Resumen del contenido incluido en la página 1
® Enterprise Reporter
EVALUATION
GUIDE
Models: ER HL/SL
Software Version: 5.0.00
Document Version: 01.07.09
Resumen del contenido incluido en la página 2
ENTERPRISE REPORTER EVALUATION GUIDE © 2009 8e6 Technologies All rights reserved. Printed in the United States of America Local: 714.282.6111 • Domestic U.S.: 1.888.786.7999 • International: +1.714.282.6111 This document may not, in whole or in part, be copied, photocopied, reproduced, trans- lated, or reduced to any electronic medium or machine readable form without prior writ- ten consent from 8e6 Technologies. Every effort has been made to ensure the accuracy of this document. However, 8e6 T
Resumen del contenido incluido en la página 3
CONTENTS 8E6 ENTERPRISE REPORTER EVALUATION GUIDE ............................................1 Overview. ......................................................................................................................... 1 Note to Evaluators. ......................................................................................................... 1 INSTALL THE ENTERPRISE REPORTER ..............................................................2 CONFIGURE, TEST THE ENTERPRISE REPORTER ......
Resumen del contenido incluido en la página 4
CONTENTS Create a Custom Report for a specific user. .............................................................. 22 How to use the Custom Report Wizard ..................................................................................22 Generate a new Custom Report ......................................................................................22 Next steps for documenting, monitoring specific user activity .........................................24 Export a Custom Report..............
Resumen del contenido incluido en la página 5
8E6 ENTERPRISE REPORTER EVALUATION GUIDE OVERVIEW 8E6 ENTERPRISE REPORTER EVALUATION GUIDE Overview Thank you for choosing to review 8e6 Technologies’ Enterprise Reporter. The Enterprise Reporter helps administrators manage internal Web-based threats by documenting historical Internet usage information by user. The Enterprise Reporter is unique in that it is the only dedicated appliance that processes and displays Internet filtering logs without compromising filtering perfor- mance or impact
Resumen del contenido incluido en la página 6
INSTALL THE ENTERPRISE REPORTER NOTE TO EVALUATORS INSTALL THE ENTERPRISE REPORTER To install the appliance, configure the box and to test reporting is operational please refer to the step-by-step instructions found in the Enterprise Reporter Quick Start Guide provided in the box. Please note that prior to reviewing the Enterprise Reporter you should install the R3000 Internet Filter, which is required for sending logs to the Reporter. See the R3000 Internet Filter Evaluation Guide for in
Resumen del contenido incluido en la página 7
CONFIGURE, TEST THE ENTERPRISE REPORTER UNDERSTAND THE MOST COMMON AND USEFUL FEATURES CONFIGURE, TEST THE ENTERPRISE REPORTER Understand the most common and useful features One of the advantages of a hardware appliance, in addition to its compatibility and extremely low profile on the network, is its ease of use. Configuration of the Enter- prise Reporter can seem disarmingly simple at times, but when the hardware and software are designed to work together, the levels of complication decreas
Resumen del contenido incluido en la página 8
CONFIGURE, TEST THE ENTERPRISE REPORTER USE CUSTOM CATEGORY GROUPS TO NARROW YOUR SEARCH Use custom Category Groups to narrow your search Prior to running any reports, there are a few recommended configuration steps that create a more customized experience for the evaluator. The first step is to create category groups, which are customized groupings from the 8e6 library of more than 99 filter categories. For example, most customers prefer to set up a category group for those categories th
Resumen del contenido incluido en la página 9
CONFIGURE, TEST THE ENTERPRISE REPORTER USE CUSTOM CATEGORY GROUPS TO NARROW YOUR SEARCH Group Definitions frame The Group Definitions frame displays to the right in the Category Groupings window. In this frame you define a category group by specifying which categories will belong to that group. How to add Categories to a Category Group 1. Select a category group from the Group Name pull-down menu. Any categories previously entered display in the list box in this frame. (For evaluation purp
Resumen del contenido incluido en la página 10
CONFIGURE, TEST THE ENTERPRISE REPORTER USE CUSTOM USER GROUPS TO NARROW YOUR SEARCH Use custom User Groups to narrow your search The next step is to create user groups, which are customized groupings of users that reside on the organization’s network. For example, most enterprise customers prefer to set up user groups for each department within the company, and educa- tion customers prefer to setup separate user groups for each classroom or grade level. Creating these user groups reduces
Resumen del contenido incluido en la página 11
CONFIGURE, TEST THE ENTERPRISE REPORTER USE CUSTOM USER GROUPS TO NARROW YOUR SEARCH Group Definitions frame The Group Definitions frame displays to the right in the User Groupings window. In this frame you can view members of a user group, and can define a user group by specifying which users will belong to that group. Define a User Group When defining a user group, you can add and/or exclude users to/from that group. Modifications to a user group can be made at any time, as necessary. 1. S
Resumen del contenido incluido en la página 12
CONFIGURE, TEST THE ENTERPRISE REPORTER USE CUSTOM USER GROUPS TO NARROW YOUR SEARCH • Please Enter IP Range - This frame is used for including users based on a range of IP addresses. For example, you might have one range of IP addresses for sales, and another for admin. Enter the IP address range in the From and To fields. Click the Add IP Range button to add the IP address range. • Individual Adds/Removes - This frame is used for including and/or excluding specified users. Click the Sh
Resumen del contenido incluido en la página 13
CONFIGURE, TEST THE ENTERPRISE REPORTER USE ENTERPRISE REPORTER TO CONDUCT AN INVESTIGATION Use Enterprise Reporter to conduct an investigation Once custom category groups and user groups have been created, administrators can begin running their first reports. In most cases, administrators will employ the Enterprise Reporter as a forensic tool to determine if anomalous Internet behavior exists in their organization. In order to facilitate this process, the Enterprise Reporter menu structure
Resumen del contenido incluido en la página 14
CONFIGURE, TEST THE ENTERPRISE REPORTER USE ENTERPRISE REPORTER CANNED REPORTS Use Enterprise Reporter Canned Reports As previously stated, the first thing the administrator will see when logging into the Enterprise Reporter is a dashboard of graphical reports called “Canned Reports”. By viewing these reports, an administrator has an at-a-glance view of any anoma- lous behavior that warrants an investigation. Canned reports contain pre-generated data for a specified period of time (Yester
Resumen del contenido incluido en la página 15
CONFIGURE, TEST THE ENTERPRISE REPORTER USE ENTERPRISE REPORTER CANNED REPORTS How to generate a Canned Report To generate a canned report: 1. Go to the navigation panel and click Canned Reports to display yesterday’s Top 20 (Internet Filtering) Categories by Page Count report view in the right panel: Yesterday’s Top 20 Categories by Page Count Report TIP: Click the left arrow or right arrow at the edges of the dashboard to display thumbnail images that are currently hidden. NOTE: If the ER
Resumen del contenido incluido en la página 16
CONFIGURE, TEST THE ENTERPRISE REPORTER USE ENTERPRISE REPORTER CANNED REPORTS Sample Bar Chart Canned Report Sample Pie Chart Canned Report The header of the generated canned report includes the date range, Report Type, and criteria Details. The body of the first page of the report includes the following information: • Bar chart - name of category, username, username path, URL or site IP address, or user group name, and corresponding bar graph. • Pie chart - color-coded pie graph and key s
Resumen del contenido incluido en la página 17
CONFIGURE, TEST THE ENTERPRISE REPORTER USE ENTERPRISE REPORTER DRILL DOWN REPORTS The body of the following page(s) of the report includes Count columns and corre- sponding totals. The Grand Total and Count display at the end of the report. NOTE: See ‘Summary Drill Down Report navigation’ for information about report elements referenced above. How to export a Canned Report From the open PDF file, the canned report can be exported in some of the following ways: • print the report - click the
Resumen del contenido incluido en la página 18
CONFIGURE, TEST THE ENTERPRISE REPORTER USE ENTERPRISE REPORTER DRILL DOWN REPORTS How to generate a Summary Drill Down Report To generate a summary drill down report: 1. Go to the navigation panel and click Drill Down Reports to display (by default) today’s Categories report view by Page Count in the right panel: Sample Drill Down Categories Report (Summary report) 2. Click one of the following menu topics in the navigation panel for the type of report you wish to view: Categories, IPs, Us
Resumen del contenido incluido en la página 19
CONFIGURE, TEST THE ENTERPRISE REPORTER USE ENTERPRISE REPORTER DRILL DOWN REPORTS 3. Use the tools in the right panel to create the desired drill down view. NOTE: See ‘Summary Drill Down Report navigation’ for information on using the reporting elements described in this sub-section. 4. The drill down view can be exported, saved, and/or scheduled to run at a spec- ified time. Summary Drill Down Report navigation Continuing from the last section, this section is designed to help the administra
Resumen del contenido incluido en la página 20
CONFIGURE, TEST THE ENTERPRISE REPORTER USE ENTERPRISE REPORTER DRILL DOWN REPORTS Count columns Columns for specified “item counts” display in the body of all drill down report views. The column for the current report type does not display and therefore cannot be selected. Count columns • Category Count - displays the number of categories a user has visited, or the number of categories included within a given site. Categories are set up for the Web access logging device filter via the Se