anymore Set the FTP connecting mode to passive The activation of windows network does not work anymore Activate the Expertenmodus and a
46. mbinations for log ins and passwords which are easy to remember In case an attacker knows the person and his surrounding it is very likely he also knows the relevat information Another variety is conducted via lists of log ins and passwords Those lists are available on the internet combined with the respective programs They were created on data taken from statistics on users behavior The programs try to find out log ins and passwords by filling in the data of the lists until they are successful or not A method which is a bit more complicated is the sniffing of information Via so called sniffers mostly log ins and passwords are spied out To do so the traffic of data between applications is examined and filtered for this information Unfortunately this information is sent at the beginning of communication and not is encoded in the case of many programs With a bit of patience it is possible to find out the desired information by using this method Page 74 Securepoint Personal Firewall amp VPN Client Version 3 6 DoS Attacks Ping of Death Fragment Bomben Back Orifice Weitere The attacker currently sends packages with wrong TCP check sums Spoofing IP addresses are pretended by spoofing In this case an attacker breaks in the communication between two users The following example makes understanding easy PC C the attacker overhears the data traffic between PC A and PC B In case PC C wants to break in
47. n Recording Recording per day Recording per process Record shown in report of incidents of windows Updates Automatic quest for updates integrated in application 1 2 System requirements Operating system Windows 2000 Professional Windows XP Home Windows XP Professional Windows Server 2003 NET platform Hardware Processor 86x compatible processor with at least 300MHz At least 64 MB RAM 3MB hard disk store Page 4 Securepoint Personal Firewall amp VPN Client Version 3 6 1 3 Service and Support In case you have questions to the Securepoint Personal Firewall amp VPN Client you can contact the online forum gt http www pcschutz de forum For further questions you can also email the Securepoint Support gt support pcschutz securepoint de You find further information on new software updates and news on the Securepoint Personal Firewall under gt http www securepoint cc Page 5 Securepoint Personal Firewall amp VPN Client Version 3 6 2 Installation and registration of the Securepoint Personal Firewall 2 1 Installation Prior to installing the Securepoint Personal Firewall Please note gt Due to security reasons and to avoid a possible impairment close all opened applications on your PC gt Close your anti virus product to ensure a Safe installation gt Due to security reasons and to avoid conflicts uninstall other firewall produc
48. n application Ei Edit Changing an application x Delete Deleting an application Presentation of applications Application Action Filename M erer Host Proces i Allowed CAWINDONS Systemseisuchost ere Denied Programme lMessengerlmsmsgs exe Fig Area Applications Presentation of applications Application Name of application Action Shows if communication with the respective application is allowed or blocked Filename Shows the full file and pathname of the application Page 23 Securepoint Personal Firewall amp VPN Client Version 3 6 5 2 2 1 Add application Proceed as follows to add an application gt Click on the icon Add a application in user s overview gt The already familiar dialog opens in which you can select a new application program and open it The opened application will be shown in the working area of the overview of applications Page 24 Securepoint Personal Firewall amp VPN Client Version 3 6 5 2 2 2 Change application General information Proceed as follows to change the setting of a certain application Click on the icon More Information about the selected application Edit in the user s overview or gt Double click on an application After doing so the window application will open Fig Edit Application General Anwendung Internet Explorer General Advance Description Preferences Filename C Programme Internet Explorer iexplor
49. ng Security ssssrsrserererrsrerrrrsrsrrrrrrrrrsrerrrrrrrrrrren 72 Questions and answers to the Securepoint Personal Firewall sssssssssssssrrsrrerrrrrsrrsrrrrerrerrereen 77 Page 2 Securepoint Personal Firewall amp VPN Client Version 3 6 Introduction Why do you need a firewall The job of your Securepoint Personal Firewall is to protect your PC from unwelcome access from the outside and to protect your personal data thereby Protecting the PC from attacks from the internet is the most important field of application today The Securepoint Personal Firewall represents the intersection between your local PC and the internet It also Supervises all transfer of data The Securepoint Personal Firewall automatically hides your PC in the internet That means it makes the PC invisible for possible attackers and catches suspicious connections Unnoticed passing on of personal data will become impossible Basics concerning the security strategy of the Securepoint Personal Firewall The basic security strategy for you consists of several elements and can be formulated by the following statements Without permission everything is forbidden The basic setting of the Securepoint Personal Firewall only allows those applications whose communications were explicitly permitted e Minimal rights of access Each program on your PC should only own those right of access which it actually needs The Securepoint Personal Fire
50. nneas 13 4 Overview of the main window of the Securepoint Personal Firewall cccceeeeeeeeeeeeeeeeeeeeeeeas 14 5 Administrating the Securepoint Personal Firewall ccccccccee cess cece eee eeeeeeee eee eeeeeeeeeeeneeeenenas 16 Ded GENClral SeN Sestacatnascawaciatennwe de tana cetucua rye O huadunaoueiw E a E R ale etw enaraaduee waders 16 Dake Ll General SENOS saxncchaseucnonetananeratiatatccunmdanedecgueeeeiacetancoieindatsaumesesaeletesireatenhawescraaee 16 SLL Marine ANONCA OM venient in Gatabetenddsc iene aah SA eae ihe bane seca a a uaeoes 18 Des LOO Gp AVANCE aaa e eee Ot need ak eae ae pdt et eee aed ee cee ee ete 19 SA COMNOUFANIG TUE Siau dadaan a aeemedenetataaiiodendemaanahaneiedinds qdledan dieu eurenmnaheeoeneeds 20 3 21 ADDIICALION tries tO COMMUNIC ALC es iain faa exer sir tenants tavotebbherentauca E E TOS 21 5222 OVECIVIEWHOL appa NONS atin taied cane a aa ashe ieaeseunaudewedea niet ay coiveenneaniencs uate 22 S22 AGG appeal ON enaa a aa rod a aaa a ear aae 24 Dut 2 2 CHANG APOlICAUON eean eai h aA aaa iae a EA E EO OA O Di 25 SA2 S DEEE a pPNCANO N eiea an a a T A A O A SET 27 De 2 so VICWING TOGS arrainn a a T a A 28 S223 LDEMING and changing TILeWall TIlE Sissa aa a E a E 30 522 372 Delen Ewa IES iraa ENTA AAN EE a EED 31 S2 o LIDhaby Or rewal TUIGS idris anien a E e E E aa 32 oe WANs E a a a a aa ee 34 S3 LAUENENAUITIGATION ProCEQU Esoain Ea AEE AA A a O E e T NEE a 35 532 WO SCE UDG pre shared Keyparin ae a EA
51. ns that only by activating this service via the firewall you create possible places where problems could arise Additionally gaps and errors in implementation of Javascript Java or AktivexX programs are frequently found in the browsers Every single program that can be run via the browser therefore represents a problem After activating the HTTP service you should always make sure only to load programs from the internet that were at least checked by a virus scanner and are alSo coming from a save address Do not load any programs from private homepage and run them on your PC One of the most popular services is the mail service The service itself does only involve few risks But via attachments programs can be sent to users which have dangerous contents Additionally it is quite easy to forge emails For instance this was one reason why the virus of ILOVEYOU Virus was so successful It read email addresses from address books of weakly protected mail clients and sent itself to those addresses The recipients opened the emails in many cases since they came from a familiar address The name service and DNS Dienst translate IP addresses into PC names and vice versa For instance the address http www securepoint de lt gt 62 116 166 60 This service makes sense because you do not have to fuill in an IP address in case you want to access a web server The risk in offering DNS is that you reveal information about your PC Page 69 Se
52. nt Personal Firewall amp VPN Client Version 3 6 Create firewall rules Now you have to activate rules which define the resources the authorised roadwarrior is allowed to access within the internal network In this case it should be allowed to access the internal file server via NetBios Windows Filesharing Proceed as follows gt Switch to the window Rules table and click on icon New Rule Jaaniga section YPN a internet a Grp fw external pptp ACCEPT Fl Giptw extemal internet pptp ACCEPT 5 y internet il Grp fw external Ipsec ACCEPT 5 HA IQ Grproadwamiorx 509 E Gipfieserver netbios ACCEPT 8 Qy Grp pptp user E Grpmailserver ACCEPT Pn A Modify rule S Computer User administration Kernel settinge Network basic setting Extended routing Virtual IPs NAT Reportmail Interfaces configuration Fig Create firewall rule Computer groups F Personal firewall Page 49 Securepoint Personal Firewall amp VPN Client Version 3 6 Modify rule el from computer group Gi Giproadwarior 4 503 focomputersioup Eh Gpfiesewer SCSCS CSY Method faccePT titi YS Log 5 Save rule E Close Fig Dialog window modify rule gt Fill in the following data Fields of selection from computer group Grp roadwarriorx 509 to computer group Gr
53. ogue gt Open the PKCS 12 certificate by clicking on the Open button circled above in red and select the certificate The certificate identification will be automatically accepted ffnen Suchen in Se Lokaler Datentr ger C Components O WINDDK Development 9 winpows Dokumente und Einstellungen E wmpub Programme E wuTemp SQSCREEN NEU Temp Dateiname vpn p12 Dateiyp PKCSHI2 brechen You can now use the set up certificate as an authentification method in the rules administration Page 38 Securepoint Personal Firewall amp VPN Client Version 3 6 5 3 4 To set up edit and delete VPN connections After the authentifications methods have been set up you must create a rule for the VPN tunnel which you want to set up To set up a tunnel connection proceed as follows Call up the dialog VPN settings via the menu Advanced and click on the folder Rules administration VPH Settings Policy Management Key Management g Tunnel Hamburg escription Here you can create modify and delete policies 4 Policy describes a tunnel connection Fig Rules administration gt Click on Add to set up a connection gt Select a connection and click on Settings or double click on the connection in order to edit it gt Select a connection and click on Remove in order to delete a connection Page 39 Securepoint Personal F
54. owing information on the firewall End firewall Ending the firewall the computer will be unprotected then Page 13 Securepoint Personal Firewall amp VPN Client Version 3 6 a Overview of the main window of the Securepoint Personal Firewall After successful installation and also every time you re start the computer the main window of the Securepoint Personal Firewall opens automatically Fig Main Window Via the main window the Securepoint Personal Firewall is administered Securepoint Personal Firewall Andi File Advanced Help Securepoint Personal Firewall Network connection protection O Welcome 0 p P H Introduction Hel ds m A Choose a assignment Search for Updates S Allow or deny a Application Adjust Firewall gt Change to expert view Rule view Rants gt iew current connections Applications a Rules General Settings E VPN settings or a control symbol Block all connections to and from the computer Deactivate the Firewall Events view Log Current Connections Fig Main Window The main window is subdivided into 4 areas User Menu bar Main menu Working area User Your user s name Menu bar Menu bar is subdivided into the points file and help See menu bar main program for further explanation of these points Main menu The main menu is subdivided into the areas welcome edit firewall observe incident
55. p fileserver Service group netbios Method ACCEPT Log S Time schedule false With this rule you allow the access from the roadwarrior to the internal file server Note The service group netbios is a pre defined group which you do not have to create Page 50 Securepoint Personal Firewall amp VPN Client Version 3 6 5 4 2 Creating X509 certificates Login via SSH or locally at the firewall to be able to create X509 certificates Start the program nconfig The program nconfig allows you to change the configuration of your firewall and to create X509 certificates gt Select point VPN Properties of 192 168 5 129 PuTTY DSL ISDN Add Interface Del Interface 3 Change Interface Change Inter j Change G Change Admin IP Fig Program nconfig selection Page 51 Securepoint Personal Firewall amp VPN Client Version 3 6 Creating the CA Certification Authority Before you create the actual IPSec connection including X509 certificates you have to generate Certification Authority which will sign your certificates Self Signed Certificates 192 168 5 1 PuTTY i1 Create new C Cer 2 Create new Fig Program nconfig create new CA cert gt Selection Carry out point 1 Create new CA Cert gt Fill in the respective data and what is most important remember the password With this password you will be able to sign your certificates of 192 16
56. ral Settings Denied 3 YPN Settings Events 3 View Log 3 Current Connections Fig Window Rules View Page 28 Securepoint Personal Firewall amp VPN Cli ent Version 3 6 Menu bar overview of rule Insert from rule library Fig Menu Window Rules View Icons menu bar overview of rules Define rule Defining a new rule Edit rule Changing a rule Delete rule Deleting a rule insert rule from library Inserting an already defined rule from the library Rule priority downwards Changing of overview of rules to priority downwards te OX EL Rule priority upwards Changing of overview of rules to priority upwards Presentation of rule Connection Allowed Denied Frotocol Direction Source Address 6 OUT SELF OUT SELF Fig Area Rules Darstellung Regel Name of rule Name of rule Action Viewing if communication is allowed or blocked report Viewing report Direction Direction of the rule entry and exit Address of source and target Address of source and target of the rule Page 29 Securepoint Personal Firewall amp VPN Client Version 3 6 5 2 3 1 Defining and changing firewall rules With the help of the rules editor you can quickly and easily define new firewall rules Proceed as follows gt Click on the icon Add The window rules with the rule editor opens Fig Rules Editor gt Fill in the necess
57. ral settings Via the menu area Setup Firewall you can make basic firewall settings gt Call up of the area Settings via the menu area Setup Firewall gt General Settings After that the window settings opens Fig Window General Settings 5 1 1 General settings Settings General Alarm messages Log Advance Language ve This version is supporting different languages Le fas English wt Settings Activate Expert mode Security Ask password For changes Fig Window General Settings Fields of input and selection Language Selection of language Settings Activation of rules management to work in area of overview of rules Security Activation of password s setting Password Filling in of your password Once more Repetition of your password Page 16 Securepoint Personal Firewall amp VPN Client Version 3 6 The following General Settings are possible gt Select the language at will via the choice field Language In case you activate the Expertmode you are able to use the overview of rules You find detailed information on working in the overview of rules in chapter 5 2 3 gt Activate Expertenmodus by ckecking the check box Expertenanzeige aktivieren You can protect the application from changing This setting can be useful in case you would like to avoid that persons other than you for instance your children change configurations
58. rd you can see all events such as Erlaubte Zugriffe Verbotene Zugriffe etc on your computer Te firewall creates one record file per day which you can comfortably select via the selection window Furthermore you have the possibility to evaluate save or print this data In case any problems occur you can draw conclusions concerning attack and attacker on the basis of this record gt Call up of Log View erfolgt via the menu Events gt View Log After that the window with the overview of records opens Fig Log View o Securepoint Personal Firewall Andi File Advanced Help O Welcome Log Choose 4 date to show the selected log Click double on a item to get extended informations Darne amp G Bpacket transported 10 09 43 G server started 10 09 43 gt Introduction a Help and Support a Search for Updates BG Choose date Outgoing Packet From 192 168 4 10 to 224 e Address 0 0 0 0 5000 Protocol TCP amp pp Adjust Firewall Applications Rules 3 General Settings 3 YPN Settings Events 3 View Log 3 Current Connections Fig Window Log View Gpacket transported A enied Connection A venied Connection A penied Connection B venied Connection A penied Connection A venied Connection A penied Connection A enied Connection A penied Connection A penied Connection A penied Connection nT 10 09 44 10 13 34 10 13 34 10 13 34 10 13 34 10 13 34 10 13 34
59. rsonal Firewall amp VPN Client Version 3 6 5 2 1 Application tries to communicate In case you start an application program e g the Microsoft Messenger which tends to communicate with the outside you will receive a notification by the demand assistant You will thereby be notified on this communication try Fig Ask window In this case the personal firewall has automatically noticed that a communication whose application program has not been allowed yet is to take place from your PC You will be asked if you would like to allow or block the communication with this application Proceed as follows gt Click on the button Deny in case you would like to block the application gt Click on the button Allow connection in case you would like to allow the application Request Please validate 33 Messenger Application is trying to communicate 4 application is trying bo communicate with the internetinetwork Do you want to allow this File C Programme Messenger msmsgs exe From 192 166 4 10 32684 To 192 166 4 10 1900 MSN Messenger application executable For Online Chat and Instant Messaging Deny Allow connection Fig ASk window Notification and buttons Proceedings Shows information on application that tries to communicate Deny Block communication of application Allow connection Allow communication of application Page 21 Securepoint Personal Firewall amp VPN Cl
60. s for further explanation of these menu points see main menu main program Working area In the working area all selected actions are basically shown On the starting page of the main program you can directly select some actions via quick selection for explanation of the available actions see actions starting page working area Concerning present test version notice when test version copy expires Page 14 Securepoint Personal Firewall amp VPN Client Version 3 6 Menu bar main program Menu points file Block all connections Emergency off function of firewall all communication will be blocked Deactivate firewall Stopping of firewall all communication will be allowed Extended Extended menu to administer the firewall e g Support Re load rules Created will be newly re loaded on the firewall Create Support s report Creating of a support s report to analyse errors Settings Basic settings of the firewall such as language password etc End firewall Stopping of firewall the PC will be unprotected then Close Closing of window of the main program firewall is active Menu points help Contents Shows contents of help Internet support forum Link to support forum of the firewall Search for updates Opens update assistant to search for updates and for installation Register Opens registering assistant to register the f
61. so that dangerous connections become allowed Activate password setting by checking the check box Ask Password for changes Fill in your password i the field Password Repeat your password in the field Repeat VV V WV Save your input by clicking on the buttons Ok Asking password In case you have activated the password function under General Settings you will be asked your password every time when changing settings Fig Password Password Please enter password to make changes hs Fig Password You can change your password at any time under General Settings Page 1 7 Securepoint Personal Firewall amp VPN Client Version 3 6 5 1 2 Alarm notification Via activating the alarm notification you have the possibility to play in a sound This sound will be played in case a connection that is not allowed tries to communicate Parallel to that the assistant opens which will ask you for permission You find further information on this assistant in chapter 5 2 1 gt Call up of he area via menu area Setup Firewall gt General Settings gt selection of folder Alarm messages Settings General Alarm messages Log Advance Audio CS You have the possibility to play a warn sound ry when a application is trying to communicate Activate sound Soumd File Z Progranime Securepoint Persar b Other Alarm messages Mo more options available
62. sonal Firewall amp VPN Client Version 3 6 5 3 3 To set up an X 509 certificate In order to be able to use an certificate it must first be imported into the certificate administration in Windows The certificate must be in PKCS 12 format data ending PFX P12 in order to be able to be imported gt Open the pre configured MMC console in the Securepoint Firewall installation path in the folder VPN ipsec msc gt Click on Certificate and then click with the right mouse button on Own certificates and select All tasks gt Import in order to start the import process imi IPSec Konsolenstamm ertifikate Lokaler Computer Eigene Zertifikate fy Datei Aktion Ansicht Favoriten Fenster e B amp B e C Konsolenstamm Computerverwaltung Lokal IP Sicherheitsrichtlinien auf lo Sicherheitskonfiguration und In dieser Ansicht werden keine Elemente angezeigt Zertifikate suchen ansicht Neues Fenster Neue Taskpadansicht F E E E E E E Aktualisieren Liste exportieren Hilfe gt Follow the assistant and select the desired certificate gt At the step Save certificate the option Save certificate automatically MUST be selected Zertifikatimport Assistent Zertifikatspeicher Zertifikatspeicher sind Systembereiche in denen Zertifikate gespeichert Windows kann automatisch einen Z
63. t your software concerning Insight in data Manipulation of your data or programs Also the hardware should be protected Open accesses to your PC via a router a modem or a ISDN card represent potential danger Also the resources of your computer Should be protected against unlicensed access Because they are a possible means to use PC time telephone connections and a lot more without you getting to know it Thereby additional costs can occur which you will have to pay or you might not have the complete access to your resources any more Therefore you have to protect your hardware concerning Access Resources Even if you have met the above mentioned requirements it does not mean you can feel 100 save It is for sure that you can feel a lot saver now than before But you should also observe certain rules For instance you should keep password to yourself chnge them regularly and software should not be downloaded from the internet and started on your computer Therefore inform for instance your family Page 73 Securepoint Personal Firewall amp VPN Client Version 3 6 Against what should protect myself Systemlahmlegung Datendiebstahl Systemeinbruche To protect one s self effectively you first have to realize against what the protection Should be Since a recognised problem is easier to handle than an unrecognised one Your PC can be attacked in many ways The ways of attacking can be categoris
64. ta is lost changed or laid open to others At least cost would have to be paid for repairing your data In the worst case it would have consequences concerning your existence Therefore you have to protect your data in concern of the following aspects concerning availability concerning integrity concerning reliability Page 72 Securepoint Personal Firewall amp VPN Client Version 3 6 Hardware Self protection Also note that the mentioned problems with data are sometimes not immediately noticed In many cases the problem occurs after a longer period of time and thereby the damage is even bigger It is easier to react to a just occurred and obvious than to a difficult manipulation which in many cases can also not be traced back to its source All programs on a PC from operating system hard disk office applications to mail programs are used to control change and administer data In many cases these applications have possible areas where problems could arise because via these programs other programs can be started by which things can be deleted or data can be changed The data transfer of these programs can be overheard and for instance be checked for passwords or things like that It is also sometimes possible to channel programs into your programs which behave like a spy or saboteur The more important and the more often you uses such programs the more dangerous become these problems You have to protec
65. tgoing connection From msmsgs exe 197 168 4 10 3288 Fig Items Entry record Conducted type of communication Marking of the type of communication by color allowed connections green blocked connections red package transported yellow notification of package filter package blocked red notification of the package filter server started yellow application works as server notification of error in program blue Time Time of communication Description of the communication what application by direction from or to your PC address of source and target type or record prt Page 63 Securepoint Personal Firewall amp VPN Client Version 3 6 Showing entry gt Double click on the selected entry After that the window entry opens Fig Window Item Here you have the possibility to view single log entries ltem Log item Event Denied Connection 7 Time 10 13 34 Message utgang connection From msmsgs exe 192 168 4 10 32884 to 192 168 4 10 1900 Protocol UDP Application Progranme Messengerlmsmsgs exe Fig Window Item Icons One entry down Shows previous entry One entry up Shows following entry Page 64 Securepoint Personal Firewall amp VPN Client Version 3 6 6 2 Overview of statistic In the overview of statistic you can watch all connections arranged by applications programs in real time and thereby learn
66. the button Start in the windows task bar and select Programs gt Securepoint Personal Firewall gt Uninstall The window to delete the Securepoint Personal Firewall opens Securepoint Personal Firewall Uninstall P Are vou sure you want to completely remove Securepoint Personal Firewall and all of its components Fig Uninstall Wizard gt Click on the button Yes to proceed with uninstalling the Securepoint Personal Firewall gt Click on the button No to end the process of uninstalling the Securepoint Personal Firewall Page 67 Securepoint Personal Firewall amp VPN Client Version 3 6 Glossary Applications Real time services IP addresses FTP service An application is a program which is run under the windows desktop You can select between window applications and background applications whereas window applications are visible for the user and whio thereby can work with the application e g Word Background applications run in the background and support the operating system in administering For real time applications such as language video or chat there are several services available among them talk IRC Internet Relay Chat and several others These services allow a direct communication between users IRC causes many scurity problems which mostly concern the used clients and servers For instance some clients allow servers access to local resources The problems are comparable to those of we
67. the roadwarrior has the IP address 172 16 1 10 32 To create the network objects proceed as follows gt Switch to menu Modify gt Options gt Computer or gt Open window Rules table via Modify gt Rules table gt Click on the window s surface with right mouse key and select Computer hy external broadcast Internal net fiw internal NaAMeserver roadwarior 4 509 fileserver pptp user mailserver internal workstations 192 168 5128 admin 192 168 5 700 admin 192 168 5101 ha external broadcast Ei 192 168 5 well internal net SK Host fw inkerrial NaMeserver roadwearior 2 509 fileserver pptp user l mailserver 792 168 5 30 Host Internal internal workstations 152 165 5129 25 Internal admini 192 168 5 100 Host Internal admin z 132 168 5 101 Host Internal Fig Create network object fileserver Page 4 7 Securepoint Personal Firewall amp VPN Client Version 3 6 Create computer groups Put each of the two newly created network objects in a new group Proceed as follows gt Switch to menu Modify gt Options gt Computer groups or gt Open the window Rules table via Modify gt Rules table gt Click on the window s surface with the right mouse key and select Computer groups gt Create the new computer group Grp roadwarriorX 509 and the group Grp fileserver and put each of the newly created network objects in the respective group Page 48 Securepoi
68. ts Installation of the Securepoint Personal Firewall Proceed as follows in case you have a CD ROM at hand gt To install from the CD ROM put it in the CD ROM driver of your computer gt Click on the installation file to start the Setup Wizard Fig Setup Wizard start Proceed as follows in case the program is directly at hand for instance by downloading gt Double click on the installation file to start the Setup Wizard Fig Setup Wizard start Just follow the instructions of the set up assistant It will save guide you through the installation of the Securepoint Personal Firewall ie Setup Securepoint Personal Firewall amp YEH Client Welcome to the Securepoint Personal Firewall amp VPN Client Setup Wizard This will install Securepoint Personal Firewall amp YPN Client Version 3 6 3 on your computer It iz recommended that you close all other applications before continuing O Click Nest to continue or Cancel to exit Setup O PERSONAL FIREWALL amp VPN Cancel Fig Setup Wizard start gt Click on the button Next in case you would like to go on with the installation Page 6 Securepoint Personal Firewall amp VPN Client Version 3 6 ie Setup Securepoint Personal Firewall amp YEH Client License Agreement Please read the following important information before continuing Please read the following License Agreement You must accept the terme of this agreement before continu
69. ty Manager and nconfig program of the Securepoint Firewall amp VPN Server O io Page 42 Securepoint Personal Firewall amp VPN Client Version 3 6 5 4 1 Creating the firewall rules for I PSec connections You would like to allow a notebook to access internal recourses while being on the way This should be done via a secured IPSec connection Creating network objects So that the external interface of the firewall can be reached by IPSec protocols UDP 500 and ESP you have to create the respective network objects see Fig Create network object fw external and Fig Create network object fw ipsec Thereby control the indicated zones sectors also see Securepoint zone concept To create the network objects proceed as follows gt Switch via menu Modify gt Options 6 Computer or gt Open the window Rules table via Modify 6 Rules table gt Click on the window s surface with right mouse key and select Computer mailserver 192168 5 30 Host intemal 3 intemal workstations 192168 5 128 25 intemal admin 192 168 5 100 Host intemal adminll 192 168 5 101 Hast Internal 132 168 5 30 132 1568 5128 132 168 5 100 132168510 Fig Create network object fw ipsec Page 43 Securepoint Personal Firewall amp VPN Client Version 3 6 Create computer group Join the two newly created network objects in a common group Proceed as follows gt First switch via menu Menu Modify gt Opt
70. wall supports you in this and recognises automatically which programs are tending to communicate with the exterior You will be asked if you want to allow this program to communicate or if you refuse to give your allowance Thereby the working surface which could possibly be attacked is essentially reduced Easy control and overview An easy control and overview allows you to concentrate on fundamental settings Lines of defence in several layers Do not rely on a single system of defence In any case use other security systems such as virus scanners in addition to the Securepoint Personal Firewall Since the Securepoint Personal Firewall is compatible with virus scanners e g of AntiVir you can additionally operate with a virus scanner Page 3 Securepoint Personal Firewall amp VPN Client Version 3 6 1 General information on the Securepoint Personal Firewall 1 1 Technical features Languages German English Features relevant for security Kernel mode driver for seamless integration in the operating system Supporting all IP protocols TCP UDP IP ICMP ESP GRE etc Recognising of connections and applications of rules based on firewall Wizard for firewall rules Protection of password for changing rules and settings Emergency Lock blocking of all connections Packet Filtering Engine Stateful Packet Integrity Check Engine Surface State Of The Art working surface in windows desig
71. windows task bar The main window of the Securepoint Personal Firewall opens You find information on the main window and administration of the Securepoint Personal Firewall in chapter 4 Status control of the symbol of the Securepoint Personal Firewall in the windows task bar Securepoint Personal Firewall is active your PC is protected Securepoint Personal Firewall was de activated manually Securepoint Personal Firewall is inactive due to emergency oads Securepoint Personal Firewall ist inactive settings have to be checked Opening options of the Securepoint Personal Firewall in the Windows task bar You can also start some basic administrations via the menu of the windows task bar without having to open the main window gt Click on the symbol with the right mouse key gt Select the option at will via the shown task bar symbol The following options are available Show firewall Opening of the main window of the Securepoint Personal Firewall Settings Basic settings of the firewall such as language password etc See chapter 5 1 Add application Adding applications See chapter 5 2 2 1 Add rule Adding firewall rules See chapter 5 2 3 1 Emergency off function All internet and network connections for communication will immediately be blocked Help Shows contents of help Search for updates Opens update assistant to search for updates and installation of the same About Sh
72. y commercial you have to register a commercial copy Please contact in that case Securepaint Click Next bo continue registering Fig Register Wizard Start Proceed as follows in case you would like to register a test version of the Securepoint Personal Firewall gt If your internet connection is run by the proxy activate the respective check box Fig Register Wizard gt Click on the button Next Page 10 Securepoint Personal Firewall amp VPN Client Version 3 6 Securepoint Personal Firewall O O PERSONAL FIREWALL amp VPN Please complete the Form to register the Firewall Firstname Andrew Country US Name Baker E Mail drew baker provider com Street Sth Street 3 Phone 555 123 123 ZIP 91032 Fax Mot available City Los Angeles I agree that my personal data are sawed electronical and used bor marketing by http iregister securepoint cclappilregapp phpeses All vour personal data are handled using the current walid computer laws by the Federal Republic of Germany s ve Fig Register Wizard Personal Data gt Fill in the complete user s data in the dialog gt After inserting the complete data click on the button Next Securepoint Personal Firewall O O PERSONAL FIREWALL amp VPN Complete Congratulation The Firewall has been set up You can get information in the handbook and on the Securepoint Website Website Securepoint http iiv securepoink de Firewal
73. you would like to delete an application gt Click on the application you would like to delete and thereby select it in the user s overview gt Click on the icon Delete Application Note The application will be deleted immediately Page 27 Securepoint Personal Firewall amp VPN Client Version 3 6 5 2 3 Viewing rules In the overview of rules you can explicitly define and administer firewall rules In contrast to the user s overview you have the possibility to define firewall rules that are to be applied in general due to the fact that many applications use the same services Several dialogues will help you to do this as efficient and comfortable as possible You also have further possibilities to make settings such as direction protocols port etc Note To be able to work with the overview of rules you have to activate the Expertenmodus In case the experts mode in inactive the rule assistant will be blocked gt Call up of Rules View via the menu Adjust Firewall gt Rules The window of the overview of rule opens Fig Window Rules View e3 Securepoint Personal Firewall Andi Fil Advanced Help QO Welcome Edlit rules gt Add a rule Si Introduction B Help and Support La Ei x A Insert From rule library t a Search for Updates Mame Connection Frotocol Direction Source Address yf HTTP Allowed OUT SELF Adjust Firewall gt Applications 3 Rules Denied gt Gene
Download Pdf Manuals
Related Search