OPTENET Security Suite / OPTENET PC Web Filter Version 11.01 User Guide (rev 1.7)
COPYRIGHT No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of Optenet S.A., or its suppliers or affiliate companies. TRADEMARK ATTRIBUTIONS Optenet, EDUNET, COTENET, E-Optenet, Optenet.BE, Optenet.CL, Optenet.CO.CR, Optenet.COM.EC, EDUNET.COM.ES, Optenet.COM.ES, EDUNET.ES, Optenet.ES, Optenet.US, Optenet.FR, OBTENET.COM, OBTENET.NET, Optenet.COM, Optenet.NET, CAPITANNET.COM, CAPITANNET.ORG, CAPITANNET.NET, CAPITANET.COM, CAPITANET.ORG, CAPITANET.NET, Optenet.BIZ, PROTEGELES.COM, PROTEGELES.NET, PROTEGELES.ORG, SURF-MATE.COM, SURF- MATE.NET, SURF-MATE.ORG, PROTEGELOS.COM, PROTEGEALOSNINOS.COM, SIFT- PLATFORM.ORG, Optenet.COM.GT, Optenet.COM.HN, Optenet.COM.MX, Optenet.COM.PA, Optenet.COM.PE, PTENET.CO.UK (in process), Optenet.COM.VE, are registered trademarks or trademarks of Optenet S.A. and/or its affiliates in Spain and/or other countries. All other registered and unregistered trademarks herein are the sole property of their respective owners LICENSE INFORMATION LICENSE AGREEMENT NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSE SOFTWARE.
Index 1 Introduction... 6 2 Main Features of OPTENET Security Suite... 6 2.1 Parental Control... 7 2.2 Antivirus... 7 2.3 Firewall... 7 2.4 Protocols Filtering... 8 2.5 Effectiveness... 8 2.6 Optenet Security Suite Languages... 8 2.7 Browsing Speed When Using Optenet Security Suite... 8 2.8 Web Filter Security... 9 2.9 Unblocking Service for Pages Blocked in Error... 9 2.10 Activation or Deactivation of the Security Suite... 9 2.11 Blocking P2P File Sharing and Downloading of Programs... 9 2.12 Blocking Instant Messaging Programs... 9 2.13 Blocking Email... 9 2.14 Updates... 9 3 Technical Requirements... 11 3.1 Technical Knowledge... 11 3.2 System Compatibility and Minimum Requirements... 11 4 Installation... 12 5 General... 18 5.1 OPTENET Security Suite... 18 5.2 Change Password... 21 5.3 License Management... 22 5.4 Software Update... 24 5.5 Proxy settings... 26 5.6 Help... 27 6 Parental Control... 28 6.1 Profiles... 28
6.2 Configuration... 29 6.2.1 Categories... 30 6.2.2 Browsing schedules... 32 6.2.3 Black and White Lists... 35 6.2.4 Applications manager... 35 6.2.5 Filter types... 37 6.2.6 Keyword filtering... 38 6.2.7 Port filtering... 39 6.2.8 Advanced Options... 40 6.3 Whitelists and blacklists... 41 6.4 Contribution... 42 6.5 Reports... 42 6.6 Advanced settings... 44 6.6.1 Repeated attempts blocking... 45 6.6.2 Browser filtering... 45 6.6.3 Excluded web domains... 46 7 Antivirus... 47 7.1 Antivirus... 47 7.2 Protection Level... 48 7.3 Analysis... 48 7.3.1 On demand analysis... 49 7.3.2 Scheduled Analysis... 54 7.3.3 Set active process analysis... 55 7.4 Reports... 57 7.5 Quarantine... 59 8 Firewall... 61 8.1 Firewall... 61 8.2 Protection Level... 62 8.3 Application Control... 63 8.4 Service configuration... 69 8.5 IP Configuration... 71 8.6 Reports... 72 9 Uninstall... 76
1 INTRODUCTION Optenet Security Suite / Optenet PC WebFilter is a tool that optimizes Internet usage and provides the highest levels of security. It offers the most effective protection on the market for both IT equipment and Users. This is achieved through the combination of highly effective individual components. In addition, Optenet Security Suite / Optenet PC WebFilter is a transparent application that does not affect the functioning of other applications, system performance, or the speed of communications. There are two types of licenses that activate different services: WebFilter. Activates parental control services and protocol filtering SecuritySuite. In addition to activates parental control services and protocol filtering it also enables antivirus and firewall services. This manual refers to Optenet Security Suite because it contains the services included OPTENET PC Web Filter. Optenet Security Suite is the most advanced and complete protection tool on the market. Various modules complement each other. The highly effective Anti-virus tool makes it difficult for harmful programs to install themselves. With Web Filter content control the risk of exposing children to undesirable content is greatly minimized. If a virus does infect the machine, the Firewall, which controls activity, minimizes the harm that it can cause. 2 MAIN FEATURES OF OPTENET SECURITY SUITE Over 99% effective in filtering. Error rate less than 0.1%, eliminated completely through the Contributions service. Integrates the most advanced technology: databases of websites, viruses and Spammers, Semantic Analysis Engine for online content, heuristic analysis of executables, content-based protocol identification, etc. The filters do not affect communications; it takes less than a millisecond to analyze a web page. Automatic database and program updates. Reports on all filtering processes.
Broad interpretation of the definition and nature of viruses, incorporating worms, trojans, spyware, adware, etc. 2.1 Parental Control Web Filter prevents access to undesirable Internet content, such as pornographic websites, dangerous file downloads, Instant Messaging servers or P2P. It captures traffic entering and leaving the PC. In addition to identifying the type of traffic, it requests the relevant integrated service for analyzing, monitoring or tracing the content, ensuring that browsing is safe and based on the configured parameters. It is based on semantic analysis of website content and lists of sites that have been placed in various content categories. The lists are updated continuously. Independently of whether a website is included on a list, semantic analysis verifies whether the page contains any text with inappropriate content, in which case the User is blocked from accessing it. 2.2 Antivirus Service only available with SecuritySuite license Optenet Security Suite Anti-virus protects Users from viruses, spyware, trojans and worms that could infect their PC equipment through email or browsing the Internet, as well as detecting viruses already present on the computer. Optenet Security Suite Anti-virus integrates latest generation virus detection technology developed by European company Bitdefender. It offers various levels of protection. These levels allow the User to choose between preconfigured profiles. It is also possible to schedule scans or initiate them at any time. 2.3 Firewall Service only available with SecuritySuite license. Optenet Security Suite Firewall controls the execution of applications that connect to the Internet. It is used to control connections, allowing Users to set the firewall to allow the connection, deny it or prompt the User each time an application initiates a connection. It also prevents unauthorized access to the User s PC, for example, by hackers. Optenet Security Suite Firewall can be set to display an alert when a program attempts to connect to the Internet. The User can allow or deny the connection and can make the decision to take the default action whenever the program tries to connect.
2.4 Protocols Filtering Protocol filtering detects connections and identifies the protocol type, performing various actions depending on the configuration. This allows Users to control applications like Instant Messenger, P2P, Chat, Email and Newsgroups. 2.5 Effectiveness Optenet Security Suite leverages the most effective security service technologies. Content filtering uses a combination of the semantic analyzer and predefined lists giving the Security Suite an effectiveness of over 98%.The Anti-virus service achieves 99% effectiveness through integrated technology from Bitdefender. Moreover, Optenet Security Suite's combination of filters makes its overall effectiveness far superior to that of each individual component. For example, a piece of spyware could be blocked by any of the following mechanisms: Anti-virus detects spyware signatures. Anti-virus detects that the program is using techniques normally employed by spyware (heuristic analysis). The website hosting the spyware is in the database of the Web Filter, which blocks access to the page. The Web Filter content analyzer detects it as spyware. The administrator prohibits the download of executables as a preventative measure 2.6 Optenet Security Suite Languages Optenet filters the main languages used on the Internet with over 98% effectiveness. The Security Suite lists contain pages from all languages. Additionally, the Semantic Analyzer is trained periodically with pages from around the world, enabling it to detect pages in all languages. To achieve as high a level of effectiveness as possible (99%), for certain languages (e.g. English, Spanish, French, Dutch, Portuguese, German and Italian) a broad collection of pages is put together to train the Semantic Analyzer. 2.7 Browsing Speed When Using Optenet Security Suite Optenet Security Suite is extremely fast and, as a result, is transparent to the User. Both the list query and the content analysis process performed by the system take one thousandth of a second. It is effectively an instantaneous process.
2.8 Web Filter Security If attempts are made to get around the filter, Internet access is blocked completely as a security measure. Access can only be re-established using a password. 2.9 Unblocking Service for Pages Blocked in Error Optenet Security Suite has an error rate of around 0.1%, the lowest on the market. In addition, it has an unblocking service. If a page is blocked in error, the user can request a review from the block page explaining the reason for failure to correct. Our Customer Care Center (CCC) will review it and in case it has been an error the User will be able to gain access to the page in around 15 minutes. 2.10 Activation or Deactivation of the Security Suite Optenet Security Suite is activated or deactivated using a password so that administrators can browse without restrictions. The password is requested from the User at the time of installation. If the User does not have the password or if someone attempts to deactivate the Security Suite, the system has self-protection mechanisms that make it impossible to deactivate it. 2.11 Blocking P2P File Sharing and Downloading of Programs It is possible to block P2P file sharing and downloading of programs through the protocol configuration of the Web Filter. The P2P server category can also be blocked, providing a greater level of security. 2.12 Blocking Instant Messaging Programs It is possible to block Instant Messaging programs through the protocol configuration of the Web Filter. The Instant Messaging server category can also be blocked, providing a greater level of security. 2.13 Blocking Email It is possible to block email through the protocol configuration of the Web Filter. To block webmail, the relevant category must be selected. 2.14 Updates The list system is updated automatically via the Internet. This process requires no administration.
3 TECHNICAL REQUIREMENTS 3.1 Technical Knowledge No specific technical knowledge is required to install or configure the filters. 3.2 System Compatibility and Minimum Requirements The OSSPC is available for the following operating systems: a. Windows XP Sp3 b. Windows Vista (32 and 64 bits) c. Windows 7 (32 and 64 bits) d. Window 8 (32 and 64 bits) OS RAM. Minimum: Free Hard Disk Space: Windows XP sp3 512 MB 500 MB Windows Vista 32 bits, 64 bits 1 GB 500MB Windows 7 32 bits 2 GB 500MB Windows 7 64 bits 2 GB 500MB Windows 8 64 bits 2 GB 500MB It can be used with any web browser.
4 INSTALLATION Whether the tool is downloaded from the website or installed from a CD, it is recommended to save the program to the computer s hard disk and follow these steps: Double click on the file Optenet (the name of the file is OptenetSecuritySuite.exe) The Optenet interface is available in three languages: English, French and Spanish. Select the language and click [Next]. End User Agreement. Accept license terms:
Select the folder where the software will be installed. By default, Program Files directory will be used. Click [Next]. Enter the password to be used to access the Optenet Administration Console (filter configuration). This password ensures that only the administrator can make changes to the setup and remove the program. It is recommended that a password is chosen that is personal and confidential and should be kept in a safe place. Remember that this password will be required to un-install Optenet Suite at a later time! Password Reminder: Type a question and answer to be used in case the password is forgotten. Enter an email address to send the password in case the configured control question has been forgotten. The email address entered here will be the only email address where the password will be sent in case it has been! This will prevent unauthorized Users from acquiring the administrative password in order to alter filter settings and/or un-install the program.
Enter license code (this will most likely have been received via email when the product was purchased). Note: Where available, it may also be possible to use an evaluation license to try other available products (complete suite etc). In this case, select the trial Product and click on [Next].
If the user opts for an evaluation installation, then, each time the software is launched display a warning notice that you are using an evaluation version, and suggest purchasing a permanent license: If the entered license or product chosen for evaluation include the Antivirus, during installation, the program will download updated bases required for the Antivirus work with full guarantees from the start. Antivirus bases occupy more than 100 MB so depending on the speed of your internet connection this operation could take even minutes. Finally, it is necessary to restart the PC to complete the installation. The program may not work properly until the PC has been restarted.
Once the computer has been restarted, notice that a new icon in shown on Windows Status Bar. Right-Click on it to open contextual menu (listed options might vary depending on installed product): This icon will indicate filtering status or additional operations being performed at a given moment: Icon Meaning
Filer Active Filter has been deactivated manually. Software or anti-virus signatures are being updated. Scanning for viruses License has expired. No filtering is being performed unless a license is acquired.
5 GENERAL This section gives an overview of the tools, services and basic actions to the proper functioning of OPTENET Security Suite. 5.1 OPTENET Security Suite Optenet Security Suite Console can be accessed: a. From the Windows Start menu. b. Right-clicking on the Optenet icon on the windows status bar and selecting [Optenet Security Suite Administration]. An administrative password is required to prevent unauthorized access (this is the password indicated at installation time). In case you do not remember the password for access to the administration, by clicking on "Forgot your password" two ways to recover the password will be proposed: The first is to correctly answer the challenge question that was entered during installation. If the answer is correct, a new pop inform what the password is.
The second way to recover the password is by "Emailing". Clicking this option, the program will send an email with the password to the email address that was entered during installation. Once the password has been entered correctly, the administrative console will be shown: Optenet Security Suite includes the following sections (when available, and depending on licensed product): a. Web Filter b. Anti-virus
c. Firewall From this page of the management console can, the status of their services (enabled, disabled and non-contracted) can be checked and also modified it if desired. To change the status of a service, you have to click on the appropriate button: To activate the service, you will have to click on the "Activate" button. To deactivate the service, you will have to click on the "Disable button. The Parental Control feature, in addition to "On" or "Off", you can be in a third state: "Monitor". This mode is useful for when the administrator does not want the filter to intervene and filter navigation, but to save a record of what you have browsed (generating navigation logs). From this screen, we can also view and modify the level of Antivirus and Firewall protection. To do that, you have to click on the 'Change the level of protection' available for these two services. While Parental Control, you can change the navigation profile. Non-contracted services come identified and can be contracted directly through the management interface itself: In the case any services has been contracted (or all contracted services are disabled), the icon in the menu bar OPTENET appear in red:
5.2 Change Password In this option from the main menu, you can configure some aspects of access to the product configuration interface. The first option is the one that allows the management and "Change Password" to access the management interface:
On the other hand you can edit the question and answer for the "Password Recovery": And finally, you can edit the "Session Timeout" that can have the management console. This precaution is of interest to ensure that administration window left unattended for some time cannot be used more and has to re-authenticate to access it. 5.3 License Management In this section you can check the OPTENET license status.
In the case of getting any problems with it, this notification will be displayed as follows: If required, you can also modify the product license code by clicking on "Enter new license", and enter the new license that must have been provided previously by the OPTENET support. In case the license has expired, an alert warning of the situation will be displayed. In these cases, the software stops the services and cut-off the navigation to advice of the situation.
This screen provides different options: To contact the customer service center from OPTENET. To request a new license or at least, go to OPTENET portal where you can find out what is happening with the license or just manage it. Enter the administration password to retrieve the navigation, but with no Parental Control service is provided! 5.4 Software Update Software and virus databases updates can be made fully automatic and transparent so that the user does not have to worry about when we released new versions and updates. In the case of software updates, it is first shown the current product version and the date of publication or update. It also provides options for updating the Software:
Let the software automatically find the new versions and in case exists a new one, propose: Update automatically. Inform its existence to the user to decide when to update. Find a new software update manually (button "Search for updates") Any changes made must be saved by clicking on the 'Save Changes'. The button 'Restore' retrieves the last saved configuration. Useful when you are not sure if it has changed something from the current display settings. In the case of database updates of Antivirus, displays information about the Antivirus engine: Antivirus engine integrated version, number of signatures in the database, the date of the last update, etc... The default AV update is performed automatically (each time the software is restarted, and then every two hours), but the user can always set the schedule at his convenience.
In case you are completing an update (either the software or Antivirus bases); the OPTENET icon shown in the menu bar will appear in blue: 5.5 Proxy settings In certain environments where OPTENET Security Suite is used, it is possible that the internet has to go through an intermediate proxy (businesses, schools, etc...). For updates to run normally, it is recommended to set the proxy settings:
5.6 Help For any questions about OPTENET, you can download the manual available in PDF format.
6 PARENTAL CONTROL You must have purchased the Parental Control service to access its management. If not, as a first window in the Parental Control section, it is shown an invitation to contract the service. The Parental Control feature included in the OPTENET Security Suite presents a complete range of functions that we will describe in the following sections. The main Parental Control screen provides general information about the service. You can check the status and access for editing the navigation profile: 6.1 Profiles Parental Control provides several predefined profiles adapted for each age. The administrator can also adjust the settings for each profile according to the needs and concerns over the contents that can be accessed. Here is the list of predefined profiles: Restricted: with only access to the contents of the global white list profile. Child: Child Portal navigation and global whitelists profile. Adolescent: blocking unsafe and unfit content for teenagers. Custom: you can define and adapt to detail the profile navigation Secure: protects profile from surf threats (malware, phishing, hacking,...) Adult: internet access without restrictions except global blacklists profile. On this screen you can define to which profile belong each windows users. By default, just installed, users belong to the profile "teen". However, the administrator is free to move a user (by clicking on the Windows user name, dragging and dropping the item) to the profile you want to associate. As shown in the attached image, users belong by default to "teen" profile but then some were relocated (user "optenet" as Profile "Custom" and the user "Administrator" and "Adult"). By default, if it is detected that a new Windows user had been created, it would automatically be assigned in the profile "Teenager" (although the administrator can always change the default group).
6.2 Configuration The Parental Control provides several predefined profiles adapted for each age and use. In any case, the administrator can always modify these profiles to suit needs and concerns about the content what is allowed to access. To do so, for each profile there are certain features that can be configured: Restricted: Since it only allows access to the contents of the global whitelist, and whitelist own profile, you can only configure the "White and black lists" and "Browsing time". Child: Only allow access to the children portal and the white lists (global and own Profile), so you can only configure the "Browsing time", "white and black lists", "Application Filtering", "Types file "and" port filtering ". Teen and Custom: For these two profiles it can be set all the functionalities and features: "Categories", "Browsing time", "white and black lists", "Application Filtering", "File Types", "Filtered by keyword "," port filtering "and" Advanced ". Secure: this profile is limited to protect the computer from threats (malware, phishing, hacking...) so you do not have to configure or "Categories" and "Browsing time", while the other functions do remain configurable. Adult: This profile has a full Internet access, so the only thing you can configure is the "White and black lists".
To switch from one profile to another, simply move the cursor on the horizontal bar: Below we will detail information about configurable features: 6.2.1 Categories It provides a list of categories and content that Parental Control can categorize, and therefore, that can be blocked if configured by the administrator. By default is blocked the content that may be unsafe for PC (phishing, spyware) or not appropriate for children or adolescents navigation.
To block or not a category, just click on it and save the changes. When a page has been blocked because of its categorization, it is shown a blocking page similar to this one:
6.2.2 Browsing schedules You can configure whether navigation is allowed without any restriction of time or limits the hours when Web browsing (HTTP and HTTPS) is permitted. When you are defining browsing schedule: It is possible to define several navigation intervals for each day of the week, so you can navigate only within that time frame, outside, navigation will be blocked. If for a particular day nothing is defined, it is assumed that by default, you can browse all that day. You can set the weekly and daily number of hours that you can navigate. Once exceeded this limit will block navigation and a page explaining the reason for blocking will appear.
You can define time range independently (per day) or jointly, so that every day of the week will have the same configuration:
When a page has been blocked by the browsing scheduled, it is shown a block page like this:
6.2.3 Black and White Lists You can define specific URLs or domains to allow or block web. To do so, you can use wildcards to include an entire domain or any request regardless of its parameters. Examples: *.optenet.*: with this setting, you can accept or reject any URL containing the string ". optenet." for example: www.optenet.com, images.optenet.com, www.optenet.co.uk / test www.myweb.com*: with this setting, you can accept or deny all of the aforementioned pages belonging to the host. www.myweb2.com/login.php?name=foo*: with this input, you can accept or reject all attempts to access from the users whose name starts with "foo". When a page has been blocked by the configuration list, it is shown a block page like this: Notice: global lists have higher priority than the particular defined for a particular profile. 6.2.4 Applications manager You can set filtering rules (allow / deny / permit by time) on different types of applications:
Peer to peer: Torrent, Kazaa, Emule, etc. Instant Messaging: Skype, Microsoft Messenger MSN, oovoo, Yahoo Instant Messenger, etc. Mail: Regulates the use of email via protocols POP3 (port 110), SMTP (port 25) or IMAP (port 143). Newsgroups: NNTP Chat: Chat application like mirc, etc. Virtual worlds: Second Life For each group of applications, you can define: Permitted access to the programs and applications for that protocol category is permitted. Blocked access to the programs and applications for that protocol category is blocked. Scheduled access is regulated by time, depending on the timeframes specified in the Surf Schedule table: o On the days where a timeframe is specified, access will be permitted only on those timeframes.
o day. On the days where a timeframe is not specified, access will be permitted the entire 6.2.5 Filter types The Parental Control allows you to block downloading certain types of files on your PC. To do so, simply select and check the pre-defined extensions. You can always also define new extensions. Example:
6.2.6 Keyword filtering In addition to filter by category, you can specify certain keywords that will cause blocking to those websites that contain them. You can use partial words as "pornogra" (so you can block web content with words like "pornography" or "pornographic"), or you can even use the asterisk '*' as a wildcard symbol to include words that contain part of an expression. You can also specify whether the search keywords will be done in the URL will be accessed and / or in the content of the page.
When a page is blocked because found a keyword in the URL, it displays a message like: 6.2.7 Port filtering In this section you can configure the ports to which you can establish or deny connections. There are two ways to work or manage this configuration: Allowing access to all ports, except a few that are explicitly defined as blocked. Blocking access to all ports, except a few that are explicitly defined as allowed.
There are several exceptions to be taken into account in the management of ports: Configurable ports in this section may not correspond with default ports of other applications (that can be configured in the section "Application Filtering"), so you can configure ports like 80 and 443 (HTTP / HTTPS) 110, 25 and 143 (E-mail). Although requests are destined for connections to different ports than 80 or 443, if the content and protocol analyzer identifies HTTP communication, then port configuration is skipped and process the connection as configured for HTTP / HTTPS browsing 6.2.8 Advanced Options There are some more advanced options that the administrator can set for the profile. This is automatic activation "SafeSearch" for popular search engines (Google, yahoo and bing) so that they restrict the results, and avoid displaying search results that have identified himself as "adults only"
So the results returned by the search engine itself, already have a filter applied: 6.3 Whitelists and blacklists The configuration of global black and white lists is independent of the configuration of lists that may have a specific profile. Moreover, the global lists have higher priority than the particular defined for a particular profile.
The syntax of how you can entry new values in the list as well as its usability is the same as the one defined for a profile lists (see section above). 6.4 Contribution If you believe that some content is not properly classified, you can let them know to OPTENET filling out a simple form and pressing the submit button. If the user indicates the email address, he will receive a confirmation once the direction has been reviewed and correctly classified, if appropriate. 6.5 Reports From this section you can view a summary of information about the actions taken by the Parental Control.
By default, it shows the reports collected in the last week. You can perform reports for certain dates deploying the option 'Show search reports by date': By clicking on the line in the report itself, we will see a summary of the data collected at the bottom: The full report can also be opened in a text editor from the summary above (by clicking directly on 'Open in a text editor') or by clicking the icon on the right as shown below:
You can also delete reports, just select them and press "Delete Selected Reports": 6.6 Advanced settings As part of an overall advanced settings for Parental control (and as such, not subject to a particular profile), it exists the following functionalities:
6.6.1 Repeated attempts blocking You can block web browsing user who repeatedly tries to access (10 different websites) banned by content filtering rules from Parental Control. The corresponding block page briefly explains why browsing is blocked: If you provide an email address, the administrator will be notified with the name of the blocked user. 6.6.2 Browser filtering Parental Control provides the ability to completely block certain browsers navigation. This may be of interest to those administrators with security policy prohibiting the use from some of them.
6.6.3 Excluded web domains For proper operation of the software, it is convenient (and sometimes necessary) that certain URLs are not treated by the Parental Control, so that they are always accessible (regardless of active navigation profile, schedules, categorization or state license). It is usual to allow this access to privileged OPTENET servers, Windows update servers, Bitdefender, etc...
7 ANTIVIRUS Service only available with SecuritySuite license. You must have purchased the Antivirus service to access the management. If not contracted yet, it can be done clicking the button to "Purchase". 7.1 Antivirus The antivirus included in the Optenet Security Suite offers a complete range of functionality that we will describe in the following sections. From the main screen of Antivirus, provides an overview of the status. You can see both the operating status and the level of protection, the scan settings or quarantine. From this screen you can directly access each of the options listed for modification or query in detail.
7.2 Protection Level In the Optenet Security Suite Anti-virus section, the level of protection for the computer can be configured. The available levels of protection are: High: maximum protection Recommended: best compromise between protection and resources consuming. Customized: protection can be personalized. Only when the Custom mode is selected, the User can fine-tune the behavior of the Antivirus (Anti-virus techniques and files to be analyzed): Analyze programs included in compressed files Analyze self-extract executables. 7.3 Analysis In this section, the Anti-virus can be launched and an analysis performed, based on the default parameters, and custom settings for the analysis can be configured. When the analysis window is closed, the analysis goes on and informs users through the following message:
The different types of analysis are: 7.3.1 On demand analysis It allows four different types of analysis: Complete analysis of the PC: Make a thorough analysis of the entire system both running programs as file systems (hard drives, CD / DVD, USB...). The progress of the analysis is shown as follows:
Express Analysis: Perform a quick scan of the computer including the running programs, the system directory and the more prone to malware attacks. Analyze folder: Make a scanning of the selected folder. This will need to press the 'Browse' button which will open a new window from which you can select the folder to be scanned. The progress of the analysis is shown as follows:
Custom analysis: This analysis allows analyzing memory or file system, you can select the action to take if a virus is found.
You can select the file system to analyze and the folder or folders that you also want to do the analysis. The Antivirus also can select the files to be analyzed based on its extension. They should write the desired extension and click the 'Add' button:
And remove them when no longer wish to analyze by selecting them and pressing the 'Remove' button. During the analysis you can define the action to take in case a virus or a suspicious file is detected:
7.3.2 Scheduled Analysis From this section of the Antivirus, you can perform memory analysis and selected files as described in the section 'Custom Scan' can also set the time of execution of this analysis When starting the execution of a programmed analysis, Optenet Security Suite will alert with a balloon message in the systray zone.
7.3.3 Set active process analysis To access the configuration of this analysis, it is necessary to select the level of protection: Custom. Configure the monitoring of all read and write operations of the processes running on the computer. This analysis is fully automatic and transparent. Select the file systems to analyze and folder or folders to exclude from scanning.
The Antivirus can also select files to be excluded from real-time monitoring. You should write the desired extension and click the 'Add' button: If you want to eliminate them from the analysis, select and press the 'Delete' button. During the analysis you can define the action to take in case a virus or a suspicious file is detected:
7.4 Reports From this section you can view a summary of the actions taken by the Antivirus. By default, it lists the reports collected in the last week. You can perform a search report from a certain period deploying the option 'Show search reports by date':
By clicking on the line in the report itself, we will see a summary of the data collected at the bottom: The full report can also be opened in a text editor from the summary above (by clicking directly on 'Open in a text editor') or by clicking the icon on the right as shown below: You can also delete reports, this will require select them and press "Delete Selected Reports":
7.5 Quarantine From this section you can view the files that Antivirus has quarantined. The files that appear in the quarantine can be unlocked or removed definitively. This will require selecting them and pressing Restore Selected Files or Delete selected" respectively.
8 FIREWALL Service only available with SecuritySuite license. You must have purchased the Firewall service to access management. In case the service is note contracted, you can get it by clicking "Purchase" button. 8.1 Firewall The firewall included in the Optenet Security Suite offers a complete range of functions that allow you to manage Internet access to applications. The Firewall screen provides an overview of the status. You can see both the operating status and the level of protection, control timing or configuration of the different sections (application control, filtering services...). From this screen you can directly access each of the options listed for modification or query in detail.
8.2 Protection Level In the Optenet Security Suite Firewall section, the level of security for the computer can be configured. The available levels of security are: High : maximum protection Recommended: best compromise between protection and resources consuming. Customized: protection can be personalized. Only where the Customized mode is selected, the User can fine-tune the behavior of the Firewall:
Both in [High] and [Recommended] levels, preset configuration will be used. Only in case of selecting the [Customized] Protection level, changes to the configuration being done in the different sections will be allowed to be saved. 8.3 Application Control The management of this section must be done under the Custom security level. In this section, access to the Internet can be granted to applications. Initially, the list includes applications that normally have access to the Internet when they are executed.
If you do not automatically allow access to signed applications will be treated according to the general configuration. The firewall can be configured so that it alerts the User whenever any new (unknown) application (not included in the list) attempts to access the Internet and optionally activate sound alerts. If alerts are activated, whenever an application tries to access the Internet a balloon will be shown over the Optenet Security Suite icon (on the windows status bar), asking for instructions and the appropriate action to take: Allow always (in and out): Internet access for this application (input or output) will always be allowed. Block always: Internet access for this application (input or output) will always be blocked. (this configuration can be changed later). You can also select from the following options: Ask every time you run the application Monitor Activity Program
If no action is chosen after a given period of time, the default action will be applied (See below). The options available by selection the default action to apply when a new application attempts to access the Internet are: Allow always. Internet access for this application (input or output) will always be allowed Block always. Internet access for this application (input or output) will always be blocked If no option is selected by default in the previous menu and no action has been selected in the previous dialogs for a certain period of time, the default behavior of the solution is "Block Always". All applications containing this alert, will be included in the list of "Other Applications" that shows the interface. Your configuration will depend on the settings you have chosen in the alert. For this action to be contained in the reports, it will be necessary to edit within the 'Predefined applications' the 'Presets' and check the box "Monitoring the program saving activity reports", save the changes before exiting.
Finally, you can define what type of input and output services are allowed or denied for each application from the list of known applications. To do this, you must click on the option "Edit" on the application and the following screen: You can also add new applications, pressing the "Add Application": Then you can choose the application browsing the computer's directory tree:
And once selected, can be configured through the following screen: At this point it is possible to select the application to be included and further configure them in the same way as previously described in the case of default applications. For each application, you can configure the methods of operation both input and output. For each, you can:
Define if you want the application to use any of the services defined, or, determine what services are to be allowed. For example, in the case of the "Input services allowed, it will be selected as shown in the following figure: And when we are enabling services (input and / or output) that an application can use, you can also define from where they can: o o Public: all IP Private: only allowed IPs that have defined within 'IP Filtering' section 'allowed IPs' (see section f) of this chapter). For example, in the case of the "allowed input Services', it will be selected as shown in the following image. Boxed in red refers to the reference parameter 'private' in its corresponding screen:
Do note that it only keeps track of the activity of applications that have been specifically marked for monitoring. You need to check the box "supervise the program saving activity reports." When you check this option, from the "Reports" section, you can ask for the actions taken by the Firewall (see paragraph h) Reports of this section) To register in the initial action reports by the Firewall for each application that is not included within "Other Applications", you should edit within the 'Predefined applications' the 'Presets'. In the new window that appears, check the box there to "supervise the program saving activity reports." 8.4 Service configuration The management of this section must be done under the Custom security level.
The services defined in this section will be the ones that can be used by applications (allowed, denied etc) e.g.: define that telnet.exe can apply telnet services that in turn are defined as a set of TCP and/or UDP Port ranges. Specific services can be created defining TCP and UDP port ranges to be allowed or blocked (when used by the different applications). From the section 'Application Control', you can associate the services here defined to each applications in order to allow the application. The services configured by default are: Telecommunication Network (telnet) Service Message Block (SMB) Hypertext Transfer protocol (HTTP) Hypertext Transfer Protocol over TLS/SSL (HTTPS) Domain Name Service (DNS) Secure Shell (SSH) Remote Procedure Call (RPC) Simple Mail Transfer Protocol (SMTP) Resource Location Protocol (RLP) Host Name Server (HNS) Network Printing Protocol (NPP) Post Office Protocol version 3 (POP3) Simple File Transfer Protocol (SFTP) Dynamic Host Configuration Protocol version 6 client (DHCPC) Dynamic Host Configuration Protocol version 6 server (DHCPS) Internet Key Exchange (IKE) Dynamic Host Configuration Protocol (DHCP) Universal Plug and Play (UPnP)
Remote Desktop Protocol (RDP) To define the range of TCP and UDP that should be allowed or blocked select 'Edit' on the corresponding service coming to the following screen: 8.5 IP Configuration The management of this section must be done under the Custom security level. The firewall service also offers the ability to manage in real-time IP address ranges used by applications in communications. In the Firewall configuration section, two lists of IPs can be defined: Permitted IPs: White list of IPs with which the computer can establish a connection. Blocked IPs: Black list of IPs that are unable to establish a connection with the computer.
8.6 Reports In this section, a summary report can be viewed on the actions taken by the Firewall. Additionally in this section, log files to be deleted automatically to save disk space can be programmed.
NOTE: This only keeps track of the activity of applications that have been specifically marked for monitoring from the Firewall section: Application Control. By default, it lists the reports collected in the last week. But from the 'General' tab you can perform a search report from a certain time deploying the option 'Show search reports by date': By clicking on the line in the report itself, you will see a summary of the total number of blocked and allowed connections:
The summary of the selected report also appears when you click on the actual line of the report you want to query. The full report can also be opened in a text editor from the summary above (by clicking directly on 'Open in a text editor') or by clicking the icon on the right as shown below: You can also delete reports, this will require select them and press "Remove Selected Reports":
From the tab "Monitoring" it can be viewed in real-time connections that are established on the computer at the time of the query.
Moving the mouse over the 'application' of a connection, you can visualize the full path from which the application is running: 9 UNINSTALL To uninstall the Optenet Security Suite, use the shortcut created in the Start menu of your computer, or does it from Control Panel -> Add or Remove Programs. During the uninstall process you are prompted for administrator password, thus preventing anyone succeed in eliminating the program. If during installation process, the program realizes that there are elements in quarantine, before proceeding to delete and continue uninstalling, it is inviting the user to review them, in case you were interested in recovering some files. Do not attempt to uninstall the program by removing Antivirus and Firewall directories will damage irreparably installation and completely lose Internet access. Always use your computer's access to uninstall the software. If you run the installer application Security Pack on a machine that already has the software will start the process of uninstalling the previous version (with the introduction of the administrator password) without overwriting files.