Best IT Documents.com Blog


Sample WatchGuard Option Profile — Additional Options

Posted in Firewalls (75),Networking (340),Security (1500) by Guest on the January 28th, 2014

There are additional options that affect how the service performs host discovery for maps and scans and how the service interacts with your Firewall, IPS / IDS configurations. These options appear on the Additional tab when you create or edit an option profile.

The initial settings are best practice in most cases. These settings should only be customized under special circumstances. For example, changing the Host Discovery setting may result in live hosts going undetected, and thus not being scanned for vulnerabilities.

To customize additional options, create a new option profile or edit an existing profile. Then apply the customized profile to on-demand or scheduled map and scan tasks.

Option Description
Host Discovery Specify which probes are sent and which ports are scanned during host discovery. This option affects both map and scan tasks. The service pings every target host using ICMP, TCP, and UDP probes and then analyzes the packets sent in response to determine which hosts are “alive”.Note that by changing the default settings, the service may not detect all live hosts, and hosts that go undetected cannot be scanned for vulnerabilities. These settings should only be customized under special circumstances. For example, to add ports that are not included in the Standard port list, remove probes that will trigger your firewall/IDS, or only discover live hosts that respond to an ICMP ping.Initial Settings: TCP & UDP – Standard Scan, ICMP – Enabled
Blocked Resources Specify ports that are blocked and IP addresses that are protected by your firewall/IDS. This option only affects scan tasks. If the scanning process triggers your IDS, then it will likely be firewalled and we won’t be able to continue our search for vulnerabilities on your network. Therefore, we need to know which IPs you have protected and which ports are blocked. This will help us prevent triggering your IDS.Optionally, if you don’t want a host to be scanned at all, then add the host’s IP address to the excluded hosts list. No scanning traffic, including ICMP, TCP and UDP probes, will be sent to excluded hosts. Configure the list of excluded hosts on the Excluded Hosts Setup page (Setup—>Excluded Hosts).Another method for allowing our scanning engine to probe your network without triggering your firewall/IDS is to add our scanner IP addresses to your firewall/IDS configuration. This list of friendly IPs is commonly known as a white list or exception list. For example, if you are using WatchGuard, add our scanner IP addresses to the “Blocked Sites Exception” list. This list is configured in the System Configuration for the WatchGuard Firebox Vclass series, and in the Policy Manager for the WatchGuard Firebox System series. Refer to your firewall/IDS documentation for specific details on how to configure an exceptions list. You can view a current list of IP addresses for the service’s external scanners on the About page (Help—>About).Note that the “WatchGuard default blocked ports” option is only applicable to the WatchGuard Firebox System series. Setting this option is not necessary if you added our scanner IP addresses to the WatchGuard exception list.Initial Setting: Disabled
Ignore RST packets Some filtering devices, such as firewalls, may cause a host to appear “alive” when it isn’t by sending TCP Reset packets using the host’s IP address.When enabled, all TCP Reset packets are ignored for scan tasks and TCP Reset packets generated by one or more filtering devices are ignored for map tasks. In other words, hosts will not be detected as being “alive” if the only responses from them are TCP Reset packets that seem to have originated from a filtering device.  Initial Setting: Disabled
Ignore firewall-generated SYN-ACK packets Some filtering devices, such as firewalls, may cause a host to appear “alive” when it isn’t by sending TCP SYN-ACK packets using the host’s IP address.When enabled, the service attempts to determine if TCP SYN-ACK packets are generated by a filtering device and ignores all SYN-ACK packets that appear to originate from such devices.Initial Setting: Disabled
Do not send ACK or SYN-ACK packets during host discovery Some firewalls are configured to log an event when out of state TCP packets are received. Out of state TCP packets are not SYN packets and do not belong to an existing TCP session. If your firewall is configured in this manner and you do not want such events logged, then you can enable this option to suppress the service from sending out of state ACK and SYN-ACK packets during host discovery for map and scan tasks. If you enable this option and you also enable the “Perform 3-way handshake” option on the Scan tab, then the “Perform 3-way handshake” option takes precedence and this option is ignored.Initial Setting: Disabled
Comments Off on Sample WatchGuard Option Profile — Additional Options

Sample Mindmap – Exchange Debug Maintenance example

Posted in Mindmap (100) by Guest on the January 24th, 2014

Exchange Maintenance Processes in MindMap.

http://bestitdocuments.com/Services.html

 

Comments Off on Sample Mindmap – Exchange Debug Maintenance example

Sample Excel – VMWare Server Hardware Standards

Posted in O S (375),Sample - IT Spreadsheets - PowerPoints (251) by Guest on the January 23rd, 2014
Comments Off on Sample Excel – VMWare Server Hardware Standards

Sample – Simple Electronic Mail Policy

Posted in eMail (66),Policies - Standards (600) by Guest on the January 22nd, 2014

User Responsibilities

These guidelines are intended to help you make the best use of the electronic mail facilities at your disposal. You should understand the following.

1) The Company provides electronic mail to staff to enable them to communicate effectively and efficiently with other members of staff, other companies and partner organisations.

When using the Company’s electronic mail facilities you should comply with the following guidelines. 

DO

1) Do check your electronic mail daily to see if you have any messages.

2) Do include a meaningful subject line in your message.

3) Do check the address line before sending a message and check you are sending it to the right person.

4) Do delete electronic mail messages when they are no longer required.

5) Do respect the legal protections to data and software provided by copyright and licenses.

6) Do take care not to express views which could be regarded as defamatory or libellous.  

DO NOT

1) Do not print electronic mail messages unless absolutely necessary.

2) Do not expect an immediate reply, the recipient might not be at their computer or could be too busy to reply straight away.

3) Do not forward electronic mail messages sent to you personally to others, particularly newsgroups or mailing lists, without the permission of the originator.

4) Do not use electronic mail for personal reasons.

5) Do not send excessively large electronic mail messages or attachments.

6) Do not send unnecessary messages such as festive greetings or other non-work items by electronic mail, particularly to several people.

7) Do not participate in chain or pyramid messages or similar schemes.

8) Do not represent yourself as another person.

9) Do not use electronic mail to send or forward material that could be construed as confidential, political, obscene, threatening, offensive or libellous.  

Please note the following

All electronic mail activity is monitored and logged.

All electronic mail coming into or leaving the Company is scanned for viruses.

All the content of electronic mail is scanned for offensive material. 

If you are in any doubt about an issue affecting the use of electronic mail you should consult the I.T. Services Manager. 

Any breach of the Company’s Electronic Mail Policy may lead to disciplinary action.

http://www.bestitdocuments.com/Services.html

 

Comments Off on Sample – Simple Electronic Mail Policy

Sample Word – Intel VMWare – Solution Design References

Posted in O S (375),Security (1500),Virtual - VMWare (30) by Guest on the January 20th, 2014
Comments Off on Sample Word – Intel VMWare – Solution Design References

Sample Word – Contemporary Fax Document

Posted in O S (375) by Guest on the January 16th, 2014

Free Word document download

Sample Contemporary Fax Document

http://bestitdocuments.com/Services.html

Comments Off on Sample Word – Contemporary Fax Document
Next Page »