Black Box Optinet FE408005AA, User Manual

Page 1: ... S call 724 746 5500 FREE technical support 24 hours a day 7 days a week Call 724 746 5500 or fax 724 746 0746 Mailing address Black Box Corporation 1000 Park Drive Lawrence PA 15055 1018 Web site www blackbox com E mail info blackbox com Customer Support Information March 2009 FE408005AA FE408045XA FE408020AA FE408100XA FE408020XA FE408200XA ...

Page 2: ...0 or go to blackbox com and click on Talk to Black Box You ll be live with one of our technical experts in less than 20 seconds TRADEMARKS USED IN THIS MANUAL Black Box and the Double Diamond logo are registered trademarks and Optinet is a trademark of BB Technologies Inc Any other trademarks mentioned in this manual are acknowledged to be the property of the trademark owners ...

Page 3: ... Optinet 9 Manual Configuration 10 Management Auxiliary Interface 10 Text Menu Interface 11 Proxy Mode 14 Configuring Port Settings 16 Configuring Cabling 17 Testing Fail to Wire or No Failover 17 Fail to Wire 17 Bypass Mode 18 No Failover 18 Chapter 3 Navigating Optinet 20 General Navigation 20 Tasks Pane 22 Help Pane 23 Chapter 4 Generating Reports 25 Home Page 25 The Message Center 25 System No...

Page 4: ...Usage tab 34 System Reports tab 35 Dashboards tab 35 Chapter 5 Managing Optinet 38 General Manage Options 38 Policies Rules tab 39 Groups 39 Time of Day Rules 42 Traffic Flow Rule Sets 43 Content Filtering 44 Advanced Filtering 46 Internet Usage Rules 48 Shaping Rules 51 Policy Manager 54 Directory Users Nodes 54 Network Nodes 55 Directory Users 58 Directory Agent 58 Broadcasts tab 59 System Acces...

Page 5: ...3 Logs tab 83 Activity Log 83 Kernel Log 84 Redirection Pages 84 Blocked URL 84 Directory Agent Login Page 85 Utilities 85 System Resets 86 Support Link 88 Spyware Removal Tool 89 Chapter 7 Integrating Directory Users with Optinet 90 Directory Overview 90 Directory Options 92 Directory Option 1 Directory Agent with Directory Client cymdir exe 92 Directory Option 2 Directory Agent with IP Lookup 93...

Page 6: ...ing Rules 120 HTTPS SSL Blocking 121 HTTPS SSL Filtering Requirements 121 Enabling SSL Certificate Based Filtering 122 Web Filter Deny IM Anonymous Proxy Guard SSL Filter 122 Web Filter Anonymous Proxy Guard SSL Filter 123 Web Filter SSL Filter 123 The Optinet Digital Certificate 123 Installing The Optinet Digital Certificate 124 Deploying The Optinet Certificate via Web Browsers 124 Deploying The...

Page 7: ...equipment is operated in a commercial environment Operation of this equipment in a residential area is likely to cause interference in which case the user at his own expense will be required to take whatever measures may be necessary to correct the interference Changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to oper ate the eq...

Page 8: ...l flujo de aire por los orificios de ventilación 10 El equipo eléctrico deber ser situado fuera del alcance de fuentes de calor como radiadores registros de calor estufas u otros aparatos incluyendo amplificadores que producen calor 11 El aparato eléctrico deberá ser connectado a una fuente de poder sólo del tipo descrito en el instructivo de operación o como se indique en el aparato 12 Precaución...

Page 9: ...or browsing the Web downloading files via File Transfer Protocol FTP or Peer to Peer P2P applications This information is valuable as you will begin to see how your network resources are being used With this information you can then use Optinet to optimize traffic identify high priority traffic and restrict unwanted types of traffic or web sites In essence Optinet will allow you to receive the mos...

Page 10: ...riority traffic ensure employee productivity provide appropriate web content add an additional layer of security and prevent users from compromising your network This user guide will instruct you on how to use and deploy the various functions of Optinet ...

Page 11: ... Testing Fail to Wire or No Failover Optinet is a powerful network device that is relatively easy to set up in any network environment using the instructions in this document and the Setup Wizard Please read and understand all configuration and installation considerations before proceeding If you have questions or are unsure about the installation of Optinet please contact your Black Box Technical...

Page 12: ...your network will constitute 100 Network Node license Please make sure that the amount of licenses purchased is sufficient for the active connections present on your network Model Number and Serial Number these numbers are associated with your Optinet for device identification and are used in conjunction with the License Key for verification of the amount of licenses purchased IP Configuration If ...

Page 13: ...ish a connection to Optinet from a local management workstation laptop You will also need to connect Optinet to your network Email Settings In order for Optinet to send email alerts the email server listed below must be configured to relay messages from Optinet System Alerts Broadcasts email address System Administrator Email Server Hostname or IP address optional Remote Subnets Optinet will ident...

Page 14: ... through cable from the Optinet WAN port to an empty port on your local network switch Figure 2 1 Optinet Configuration Connectivity 3 Write down the existing IP settings of your local workstation laptop so that you can easily change them back when configuration is complete 4 Change your local workstation laptop IP settings You will need to change the IP settings on your local workstation laptop t...

Page 15: ... the following information displayed in the Welcome Screen and select Next Figure 2 2 The Setup Wizard Welcome Screen 5 Using the information you collected in the section Gathering Initial Information complete the steps within the Setup Wizard Select Next when the page fields are complete Optinet will test the settings of each step and if successful will allow you to proceed 6 The final step in th...

Page 16: ... the Core Network Switch 1 Remove the cables connected to The Optinet WAN and LAN ports 2 If you modified your local workstation laptop IP settings you will need to change your local workstation laptop settings back to their original IP settings 3 Locate the connection between the Core Network Switch and the Firewall WAN Router Unplug the cable from the Firewall WAN Router and connect it to the LA...

Page 17: ...crosoft s IE 6 or higher and navigate to http IP address assigned 2 Login using the default credentials listed under the section Running Setup Wizard or with the newly created administrative login 3 When you login to Optinet the Home Page will display This page provides a snapshot of system health filtering effectiveness current firmware versions subscription settings as well as links to administr...

Page 18: ...le below The following table shows where the network configuration information collected in Gathering Initial Information can be manually entered into The Optinet configuration pages Quick Start Guide Table Name Admin Configuration Page Name License Key License IP Settings Setup Total Upload Download Bandwidth Misc Settings Email Settings Company Settings Remote Subnets Remote Subnets Management A...

Page 19: ...ailable here most advanced technical options are only available through the GUI menus The one exception is IP Traffic Monitor Option 2 Utilities Option 3 IP Traffic Monitor which is discussed under Chapter 6 Administrating Optinet section Diagnostic Tools tab Below are the supported options for accessing The Optinet Text Menu Secure Shell SSH HyperTerminal via serial connection The default login f...

Page 20: ...12 Figure 2 4 PuTTY Configuration 6 Login with the default credentials 7 Type 1 to access Configure IP addresses submenu Figure 2 5 Text Menu Interface ...

Page 21: ... In the New Connection Description dialog enter a name for the connection in the Name field and select an icon if you want 3 Click the OK button 4 In the Connect To dialog select the COM port for the connection 5 Click the OK button 6 In the COM Port Properties window select the settings that correspond to Bits per second 38 400 Data bits 8 Parity None Stop bits 1 Flow control None 7 Click the OK ...

Page 22: ...method to assign the device the required IP settings Afterwards you must alter the connection settings of the users web browsers to use the IP address of Optinet as a proxy and port 8888 for browsing Port 8888 is the assigned port used by the Optinet filtering engine If Optinet has a private IP address and you want external users to use Optinet as a proxy you may need to create a Network Address T...

Page 23: ...ork traffic normally associated when in the default inline mode in particular bandwidth control and full reporting Because network traffic is not physically passing through the Optinet bridge interface the device can no longer confirm which applications are passing nor control bandwidth In addition to this you cannot use all of the Advanced Filtering options and HTTPS SSL Filtering settings to ens...

Page 24: ...iate with the devices that are plugged into these ports to verify their speeds and duplex mode Normally auto negotiate will allow Optinet to operate at least 100 Mbps or above and Full Duplex However you should confirm that Optinet is operating at least 100Mbps or above Full Duplex and is not generating any interface errors You can do this under Admin Diagnostic Tools Ethernet Status Review both W...

Page 25: ...Fail to Wire or No Failover by following the steps listed in the next section Testing Fail to Wire or No Failover Optinet offers two options for network connectivity in case of a device failure or power loss Fail to Wire and No Failover Unless specified before purchase the model of Optinet you receive will be designed for Fail to Wire Fail to Wire allows network traffic to pass in case Optinet fai...

Page 26: ...will blink and scroll in unison If this happens please contact Black Box Network Services Technical Support at 724 746 5500 or your Authorized Black Box Network Services Reseller Diagnosing and troubleshooting the problem may require that you physically remove Optinet from the network No Failover No Failover works by simply grounding the circuit in between the WAN and LAN ports of Optinet As such ...

Page 27: ...y that the unit is functional As with Fail to Wire there are other scenarios that can cause Optinet to fail besides powering down the device If Optinet is entering No Failover unintentionally please contact Black Box Network Services Technical support at 724 746 5500 and or your Authorized Black Box Network Services Reseller for diagnosis and troubleshooting Now that you have confirmed Fail to Wir...

Page 28: ...alth filtering effectiveness current firmware versions subscription settings as well as links to guide the administration of your system The Optinet navigation is divided into three tabs Report Manage and Admin Each tab presents you with different functions for Optinet When you click on one of the tabs the expanded menus for those tabs will appear You can then select a sub menu under the correspon...

Page 29: ...and clicking the Go button the available pages are listed above the open box You can also navigate to the next Next or previous Prev page by clicking the single arrow or to the very end or beginning of the series by clicking the double arrows Where available the pagination menu will post towards the bottom of the report membership box or application menu Figure 3 2 Optinet Pagination arrows Finall...

Page 30: ...rectory User Detail for selected Directory User profiles Network Node Overview Display the Network Nodes Overview report Network Node Detail Display all details for the Network Node selected Re scan Port This will re scan profiles under Network Node Manager Manage Directory Users Nodes Network Nodes Use this action when a device needs to be re scanned due to configuration changes i e new NetBIOS n...

Page 31: ...cted Network Nodes Dashboard Display all traffic reported for the Network Node selected Related Tasks View Bandwidth Report View amount of bandwidth consumed for selected Web category Web site or profile View Hits Report View amount of URL hits for selected Web category Web site or profile System Information System Information will post current system time If your device does not post the correct ...

Page 32: ...f the Product Enhancement Program may change from time to time as new features and capabilities are added to or changed in the product but they will never include personal identifiable information You can stop participating at any time by disabling the checkbox located in the Product Enhancement Program One last item under the Help Pane is Black Box Network Services Optinet Privacy Policy The priv...

Page 33: ...Tab Applications Tab Threats Tab Internet Usage Tab System Reports Dashboards Tab Home Page The first page presented under the Report tab is the Home Page The Home Page is divided into 5 sections Message Center System Notifications Getting Started Hardware Settings and System The top display will be the Message Center The Message Center The Message Center posts message about firmware and software ...

Page 34: ... settings i e Model Serial number and Device ID This area also posts the device s Licensed Nodes Software Version Last Known Updates System Time and expiration date of Annual Software Maintenance ASM ASM is used for support on your device and provides Optinet with continued updates on firmware spyware anti virus and content filtering ASM also grants you access to Black Box Network Services Technic...

Page 35: ...will allow you to adjust the time and days accordingly Search This field will allow you to search for different sections in reports i e specific web sites categories applications etc Enter in the search criteria and click the Search button or press the Enter key for results Correlated by This field allows you to link traffic reports to the most bandwidth consuming users Group Directory User and Ne...

Page 36: ...plication Overview and some detail reports This option will allow you to filter reports by Application Sets For more information on Application Sets please see the section Applications Tab in this chapter Right Click Options Right click options allow you to customize reports using specific time users or devices For example to view specific applications under Application Set reports you can use rig...

Page 37: ...e reports Report Internet Usage and is a great tool for troubleshooting and identifying problematic users or web sites as they occur Figure 4 4 Snapshot Real Time Drop Down Real Time options also allow you to correlate reports by Network Node Directory User Groups and other criteria This is useful for confirming problems immediately and preventing them with less response time For example if a user...

Page 38: ...Enabling Summary Tables you will need to run the Conversion Utility The Conversion Utility will take previous data that has not been summarized and create a summary table for that information There are three options for converting previous data Web Request Summary Table Level 1 Summary and Level 2 Summary Web Request Summary Table will summarize all Web requests data Level 1 Summary Table will sum...

Page 39: ...ll applications Uncategorized Traffic this is traffic that Optinet does not recognize Web Requests by Host these are the host name of Web sites visited by the user device or group Web Request by Category these are categories of Web sites visited by the user device or group Possibly Infected Spyware these are Web sites visited or applications used by the user device or group that are possibly infec...

Page 40: ...ation port and the percent of bandwidth used The application sets are listed below as bulleted items Application Overview this is a summary of bandwidth consumed by individual applications Application Set Overview this is a summary of bandwidth consumed by application sets Total Traffic this is the amount of total bandwidth consumed Chat and IM this is the amount of bandwidth consumed by Chat and ...

Page 41: ...c and video applications Telnet SSH this is the amount of bandwidth consumed by Telnet and SSH applications Uncategorized Traffic this is the amount of bandwidth consumed by traffic that has no explicit signature set VIOP and Voice Chat this is the amount of bandwidth consumed by Voice over Internet Protocol VoIP and Voice Chat applications VPN and Tunnel this is the amount of bandwidth consumed b...

Page 42: ...t Clicking on each category will present all information pertinent to category For example clicking on Allowed will show you all hits for Web categories that users were allowed to visit This will also post the percentage in comparison to the total number of hits for the Allowed category You can correlate this report by Host File Type MIME Type Group Directory User and Network Node Web Bandwidth Ov...

Page 43: ...m Optinet to the network s default gateway HTTP Connections this report shows the number of connections per second to Web sites being filtered by Optinet HTTP Requests this report shows the number of Web requests per second Optinet has filtered Packets per Second this report displays the number of Internet packets per second passing through Optinet RAM Usage this report shows the amount of Random ...

Page 44: ...36 Figure 4 5 Real Time Monitor Figure 4 6 Real Time Monitor Legend ...

Page 45: ...traffic RTM can be used to diagnose a problem in actual time thus allowing you to resolve the issue as soon as possible RTUM displays web requests as they pass through Optinet This tool in addition to RTM can be used to confirm instantaneously the web sites that are being accessed blocked or bypassed You can also use the different options to display the web requests for a specific Network Node Dir...

Page 46: ... are covered in this chapter General Manage Options Policies Rules tab Directory Users Nodes System Access tab Application tab General Manage Options The Manage tab is where policies and organization of users will be enforced Under this tab you will create groups time of day rules content filtering rules and shaping rules This tab also allows you to customize traffic identification and select whic...

Page 47: ...ing on policies and controlling the network and users Policies Rules tab You will want to become very familiar with the Polices Rules tab This tab is used for creating Groups Time of Day Rules TDRs Internet Usage Rules IURs and Shaping Rules This is the main management tab used for almost all user organization and policy implementation with Optinet First let s define Groups Groups Optinet has by d...

Page 48: ...oxy web sites In addition to this users will not be able to pass web traffic through Open or Secure Proxies Lastly users will not be able to view blocked content via search engines or search engine cached pages This group uses the Strict Policy Rules Now that we have described the pre defined Optinet Groups let s discuss how to add members to these groups Go to Manage Policies Rules Groups Select ...

Page 49: ... in CIDR notation VLAN this member type represents profiles using Virtual Local Area Network VLAN tags Protocol this member type represents profiles using different protocols i e TCP UDP etc TOS this member type represents Type of Service TOS profiles TOS is a single byte field in an IP packet header that specifies the service level required for the packet DSCP this member type represents Differen...

Page 50: ...olicies Afterwards you will assign an IUR to each block of time This later step will be covered in the section Policy Manager Select Manage Policies Rules Time of Day Rules Optinet ships with two default TDRs All Day and Business Work Week All Day the default TDR enforces policies 24 hours a day seven days a week Business Work Week enforces policies Monday through Friday 9am to 5pm If you would li...

Page 51: ...forms no content filtering no Web logging no IM client logging no Spyware scanning and no virus scanning Web Filter Anonymous Proxy Guard this TFRS performs content filtering web logging Spyware scanning virus scanning for HTTP traffic Web Filter and prohibits HTTP traffic on any port other than port 80 or a designated proxy port Anonymous Proxy Guard Web Filter Deny IM this TFRS performs content ...

Page 52: ...eny IM must be selected These factors will help determine the active TFRS Content Filtering Now that we have defined TFRS let s discuss the other components of the Add Edit Internet Usage Rule set Below the TFRS Drop Down Box you will see four tabs Content Filtering Advanced Filtering HTTPS SSL Filtering and Web Authentication In this section we will discuss the Content Filtering and Advanced Filt...

Page 53: ... Edit the Blocked URLs button and choose the URL setting from the Compare String drop down box Enter the URL click the Update button and then the Ok button o Domain this compare string looks for any web page that begins with the domain name of the web site Use this compare string to block web sites where the domain name is constant in the URL For example an entry of myspace com will block all of M...

Page 54: ...s with Optinet Advanced Filtering Click on Manage Policies Rules Internet Usage Rules Default Usage Rules Once this populates the Add Edit Internet Usage Rule Set click the Advanced Filtering tab The Advanced Filtering tab presents complex selections that offer more stringent policy control for content filtering Some options are selected by default for security reasons however you can enable or di...

Page 55: ...ntinues to block users from prohibited web sites however browsing history for these users will be reported Enable Safe Search Protection for Search Engines this setting forces search engines to use safe search which disallows search engines to post inappropriate results The supported search engines for this setting are Google Yahoo Ask MSN Hotbot AOL AlltheWeb AltaVista Lycos and Netscape Block Se...

Page 56: ...D5 Blocking Enable Spyware ClassID Blocking Enable Anti Virus Blocking Filter Avoidance Web Policy Enable Filter Avoidance IP Lookup Enable Filter Avoidance Real Time Filter Enable Filter Avoidance Deep HTTP Inspection Real Time Filter Allow Non HTTP Traffic Through the Web Filter Non HTTP Traffic Socket Timeout 60 minutes Now that you are familiar with both the Content Filtering and Advanced Filt...

Page 57: ...y Rules TFRS Blocked Categories Blocked File Types Web Filter Anonymous Proxy Guard Adult Cheating and Plagiarism Crime Criminal Related Cults Dating Filter Avoidance Gambling Hacking Hate Speech Illegal Drugs Job Search Lingerie Non sexual nudity Online Communities Peer File Transfer Porn Shopping Tasteless or Obscene Vice Violence and Weapons bat cab cmd com dll ed2k emo exe ini iso lnk torrent ...

Page 58: ...hrough the Web Filter Non HTTP Socket Timeout 60 Minutes Permissive Policy Rules are designed for users that will have more leniencies in regards to the web sites they can visit and what file extensions can be downloaded Web traffic will be monitored and filtered The following table lists all filtering options for this IUR Permissive Policy Rules TFRS Blocked Categories Spyware Web Filter Adult Fi...

Page 59: ...g Enable Filter Avoidance IP Lookup Enable Filter Avoidance Real Time Filter Enable Filter Avoidance Deep HTTP Inspection Web Policy Enable Safe Search Protection for Search Engines Block Search Engine Cached Pages Real Time Filter Enable Reverse DNS Lookups Block IP Address URLs Again these are the default IURs available for ease of use You may simply add users to these groups for the policy to a...

Page 60: ...gs Max Upload Max Download and Priority Level The Max Upload refers to traffic passing from the LAN port to the WAN port of Optinet Max Download refers to traffic passing from the WAN port to the LAN port of Optinet Priority refers to the precedence level assigned to the traffic The options are Highest Higher High Default Low Lower and Lowest Group shaping rules restrict total bandwidth for all us...

Page 61: ...and Streaming Media because of how initial communications for these applications take place For example Bit Torrent will negotiate on random ports and may be considered Uncategorized until data begins to pass After data is passed Optinet can identify Bit Torrent as P2P and will then report on all traffic passed beginning with the initial connections However shaping rules for Bit Torrent will not t...

Page 62: ...Rules that will use different blocks of time from TDRs Under the Single Rule Set tab select the Drop Down Box for Internet Usage Rule Set This will present you with all available IURs created under Internet Usage Rules You may do the same for shaping rules under the Drop Down Box for Shaping Rule Set Once you have chosen an IUR and Shaping Rule for the group select Save The Multiple Rule Sets are ...

Page 63: ...s may need to be permitted on the network listed below UDP port 137 Client for Microsoft Network NetBIOS over TCP IP Samba to respond to NetBIOS queries DNS entries for Macintosh computers Simple Network Management Protocol SNMP for Macintosh computers If after enabling these settings you need to rescan profiles for missing or changed information you can select the profiles under Network Node Mana...

Page 64: ...address Profile Name normally the NetBIOS name or IP address MAC address and OS Simply select the search criteria from the Search Drop Down Menu enter the corresponding value and hit Enter For example to search for a specific MAC address select MAC address from the Search Drop Down Menu enter the MAC address you are searching for and click the Search icon or press the Enter key Use the format pres...

Page 65: ... such as printers scanners network cameras plotters or any other non user specific devices that have Internet connections Because these devices are configured with a MAC or IP address they can potentially consume licenses unless configured otherwise Also a device with multiple Internet connections can possibly take up two licenses e g a laptop with a wireless card and an Ethernet port In addition ...

Page 66: ...y be entered during the Setup Wizard Step 1 or under Admin Configuration License Directory Users Directory User Manager is similar to Network Node Manager in the sense that this manager keeps track of all reported profiles The difference being that Directory User Manager tracks all Directory Users and not Network Node Profiles If you have implemented Directory Users with Optinet the Directory User...

Page 67: ...all settings don t forget to select the Save button Now that you have created the email report it will be saved under the Broadcast Manager unless you have selected Send Once and Delete If you need to alter or delete the report in the future you may do so under the Broadcast Manager by selecting the individual Email Broadcast or selecting the checkbox next to the report and clicking the Delete Sel...

Page 68: ...dmin Level uncheck the box and Activate Login the login will not be accessible until this option is checked Don t forget to Save your changes after creating or modifying a login We strongly recommend that you create a new administrative login and change the default login password to limit access to the management interface Select the Manage System Access Logins link to make these changes Applicati...

Page 69: ...n cause unexpected effects Another suggestion is to name the TFRS according to the targets In our example we would name the TFRS Web Filter Deny IM SSL Block Again don t forget to Save your changes Once you have created a custom TFRS you will alter the targets according to the desired modifications This is done under the Application Signature Manager covered later under the Applications section In...

Page 70: ... NetBIOS Microsoft File Services this application set comprises signature definitions for Network Basic Input Output Service NetBIOS and Server Message Block SMB or Samba protocol Network Management and Monitoring this application set comprises signature definitions for services that manage and monitor networks e g Simple Network Management Protocol SNMP Network Management Service NMS etc Network ...

Page 71: ...n addition to reviewing the applications within the set you may add or remove individual applications For example if you wanted to separate Citrix traffic from Remote Desktop Remote Control X application set for individual shaping and reporting you could create a new application set or custom TFRS to do so Once more this menu is intended for expert use Still following the example in the previous s...

Page 72: ...f the application o Diff Serv this type is the Differentiated Services DiffServ of the application DiffServ is a networking architecture that specifies a simple scalable and coarse grained mechanism for classifying managing network traffic and providing Quality of Service QoS o Type of Service this type is the Type of Service TOS of the application TOS is a single byte field in an IP packet header...

Page 73: ...dit Application Detail page The Add Edit Application Detail field allows you to change the Name of the application as well as other options i e the Description Application Set Traffic Flow Rule Set Type Value Protocol and Target Again changing options can cause serious errors if you are unsure of the settings More often than not you will only need to change the Application Set Traffic Flow Rule Se...

Page 74: ...eps for all applications listed after the search Again these changes will take final effect once they are initiated under Internet Usage Rules and Policy Manager One last option available under the Applications Set Manager is deleting custom applications You may follow the general instructions listed above to create custom TFRS or Applications Set This concludes Chapter 5 Managing Optinet The next...

Page 75: ...yware Removal This chapter is divided into 6 sections Setup Wizard Configuration tab Diagnostic Tools tab Downloads tab Logs tab Redirection Pages tab Utilities tab Setup Wizard The Setup Wizard is available during the first login to Optinet and if the device has been reset back to factory defaults If you would like to run the Setup Wizard again after the initial setup you may do so with this tab ...

Page 76: ...or adjust some of the settings Domain this allows you to identify the domain name in which Optinet is installed Enable Port Scanning OS Detection this refers to the Nmap scan that is performed when a unique profile is discovered This setting allows Optinet to post unique information about each device present on the network However some security settings may identify Nmap scans as intrusions as suc...

Page 77: ... for all reports For more information please see the section Report Recommendations in Chapter 3 Generating Reports Summary Table Conversion Utility this utility will take previous data that has not been summarized and create summary tables Selecting the link will present three options for converting previous data Web Request Summary Table Level 1 Summary and Level 2 Summary Web Request Summary Ta...

Page 78: ... normally Optinet will auto negotiate correctly with the devices directly connected into the ports However if Optinet is unable to auto negotiate correctly you may need to hard set the speed and duplex settings This can be done under the Ethernet Settings menu Please note that if you make changes under this menu more than likely you will need to hard code the interface settings of the devices conn...

Page 79: ...orks by a software component called an agent that runs on Optinet and reports information via SNMP to the managing systems The managing system can retrieve the information through the GET and WALK protocol operations Although you will have to supply the SNMP managing system to retrieve the information the following fields will allow you to interact with The Optinet SNMP agent The first field SNMP ...

Page 80: ...e configured to execute automatically via the Enable check boxes and Daily Schedule Drop Down Boxes except for Firmware updates The reason is that Firmware updates require a reboot Because of this you will need to manually update the firmware using the Update Now button You will be notified via the Message Center on the Home Page when a new firmware version is offered For updates to be successful ...

Page 81: ...tegory by selecting the Add a Custom Category selection Once selected you can type in the name of the custom category Afterwards you can choose which priority level will be assigned to the entry Priority levels are only used when there are conflicts with other custom categorizations For example if you chose to categorize the web site youtube com as Streaming Media but the web page of youtube com f...

Page 82: ...onitor all traffic within the local subnet However Optinet can also monitor subnets outside the local subnet These subnets are called Remote Subnets because they are not within The Optinet local subnet Review the following topology This is an example of a flat network Characteristics of a flat network are all devices are connected via switches or hubs there are no layer three devices routers or la...

Page 83: ...a subnet mask of 255 255 255 0 would be entered in as 172 16 1 0 24 For more information on CIDR notation please see Appendix D CIDR Cheat Sheet Once you have entered in the network address select the Add button and Apply Please note that you may at any time add network addresses to remote subnets for monitoring and filtering If you remove network addresses from remote subnets this will require a ...

Page 84: ...es from Optinet be downloaded automatically you will need to enable this option Please note that may also need to add the IP address of Optinet to the Local Internet security zone on your web browser as well as select Medium Low security settings for downloads Once you make changes to the User Preferences menu don t forget to Apply the changes Default setting for Enable Automatic Downloads is unch...

Page 85: ...s that can help you to identify proper static gateways for Optinet are the following Static route gateways will always be in the same local subnet as the Optinet Bridge IP address Static route gateways will always be on the LAN side of Optinet Static route gateways will never be the same IP address as the Optinet default gateway Static route gateways will never be the default gateway for the remot...

Page 86: ...ct Black Box Technical Support at 724 746 5500 your Authorized Black Box Network Services Reseller or Black Box Network Services Sales at 877 877 2269 Other stats available on this menu are Current Software Version Available Software Version Last Software Update Date Last Anti Virus Update Date and Last Spyware Definition Update Date Special Domains The Special Domains menu offers two settings to ...

Page 87: ...kups and select the day and time for the backup to execute In addition to this Optinet will need to have listed the hostname or IP address of the FTP server as well as the Server User Name Server Password and path for the backup directory Lastly you can specify that Optinet only create a backup file automatically and not downloaded to an FTP server This option is available as the check box for Cre...

Page 88: ... Support or your Authorized Black Box Network Services Reseller for assistance with installing Optinet with this scenario If Optinet cannot be placed in between the users and your network s proxy server you will need to configure Optinet differently First you will not need to enter any information in the Proxy Settings menu as your network s proxy server will be on the LAN side of Optinet Second s...

Page 89: ...ridge eth0 WAN eth1 LAN Ethernet Status The Ethernet Status menu lists the state of The Optinet ports WAN LAN Management Auxiliary The tabs are divided by each port and list the status auto negotiate speed duplex packets and errors Use this tab to confirm that each active port is operating at correct speeds and duplex settings and not generating any errors Auto Negotiation is recommended but not n...

Page 90: ...e DNS server for the test by entering in a different IP address for the DNS server A positive result will reply with a host name and an IP address Traceroute Traceroute is a computer networking tool used to determine the route taken by packets across an IP network The Optinet Traceroute menu allows you to confirm the path taken by Optinet to reach individual computers routers or web sites that res...

Page 91: ...blem The message type options are No Filter Verbose Informational Status Warning Error Comment and Invalid Comment Informational Verbose are debug level messages These messages will give information regarding normal operation of processes and events Warnings are non fatal process errors or unexpected conditions while Errors are fatal process faults that can affect device functionality Invalid mess...

Page 92: ...osted to users The default message is Your access to the website blockedURL was blocked for the following reason The Blocked Reason will then post underneath the message The Bypass Message is for those users who have the password for the Enable Bypass setting that allows users to bypass a blocked web site if he she knows the Bypass Password The default message for the Bypass Message is Click here ...

Page 93: ...bypassURL Posts a link to the Enable Bypass Password Spyware Removal Tool spywareCleaner Posts a link to the Spyware Removal tool Optinet Trademark productName Posts the trademark on Optinet Blocked URL blockedURL Posts the original URL requested by users that has been blocked Blocked Reason blockedReason Posts the reason for the Block URL Redirection Page e g Category URL Blocked Message blockedM...

Page 94: ...rating Directory Users with Optinet Database Resets Reset to Factory Defaults sets Optinet back to the factory settings This means that all information is erased as well as configuration data Basically the device will be reset to the original settings as the device was received Use this option with care as Reset to Factory Defaults completely wipes the entire system You will lose your configuratio...

Page 95: ...atabase Manage Admin All users assigned to Default Group Domain set to Black Box Network Services com Default IUR set to Web Filter IM Enable Port Scanning OS Detection selected System Access admin Black Box Network Services Enable TCP Window Scaling selected NTP Server set to pool ntp org HTTP Keep Alive Mode Selected Allow DNS and HTTP Block page for Deny Access Traffic Flow Rule Set not selecte...

Page 96: ...Shapers and the Filter Bypass Group This option is similar to Resetting the Database except that Internet Usage Rules Shaping Rules and members of the Filter Bypass Group by CIDR Block Override will be retained If you need to reset the database but would like to retain these settings you can select this option instead Device Power Resets The last two options are for the actual power for Optinet Ha...

Page 97: ...ctive X Control for browsing capabilities Once the Spyware Removal Tool has been installed properly you can then select to perform a Quick Scan Full Scan or Cookies After you choose which scan to perform the Spyware Removal Tool will begin to scan the hard drive for infected applications You can pause or stop this scan at any time As soon as the scan is completed you will be presented with the res...

Page 98: ...tor and report based on Directory User Names as well as by Network Nodes This chapter will explain how to integrate Directory Users with Optinet The following topics will be explained Directory Overview Directory Options Directory Configurations Directory Troubleshooting Directory Overview Integrating Directory Users with the Optinet consists of two steps 1 allowing Optinet access to your director...

Page 99: ...find the user with his her associated group Organizational Unit OU attribute or other settings from your directory structure Once the user has been identified Optinet will then apply any filtering or shaping rules to the user and begin reporting traffic by the Directory User profile When the user logs out or logs into another computer the Directory Client or Web Authentication again will send an a...

Page 100: ...tory User Decision Tree Directory Option 1 Directory Agent with Directory Client cymdir exe This is the recommended option for most networks This option allows Optinet to immediately identify when users are accessing the network while synchronizing with the already defined directory groups OUs or user attributes This method involves installing the Directory Agent on your directory server and deplo...

Page 101: ...y DNS server set to the IP address of the Active Directory server Also these computers must be joined to the domain and use Windows 2000 SP4 or above OS Lastly you will need to create two groups with this feature one for the devices used by the users Network Node Group and another for the Directory Users Directory Group Both these groups will need to use the same Internet Usage Rule IUR configured...

Page 102: ... directory server and that you create an IUR set to Require Web based authentication This allows Optinet to identify users by on initial web HTTP requests and then query the directory server to confirm the user You can also edit the login page presented to users under Admin Redirection Pages Login Page This menu allows you to name the Login Page add a description and a username hint You can also c...

Page 103: ...ry Agent Group Create Directory IURs Figure 7 3 Directory Install Sequences Install Directory Agents The Directory Agent will allow Optinet to synchronize your Directory groups OUs or user attributes with the Optinet Directory Groups The Directory Agent will also indicate how to display user names under Reports You can download the Directory Agent under Admin Downloads Directory Software Download ...

Page 104: ...tory Agent to restart after failures Access the Services on your directory server Start Administrative Tools Services and search for the service called Black Box Network Services Directory Agent Right click on the Black Box Network Services Directory Agent service and select Properties On the Recovery Tab you can select Restart the Service under First Failure Second Failure and Subsequent Failures...

Page 105: ...ontact the Directory Agent confirming it can communicate with the Directory Agent If any errors are returned verify that you have entered the correct IP address TCP port number and password If you have installed multiple Directory Agents you will need to create multiple Directory Agents as a result Create Optinet Groups Directory Options 2 3 and 4 are different in the fact that the Directory Clien...

Page 106: ...icate with the Directory Agent and query your directory server for Distribution Groups or Security Groups To add these groups select the empty checkboxes next to the groups and then click the Ok button If you need to select multiple profiles you can use the Shift Click or CTRL Click accordingly Distribution or Security Groups are just one of four member types you can synchronize with the Directory...

Page 107: ...set to upper level Accordingly every time upper level managers access the network Optinet will group the users as a result Again the member type of Attribute requires a high level of understanding on how to identify specific characteristics with Directory Users The examples listed above are common directory attributes but keep in mind that your directory server may have its own attributes specific...

Page 108: ...tes or Custom please contact your Authorized Black Box Network Services Reseller or Black Box Network Services Support One last note is that you can also combine Directory Users into one group using a combination of the different member types After you have added members to the Directory Agent Group you can also review the Directory Members by selecting Show User List This menu is available under ...

Page 109: ...t Windows OS cymdir_64 exe Directory Client for 64 bit Windows OS and cymdir_MAC Directory Client for Macintosh computers Please note that the Directory Client is compatible with Windows 2000 SP4 and above platforms as well as Macintosh OSX 10 3 and above platforms This next section details how to deploy the Directory Client for 32 bit Windows XP The Macintosh clients have read me files that instr...

Page 110: ...Authentication Type this message will post which type of authentication appears to be on the network such as Windows authentication or Novell authentication If both are available you can choose which you prefer by using the AD switch please see section Usage below Authentication Information this option displays the current user logged into the computer as well as the Domain Windows or Context eDir...

Page 111: ... or causing other problems sleep switch this option allows you to change the number of minutes the Clients will allow to pass before sending heartbeats and becoming dormant The default setting is 5 minutes The value must be 1 minute or greater IP address this option is necessary to direct the Client to Optinet for heartbeats You will need to use the IP address of Optinet Complete Usage Information...

Page 112: ...how you should integrate the Directory Client into your network and directory server This section will provide the best information however please note that this information is provided AS IS and without warranty of any kind There are a variety of ways to deploy the Directory Client in your network that will execute when users login to the domain The most common ways are the following Batch file R...

Page 113: ...tlogin cymdir exe silent 192 168 255 2 you can deploy Directory Client over multiple directory servers However this may require additional troubleshooting if the variables do not resolve correctly If this is the case use the full syntax as displayed below Figure 7 10 Batch File for Client 5 Verify that the newly created batch file executes when users login to the domain by loading the Windows Task...

Page 114: ...Standalone Snap In 8 Click the Add button this will launch the Group Policy Object Wizard 9 Press the Browse button 10 Select Default Domain Policy 11 Click OK Figure 7 13 Browse for Group Policy Object 12 Click Finish on the Add Group Policy Wizard 13 Close the Add Standalone Snap in dialog box ...

Page 115: ...ick the Logon option for the Logon Properties dialog box depending on your current configuration you may already have several scripts running 20 In order to place Directory Client in the correct folder for your Domain Policy select Show Files button this will open a new window displaying the current files for the Domain Policy 21 Copy Directory Client and paste it into the logon scripts folder ple...

Page 116: ...n Properties dialog box 29 Confirm any other changes to the Console Root settings that you have edited Directory Client is now ready to run the next time users login to the Active Directory domain Again you can confirm this by reviewing the Directory User tab in Optinet to verify that Optinet is receiving heartbeats from users Deploying Directory Client in a Registry Entry This method requires add...

Page 117: ...r 5 Managing Optinet for your IURs If you have chosen Directory Options 2 3 and 4 you will need to enable the different features tailored for each option under the Internet Usage Rule Manager This is done under the Web Authentication tab There are several options that are universal for Directory Options 2 3 4 that are listed under Web Authentication Web Authentication Remember that Web Authenticat...

Page 118: ...net for your IURs Afterwards click on the Web Authentication tab and select Require Web Based Authentication Once you have selected this the checkbox next to Directory Agent IP Lookup will be available Check the box next to the option and Save your changes Don t forget to apply the IUR to the Directory Group and its corresponding Optinet Group using the Policy Manager Directory Option 3 Directory ...

Page 119: ... network traffic with the correct Directory User The first option is User Lookup User Lookup can determine where users are located on the Directory Server to ensure they are synchronized correctly to Directory Groups on Optinet Select Test Type User Lookup and the Directory Agent that is installed on the Directory Server for the corresponding user Enter in the Username and click the Run Diagnostic...

Page 120: ...tory Server You will also want to verify that Optinet can communicate to the Directory Server and that the user s account is present on the Directory Server where the Directory Agent is installed Directory Agent Users this menu allows you to confirm how Optinet is identifying Directory Users which Directory Group users are being assigned and their associated IP addresses The columns of Username Co...

Page 121: ...sion Timeouts this utility forces all cymdir exe sessions to time out immediately Use this tool if cymdir exe users are not being correctly grouped and you need to verify the deployment process If the Directory Client has been deployed correctly Optinet should receive new heartbeats after forcing session timeouts and begin to regroup users according to their Directory Agent Group assignment Flush ...

Page 122: ... login time date and username are correct If so then Group Policies seem to be working properly and you should try some of the other troubleshooting methods mentioned below If the login txt does not exist or does not contain the correct information you will more than likely need to contact perform some troubleshooting and verify your GPO settings Once your Group Policy Object Login scripts are per...

Page 123: ...etach programs from the Windows shell If it is omitted Windows may not detach the referenced program as an independent process and wait 10 minutes before terminating the process Occasionally some traffic is not associated with a Directory User Cymdir exe runs when a user logs in and stop running when a user logs off If traffic occurs when no user is logged into a Network Node it will not be associ...

Page 124: ...116 Lastly make sure that you use the correct Directory Client for your Operating System There are three versions 32 bit 64 bit and Macintosh and should be deployed accordingly ...

Page 125: ...y numbers etc Because this information is important the web site must take some special precautions to make sure that this information is not viewed by the wrong person Also the Web site needs to confirm the identity of the site visitor and make sure that the transmission of data across the Internet is not intercepted by anyone However SSL can also be used to conceal web traffic and visit prohibit...

Page 126: ...a warning is displayed indicating the error Thus web sites and users depend on digital certificates to confirm identities and information SSL Anonymous Proxies In addition to using SSL for securing web traffic SSL can also be used to conceal web traffic The purpose of the Optinet HTTPS SSL Filtering is to prohibit users from concealing their web traffic and from viewing unauthorized content One of...

Page 127: ...xy web sites that allow users to cover their web traffic Depending upon the type of control you want over SSL traffic you will need to configure HTTPS SSL Filtering accordingly All HTTPS SSL filtering options are handled by Traffic Flow Rule Sets TFRS TFRS are the basic traffic identification and control engine within Optinet TFRS allow you to dictate how traffic will be identified controlled repo...

Page 128: ...r spyware and virus Because of the additional steps required to enable Full SSL Content Filtering you will not be able to turn on this option without first contacting a Black Box Network Services Support Technician If you are interested in enabling Full SSL Content Filtering please call Black Box Network Services Technical Support Do not enable Full SSL Content Filtering without deploying The Opti...

Page 129: ...e enabling any form of HTTPS SSL Filtering please confirm that your HTTPS traffic does not exceed the specified amount listed below Model Max Total Throughput Max HTTPS Throughput Optinet 5 5 Mbps 1 25 Mbps Optinet 20 20 Mbps 5 Mbps Optinet 20 SSL 20 Mbps 20 Mbps Optinet 45 SSL 45 Mbps 45 Mbps Optinet 100 SSL 100 Mbps 100 Mbps Optinet 200 SSL 200 Mbps 200 Mbps SSL Acceleration Optinet models come ...

Page 130: ...ling HTTPS SSL Filtering Please review the section entitled Installing The Optinet Digital Certificate Enabling SSL Certificate Based Filtering Enabling SSL Certificate Based Content Filtering allows you to filter HTTPS web sites based only on the certificate name present You can also select Denied Access Page for SSL Certificate Based Content Filtering to present users a redirection page for bloc...

Page 131: ...Filter Exemption List Once modified don t forget to save your changes Once the IUR has been saved make sure that the new rules are being applied to the group under the Policy Manager You can review how to do this under Chapter 5 Managing Optinet You have now finished creating an Internet Usage Rule that will filter certificates for HTTPS Web sites and assigned it to the corresponding group You can...

Page 132: ...inalized certificate before enabling Full SSL Filtering Installing The Optinet Digital Certificate The Optinet certificate can be deployed individually on each computer s Web browser or it can be deployed as a Group Policy Object GPO by Active Directory The following sections describe how to perform each accordingly Deploying The Optinet Certificate via Web Browsers The Optinet certificate can be ...

Page 133: ...ficate Import Wizard by selecting Next when prompted 8 After you have completed the Certificate Import Wizard click the Finish button you may receive a security warning about installing the certificate select Yes to allow the import You have now completed the Certificate Import Wizard for Internet Explorer 6 You can delete the certificate file on your desktop Email Template for Windows XP and Inte...

Page 134: ...employ content filtering for Secure Hypertext Transfer Protocol HTTPS Although you may be unfamiliar with the term HTTPS this protocol is used by web sites to secure information However HTTPS can also be used fraudulently to conceal web traffic and pose a danger to users and the network Filtering HTTPS web sites will improve our ability to protect the network and ensure safe web browsing You will ...

Page 135: ...web browsing You will need to import a digital certificate into your web browser that will allow you to access legitimate web sites that use HTTPS Please click on the following link and save the certificate cacert cer to your desktop http IP address of your Optinet downloads cacert cer Or please download the following zipped attachment cacert cer to your desktop Then follow the instructions listed...

Page 136: ... Management Console 4 Click OK 5 In the File menu select Add Remove Snap in Figure 8 2 Console Prompt 6 Click the Add button 7 Scroll down and select Group Policy Object Editor Figure 8 3 Add Standalone Snap in 8 Click the Add button this will launch the Group Policy Object Wizard ...

Page 137: ... Remove Snap in dialog box you should now be looking at the MMC screen with the Console Root Folder above the new Default Domain Policy you have just added Figure 8 5 Console Root 15 Expand the Default Domain Policy 16 Expand the Computer Configuration option 17 Expand the Windows Settings option 18 Expand the Security Settings option 19 Expand the Public Key Policies 20 Select the Trusted Root Ce...

Page 138: ...t button the Import Wizard will now display a summary of the import process 28 Click the Finish button 29 The Import Wizard will inform you if the import was successful You have now finished deploying The Optinet certificate either via a direct import or Active Directory s GPO Now that you have completed these steps you are ready to enable Full SSL Content Filtering You can also enable Only Allow ...

Page 139: ...tinet Digital Certificate Now that you have deployed the Optinet certificate and you have finished configuring Optinet for Full SSL Content Filtering the last item to verify is that the Optinet digital certificate is working correctly You can do this by browsing to a secure Web site https and viewing the digital certificate on the page You can click on the padlock icon located at the end of the UR...

Page 140: ...you are concerned about sensitive content being captured by Optinet you can list Web sites in the HTTPS SSL Filter Exemption List Web sites listed in the HTTPS SSL Exemption List will not be filtered monitored or decrypted in any form For more information please review the section HTTPS SSL Filter Exemption List This concludes the chapter for HTTPS SSL Filtering If you need further assistance with...

Page 141: ...t Black Box Network Services at 724 746 5500 Please have the following information ready Total bandwidth Total number of network nodes Optinet model and serial number Optinet firmware version A network topology diagram Presence of VLANs proxy servers remote subnets What symptoms or issues you are experiencing We welcome your feedback and comments on Optinet Contact us and let us know Please identi...

Page 142: ...Category To use this tool go to any computer that is being filtered by Optinet and open a web browser Enter the URL of the web site you want to confirm categorization and append to it the phrase webFilterCategory i e http www google com webFilterCategory This will post the Web Filter Category Report and list the categorization of the web page and which component URL database key word search or con...

Page 143: ...pub weatherbug com Business and Industry Business Sites involved in business to business transactions of all kinds Advertising marketing commerce corporations business practices workforce human resources transportation payroll security venture capital etc office supplies industrial equipment process equipment machines and mechanical systems heating equipment cooling equipment materials handling eq...

Page 144: ...ard and specifically approved for young children nickjr com pbskids org Education Business Education related sites and web pages such as schools colleges universities teaching materials teachers resources technical and vocational training online training education issues and policy financial aid school funding standards and testing usc edu nyu edu Filter Avoidance Unacceptable Web pages that promo...

Page 145: ...ware and computers elitehackers com hackerstuff com Hate Speech Unacceptable Hate related sites involving racism sexism racist theology hate music Christian identity religions World Church of the Creator Neo Nazi organizations Aryan Nations American Nazi parties Neo Nazis Ku Klux Klan National Alliance White Aryan Resistance white supremacists National Socialist Movement Holocaust denial kkk com b...

Page 146: ...out of body astral travel séances astrology horoscopes UFOs and aliens gay lesbian and bisexual gay family gay parenting coming out gay pride sites civil rights issues politics sports clubs and events travel and accommodations leisure activities gay bars tarot com psychic com Non sexual nudity Unacceptable Nudism nudity nudist camps artistic nudes barenakedgallery com fineartnude com Online Commun...

Page 147: ... and Culture Non business Family and relationships religions ethnicity and race social organizations genealogy seniors clothing and fashion spas hair salons cosmetics skin care for diseases or conditions may be categorized as Health and Nutrition hobbies do it yourself toys for kids model and remote control cars toy soldiers unitedway org goodhousekeeping com Spiritual Healing Non business Spiritu...

Page 148: ...o the purchase or use of conventional weapons such as gun sellers gun auctions gun classified ads gun accessories gun shows gun training general information about guns other weapons e g knives brass knuckles may be included nrahq org remington com Web Hosting Business Sites that provide web site hosting services webmasters com rackspace com Web Messaging Non business General use of the web for mes...

Page 149: ...icom application dns application dvcs application epp xml application eshop application fits application font tdpfr application http MIME type application hyperstudio application iges application im iscomposing xml application index application index cmd application index obj application index response application index vnd application iotp application ipp application isup application mac binhex40...

Page 150: ...pplication slate application soap xml application spirits event xml application timestamp query application timestamp reply application tve trigger application vemmi application watcherinfo xml application whoispp query application whoispp response application wita application wordperfect5 1 application x400 bp application xhtml xml application xml application xml dtd MIME type application xml ext...

Page 151: ...est multipart encrypted multipart form data multipart header set multipart mixed multipart parallel multipart related multipart report multipart signed multipart voice message text calendar text css text directory text dns text enriched text html MIME type text parityfec text plain text prs fallenstein rst text prs lines tag text rfc822 headers text richtext text rtf text sgml text t140 text tab s...

Page 152: ... CGI Script cgi Cascading Style Sheet css Comma Separated Value csv Compressed arc Compressed gz Compressed gzip Compressed hqx Compressed rar Compressed sea Compressed sit File type File extension Compressed z Compressed zip DOS Batch bat Database db Database mdb Disk Image dmg Disk Image img Document pdf Document rtf Document wpd Document wpt Dynamic Link Library dll eBook lit Executable exe Fil...

Page 153: ...p Microsoft Publisher pub Outlook pst PHP php PHP php3 PHP php4 PageMaker p65 Perl Script pl Photoshop psd Postscript ps PowerPoint pps File type File extension PowerPoint ppt Quark Express qxd SQL sql Spreadsheet xls Spreadsheet xlt Spreadsheet xlw Swap sqp Tar tar Text txt Uuencoded uu Uuencoded uue Video avi Video moov Video mov Video mp4 Video mpeg Video mpg Video qt Video rm Video wmv Visio v...

Page 154: ...t all IP Address are presented as CIDR notations i e the network address of 192 168 255 0 with a subnet mask of 255 255 255 0 is presented as 192 168 255 0 24 Below is a CIDR Cheat Sheet that will help you enter IP Address in CIDR notation CIDR Cheat Sheet CIDR Notation Class Hosts Mask 32 1 256 C 1 255 255 255 255 31 1 128 C 2 255 255 255 254 30 1 64 C 4 255 255 255 252 29 1 32 C 8 255 255 255 24...

Page 155: ...048576 255 240 0 0 11 8192 C 32 B 2097152 255 224 0 0 10 16384 C 64 B 4194304 255 192 0 0 9 32768 C 128 B 8388608 255 128 0 0 8 65536 C 256 B 1 A 16777216 255 0 0 0 7 131072 C 512 B 2 A 33554432 254 0 0 0 6 262144 C 1024 B 4 A 67108864 252 0 0 0 5 524288 C 2048 B 8 A 134217728 248 0 0 0 4 1048576 C 4096 B 16 A 268435456 240 0 0 0 3 2097152 C 8192 B 32 A 536870912 224 0 0 0 2 4194304 C 16384 B 64 A...

Page 156: ...n any of the Software s proprietary source code You may make a reasonable number of copies of the electronic documentation accompanying the Software for each Software license you acquire provided that you must reproduce and include all copyright notices and any other proprietary rights notices appearing on the electronic documentation Black Box Network Services and their suppliers reserve all righ...

Page 157: ...AR PURPOSE OTHER THAN AS STATED HEREIN THE ENTIRE RISK AS TO SATISFACTORY QUALITY PERFORMANCE ACCURACY AND EFFORT IS WITH YOU ALSO THERE IS NO WARRANTY AGAINST INTERFERENCE WITH YOUR ENJOYMENT OF THE SOFTWARE OR AGAINST INFRINGEMENT IF YOU HAVE RECEIVED ANY WARRANTIES REGARDING THE DEVICE OR THE SOFTWARE THOSE WARRANTIES DO NOT ORIGINATE FROM AND ARE NOT BINDING ON BLACK BOX NETWORK SERVICES NO LI...

Page 158: ...ardware warranty also does not include service to replace or repair damage to the product if the serial number or seal or any part thereof has been altered defaced or removed If Black Box Network Services does not find the product to be defective the Purchaser will be invoiced for said inspection and testing at Black Box Network Services then current rates regardless of whether the product is unde...

Page 159: ...ng from cabinets and racks and power and surge protection products to media converters and Ethernet switches all supported by free live 24 7 Tech support available in 20 seconds or less Copyright 2009 All rights reserved Black Box Tech Support FREE Live 24 7 Tech support the way it should be Great tech support is just 20 seconds away at 724 746 5500 or blackbox com ...