proventia_administratorguide
-
Upload
fernando-bolivar -
Category
Documents
-
view
214 -
download
0
Transcript of proventia_administratorguide
-
8/9/2019 proventia_administratorguide
1/48
Administrator GuideFirmware version 3.11
-
8/9/2019 proventia_administratorguide
2/48
Internet Security Systems, Inc.6303 Barfield RoadAtlanta, Georgia 30328-4233United States(404) 236-2600http://www.iss.net
Internet Security Systems, Inc. 2003-2007. All rights reserved worldwide. Customers may make reasonable numbers of copiesof this publication for internal use only. This publication may not otherwise be copied or reproduced, in whole or in part, by anyother person or entity without the express prior written consent of Internet Security Systems, Inc.
Patent pending.
Internet Security Systems, ADDME, ActiveAlert, AlertCon, the AlertCon logos, FireCell, FlexCheck, SecurityFusion,SecurePartner, SiteProtector, SecureU, System Scanner, Virtual Patch, Wireless Scanner, and X-Press Update are trademarks andservice marks; Database Scanner, Internet Scanner, the Internet Security Systems logo, Online Scanner, Proventia, RealSecure,SAFEsuite, Secure Steps, and X-Force are registered trademarks and service marks of Internet Security Systems, Inc. NetworkICE, the Network ICE logo, and ICEpac are trademarks, BlackICE a licensed trademark, and ICEcap a registered trademark ofNetwork ICE Corporation, a wholly owned subsidiary of Internet Security Systems, Inc. Powering Content Security is atrademark and Cobion is a registered trademark of Cobion AG, a wholly owned subsidiary of Internet Security Systems, Inc.SilentRunner is a registered trademark of Raytheon Company. Acrobat and Adobe are registered trademarks of Adobe SystemsIncorporated. Certicom is a trademark and Security Builder is a registered trademark of Certicom Corp. Check Point, FireWall-1, OPSEC, Provider-1, and VPN-1 are registered trademarks of Check Point Software Technologies Ltd. or its affiliates. Cisco
and Cisco IOS are registered trademarks of Cisco Systems, Inc. HP-UX and OpenView are registered trademarks of Hewlett-Packard Company. IBM and AIX are registered trademarks of IBM Corporation. InstallShield is a registered trademark andservice mark of InstallShield Software Corporation in the United States and/or other countries. Intel and Pentium are registeredtrademarks of Intel. Lucent is a trademark of Lucent Technologies, Inc. ActiveX, Microsoft, Windows, and Windows NT areeither registered trademarks or trademarks of Microsoft Corporation. Net8, Oracle, Oracle8, SQL*Loader, and SQL*Plus aretrademarks or registered trademarks of Oracle Corporation. Seagate Crystal Reports, Seagate Info, Seagate, Seagate Software,and the Seagate logo are trademarks or registered trademarks of Seagate Software Holdings, Inc. and/or Seagate Technology,Inc. Secure Shell and SSH are trademarks or registered trademarks of SSH Communications Security. iplanet, Sun, SunMicrosystems, the Sun Logo, Netra, SHIELD, Solaris, SPARC, and UltraSPARC are trademarks or registered trademarks of SunMicrosystems, Inc. in the United States and other countries. All SPARC trademarks are used under license and are trademarksor registered trademarks of SPARC International, Inc. in the United States and other countries. Adaptive Server, SQL, SQLServer, and Sybase are trademarks of Sybase, Inc., its affiliates and licensers. Tivoli is a registered trademark of Tivoli SystemsInc. UNIX is a registered trademark in the United States and other countries, licensed exclusively through X/Open Company,Ltd. All other trademarks are the property of their respective owners and are used here in an editorial context without intent ofinfringement. Specifications are subject to change without notice.
Disclaimer:The information contained in this document may change without notice, and may have been altered or changed ifyou have received it from a source other than ISS or the X-Force. Use of this information constitutes acceptance for use in anAS IS condition, without warranties of any kind, and any use of this information is at the user s own risk. ISS and the X-Forcedisclaim all warranties, either expressed or implied, including the warranties of merchantability and fitness for a particularpurpose. In no event shall ISS or the X-Force be liable for any damages whatsoever, including direct, indirect, incidental,consequential or special damages, arising from the use or dissemination hereof, even if ISS or the X-Force has been advised ofthe possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidentaldamages, so the foregoing limitation may not apply.
Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, orotherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by Internet Security Systems,Inc. The views and opinions of authors expressed herein do not necessarily state or reflect those of Internet Security Systems,Inc., and shall not be used for advertising or product endorsement purposes.
Links and addresses to Internet resources are inspected thoroughly prior to release, but the ever-changing nature of the Internetprevents Internet Security Systems from guaranteeing the content or existence of the resource. When possible, the reference
contains alternate sites or keywords that could be used to acquire the information by other methods. If you find a broken orinappropriate link, please send an email with the topic name, link, and its behavior to [email protected].
March 20, 2007
http://www.iss.net/mailto:[email protected]:[email protected]://www.iss.net/ -
8/9/2019 proventia_administratorguide
3/48
3Proventia Network Multi-Function Security Administrator Guide
Contents
PrefaceOverview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
About Proventia Appliance Documentation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Conventions Used in this Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Getting Technical Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Chapter 1: LicensesOverview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Installing Licenses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Chapter 2: Firmware and Security Content UpdatesOverview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Installing Updates from Proventia Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Getting Updates from an Alternate Update Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Installing Updates with the Manual Upgrader Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Getting Updates through a Proxy Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Chapter 3: Reinstalling the FirmwareOverview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Reinstalling the Firmware. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Chapter 4: Web Filter and Antispam Database MaintenanceOverview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Installing and Updating the Web Filter and Antispam Database. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Chapter 5: Maintenance ToolsOverview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Working with Maintenance Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Chapter 6: Back Up and RecoveryOverview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Policy Backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Full System Backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Chapter 7: System DiagnosticsOverview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
About System Diagnostics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38Running Diagnostics and Downloading Test Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Chapter 8: SupportOverview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Generating Support Files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
-
8/9/2019 proventia_administratorguide
4/48
4
Contents
-
8/9/2019 proventia_administratorguide
5/48
5Proventia Network Multi-Function Security Administrator Guide
Preface
Overview
Introduction This guide provides information about performing Proventia Multi-Function Security(MFS) appliance maintenance tasks such as creating backups, reinstalling the firmware,and using the system diagnostics utility.
Scope This guide includes basic information, guidelines, and required procedures formaintaining your MFS appliance. It does not cover policy configuration.
Audience This guide is intended for network security system administrators responsible formaintaining updates, performing backups, and troubleshooting Proventia Network MFSappliances. A fundamental knowledge of network security practices and IP networkconfiguration is helpful.
-
8/9/2019 proventia_administratorguide
6/48
6
About Proventia Appliance Documentation
Introduction This guide explains how to create backups, update firmware and security content,maintain Web filter and antispam databases, and otherwise maintain your appliance.
Where to find thelatest productinformation
For the latest appliance information, refer to the Help and the Readme file for yourproduct.
Related publications For information not included in this guide, see the following ISS Web sites:
Feedback Your feedback is important to Internet Security Systems. Please send comments andsuggestions to [email protected].
Web site Documents
www.iss.net/support/documentation Frequently asked questions
Datasheets
Information about virtual private networks
and firewalls
www.iss.net/download/ Readme files
Product downloads and updates
Table 1: Web sites for additional information
mailto:%[email protected]://www.iss.net/support/documentationhttp://www.iss.net/download/mailto:%[email protected]://www.iss.net/download/http://www.iss.net/support/documentation -
8/9/2019 proventia_administratorguide
7/48
Conventions Used in this Guide
7Proventia Network Multi-Function Security Administrator Guide
Conventions Used in this Guide
Introduction This topic explains the typographic conventions used in this guide to make information inprocedures and commands easier to recognize.
In procedures The typographic conventions used in procedures are shown in the following table:
Commandconventions
The typographic conventions used for command lines are shown in the following table:
Convention What it Indicates Examples
Bold An element on the graphicaluser interface.
Type the computersaddress in the IP Address
box.Select the Printcheck box.Click OK.
SMALLCAPS A key on the keyboard. Press ENTER.Press the PLUSSIGN(+).
Constant
width
A file name, folder name,
path name, or other
information that you must
type exactly as shown.
Save the User.txtfile inthe Addressesfolder.Type IUSR__SMA in theUsernamebox.
Constant
width
italic
A file name, folder name,
path name, or other
information that you must
supply.
Type Versionnumberinthe Identificationinformationbox.
A sequence of commands
from the taskbar or menu bar.From the taskbar, selectStartRun.
On the Filemenu, selectUtilitiesCompareDocuments.
Table 2: Typographic conventions for procedures
Convention What it Indicates Examples
Constant
width bold
Information to type in exactly
as shown.
md ISS
Italic Information that variesaccording to your
circumstances.
mdyour_folder_name
[ ] Optional information. dir [drive:][path][filename] [/P][/W]
[/D]
| Two mutually exclusivechoices.
verify[ON|OFF]
{ } A set of choices from whichyou must choose one.
% chmod {ugo
a}=[r][w][x] file
Table 3: Typographic conventions for commands
-
8/9/2019 proventia_administratorguide
8/48
8
Getting Technical Support
Introduction ISS provides technical support through its Web site and by email or telephone.
The ISS Web site The Internet Security Systems (ISS) Resource Center Web site (http://www.iss.net/support/) provides direct access to online user documentation, current versions listings,detailed product literature, white papers, and the Technical Support Knowledgebase.
Support levels ISS offers three levels of support:
Standard
Select
Premium
Each level provides you with 24x7 telephone and electronic support. Select and Premium
services provide more features and benefits than the Standard service. Contact ClientServices at [email protected] you do not know the level of support yourorganization has selected.
Hours of support The following table provides hours for Technical Support at the Americas and otherlocations:
Contact information The following table provides electronic support information and telephone numbers fortechnical support requests:
Location Hours
Americas 24 hours a day
All other
locations
Monday through Friday, 9:00 A.M. to 6:00 P.M. during their
local time, excluding ISS published holidaysNote: If your local support office is located outside theAmericas, you may call or send an email to the Americas
office for help during off-hours.
Table 4: Hours for technical support
RegionalOffice
Electronic Support Telephone Number
North America Connect to the MYISS
section of our Web site:
www.iss.net
Standard:
(1) (888) 447-4861 (toll free)
(1) (404) 236-2700
Select and Premium:
Refer to your Welcome Kit or
call your Primary Designated
Contact for this information.
Latin America [email protected] (1) (888) 447-4861 (toll free)
(1) (404) 236-2700
Table 5: Contact information for technical support
http://www.iss.net/support/http://www.iss.net/support/mailto:[email protected]://www.iss.net/mailto:[email protected]:[email protected]://www.iss.net/mailto:[email protected]://www.iss.net/support/http://www.iss.net/support/ -
8/9/2019 proventia_administratorguide
9/48
Getting Technical Support
9Proventia Network Multi-Function Security Administrator Guide
Europe, Middle
East, and [email protected] (44) (1753) 845105
Asia-Pacific,Australia, and
the Philippines
[email protected] (1) (888) 447-4861 (toll free)(1) (404) 236-2700
Japan [email protected] Domestic: (81) (3) 5740-4065
RegionalOffice
Electronic Support Telephone Number
Table 5: Contact information for technical support (Continued)
mailto:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected] -
8/9/2019 proventia_administratorguide
10/48
10
-
8/9/2019 proventia_administratorguide
11/48
-
8/9/2019 proventia_administratorguide
12/48
Chapter 1: Licenses
12
Installing Licenses
Introduction This topic explains how to install licenses in Proventia Manager. You cannot update thesystem without first installing your product licenses. You need a license for each featureyou plan to update.
Obtaining licenses For instructions about how to obtain your product licenses, see the Welcome Kitand OrderConfirmation email you received from Internet Security Systems or go directly to theLicense Registration Web site at the following location:
https://www1.iss.net/cgi-bin/lrc
Important: After you generate your licenses, save the licenses to an easily accessiblelocation such as a network share, a local computer, or a removable USB drive. You must beable to access this location when you upload the licenses to the system.
Contacting licensesupport
You can contact ISS license support in the following ways:
email: [email protected] or [email protected]
online: www.iss.net/support
Installing licenses inProventia Manager
To install licenses in Proventia Manager:
1. Select MaintenanceLicensing.
2. Click Browse, select the license, click Open, and then click Upload.
Tip: Licenses are issued as xml files such as iss_31362101_key.isslicense.xml.
You may want to rename this file with your appliance model and the relatedfunctionality as follows:
M10_AV_iss_31362101_key.isslicense.xml
https://www1.iss.net/cgi-bin/lrchttp://www.iss.net/support/index.htmlhttp://www.iss.net/support/index.htmlhttps://www1.iss.net/cgi-bin/lrc -
8/9/2019 proventia_administratorguide
13/48
13Proventia Network Multi-Function Security Administrator Guide
Chapter 2
Firmware and Security ContentUpdates
Overview
Introduction This chapter explains how to install updates from Proventia Manager and SiteProtector.ISS provides numerous ways for you to download and install your updates. This ensuresthat you can always update your antivirus, intrusion prevention, and firmware regardlessof how you are deploying your appliance.
Note: This chapter does not explain how to define your update policy. Refer to the Helpor the Policy Configuration Guidefor details on update policy settings.
In this chapter This chapter contains the following topics:
Topic Page
Installing Updates from Proventia Manager 14
Getting Updates from an Alternate Update Server 16
Installing Updates with the Manual Upgrader Utility 18
Getting Updates through a Proxy Server 21
-
8/9/2019 proventia_administratorguide
14/48
Chapter 2: Firmware and Security Content Updates
14
Installing Updates from Proventia Manager
Introduction This topic explains how to find, download, and install updates from Proventia Managerfor the following:
antivirus
intrusion prevention
firmware
Task overview The following table describes the tasks for manually updating the appliance:
Finding updates To find available updates:
1. In Proventia Manager, select MaintenanceUpdatesStatus.
2. Click Find Updates.
3. Do one of the following:
Downloadingupdates
To download available updates, do one of the following:
Installing updatesmanually
To install updates manually:
1. In Proventia Manager, select MaintenanceUpdatesAvailable Installs.
Note: If the Export Administration Regulationwindow appears, then review theagreement, select Yes, and then click Submit.
Task Description
1 Find available updates.
2 Download updates.
3 Install updates.
Table 6: Tasks for manually updating the appliance
If... Then...
updates are available for
download
click View Available Downloads.
updates are available for
installation
click View Available Installs.
If you want to... Then...
download updates from the
Updates Status page1. In Proventia Manager, select MaintenanceUpdates
Status.
2. Click Download Updates.
download updates from the
Updates to Downloads page1. In Proventia Manager, select MaintenanceUpdates
Available Downloads.
2. Click Download All Available Updates.
-
8/9/2019 proventia_administratorguide
15/48
Installing Updates from Proventia Manager
15Proventia Network Multi-Function Security Administrator Guide
2. Select the updates to install, and then click Install Updates.
Note: You must reboot the appliance after installing some updates.
Removing updates Removing an update is referred to as a rollback. You can remove or roll back thefollowing:
the last intrusion prevention update and the update package
the two most recent antivirus updates and the update packages
Note: You cannot remove or roll back firmware updates.
Example
You can only roll back to an update that you specifically installed. The following exampleillustrates the roll back process for cumulative updates:
Rolling backupdates
To roll back an update:
1. In Proventia Manager, select MaintenanceUpdatesStatus.
2. If you want to roll back either an antivirus update or an intrusion prevention update,then click Rollback Last Update, and then click OK.
Troubleshooting If you experience unusual behavior after you apply a firmware update, try the following:
1. Close the Web browser.
2. Clear the Java cache.
Note: For more information about how to clear the Java cache, see www.java.com/en/download/help/5000020300.xml.
3. Restart the Web browser, and then log on to Proventia Manager.
Task Description
1 You install version 1.1.
2 You skip version 1.2 and update to version 1.3.
3 You remove or roll back the 1.3 update.
4 The appliance returns to version 1.1.
Table 7: Example of the roll back process
http://www.java.com/en/download/help/5000020300.xmlhttp://www.java.com/en/download/help/5000020300.xmlhttp://www.java.com/en/download/help/5000020300.xmlhttp://www.java.com/en/download/help/5000020300.xml -
8/9/2019 proventia_administratorguide
16/48
Chapter 2: Firmware and Security Content Updates
16
Getting Updates from an Alternate Update Server
Introduction The topic explains how to configure the appliance to get updates from an alternate updateserver. Use an alternate update server when you do not want the appliance to contact ISSand download updates over the Internet. Instead of contacting ISS for the updates, the
appliance contacts the update server. The update servers function is to retrieve and storeappliance updates and provide them to the appliance when requested.
Note: The appliance does not have to be registered in SiteProtector to get updates from analternate update server.
Note: This topic assumes that you have installed and configured the update server.
Gathering requiredinformation
You need the following information about the update server:
host name or IP address
portthe port to which the update server is listening for download requests:
For the ISS Download Center (www.iss.net), the default port is 443.
For the SiteProtector X-Press Update Server, the default port if 3994.
authentication level between the appliance and the update server:
trust-all (the appliance always trusts connections with the SiteProtector updateserver without the servers digital certificate)
explicit-trust (the appliance verifies the servers identify with the servers digitalcertificate)
If you use theexplicit-trust levelIf you want to use the explicit-trust authentication level, then you must manually copy therequired certificate to the appliance.
Copying requiredcertificatesmanually
To copy a required certificate to the appliance manually:
1. Locate the following certificate file on the update server:
server-rsa.crt
Note: The file is stored in the following default location on the SiteProtector 2.0 SP5update server:
Program Files\ISS\RealSecure SiteProtector\X-Press Update
Server\webserver\Apache2\conf\ssl.crt\
Note: The file is stored in the following default location on the SiteProtector 2.0 SP6update server:
Program Files\ISS\SiteProtector\Application
Server\webserver\Apache2\conf\ssl.crt\
2. Use an SCP (Secure Copy) client such as WinSCP to copy the server-rsa.crt certificatefile to the following directory on the appliance:
/etc
Note: WinSCP is a third-party tool not supported by ISS. For information about howto run the utility, see the product documentation for the utility.
-
8/9/2019 proventia_administratorguide
17/48
Getting Updates from an Alternate Update Server
17Proventia Network Multi-Function Security Administrator Guide
Getting updatesfrom SiteProtector
To configure the appliance to obtain updates from SiteProtector:
1. In the navigation pane, select MaintenanceUpdatesAutomatic Settings.
Note: If the Export Administration Regulationwindow appears, then review theagreement, select Yes, and then click Submit.
2. Select the Alternate Update Servertab.
3. Select the Use Alternate Update Serveroption, and then complete the followingoptions:
4. Click Save Changes.
Option Description
Host or IP Type the fully-qualified domain name or IP address of the SiteProtector
update server.
Port Specify the port on which the appliance and the SiteProtector update
server communicate.
Default = 3994
Trust Level Select one of the following:
Trust-allthe appliance always trusts connections with the
SiteProtector update server without the servers digital certificate.
Tip: This is the easiest way to set up the connection.
Explicit-trustthe appliance verifies the servers identify with the
servers digital certificate. You must manually copy the certificate to the
appliance and specify the CA Certificatebox as described below.
Tip: This is a more secure connection than trust-all.
CA Certificate provide the fully qualified path to where the certificate resides on the
appliance as in the following example:
/etc/server-rsa.crt
-
8/9/2019 proventia_administratorguide
18/48
Chapter 2: Firmware and Security Content Updates
18
Installing Updates with the Manual Upgrader Utility
Introduction The Manual Upgrader utility retrieves update files from the Download Center. This topicexplains how to use the Manual Upgrader to download update files to the XPU server.
When to use thisprocedure
Use the procedures in this topic to update your appliance manually in the followingsituations:
Your appliance is configured to get updates from SiteProtector, but the SiteProtectorX-Press Update Server does not have Internet access.
Your appliance is configured to get updates from a stand-alone update server, but theserver does not have Internet access.
Installing updateswith the Manual
Upgrader utility
To install updates with the Manual Upgrader utility, you must do the following:
Configuring thealternate updateserver
To configure the alternate update server:
1. In Proventia Manager, select MaintenanceUpdatesAutomatic Settings.
2. Select the Alternate Update Servertab.
3. Select the Use Alternate Update Servercheck box.
4. Specify the Host or IPaddress of the XPU server.
5. Specify the Porton which the server is monitoring download requests.
For the SiteProtector X-Press Update Server, the default port is 3994.
Note: Confirm with the SiteProtector administrator that the port number has not
been changed.6. Save your changes.
Installing theManual Upgrader
To install the Manual Upgrader utility:
1. Obtain the Manual Upgrader installation file from the ISS Download Center.
The file is located in the SiteProtector area under the Other tab.
2. Copy the file to a computer that has Internet access.
3. Extract the downloaded zip file to a convenient directory.
Note: If you enable the Use Folder Names option when you extract the zip file, then
the program extracts the files to a directory called ManualUpgrader.
Task Description
1 Configure the alternate update server.
2 Install the Manual Upgrader utility.
3 Run the Manual Upgrader util ity.
4 Copy updates to the XPU server.
5 Install the updates.
Table 8: Tasks for installing updates with the Manual Upgrader utility
-
8/9/2019 proventia_administratorguide
19/48
Installing Updates with the Manual Upgrader Utility
19Proventia Network Multi-Function Security Administrator Guide
Running the ManualUpgrader
To run the Manual Upgrader:
1. On the computer where you installed the Manual Upgrader, navigate to the foldercontaining the program.
2. Double-click ManualUpgrader.exe.
3. Browse to a valid license file, and then select the file.
4. Read the End User License Agreement, and then click I Accept.
Note: If the Export Agreement appears, read the agreement, and then click I Accept.
5. Click Yeson the Manual Upgrader dialog to download a new catalog of availableupdates from the Web.
6. If you are prompted to download a Manual Upgrader update, click Yes.
The update is downloaded, and then you are prompted to download the most recentcatalog files.
7. Click Yes.
8. If an export agreement appears, accept it.
The newest catalog files are downloaded and all ISS product lines appear in the toppane and all available operating systems appear in the bottom pane.
9. Select CatalogLatest Network Multi-Function Catalogto select only MFS content.
10. Select the ISS product lines and the operating systems for which you want todownload updates.
Note: You can select multiple product lines and operating systems if needed.
11. You can control how recent the updates are by selecting the Only Get Files PostedWithin This Many Dayscheck box and specifying the number of days for which youwant to get updates.
12. Click Get Selected Updates.
Copying updates tothe XPU server
After you download the updates, you must copy the files to the appropriate directory onthe update server. You can use either the integrated XPU Server that is installed on thesame computer as the Application Server or an XPU Server that is installed on a separatecomputer.
If you did not download the required files to the computer where the XPU Server isinstalled, then you must transfer the files to that computer before you can apply theupdates.
Requireddirectories
You must copy the required files to specific directories on the computer where the XPUServer is installed. If these directories do not exist, then you must create them before youcan apply the updates.
Important: When you create the directories, you must spell and capitalize the directorynames exactly as described in this topic.
Required directoryon integrated XPUserver
The directory path below assumes that you are creating the directories on the integratedXPU Server and that this server is installed on the same computer as the ApplicationServer:
-
8/9/2019 proventia_administratorguide
20/48
Chapter 2: Firmware and Security Content Updates
20
\Program Files\ISS\SiteProtector\Application
Server\webserver\Apache2\htdocs\XPU\Proventia\M-Series
Required directoryon remote XPU
server
If you are creating the directories on a remote XPU Server that is not installed on the samecomputer as the Application Server, then you must create the directories in the following
directory path on the computer where the remote XPU Server is installed:
\Program Files\ISS\SiteProtector\X-Press Update
Server\webserver\Apache2\htdocs\XPU\
Installing theupdates
Depending on how you have configured Proventia Manager, the updates are eitherinstalled automatically once they are available or you can install them manually.
-
8/9/2019 proventia_administratorguide
21/48
Getting Updates through a Proxy Server
21Proventia Network Multi-Function Security Administrator Guide
Getting Updates through a Proxy Server
Introduction This topic provides information about how to enable the appliance to retrieve updatesthrough a proxy server.
Updating through aproxy server
If the appliance must go through a Web proxy server to retrieve updates from ISS, thenyou must enable the Web (HTTP) proxy service.
Enable the Webproxy service
To enable the Web (HTTP) proxy service:
1. In Proventia Manager, select ConfigurationSystemServices.
2. Select the HTTP Proxy tab.
3. Select the Enable HTTP Proxycheck box.
4. Specify the Addressand Portof the HTTP proxy.
5. Click Save Changes.
-
8/9/2019 proventia_administratorguide
22/48
Chapter 2: Firmware and Security Content Updates
22
-
8/9/2019 proventia_administratorguide
23/48
23Proventia Network Multi-Function Security Administrator Guide
Chapter 3
Reinstalling the Firmware
Overview
Introduction This chapter explains how to install the firmware.
In this chapter This chapter contains the following topic:
Topic Page
Reinstalling the Firmware 24
-
8/9/2019 proventia_administratorguide
24/48
Chapter 3: Reinstalling the Firmware
24
Reinstalling the Firmware
Introduction This topic explains how to reinstall the firmware.
Considerations Reinstalling the firmware takes the appliance off line and overwrites your custom policieswith the original factory defaults.
The recovery CD includes the Filter Database that came with your appliance. Thisdatabase is quickly out of date because database updates are released often. ISSrecommends that you reinstall only the firmware and thenafter the appliance isdeployeduse the Get Filter Database option in Proventia Manager to download thelatest database directly from the ISS Web site.
Prerequisites computer (see Computer Requirements) or keyboard and monitor (for M50 models)
red crossover cable
serial cable
recovery CD
Computerrequirements
If you are connecting a computer to the appliance for this procedure, verify the computerrequirements below:
Note: No software is installed on the computer during this process; the computer is usedonly to reinstall the firmware.
Requirement Description
BIOS setting Computer must be configured to allow it to boot from the CD drive.Reference:For information on how to check or change your BIOS
settings, see your computer documentation or go online and
search for instructions. Commonly, pressing F12 during bootup
allows you to specify booting from a CD.
CPU Pentium II or compatible
RAM 64MB
Drive IDE CD-ROM Drive
Port COM1
Network interface 3Com 3c905C Intel PRO/100 or PRO/1000
3Com 3c574 or 3Com 3c575
Netgear FA511 or Netgear FA411
Intel PRO/100 S Mobile Adapter
ISS supports only the listed network cards. The Proventia M50
appliance automatically detects network interface cards.
Table 9: Computer requirements
-
8/9/2019 proventia_administratorguide
25/48
Reinstalling the Firmware
25Proventia Network Multi-Function Security Administrator Guide
Before you reinstall If your appliance is still operational, do the following before you reinstall the firmware:
Back up your policies using a Settings Backup, and then download the backup files toa remote location. You can restore your policies from the backup files after youreinstall the appliance firmware.
Record the networking settings shown in the following table:
Reinstalling thefirmware on anM50 appliance
To reinstall the firmware on an M50 appliance:
1. Connect to the appliance:
2. Remove the front bezel.
3. Insert the Recovery CD in appliance CD drive.
4. Restart the appliance.
Mode Network settings
Routing IP addresses
subnet masks
default gateways for all interfaces
hostname
domain name
DNS name servers
Transparent IP address
subnet maskdefault gateway
hostname
domain name
DNS name server
If you areusing a... Then...
computer 1. Connect the serial cable from your computer to the serial port on the
appliance.
2. Connect the red Ethernet crossover cable from the Ethernet port on
your computer to the Internal ETH0port on the appliance.
3. On the computer, use an application such as HyperTerminal to
configure a terminal connection between the computer and the
appliance. Use the following settings:
Port = COM1 or other appropriate port
Bits Per Second = 9600
Data bits = 8
Parity = None
Stop bits = 1
Flow control = None
4. Start the connection.
keyboard and
monitorconnect the keyboard and monitor to the appliance.
-
8/9/2019 proventia_administratorguide
26/48
Chapter 3: Reinstalling the Firmware
26
5. When you see the boot:prompt, type reinstall, and then press ENTER.
6. Wait until the appliance reinstalls the software and automatically ejects Recovery CD.
Next Steps You must run the Proventia Setup Assistant again to initialize the system. You must alsoeither reconfigure your policies or restore your policies from the backup files you made.
Reinstalling thefirmware on allother models
To reinstall the firmware on any non-M50 appliance (that does not have a built-in CDdrive):
1. Turn off the appliance, and then disconnect it from the network.
2. Connect the serial cable from the console port on the appliance to the serial port onyour computer.
3. Connect the red Ethernet crossover cable from the internal port on the appliance tothe Ethernet port on your computer.
4. Insert the recovery CD into the CD drive on your computer, and then restart the
computer.
5. Wait until you see the following message:
***You may now boot your Proventia Appliance via the network******Starting Terminal Emulator******Press Control-G to Exit and Reboot***
Important: In the next step, you have only five seconds to press Lafter the Press Lprompt appears.
6. Turn on the appliance and watch the screen closely for the Press L prompt.
7. When you see the Press L to boot from LANprompt, press the Lkey.
8. When you see the boot:prompt, type reinstall, and then press ENTER.
9. Wait until the appliance reinstalls the software.
10. When the installation is complete, press CONTROL+Gto eject the CD and restart thecomputer in normal mode.
Next Steps You must run the Proventia Setup Assistant again to initialize the system. You must alsoeither reconfigure your policies or restore your policies from the backup files you made.
-
8/9/2019 proventia_administratorguide
27/48
27Proventia Network Multi-Function Security Administrator Guide
Chapter 4
Web Filter and Antispam DatabaseMaintenance
Overview
Introduction This chapter explains how to install and update the Web Filter and Antispam database.
In this chapter This chapter contains the following topic:
Topic Page
Installing and Updating the Web Filter and Antispam Database 28
-
8/9/2019 proventia_administratorguide
28/48
Chapter 4: Web Filter and Antispam Database Maintenance
28
Installing and Updating the Web Filter and Antispam Database
Introduction This topic explains how to install and update the Web Filter and Antispam Database.
Important: You must perform these tasks locally in Proventia Manager. You cannot
perform these tasks in SiteProtector.
Viewing databaseproperties
To view the Web Filter and Antispam Database version and other properties:
In Proventia Manager, select MaintenanceFilter DB.
The appliance displays the following database properties:
Installing thedatabase
To install the latest version of the Web Filter and Antispam Database:
Note: Installing the database does not take the appliance off line.
1. In Proventia Manager, select MaintenanceFilter DB.
2. Click Get Local DB.
Updating the
database
To update the Web Filter and Antispam Database:
Note: Updating the database does not take the appliance off line.
1. In Proventia Manager, select MaintenanceFilter DB.
2. Click the message Click here to update an existing database.
Property Description
Mode The current database status:
Not installed
Installed
Version The local database version in the following format:
x.xxxx
Status The status of the local database:
Installed
Downloading
Updating
Download Progress The progress of the local database download:
x% (percentage of completed download)
Indexing Database
-
8/9/2019 proventia_administratorguide
29/48
29Proventia Network Multi-Function Security Administrator Guide
Chapter 5
Maintenance Tools
Overview
Introduction This chapter explains how to use the maintenance tools.
In this chapter This chapter contains the following topic:
Topic Page
Working with Maintenance Tools 30
-
8/9/2019 proventia_administratorguide
30/48
Chapter 5: Maintenance Tools
30
Working with Maintenance Tools
Introduction This topic describes how to use the maintenance tools to do the following:
start or stop the appliance
use the traceroute utility to provide a list of all the routers along the path to acomputer or destination
ping a computer on your network to determine whether it can be contacted
reconnect the PPPoE on the external interface
release and renew a DHCP lease for the external interface
Tracerouteprotocols
You can use two types of protocols for the traceroute utility:
Openingmaintenance tools
To open the maintenance tools in Proventia Manager:
Note: You cannot access the maintenance tools in the SiteProtector Console. You mustaccess them locally in Proventia Manager.
Select MaintenanceTools.
Working with thetools
To use the maintenance tools:
1. Open the maintenance tools in Proventia Manager.
2. Do one of the following:
Protocol Description
UDP The UNIX traceroute command. When you select a UDP traceroute protocol, theappliance sends a UDP packet to a random port on the target host. The Time to Live
(TTL) and the destination port are incremental for each ICMP Port Unreachable
message that is returned, or until 30 hops are reached.
ICMP The Windows tracert command. When you select an ICMP traceroute protocol, the
TTL and the destination port are incremental for each ICMP Echo Request
message that is returned, or until 30 hops are reached.
Table 10: Traceroute protocol descriptions
If you want to... Then...
reboot the appliance click Reboot.
stop the appliance click Shutdown.
ping a computer type the IP address of the computer you want to ping in the
Pingfield, and then click Submit.
trace the route to a
device
1. Type the IP address you want to trace in the Traceroutefield.
2. Select a protocol in the Protocol section:
UDP(User Datagram Protocol)
ICMP(Internet Control Message Protocol)
3. Click Submit.
-
8/9/2019 proventia_administratorguide
31/48
Working with Maintenance Tools
31Proventia Network Multi-Function Security Administrator Guide
reconnect the PPPoE
connection on the
external interface
click the Reconnectbutton next to Reconnect PPPoE
Connection in the Network Connection section.
release and renew theDHCP lease for the
external interface
click the Renewbutton next to Renew DHCP lease in theNetwork Connection section.
If you want to... Then...
-
8/9/2019 proventia_administratorguide
32/48
Chapter 5: Maintenance Tools
32
-
8/9/2019 proventia_administratorguide
33/48
33Proventia Network Multi-Function Security Administrator Guide
Chapter 6
Back Up and Recovery
Overview
Introduction This chapter provides information about how to back up and restore your policies andhow to create and restore full system backups.
In this chapter This chapter contains the following topics:
Topic Page
Policy Backups 34
Full System Backups 35
-
8/9/2019 proventia_administratorguide
34/48
Chapter 6: Back Up and Recovery
34
Policy Backups
Introduction A policy backup (or settings backup) file contains all your appliance policies, includingpolicies for networking, appliance access, network objects, firewall, and antivirus. Theappliance comes with a policy backup file labeled FactoryDefault.settingsthat includes the
default appliance policies. Since you can store multiple policy backup files on theappliance, we recommend that you keep the default policies for troubleshootingpurposes. Do not use policy backup files to distribute policies to multiple appliances. ISSrecommends that you use SiteProtector to distribute policies to multiple appliances.
Note: Policy backup files are referred to as settings snapshotsand settings backups. Thesefiles are all the same.
When to back uppolicies
You should back up your policies as soon as possible after you configure the appliance fordeployment. You should also back up your policies on a regular basis.
Important: Use a unique name for the backup policy file.
Restrictions The following restrictions apply:
A policy backup file is model specific. The policy backup file is only compatibleamong appliances with the exact same model. (You cannot back up policies on onemodel, and then restore that policy on a different model.)
Policy (settings) backups made on older firmware releases may not restore properlyon newer firmware releases.
If your appliance is registered with SiteProtector, you must unregister the appliancefrom SiteProtector before you back up your policies.
Backing up andrestoring policies
To back up or restore policies:
1. In Proventia Manager, select MaintenanceBackup and Recovery.
2. Select the Settings Backuptab.
3. Do one of the following:
If you want to... Then...
back up settings 1. Click the Add icon, and then type a name for the backup file.
2. Click Create.
restore settings select the file, and then click Apply.
delete a backup file select the file, and then click Delete.
download a backup file select the file, and then click Download.
upload a backup file 1. Click Add.
2. Type the filename, or click Browseto locate the file.
3. Click Upload.
-
8/9/2019 proventia_administratorguide
35/48
Full System Backups
35Proventia Network Multi-Function Security Administrator Guide
Full System Backups
Introduction A full-system backup file contains a complete image of the appliance and its operatingsystem. You can restore the entire system from a full system backup. You should alwayscreate a full system backup before you apply a firmware update.
Restrictions The following restrictions apply:
You can store one full-system backup file on the appliance at any given time. Whenyou create a new full-system backup file, you overwrite the existing full-system
backup file.
Creating a full system backup takes the appliance off line for several minutes.
Full-system backups for version 1.7 or earlier are not compatible with version 1.8 orlater. Upgrade from version 1.7 to version 1.8 or later, and then create the full-system
backup.
Creating andrestoring fullsystem backups
To create or restore a full system backup:
1. In Proventia Manager, select MaintenanceBackup and Recovery.
2. Select the Full Backuptab.
3. Do one of the following:
To... Do this...
create a full system
backup
click Create System Backup.
Note:You cannot access the appliance during the backup or
restore process.
restore a full system
backup
1. Click Restore from Backup, and then click OK.
Note:You cannot access the appliance during the backup or
restore process.
2. Close all Web browser windows, and then clear your Java
cache.
Important: If you dont close all browser windows and clear
the Java cache, Proventia Manager might not function properly
after you have restored the system. For instructions about how
to clear the cache, see the documentation for your operating
system.
3. Wait at least five minutes before you access the appliance.
-
8/9/2019 proventia_administratorguide
36/48
Chapter 6: Back Up and Recovery
36
-
8/9/2019 proventia_administratorguide
37/48
37Proventia Network Multi-Function Security Administrator Guide
Chapter 7
System Diagnostics
Overview
Introduction This chapter describes the system diagnostics utility and provides instructions on how torun it.
In this chapter This chapter contains the following topics:
Topic Page
About System Diagnostics 38
Running Diagnostics and Downloading Test Results 41
-
8/9/2019 proventia_administratorguide
38/48
Chapter 7: System Diagnostics
38
About System Diagnostics
Introduction The system diagnostics utility is included on the recovery CD for your appliance andprovides a way to check for the following types of hardware failures:
network interface failures
hard disk failures
file system errors
certain general hardware errors
Limitations The utility does not detect the following:
a single failed power supply on appliances with dual supplies
a single failed drive in a RAID mirror
bad memory
When to run thetool
You can run the utility at the following times:
before you deploy a new appliance
before you deploy a replacement appliance
when you suspect there is a hardware issue with the appliance
when Technical Support requests it
What tests are
available
The utility provides four classes of diagnostic tests available:
serial number and model
disk
network
event log analysis
Serial number andmodel tests
The following table describes serial number and model tests:
Test Description
Model test Verifies that the appliance model matches the recovery CD used.
Serial number test Verifies that the appliance serial number is either 9 or 13 digits.
Table 11: Serial number and model test descriptions and considerations
-
8/9/2019 proventia_administratorguide
39/48
About System Diagnostics
39Proventia Network Multi-Function Security Administrator Guide
Disk tests You can skip all disk tests by specifying nodisk. The following table describes disk tests:
Network tests You can skip all network tests by specifying nonet. The following table describes networktests:
Test Description
Badblock test Finds invalid disk sectors. Each test takes approximately one hour
except when run on the M10, M10e, and M30 models. On these
models, each test takes approximately two hours.Parameters:
To run this test multiple times, use the dtbb=parameter.
To skip this test, use the dtbb=0parameter.
Files system test Checks the integrity of the linux file system on the appliance but
does not necessarily indicate failure.
Parameters:
To skip this test, use the nofsckparameter.
To resolve most file system errors:
1. Reboot the device normally.2. Log in as the root user.
3. Type reboot.
4. Reload the system diagnostics.
If this does not resolve a file system error message, you may
need to reimage the appliance.
SMART drive test Checks the hard drive error log for signs of failure. This test is
available on the following models that dont have multiple disks:
M10, M10e, M30, M30e, MX1004, and MX3006.
Parameters:
To skip this test, use the nosmartparameter.
Table 12: Disk test descriptions and considerations
Check Description
Network port count check If this test fails, the appliance may require RMA replacement.
Network interface self test Determines whether all interfaces are plugged in. Any interface
that is not plugged in shows up as failed.
Parameters: To skip this test, use the nonetselfparameter.
Table 13: Network test descriptions and considerations
-
8/9/2019 proventia_administratorguide
40/48
Chapter 7: System Diagnostics
40
Event log analysistests for the M50appliance
On the M50 appliance, event log analysis tests check for fault indicators or messages suchas the following:
critical interrupts
system POST errors
system temperature issues
Network traffic test Checks the interface traffic flow. Cables must be connected to the
interfaces to run this test.
Example cable connections on MX5010
Cable connections will be similar on other models. Connect eth0 to eth1
Connect eth2 to eth3
Connect eth4 to eth5
Connect eth 6 to eth7
Connect eth8 to eth9
Parameters:
To skip this test, use notrafficparameter.
Important:Immediately before this test begins, you have
approximately 30 seconds to verify that the cables are correctly
connected. The delay may be longer depending on your appliance
version.Important:Do not run earlier versions of system diagnostics on
M10, M10e, and M30e models because the test always fails, even
when the interfaces are not defective.
Check Description
Table 13: Network test descriptions and considerations (Continued)
-
8/9/2019 proventia_administratorguide
41/48
Running Diagnostics and Downloading Test Results
41Proventia Network Multi-Function Security Administrator Guide
Running Diagnostics and Downloading Test Results
Introduction This topic explains how to run the system diagnostic utility and download the test results.
Considerations Consider the following before you run the utility:
running system diagnostics takes the appliance off line completely.
running all tests takes the appliance offline for one to two hours.
Note: The test takes two hours for the M10, M10e, and M30 models.
you must recable the appliance network interfaces before you run the network tests.
Requirements Before you run the utility, verify that you have the following:
computer
Note: A computer is required if you want to download the results. red Ethernet crossover cable
serial cable
recovery CD
Computerrequirements
If you are connecting a computer to the appliance for this procedure, verify the computerrequirements:
Note: No software is installed on the computer during this process.
Requirement Description
BIOS Settings Computer must be configured to allow it to boot from the CD drive.
Reference:For information on how to check or change your BIOS
settings, see your computer documentation or go online and
search for instructions. Commonly, pressing F12 during bootup
allows you to specify booting from a CD.
CPU Pentium II or compatible
RAM 64MB
Drive IDE CD-ROM Drive
Serial port COM1
Network interface card 3Com 3c905C
Intel PRO/100 or PRO/1000
3Com 3c574 or 3Com 3c575
Netgear FA511 or Netgear FA411
Intel PRO/100 S Mobile Adapter
ISS supports only the listed network cards. The Proventia M50
appliance automatically detects network interface cards.
Table 14: Computer requirements
-
8/9/2019 proventia_administratorguide
42/48
Chapter 7: System Diagnostics
42
Running diagnosticson M50s
To run system diagnostics on M50 appliances:
1. Connect to the appliance:
Tip: To view output and download diagnostic files after you run the tests, you mustconnect a computer to the appliance using the serial cable.
2. Remove the front bezel.
3. Insert the Recovery CD in the appliance CD drive.
4. Restart the appliance.
5. When you see the boot: prompt, press TABfor the diagnostics menu.
Important: If you plan to run network diagnostic tests, you must recable the deviceby connecting crossover cables between all interfaces. Connect ETH0 to ETH1, port 2to 3, and so on.
6. Do one of the following:
Running diagnosticson all other models
To run system diagnostics on the M10, M30, MX1004, MX3006, MX5010, or any other M-series models that do not include a built-in CD drive:
1. In Proventia Manager, select MaintenanceTools.
2. Click Shut Down.
3. Turn off the appliance, and then disconnect it from the network.
If you are using a... Then...
computer 1. Connect the serial cable from your computer to the serial port
on the appliance.
2. On the computer, use an application such as HyperTerminal to
configure a terminal connection between the computer and the
appliance. Use the following settings:
Port = COM1 or other appropriate port
Bits Per Second = 9600
Data bits = 8
Parity = None
Stop bits = 1
Flow control = None
3. Start the connection.
keyboard and monitor connect the keyboard and monitor to the appliance.
If you want to... Then...
run all four classes of
system diagnostic tests type sysdiag, and press ENTER.
skip diagnostic test type sysdiagparametername.
Example: sysdiag nodisk
Tip: Optional parameters and descriptions are listed on thescreen. You can specify multiple parameters by placing a space
between parameters.
-
8/9/2019 proventia_administratorguide
43/48
Running Diagnostics and Downloading Test Results
43Proventia Network Multi-Function Security Administrator Guide
4. Connect the serial cable from the console port on the appliance to the serial port onyour computer.
5. Connect the red Ethernet crossover cable from the internal (ETH0) port on theappliance to the Ethernet port on your computer.
6. Insert the recovery CD into the CD drive on your computer, and then restart the
computer.
7. Wait until you see the following message:
***You may now boot your Proventia Appliance via the network******Starting Terminal Emulator******Press Control-G to Exit and Reboot***
8. If you plan to run network diagnostic tests, you must now recable the device byconnecting crossover cables between all available interfaces except for ETH0 andETH1. Connect port 2 to 3, port 4 to 5, and so on.
Important: In the next step, you have only five seconds to press Lafter the Press Lprompt appears.
9. Turn on the appliance and watch the screen closely for the Press L prompt.
10. When you see the Press L to boot from LANprompt, press the Lkey.
11. When you see the boot:prompt, press TABfor the diagnostics menu.
12. Do one of the following:
13. Wait until you see the messages:
Loading installerLoading filesystemBooting, please wait
14. Unplug the network cable from the computer.
15. Connect the remaining two appliance interfaces (ETH0 and ETH1) to each other.
About test results After the tests are finished, the results are displayed on a summary screen and included inthe following file:/tmp/sysdiag_.tgz
Caution: All output, logs, and diagnostic files are stored in memory only and are lostwhen you restart the appliance. To preserve the files, you must transfer them to anothersystem over the serial cable. Depending on the version of the system diagnostics utilityyou are running, the utility may provide an option to copy the file to an external USBdrive.
If you want to... Then...
run all four classes of
system diagnostic tests type sysdiag, and then press ENTER.
skip diagnostic test type sysdiagparametername.
Example: sysdiag nodiskTip: Optional parameters and descriptions are listed on the
screen. You can specify multiple parameters by placing a space
between parameters.
-
8/9/2019 proventia_administratorguide
44/48
Chapter 7: System Diagnostics
44
Copying results file To copy the sysdiag_.tgztest results file to another system:
1. Start the computer connected to the appliance.
Important: Do not restart the appliance itself.
2. Start a HyperTerminal connection using the following values:
Port = COM1 or other appropriate port
Bits Per Second = 9600
Data bits = 8
Parity = None
Stop bits = 1
Flow control = None
3. Press ENTERto get a bashprompt.
4. At the prompt, type download.
5. Type exitto safely turn off the appliance.6. Locate the file on your local system.
Tip: The default location is the following:C:\Documents and Settings\\sysdiag_.tgz
-
8/9/2019 proventia_administratorguide
45/48
45Proventia Network Multi-Function Security Administrator Guide
Chapter 8
Support
Overview
Introduction This chapter provides information about how to generate files used to troubleshoot issueswith customer support.
In this chapter This chapter contains the following topic:
Topic Page
Generating Support Files 46
-
8/9/2019 proventia_administratorguide
46/48
Chapter 8: Support
46
Generating Support Files
Introduction This topic explains how to generate a support file that can be used to troubleshoottechnical issues with customer support.
Contactingcustomer support
To contact customer support:
In Proventia Manager, select SupportSupport Contacts.
Creating anddownloadingsupport files
To create or download a system support file:
1. In Proventia Manager, select SupportSystem Support File.
2. Do one of the following:
To... Do this...
create a file select Generate Support Data File.
download a file 1. Select the radio button next to the file, and then click the
Downloadicon.
2. At the message prompt, click OK.
3. Follow the prompts to save the file to your hard drive.
-
8/9/2019 proventia_administratorguide
47/48
47Proventia Network Multi-Function Security Administrator Guide
Index
aappliance
rebooting 30
shutting down 30
bbackup and recovery
full system 35
policies 34
cconventions, typographicalin commands 7
in procedures 7
in this manual 7
dDHCP
releasing and renewing leases 31
DHCP leases, releasing and renewing 31
documentation, locating 6
fFilter Database
obtaining full version 28
updating existing 28
firmware updates
installing manually 14
full backup 35
iInternet Security Systems
technical support 8
Web site 8
mmanual appliance updates 14
ooperating system
back up and recovery 35
pping command 30
policies
backing up 34PPPoE
reconnecting the connection 31
PXE boot server 24, 41
rreinstalling appliance firmware
procedure for M50 2425
procedure for Mx1004 24, 26
procedure for Mx3006 24, 26
requirements 25
ssecurity content updates
installing manually 14
removing manually 15
system support file 46
system tools 30
-
8/9/2019 proventia_administratorguide
48/48
Index
ttechnical support
contacting 46
system support file 46
technical support, Internet Security Systems 8traceroute command 30
traceroute protocols 30
typographical conventions 7
uupdates
alternate update servers 16
downloading updates 14
finding updates 14
installing updates manually 14obtaining from SiteProtector 16
removing security content updates 15
rolling back updates 15
troubleshooting 15
wWeb site, Internet Security Systems 8
xX-Press update server 16