logo
Company Info Product News Products Support Downloads Contact Info
Remote Access Internet Filtering Email Security Bandwidth Management Vulnerability Management Anti Virus Protection
CP Secure Overview
CSG Models / Specs
CPSecure CSG 100
CPSecure CSG 300
CPSecure CSG 1000+
CPSecure CSG 1500
CPSecure CSG FAQ's
Stream-Based Scanning
Wormsecure Network AV
Wormsecure 500
Downloads
CP Secure Price Enquiry
banner

Frequently Asked Questions

Before contacting our technical support team, please check to see if your questions are answered here.

WEB INTERFACE

Which browsers are compatible with the Web UI?
Internet Explorer 5.0 and higher or Netscape 7.1 and higher with a minimum resolution of 800 x 600.

What is the default IP address for the CSGs?
192.168.248.248/255.255.255.0. CSG appliances can be accessed at http://1.1.1.8 when located between the gateway and the management console.

What is the default login password?
cpwall

How do I log in if I forget my password?
Log into the CSG via the serial port, enter "admin" (without quote marks) as the username, followed by "resetpasswd" (without quote marks). The system will revert to the default password.

Why can't I log into the UI or submit configuration changes?
Cookie support is required. Ensure that the cookie setting is enabled.

How do I check which version of CSG is running?
The version information for the anti-virus software, virus pattern, and virus scan engine can be obtained from the Home-->Summary page.

Why do I see "SMTP server required" when I save anti-virus configuration changes?
CSG relies on the external (SMTP) mail server to send reports, logs, and notifications. If you do not require reports, logs, or other types of notification, just enter a random valid IP address.

NETWORK TOPOLOGY STRUCTURE

Are all the Ethernet ports on the CSG equal?
Yes, each port is equal because the CSG works in bridge mode.

How do I configure the IP address for the CSG?
Use one of the following methods:

  • Log into the CSG via the serial port (username: admin - do not enter a password), then type the command netconf at the prompt.
  • Use the UI to navigate to http://192.168.248.248.
  • If the CSG is between the gateway and the management console, navigate to http://1.1.1.8 using the Web UI.

Where should the CSG be installed in the network?
If you have a firewall, install the CSG between the firewall and the router. If you do not have a firewall, install the CSG immediately behind the gateway. Refer to the Deployment section in the Getting Started Guide for additional deployment options.

Do I need to modify firewall rules or policies after installing a CSG in the network?
No. The plug and play nature of the CSG ensures that you do not have to modify firewall rules and policies.

Can I install the CSG between two switches that communicate via an 802.1Q (VLAN) packet?
Not at this time, but there are plans to support VLAN in future versions of the CSG.

Does the CSG scan traffic over a VPN connection?
VPN connections use the L2TP or PPTP protocol which builds a tunnel between the server and clients, protecting all packets, so traffic does not need to be scanned.

Where should I install the CSG installed if I use a VPN to connect to another office?
If you install the CSG behind the VPN server, this will force a scan of all traffic from the other office.

Why do I get the message "update server unreachable" when I test network settings?
If your firewall does not permit "pings" through ICMP packets, you will need to ensure that the correct DNS server is being used and that the IP addresses of the CSG and gateway are on the same subnet.

IN-PLACE-MESSAGE

What is In-Place-Message and how does it work?
In-Place Message runs on SMTP, POP3, and IMAP4 protocols to automatically process incoming and outgoing mail for tasks such as anti-virus, mail auditing and archiving.

How do I save In-Place-Messages processed by CSG?
In-Place Messages that are appended to emails may be saved as attachments.

What is the default setting for In-Place Messages?
The CSG defaults to appending In-Place Messages only if a virus is detected.

Can the CSG be configured to append Safe-Messages when a virus is not detected?
 Yes. Choose Append Safe Stamp via Antivirus --> Advanced Settings --> Notification --> append safe messages.

BASE POLICIES

What is meant by the terms cleanable virus and uncleanable virus?
A cleanable virus can be removed from an infected file while preserving the file; an uncleanable virus cannot be removed without also removing the infected file itself.

How many policies does the CSG provide for treating virus-infected files?
 The CSG offers six policies: Clean + Delete, Clean + Quarantine, Clean + Audit, Delete, Quarantine, and Audit.

How do I release files after they have been quarantined?
Go to Antivirus-->Quarantine-->View Quarantine and select the file to be released. Configure the recipient’s email address via Antivirus-->Quarantine--> Quarantine configuration. The quarantined files will be sent to the designated email address. You can choose a frequency for sending quarantined files or to send the files immediately. Quarantined files are compressed and encrypted; the password is sent with the email.

How do I retrieve quarantined files?
Enter the recipient’s email address via Antivirus--> Quarantine--> Quarantine configuration, select the record via Antivirus-->Quarantine-->View Quarantine, and click Resend to retrieve the file.

How does CSG process virus-infected files when the policy is set to Clean + Quarantine or Quarantine?
 Using Clean + Quarantine, a cleanable virus is detected and recipients will receive a cleaned file. If an uncleanable virus is detected, the infected file will be quarantined and the recipients will receive quarantine information. Using Quarantine alone, recipients will receive quarantine information if a virus-infected file is detected.

How does CSG process virus-infected files when the policy is set to Clean + Audit or Audit?
 Using Clean + Audit, when a cleanable virus is detected, recipients will receive a cleaned file. If an uncleanable virus is detected, the infected file will enter the network and the recipients will receive audit information. Using Audit alone, the virus-infected file will enter the network and the recipients will receive audit information.

If the mail size limit is set to 3MB, for example, does this mean that the CSG also can only scan mail smaller than 3MB?
 The limit refers to the maximum size of attachment that can be scanned by the CSG. The CSG cannot scan attachments over 3MB if the mail size limit is set to 3MB.

What is the CSG’s file-blocking policy?
 Filename extension on the list and file type equals
filename extension: allowed.
Filename extension on the list and file type does not equal
filename extension: not allowed.
Filename extension is not on the list: not allowed.
Filename extension is on the list: not allowed.
Filename extension is not on the list but the file type is on the list: not allowed.
Filename extension is not on the list and the file type is not on the list: allowed.
Archive files are always allowed.
The default policy is to block all types.

What is the CSG’s file-scanning policy?
 1. Scan the following file types:
a. File type on the list: scanned.
b. File type is not on the list: not scanned.
c. File type is unknown: scanned.

2. Scan all except the following file types:
a. File type is on the list: not scanned.
b. File type is not on the list: scanned.
c. File type is unknown: scanned.
3. Default policy: scan all.

Note that the true file type is used, not the file extension, to prevent spoofing.

Why are certain file types received when the CSG has been configured to block those types?
The CSG does not rely on the file suffix to detect file types; it identifies the real file type, even if the file suffix has been modified, to prevent spoofing.

LOGS AND REPORTS

How do I get log information automatically?

  • The CSG maintains virus, traffic, and system logs.Configure the CSG's network settings, including the IP address, the gateway and DNS servers.
  • Configure the email parameters, including the email server (System-->Antivirus Configuration --> SMTP server host name/IP address) and email address (Antivirus -->Log Files-->Log Configuration).
  • Configure the Send Log Frequency or the Send Now options.

How many report formats are supported?
Text: .txt and .csv (comma delimited for export to Excel)
Graphic: Pie and bar charts.

How do I get report information automatically?

  • Configure the CSG's network settings including the IP address, the gateway, and DNS servers.
  • Configure the email server (System-->Antivirus Configuration--> SMTP server host name or IP address) and email address (Antivirus-->Report--> Virus/ Traffic/ System Report-->Email report to).
  • Select and configure the report file format.
  • Configure the Send Log Frequency or the Send Now options.
  • Configure the Send Report Policy.

Can outdated logs be deleted?
 How does CSG process logs over the size limit?
The CSG automatically deletes outdated logs; there are no manual controls. When the log directory exceeds the size limit, the CSG automatically deletes the oldest logs and forwards them to the administrator.

Why are reports received at times other than when CSG has been configured to send them?
 This will only happen if you changed time zones; in this case, you need to reboot the CSG so that it works with the current time zone.

Why doesn’t my CSG receive logs and reports?

  • Check the CSG's network settings to ensure that the network connections are working;Check the sender's email address. By default, a pseudo-sender’s email address (admin@csg) is used, and this address may not work with some email servers. Use a valid sender's address and a mail server with the same domain name.
  • Check whether your SMTP server is needed for authentication purposes and configure accordingly.

Note: If your SMTP server is not needed for authentication purposes, you may not be able to configure this option.

UPDATES

What is Remote Update?
 Remote Update ensures that the CSG’s anti-virus patterns and software are up-to-date.

How does Remote Update work?

  • The CSG contacts the CP Secure update server via a secure connection and checks for available updates.
  • The CSG downloads and installs any available updates.
  • All services restart once the installation is complete.

What is the default frequency for automatic updates?
 The default update frequency is to check for new files on an hourly basis.

When should remote updates be configured using the HTTP proxy server?
 CSG uses the HTTPS protocol (default port 443) for remote updates when a network uses the HTTP proxy server to access the Internet. The proxy server needs to be configured accordingly.

Why are remote updates required?
 To protect customers against the latest threats, the following information is updated:
Virus patterns including the current anti-virus code.
Virus pattern patches in response to an outbreak.
Virus engines to detect new viruses.

Can updates be initiated manually?
 Yes, you can choose to update Virus Patterns only, or update all systems, via --> Update setup -->update now using the Web UI.

Can I check whether an update has been installed successfully?
 Yes, you can check update information on the Home->summary page.

Why doesn’t my CSG receive updates?
 There are three possible reasons:
Your CSG has not been registered. The Update server checks the registration number when it receives a connection request.
Your network parameters may be configured incorrectly. Conduct the appropriate tests to ensure the correct settings.
If your firewall does not permit port 443 to pass through, you need to modify the configuration.

SMTP

Which port listens to the SMTP protocol?
 Port 25

What is meant by the term Outbound Messages? When can the Outbound Messages settings be used?
 You can use the Outbound Messages settings for the CSG to scan SMTP traffic when users send mail to remote domains or from the local domain relay to remote domains.
Note: CSG does not scan SMTP traffic in the local domain.

If I use a Lotus Domino mail server and a Lotus Notes client, can the CSG scan mail when it is sent and received?
No. Lotus Domino/Notes uses port 1352 to send and receive mail, and the CSG does not scan on that port. However, if the mail client is Outlook Express or Outlook and the mail server is Lotus Domino, the CSG will scan mail sent and received.

I added an account in Outlook to connect to the Microsoft Exchange Server to receive or send mail. Why doesn’t the CSG scan that traffic?
 This configuration uses Port 135, which prevents the CSG from scanning mail.

Does CSG scan mail sent or received via Microsoft Hotmail?
 No. Hotmail uses port 80 to send and receive mail, which is a dedicated protocol, so CSG cannot scan these emails.

How can I append my company's disclaimer to emails processed by the CSG?

  • Select Antivirus-->Protocol-->SMTP-->Append Disclaimer.
  • Enter your disclaimer under Antivirus-->Advanced Settings-->Notification-->Insert this disclaimer message for every email scanned.

My mail server limits the size of mail that can be processed, so I split a large email into several smaller emails to send. Why can’t these smaller mails be recombined in the mail client?

  • Check that you have not configured SMTP functions, such as Append Safe Stamp, Append Disclaimer or In-place Notification.
  • It is possible that the mail was infected. When the CSG removed the virus, the mail was altered and so it did not recombine.

POP3

Which port listens to the POP3 protocol?
 Port 110 listens to the POP3 protocol.

IMAP

Which port listens to the IMAP protocol?
 Port 143 listens to the IMAP protocol.

Does CSG scan mail sent and received via Netscape/Mozilla?
 No. The CSG cannot scan mail sent and received via Netscape/Mozilla because a special method involving the IMAP protocol is used to download mail.

Why doesn’t my mail include In-Place Messages when I use IMAP to receive mail?
 Some mail clients use a special method to process mail when using the IMAP protocol, preventing the CSG from appending an In-Place Message.

HTTP

Which port listens to the HTTP protocol?
 Port 80 listens to the HTTP protocol.

Why is it still possible to browse a web site whose URL has been blocked using the content filtering options?
 If http://www.abc.com was entered, the CSG will ONLY block http://www.abc.com but the CSG will not block other related pages such as http://news.abc.com, http://sport.abc.com, etc.

If an HTTP proxy is used to connect to the Internet, is it possible to append and scan the HTTP proxy port?
 Yes. The configuration path is Anti-Virus-->Protocol-->HTTP. Then enter the additional port.

FTP

Which port listens to the FTP protocol?
 Port 21 listens to the FTP protocol.

Does the CSG support continuative action downloads via the FTP protocol? Why isn’t a file downloaded via FTP scanned after it is downloaded?
 The CSG does support continuative action downloads, but it does not scan files in instances where the files did not download from the start.

Why do I experience an unremitting reconnection when downloading files via CuteFtp?
 When files are downloaded via CuteFtp, CSG detects the size of the file first before treating virus-infected files. If the file is infected and CSG cleans the file, the file size will be altered. This causes the CuteFtp program to treat the file as though it has not completed downloading, so it builds a new connection to download the file again.

Why aren’t downloaded files scanned by CSG even when the FTP scan features are turned on?
 It may be that the FTP client did not download the file from the start, or CSG connected to the FTP server and the FTP monitor stopped. Note that restarting the FTP monitor does not ensure all traffic is scanned using this connection.

ANTI-SPAM

How should the anti-spam settings be configured?
 CSG uses industry-leading blacklists whose providers append certain IP addresses to their blacklists. If you wish to receive mail from a blocked IP address, add that IP address to the whitelist option. Or, if a blacklist provider does not have a particular IP address from which spam seems to be originating, or it is an IP address you wish to block, add that IP address to the blacklist.

I have configured some of the anti-spam options, but some of the desired incoming mails are being blocked. How do I fix this?
 Add the senders’ IP addresses for the mail which you wish to receive to the whitelist option.

Why do I continue to receive spam even though I have configured the anti-spam options?
 Add the senders’ IP addresses for the mail that you do not wish to receive to the blacklist option.

Do the blacklist and whitelist options enable you to specify SMTP domain names?
 No. However, you can enter IP addresses into the blacklist and whitelist configuration options.

MISCELLANEOUS

Why can’t I use Yahoo Messenger or Microsoft Instant Messaging when HTTP scanning is activated?
 Some versions of Yahoo Messenger use port 80, and a dedicated protocol to communicate, which CSG cannot process.

Why can’t I open files received in archive format?
 CSG will delete viruses detected in archive files and append virus information instead. However, it does not recompress archive files from which viruses have been removed. Use a plain text reader to open these files.

How do I get support?
 Contact CP Secure Online Support if you have installed a CSG in your network and the network connections or any CSG functions appear to be abnormal by sending an email with a detailed description of the problem to support@cpsecure.com. A CP Secure Support Engineer will contact you and provide you with an encryption key, which will enable them to connect to your box via the CSG’s tunnel connection and troubleshoot the situation.

Can I back up the system’s configuration files?
 Yes. Log into the CSG via the Web UI; the configuration path is Support-->ResetConfiguration, and select Backup Now. You can back up files to your machine's local disk. The default file name is config.csg, which is an encrypted file.

Why am I unable to connect to the Internet to send or receive mail, or connect to an FTP/HTTP server, even though the network status displays as normal?
 Try restarting the SMTP/POP3/IMAP/HTTP/FTP monitor (close SMTP/POP3/IMAP/HTTP/FTP scanning) and then restart SMTP/POP3/IMAP/HTTP/FTP scanning.

Why do I receive the message "System process update now, please operate the UI when the update has completed" when I submit configuration changes?
 You cannot submit configuration changes while an update is in progress.

I have HTTP and FTP proxy servers. The HTTP proxy server address and port number is 192.168.1.100:8080, the FTP proxy server address and port number is 192.168.1.200:8080. Why can’t I use the FTP proxy when I select HTTP Scan and append 8080 as an HTTP additional port?
 The CSG utilizes different ports for loading different monitors to scan connections. If you append 8080 as an additional HTTP port, all connections which use 8080 will be processed using the HTTP protocol. In this instance you need to select another port for the FTP proxy.

What are the differences between the CSG 300 and the CSG 100?

  • The CPU for the CSG 300 is faster than the CPU used in the CSG 100.
  • The CSG 300 has a quarantine function.
  • The maximum scan size is 512MB on the CSG 300 compared
    to 10MB on the CSG 100.
  • The maximum log size is 10MB on the CSG 300 compared to 2MB on the CSG 100.

 

Copyright ©2007 Business Concepts Ltd.

Last Updated 1st April 2007

Gateway Anti-Virus- Websense Integration- CSG 100- CSG 300- CSG 1000- CP Secure FAQ's- WormSecure- Stream Based AV