Computer Configuration in Network Enforcer

Security Thresholds and Responses
To configure Network Enforcer's security thresholds for each computer select a computer (or computers) from the list, and click on "Configure Computer" then "Configure Threshold Levels and Responses". In the threshold configuration window you will be able to set a threshold for each filter security level (low, medium, and high), and specify how the Network Enforcer client on the selected computer will respond.

For instance: If you have the LOW Security threshold set to 10 it will take 10 filter violations before the Network Enforcer client will do any of the specified responses/actions you have enabled (i.e.: alert the user, or email the administrator, or shut the computer down).

Security thresholds make it possible for you to NOT be alerted every time something unwanted happens, but if it happens often enough THEN you are alerted. On the other hand, you can set the thresholds (say a HIGH Security threshold of 1) so that you are alerted right away when a behavior occurs, allowing you to react instantly (or have Network Enforcer lock the computer, shut it down, etc. right when it happens).


Behavior/Activity Filters
The behavior/activity filters make up the core of the Network Enforcer software. Network Enforcer allows you to add filters for the following behavior categories:

  • Application Usage - watches for unauthorized applications from being ran
  • Website Visits - watches for unauthorized website visits
  • File System Activity - watches for unauthorized file system usage (deletions, opens, creations, modifications, etc.)
  • Email Activity - watches for unauthorized email activity (specific file attachments, recipients, subjects, senders, domains, etc.)
  • Keystrokes Typed - watches for unauthorized keystroke combinations/phrases (such as passwords, company names, phone numbers, etc.)
  • Windows Used - watches for unauthorized windows interacted with
  • Internet Connections Established - watches for unauthorized internet connections (connections on specific ports, to certain hosts, etc.)

Each filter you add has a security level - low, medium, or high. Less critical behaviors should be classified as low security, whereas network critical behaviors (such as a user accessing a top secret file, or router website control panel) should be given a high security classification.

To add a filter simply click on "Configure Computer" (after selecting a computer/computers), and then "Configure Activity Filters". In the activity filter window enable what behaviors you want watched (i.e.: Application Usage, Website Visits, etc.) and then click "Add Filter" to add a filter. Choose the filter you want to add from the popup menu and follow the directions given for each filter type you choose.

For instance: If you do not want a user running solitiare.exe, you would click on "Add an Application Filter..." then enter "solitaire.exe" as the application to trigger the filter. Finally, specify a security level for the filter. If the user runs solitaire enough times to trigger the appropriate security threshold it is classified under Network Enforcer will respond as configured in your threshold settings for that computer.


Activity Blocking
Network Enforcer can block specific behaviors, as well. Network Enforcer can restrict specific websites, applications, and windows from being opened. To configure blocking, click on the "Blocking" button in the Activity Filters configuration window. Here you will be able to tell Network Enforcer to close applications, websites, and windows based on their security level.

For instance, if you do not want to block a low or medium level website from being visited, but do not want a high security website to be viewed, you would enable the "Close HIGH Security Websites Visited".

Network Enforcer can restrict many popular chat clients from being executed as well. To enable chat filtering click on "Chat Filters" in the Activity Filters configuration window, then check off what chat clients you do not want to be used on your network. You can assign a security level to chat client filtering so they count towards the security thresholds if they are executed.


Synchronizing Settings
Once you configure settings for a computer you will need to synchronize them with the client. Basically, this just tells the remote client on the computer selected to update its settings based on what you have configured for that computer. Whenever you make changes you will be automatically prompted to resync, but you can manually resync settings at anytime by using the synchronization commands under the "Configure Computer" menu.

If you need to configure ALL settings choose "Synchronize Settings". If you need to just resync the activity filters, choose "Synchronize Activity Filters".


Importing and Exporting Settings
Network Enforcer allows you to quickly and easily transfer settings between computers. Once you have a filter-set you are happy with, you can click on the "Export" menu item under "Configure Computer" and export the activity filters, threshold settings, or all settings. Once exported the settings can then be imported to other computers by selecting those computers and clicking on an "Import" menu item under the "Configure Computer" menu. These settings will be transferred immediately and you will then be prompted to sync the settings with the Network Enforcer clients. This allows you to configure multiple computers in mere seconds once you have an initial computer's settings and filters configured.


Login Settings
An administrative login is required for each computer you want to perform remote client installation on. If you need to change login settings you can do so by clicking on "Configure Computer" then "Configure Computer Login Settings". The login settings are not required if you plan on physically installing the client on each computer.

 


Copyright © 2007 Network Enforcer. All rights reserved.
Send us feedback about the site.