Professional Documents
Culture Documents
USER MANUAL
iCom NetStrobe
TM
TM
iCom NetStrobe Security Isolation and Information Switch
2007 Copyright by KingHi
translated in whole or in part in any way and any reason . The manual referred to
in other product names are registered trademarks of the company, hereby declare.
If not specific to the document referred to in the unit name (or scenarios) are more
convenient for description of the problem for fiction, please pay attention to.
This manual describes NetStrobe product's features and usage, if you need to
learn more about my company to use other products, please refer to our company
related products, user manual. Manual involved in the specific technology may
change with the version of the upgrade, the company specialize the above subject
We will strive to improve product and service quality, we sincerely thank the user
support for our effort. If you are using the manual or system application process to
have any good suggestions or questions about the office, please contact:
n Zip code518057
n Tel075526463309
n E-mailservice@kinghitech.com
n Websitehttp://www.kinghitech.com
TM
iCom NetStrobe Security Isolation and Information Switch
2007 Copyright by KingHi
Article with black The more important that the text of the paragraph
fontformat font
Click Said quickly click the left mouse button or right (default
left)
Drag That hold down the left mouse button and hold and
drag it to a location
TM
iCom NetStrobe Security Isolation and Information Switch
2007 Copyright by KingHi
....................................................................................................................... I
1 PREFACE ........................................................................................................ 1
2.1 Overview...................................................................................................... 2
3 THE USE OF NETSTROBE.......................................................................... 3
I
2007 Copyright by KingHi
3.2.2.3 User Group-level description ....................................................... 16
3.2.3 Publish /Proxy function Module Configuration .................................... 16
3.2.3.1 function setting examples ............................................................ 16
3.2.3.1.1 Publish ...................................................................................... 16
3.2.3.1.2 Proxy ......................................................................................... 22
3.2.3.1.2.1.1 POP3 proxy settings method: ..................................... 25
3.2.3.1.2.1.2 SMTP proxy settings methods: ................................... 25
3.2.4 Preferences ......................................................................................... 26
3.2.5 Filtering................................................................................................ 29
3.2.5.1 Time Filtering ............................................................................... 29
3.2.5.2 Address Filtering .......................................................................... 30
3.2.5.3 Title Filter...................................................................................... 31
3.2.5.4 attachment names Filter .............................................................. 32
3.2.5.5 Content Filter ............................................................................... 33
3.2.6 Monitoring tools ................................................................................... 35
3.2.6.1 Virus Detection ............................................................................. 35
3.2.6.2 Performance Monitoring .............................................................. 35
3.2.6.3 Audit Log ...................................................................................... 37
3.2.6.4 Service log ................................................................................... 38
3.2.7 System Settings .................................................................................. 40
3.2.7.1 IP Settings .................................................................................... 40
3.2.7.2 Change Password........................................................................ 41
3.2.7.3 Operation Log .............................................................................. 42
3.2.7.4 Preferences .................................................................................. 43
3.2.7.5 Firewall Settings........................................................................... 45
3.2.7.6 Restart Service............................................................................. 46
3.2.7.6.1 Auto-restart (NetStrobe low version does not support) ............ 46
3.2.7.6.2 Manually re-start ....................................................................... 47
4 APPENDIX ..................................................................................................... 48
II
2007 Copyright by KingHi
4.2 How to Disable MSN................................................................................. 51
III
2007 Copyright by KingHi
1 Preface
n Introduction NetStrobe
This chapter describes NetStrobe the startup and shutdown, and system
interface for use.
n NetStrobe maintenance
This chapter describes the maintenance condition of the product, the system
error message description and processing.
TM
iCom NetStrobe Security Isolation and Information Switch 1
2007 Copyright by KingHi
2 NetStrobe Introduction
2.1 Overview
n NetStrobe Features
2_1
TM
iCom NetStrobe Security Isolation and Information Switch 2
2007 Copyright by KingHi
3.1.1 Zoning
NetStrobe is divided into two major functional areas within and outside
the network. Were independent and the internal trusted network and untrusted
segments.
control area):
From left to right are: reset button, 2 power indicator light, 2 hard disk light, 2
re-start button.
reset buttonAnd the server has not yet started in the electricity cases, the
time to start the service until the service starts and then a closing service, the
Power indicator light, hard light, re-start buttons are in pairs and arranged
TM
iCom NetStrobe Security Isolation and Information Switch 3
2007 Copyright by KingHi
in accordance with the corresponding from top to bottom. Among them, at the
top of the direction or control of the external network equipment, while at the
bottom of the instructions and control the devices within the network.
From left to right are :2 VGA2 COM2 USB2 PS24 Ethernet port
And at the top of the external network port are belong to the device port, while
at the bottom of the port are belong to the internal network device port.
Cable port in the back of NetStrobe, There are four cable port (different
models, there may be different), But now only need to use the two named
ETH0 cable port, The other two port as a redundant port, Network is usually
above the outer region, below is the region within the network.
Step 1
connected
Step 2
TM
iCom NetStrobe Security Isolation and Information Switch 4
2007 Copyright by KingHi
connected
Step 3
illustrate inside and outside the network can bypass the NetStrobe is not
between.
Step 4
Via the network management terminal turn off all filters and firewalls to
Step 5
3.2.1 Login
Login Address
There are two methods,the one is Non-encrypted access, the other is SSL
certificate-based encryption access, and its address is: http://ip:6000/netstrobe
and https://ip:8443/netstrobe (Above NS-M models) SSL certificate-based
encryption access is provision of banking business level of security strengthits
TM
iCom NetStrobe Security Isolation and Information Switch 5
2007 Copyright by KingHi
can prevention access to the account caused by leaks and so on.
Note:
Please use IE browser, other browsers are not tested and does not guarantee
compatibility.
(3_1)
login in
TM
iCom NetStrobe Security Isolation and Information Switch 6
2007 Copyright by KingHi
3_2
3_3
TM
iCom NetStrobe Security Isolation and Information Switch 7
2007 Copyright by KingHi
choosing the right module column box to authorize permission to give this
new group.
With the super-administrator account logged in, select the user in the left
menu bar under the management of the group node can be entered into the
3_4
TM
iCom NetStrobe Security Isolation and Information Switch 8
2007 Copyright by KingHi
3.2.2.1.1 Add a new group
Click the Add button, enter the following interface. Figure (3_5) as shown
in
(3_5)
Tip: Super User can add management team and general user groups,
manage groups of users can only add the normal user group.
TM
iCom NetStrobe Security Isolation and Information Switch 9
2007 Copyright by KingHi
3_6
After the success of the success of adding prompt will appear in Figure
(3_7)
3_7
TM
iCom NetStrobe Security Isolation and Information Switch 10
2007 Copyright by KingHi
3.2.2.1.2 Modifying a group
Select the appropriate check box, click the Edit button in Figure (3_8)
3_8
3_9
TM
iCom NetStrobe Security Isolation and Information Switch 11
2007 Copyright by KingHi
Submit
After the success of the success of changes will appear prompt shown in Figure
(3_10)
3_10
Select the appropriate check box, click the Delete button, the following
3_11
Tip: Use the delete function can be re-elected, a delete multiple user
groups
TM
iCom NetStrobe Security Isolation and Information Switch 12
2007 Copyright by KingHi
3.2.2.2 User Management
Function Description: You can add, delete, modify users. When you add a
With the super-administrator account logged in, select the user in the left
menu bar under the management of the node into the user interface to the
3_12
administrative group
TM
iCom NetStrobe Security Isolation and Information Switch 13
2007 Copyright by KingHi
3.2.2.2.1 Add a new user
Click the Add button to add the page to enter the following diagram (3_13)
as follows:
3_13
Select a check box (not multiple-choice), click the Edit in Figure (3_14)
TM
iCom NetStrobe Security Isolation and Information Switch 14
2007 Copyright by KingHi
(3_14)
Select the appropriate check box, click the Delete button, shown in Figure
(3_15)
3_15
TM
iCom NetStrobe Security Isolation and Information Switch 15
2007 Copyright by KingHi
3.2.2.3 User Group-level description
2 common user group: only the functions entrusted to publish and agents
3 the Management Group: You can give permission to all the functional
modules, you can enter the management interface, you can add a regular
user
3.2.3.1.1 Publish
Click on the navigation menu functional blocks the release into the Publish of
3_16
TM
iCom NetStrobe Security Isolation and Information Switch 16
2007 Copyright by KingHi
Chart (3_17) in the red box part is listening port configuration, blue box,
3_17
Red box portion NetStrobe server IP address, and blue box in need
Map:
TM
iCom NetStrobe Security Isolation and Information Switch 17
2007 Copyright by KingHi
The Mysql database server outside the network, posted to the intranet for internal network
users to access, Mysql server 10.124.18.150 will be outside the net of the 3306 port
mapping to the internal network machine 8010. So network users within the intranet
by accessing the NetStrobe the 8010 machine 192.168.1.100 port outside the network
will be able to have access to Mysql server.
(3_19)
2. Using the ping command to test to confirm the two IP can not be mutual
TM
iCom NetStrobe Security Isolation and Information Switch 18
2007 Copyright by KingHi
3_20
3. MYSQL
3_21
NetStrobe IP
IP
3_21
Tip:
Service port can not be reused, reuse will be added if the port
fails
4. In the service and the service port IP Office configuration requires the IP
TM
iCom NetStrobe Security Isolation and Information Switch 19
2007 Copyright by KingHi
3_22
5. Confirm the configuration of the IP and port days filled correct, then
click Add.
3_23
TM
iCom NetStrobe Security Isolation and Information Switch 20
2007 Copyright by KingHi
3_24
MYSQL database.
Using the service configuration within the network IP and port to connect
TM
iCom NetStrobe Security Isolation and Information Switch 21
2007 Copyright by KingHi
3_25
Connection successful:
MySQL MySQL IP
3.2.3.1.2 Proxy
Click on the navigation menu of the agent function modules into the release of
Figure (3_26)
3_26
3_26Red box for the listening port configuration, parameter setting for
TM
iCom NetStrobe Security Isolation and Information Switch 22
2007 Copyright by KingHi
3_27
Select the corresponding type of network, proxy feature is only available within
services available within the network IP address, select one of the IP.
Configure the service port used by this release. Service port can not be reused,
3. Confirm the configuration of the IP and port fill in correct, then click Add.
3_28
TM
iCom NetStrobe Security Isolation and Information Switch 23
2007 Copyright by KingHi
Added successfully, the configuration interface, a row of the upper right corner will
3_29
Open the IE browser, select Tools on the toolbar button, select the
Select the Connections tab, click the LAN Settings button, set the proxy
3_30
TM
iCom NetStrobe Security Isolation and Information Switch 24
2007 Copyright by KingHi
Note that the incoming mail server address in which complete proxy machine
within the network ip address, pop3 account using * to split the user name and pop
server address
1.To send e-mail server settings are as follows, and check the SMTP server
requires authentication
2. Verify the information set, the red area to verify the required user name
(account)
TM
iCom NetStrobe Security Isolation and Information Switch 25
2007 Copyright by KingHi
Note, which sends e-mail fill in proxy server address ip address within the network
machine, smtp account using * to split the user name and smtp server address.
3.2.4 Preferences
Click on the navigation menu of the agent function modules into the
3_31
Chart (3_32) Blue box part of the interface for parameter setting
TM
iCom NetStrobe Security Isolation and Information Switch 26
2007 Copyright by KingHi
3_32
3_33
1.Click on the map (3_33) The red box of parts, start filtering service.
2.In the diagram (3_33) fill in the blue box, part of the session timeout time to
0 for no timeout
5.If you enable the filtering, you must set a detailed filter policy before
allowing the entry into force of this feature, click on map (3_33) Green Box
TM
iCom NetStrobe Security Isolation and Information Switch 27
2007 Copyright by KingHi
6.Set up filters strategy, shown in Figure (3_34), click the Add button to set
3_34
7.Enter the keyword "" "" Add to the right of the select box, then click the Add
3_35
interface. Click the Edit button to filter policy configuration to take effect.
TM
iCom NetStrobe Security Isolation and Information Switch 28
2007 Copyright by KingHi
3.2.5 Filtering
Tip: In revising its strategy before the corresponding filter module must
NetStrobe the release of the system function modules and functional modules
in the various functional agents have the time filtering, publish functional modules
HTTP, FTP, POP3, SMTP, DB function nodes have had time to filtering; functional
modules in the proxy HTTP, FTP , POP3, SMTP, SOCK functional nodes are time
filtering.
TM
iCom NetStrobe Security Isolation and Information Switch 29
2007 Copyright by KingHi
3_36
hours, for the corresponding function modules the available time, other time
Users can also filter the page by the time the "new()", "Reset
" button to the time required to set their own filtering policies, only need to
modify the selected time period and successful strategies can be submitted.
Address filtering is NetStrobe system provides filtering for the plug-in POP3,
SMTP and proxy function blocks the release of all address filtering this feature.
show in as3_373_38
3_37
TM
iCom NetStrobe Security Isolation and Information Switch 30
2007 Copyright by KingHi
3_38
Filtering strategy includes: e-mail users that the sender, recipient, cc, dark
delivery; filtering keywords scope of the rule that is equal to, contains, from ...
Users can combine e-mail users and the scope of the rules to develop a
and fill in filtering e-mail address, click >> added to the filter list, and click the Add
to submit filtering rules, NetStrobe service will be automatically using these filtering
strategies.
Title filtering is NetStrobe to provide for the e-mail filtering feature, POP3,
TM
iCom NetStrobe Security Isolation and Information Switch 31
2007 Copyright by KingHi
SMTP and proxy function blocks the release of all address filtering this feature.
3_39
Users can the need to develop appropriate rules, simply choose the
appropriate parameters, fill in the need to filter the message contains the thematic
content of keywords, click >> added to the filter list, and click the Add to submit
filtering rules, NetStrobe services will automatically use these filtering strategy.
POP3, SMTP and proxy function blocks the release of all address filtering this
TM
iCom NetStrobe Security Isolation and Information Switch 32
2007 Copyright by KingHi
3_40
Users can the need to develop appropriate rules, simply choose the
appropriate parameters, fill in the need to filter e-mail attachment that contains the
name, click on >> added to the filter list, and click the Add to submit filtering rules,
the user can use the filtering feature some of the content containing any of these
sites are prohibited filter, can not access the browser to enhance the network
security.
TM
iCom NetStrobe Security Isolation and Information Switch 33
2007 Copyright by KingHi
3_42
In the Add Filter rules filter the content of the page fill in keywords, click on >>
added to the filter list, click New, NetStrobe system services will automatically
use these filtering strategies, the content of sites containing these keywords will
3_43
Figure keywords to filter content "qq" and "mail", it contains a "qq" and "mail" will
TM
iCom NetStrobe Security Isolation and Information Switch 34
2007 Copyright by KingHi
be through third-party virus detection tool for perfect access to support and
3_44
To start this feature, just click the "Browse" button, select the appropriate
library file and upload the virus can be, NetStrobe will automatically filter the
records and to make a timely manner with an intuitive display of polyline on the
page.
user can see the real-time system resource usage, can also choose to extranet or
TM
iCom NetStrobe Security Isolation and Information Switch 35
2007 Copyright by KingHi
Attention! This page uses a Java Applet monitoring technology, the client
browser to be able to display correctly you need to install JRE 1.6 or later.
3_45
TM
iCom NetStrobe Security Isolation and Information Switch 36
2007 Copyright by KingHi
3_46
The audit log is an audit of user behavior and to record the form of logs, user
TM
iCom NetStrobe Security Isolation and Information Switch 37
2007 Copyright by KingHi
3_47
including the current user and the user authorized to use NetStrobe
access.
Users can any of a way to view the audit log, you can also view the free
combination of four kinds of ways to view the audit log, the result such as
(3_48)
3_48
TM
iCom NetStrobe Security Isolation and Information Switch 38
2007 Copyright by KingHi
Carried out under the supervision of the navigation menu, tools, and select
the service log node, select the appropriate time and level of Figure (3_49) as
shown in
3_49
Click to view the log contents, the user can press the log-level view, you can
see by time, users can view the combination of two kinds of ways to view the
service log.
TM
iCom NetStrobe Security Isolation and Information Switch 39
2007 Copyright by KingHi
3_50
3.2.7.1 IP Settings
NetStrobe have IP changes the function, through the IP changes, users can
NetStrobe add remove edit IP address, subnet mask, gateway, DNS server, modify
operation.
TM
iCom NetStrobe Security Isolation and Information Switch 40
2007 Copyright by KingHi
3_51
Can be seen from the page is divided into internal and external network IP
change modify, add button to add a different from the current existing IP; modify
the button is to change the current IP to become targets for IP; delete button
Made appropriate changes to the user and re-started after the interface will
TM
iCom NetStrobe Security Isolation and Information Switch 41
2007 Copyright by KingHi
3_52
Modify the page, enter the original password and then enter your new
password and confirm enter a new password and click "OK" button to submit the
password change, the system will record the user's new password, log in again
when the management interface to enable a new password, to use the old
Login NetStrobe after the operation to operate the log will be retained in the
form of records, the operation log information stored in a database, users can view
TM
iCom NetStrobe Security Isolation and Information Switch 42
2007 Copyright by KingHi
3_53
Users can view them by time; can press to view the content of chi; can follow
the operator to view; users can see three kinds of ways to view the operation of the
3_54
3.2.7.4 Preferences
inbound threads to control the message threads, queues maximum depth, log
TM
iCom NetStrobe Security Isolation and Information Switch 43
2007 Copyright by KingHi
level, log level of the maximum capacity and audit level. Users can use the default
values in accordance with NetStrobe, you can also set the appropriate parameters
for use.
3_55
:log level
:audit level
TM
iCom NetStrobe Security Isolation and Information Switch 44
2007 Copyright by KingHi
3_55
easily modify
Select Firewall Settings node in the firewall configuration page, users can
choose the type of network within and outside the network, the firewall configured
with four levels, namely low, medium, high and Custom Level. Low Medium High
level of security, to meet basic safety requirements; the level of the firewall is the
standard level for most of the user's security requirements; high-level security
requirements of the corresponding relatively high, this level under the network
3_56
When the user of low, medium and high three-level security policy modification,
the firewall level will automatically jump to the Custom Level. In the Custom Level
TM
iCom NetStrobe Security Isolation and Information Switch 45
2007 Copyright by KingHi
where users can modify according to their own needs to add the appropriate
firewall policy.
3_57
Restart the service is NetStrobe restart the service that comes with the
button, the system detects the need to restart the service when the top right of
the interface in the management of the need to restart prompt will appear the
TM
iCom NetStrobe Security Isolation and Information Switch 46
2007 Copyright by KingHi
3_58
Such as (3_59)
3_59
Tip: operating instructions for the pairs , "stop service" to stop Intranet
and Extrane at the same time, "Start Service" to start the internal and
external services at the same time. Can not be internal and external to start
TM
iCom NetStrobe Security Isolation and Information Switch 47
2007 Copyright by KingHi
4 Appendix
Set by NetStrobe There are many ways to prohibit the use of QQFirst, in the
navigation menu, select agent under the HTTP module function module node.
Method 1
4_1
Select the HTTP Server Port parameter settings in the filtering options, click
And then click the "Server Port Filter >> to enter the port filtering configuration
page.
TM
iCom NetStrobe Security Isolation and Information Switch 48
2007 Copyright by KingHi
4_2
Enter 8000 and 443 ports, these two ports added to the list, click Add, NetStrobe
system services to QQ service port filtering, will automatically stop the QQ landing.
Method 2
4_3
Select the HTTP parameter settings in the server IP filtering options, click Modify
And then click the "Server IP Filtering" >> into IP filtering configuration page.
TM
iCom NetStrobe Security Isolation and Information Switch 49
2007 Copyright by KingHi
Click the Add button to add the filter rules into the page.
4_4
QQ IP 202.96.170.166 IP NetStrobe
QQ IP IP QQ
4_5
IP, such as the QQ server "202.96.170.166" such as IP address of the input list,
click New, NetStrobe system services will filter these QQ server IP, will
TM
iCom NetStrobe Security Isolation and Information Switch 50
2007 Copyright by KingHi
automatically block access to these IP, thus can not log on QQ.
Click the Add button to add the filter rules to enter the page
4_6
Tencent QQ associated with the site URL address added to the list, click Add,
NetStrobe will automatically block access to these addresses, thus QQ will not be
used.
Prohibit the use of MSN filtering server port can be used to implement the
method
First, in the navigation menu, select agent under the HTTP module functional
modules,
TM
iCom NetStrobe Security Isolation and Information Switch 51
2007 Copyright by KingHi
4_7
Select the HTTP Server Port parameter settings in the filtering options, click
And then click the "Server Port Filter" >> to enter the port filtering configuration
page.
Click the Add button to add the filter rules into the page.
4_8
MSN, server port 443 to add the input filter list, click Add, NetStrobe system
service filters 443 of this port, will automatically stop the MSN login.
TM
iCom NetStrobe Security Isolation and Information Switch 52
2007 Copyright by KingHi
Common use of client software, send and receive e-mail, the system can be
for such functions can be directly disabled SOCK proxy, POP3/SMTP mail
services you can disable client mode client software sending and receiving e-mail
NetStrobe set by prohibiting the use of WEB Mail commonly used mail server
URL-filtering methods. First, in the navigation menu, select agent under the HTTP
4_9
Select the HTTP parameter settings in the server URL filtering options, click Modify
TM
iCom NetStrobe Security Isolation and Information Switch 53
2007 Copyright by KingHi
And then click the "URL Filter" >> into the URL filtering configuration page.
Click the Add button to add the filter rules into the page
4_10
4_11
Part of the mail server URL keyword (WEB e-mail mainly: included mail, with 126,
etc.) added to the list, click Add, NetStrobe will automatically block that contains a
TM
iCom NetStrobe Security Isolation and Information Switch 54
2007 Copyright by KingHi
5.1 Q & A:
Q1NetStrobe Publish function module network type to choose?
A1 NetStrobe publish function NetStrobe listening port configuration of
network types are within the network and external network, the network type
is incorrect failure will lead to release. If it is within the network server site to
outside the network, network type should be chosen outside the network; if it
is outside the network server site to internal network, network type should be
chosen Intranet.
Q3Publishing and proxy functions will fail to configure the port 21,22,6000
A3Ports 21,22 and 6000 are NetStrobe system ports already in use, publish,
or listening on the port to use proxy configuration to these ports, the system
will detect that the port re-use, resulting in Configuration failed. Port 21 is used
for FTP upload and open ports; port 22 is used for SSH tools to connect
systems and open ports; 6000 is used to sign-on system management
terminal port
TM
iCom NetStrobe Security Isolation and Information Switch 55
2007 Copyright by KingHi
modify these parameter values, or they may be system can not be caused by
normal use.
Q6How to ensure that the machine temperature is too high for long-running
and Bu Zhiyu system does not normally cause
A6NetStrobe the normal work of the machine hardware environment in the 0
~ 40 , and the machine requires at least leave 15CM wide around the
location of ventilation fans for cooling machine.
TM
iCom NetStrobe Security Isolation and Information Switch 56
2007 Copyright by KingHi
5.2 Contact us
Zip code518057
TEL075526470190
E-mailservice@kinghitech.com
WebSitehttp://www.kinghitech.com
TM
iCom NetStrobe Security Isolation and Information Switch 57