|
| |
|
|
eTrust
Content Inspection Standalone Gateway
|
What is the
Standalone Gateway Inspection Engine (GIE)?
The eTrust Content Inspection
Standalone Gateway component uses packet-processing technology to detect network
objects in real-time. It can be configured to work with external applications
that capture the network stream and assemble the files for inspection.
The eTrust Content Inspection
Standalone Gateway is designed to run on a machine that is in the IP route path between your local intranet, the network you want to protect, and the outer
network or the Internet. The eTrust Content Inspection Gateway services inspect the contents of files transmitted
through HTTP (Hyper Text Transfer Protocol), FTP (File Transfer Protocol), or SMTP (Simple
Mail Transfer Protocol). eTrust Content Inspection Gateway can scan, delete, cure, rename,
or block files that do not pass your security qualifications. If a virus or a security
violation is detected, an event is logged and proper notifications are sent. Security
notifications are set through the eTrust Content Inspection Gateway Manager.
Te eTrust Content Inspection
GIE edition incorporates an Anti-virus feature. While eTrust Content
Inspection analyzes the content of all inbound objects at the gateway, the
Anti-virus engine scans objects for viruses according to the anti-virus
parameters set up by the administrator using the Policy Manager tools.
Standalone Gateway Application
The Gateway application communicates with
the Control Center, so that it is updated with the organization's latest
security policy. Each Gateway transfers to the Control Center details of
objects analyzed; it's source and destination IP addresses, security
violations and collisions, including the cause of the violation, and the date
and time of analysis.
The organization's security policy is
received from the Control Center and enforced at the Gateway level. All
communications between the Gateway and the control Center use TCP/IP
protocols, and these communications are fully authenticated, as are all
communications between any of the eTrust Content Inspection components.
Gateway Inspection Engine User Interface
The Gateway interface lists all objects
analyzed at the Gateway, and displays the number of downloadable objects
passed and the number rejected, along with the date and time of the latest
policy update.
Gateway Inspection Engine Information The
top section of the Gateway User Interface as shown above, provides the
following information:
 |
The name of the
Gateway (GIE2.15)
|
|
The Control Center to
which the Gateway is connected (Default Control Center)
|
|
The number of objects
analyzed (46514), the number of objects rejected (8323), the date
and the time that the Gateway was last activated, and the date and
time when the security database was last updated. |
|
Gateway Inspection Engine Object Information List
The lower part of the gateway
user interface as shown above is the Object Information List, which provides the following
information:
|
Client
IP
This refers to the name of the Client
(workstation) that requested the download, as defined in the
security plan. In the example above, the Client IP is 194.90.79.122.
|
|
Object
Name
This field displays the URL
address and path and filename of the object that was downloaded. In
the example above, the Object Name of the first object is //192.115.80.200/home/0,7340,8,00.html
|
|
Status
This field indicates whether the
object was passed (i.e. executed), rejected (i.e. blocked and
therefore not executed), or audited (i.e. logged in the Audit Viewer
database). In the example above, the first Object was both rejected
and audited.
|
|
Date
and Time
This field displays the date and time when the object was analyzed.
In the example above, the first Object was analyzed on 11/29/00 and
the time was 9:59:49 AM
|
|
|
