Audit > Network Access

Show me an explanation of the items on this page.

What is Network Protection?

Network Protection allows you to monitor and control access on a per application and per machine basis. Use it to collect bandwidth utilization consumed by each managed machine on your network. The network access function lets you approve or deny network access on a per application basis. Use the Network Statistics report to view network bandwidth utilization versus time. Drill down and identify peak bandwidth consumers by clicking on the graph's data points. See which application and which machine use bandwidth at any point in time.

Applications that do not use the Windows TCP/IP stack in the standard way may conflict with the driver used to collect information and block access (especially older legacy applications). The agent can not monitor network statistics or block network access if this driver is disabled.

How do I approve/deny applications from accessing the network?

The system allows administrators to control access to the network by individual applications. Applications can be permanently denied access to the network; users can also be notified when an unlisted application accesses the network, permitting or denying that application network access.

To approve network access to an application:

1. Click the client machine link from the Machine.Group ID column whose applications you wish to approve network access to.
A list of applications installed on the client machine will be displayed. Since the list may be large, you can control the applications displayed by using the application filter, which is accessed by pressing Filter , located at the top of the application.

2. In the applications list, select the application(s) that you wish to approve access to the network.

3. Select the Ask user to approve unlisted radio button, then press Apply.

4. Press Approve apps.

The application(s) selected in the application list are added to the Approved Apps column.

To deny network access to an application:

1. Perform steps 1-3, as shown above.

2. Press deny apps.

The application(s) selected in the application list are added to the Denied Apps column.

In approving application access to the network and selecting the Ask use to approve unlisted radio button, the user will be notified when an application attempts to access the network that is not on the application list for their machine. The user has four responses that they can enter for the given application:

The system allows administrators to control access to the network by individual applications. Applications can be permanently denied access to the network; users can also be notified when an unlisted application accesses the network, permitting or denying that application network access.

To approve network access to an application:

  1. Click the client machine link from the Machine.Group ID column whose applications you wish to approve network access to.
    A list of applications installed on the client machine will be displayed. Since the list may be large, you can control the applications displayed by using the application filter, which is accessed by pressing Filter , located at the top of the application.

  2. In the applications list, select the application(s) that you wish to approve access to the network.

  3. Press Approve apps.

The application(s) selected in the application list are added to the Approved Apps column.

To deny network access to an application:

  1. Perform steps 1-2, as shown above.

  2. Press deny apps.

The application(s) selected in the application list are added to the Denied Apps column.

Notify user when app blocked

Clicking Enable notifies the user when an application attempts to access the network that is not on the application list for their machine. Use the function to build up the access list based on normal usage. This lets you see which applications on your system are accessing the network and when.

The user has four responses that they can enter for the given application:

Enable/Disable driver at next reboot

Enable/Disable the network access protection driver for an agent. Applications that do not use the Windows TCP/IP stack in the standard way may conflict with this driver (especially older legacy applications). The agent can not monitor network statistics or block network access if this driver is disabled.

NOTE: Changing the state of the drive does not take effect until the selected machine is next reboot.

Explanation of items on this page

The following elements are displayed in the Network Access function:

Machine.Group ID

Lists the client machines according to the Specify Accounts criteria.

Notify User

An X in this column indicates that the client machine user will be notified when an application has been denied network access. To remove this notification:

  1. Select the client machine that is to have the notification removed by selecting the checkbox next the machine ID.

  2. Unselect the Notify use when app is blocked (make sure it is checked).

  3. Press Apply.

To notify the user when a application has been denied:

  1. Select the client machine that is to have the notification removed by selecting the checkbox next the machine ID.

  2. Select the Notify use when app is blocked (make sure it is unchecked).

  3. Press Apply.

Enable Driver

Identifies on a per machine ID basis, which machines have the network protection driver enabled or not.

Approved Apps

If all applications are approved for network access, then Approve All Unlisted is shown in the Approved Apps column. Specific applications can be added to the list by selecting the checkbox next to the application in the application list, then pressing Approve Apps. If an application is specifically listed in the Approved Apps column, all unlisted applications that attempt to access the network can be set to behave in the following ways by responding to the Internet Access Attempted dialog box:

Denied Apps

Applications listed in the Denied Apps column are not allowed to access the network.

 

The following functions can be applied in conjunction with the settings applied in the previous functions:

Unlisted Action

Identifies how each machine ID reacts when an application that is not specifically listed tries to connect to the network.

Check-in status

The check-in status of the machines shown in the client machine list is indicated by the icon shown to the left of the client machine ID. The icons and their status are as follows:

Agent has checked in  

Agent has not recently checked in

Agent has never checked in