AirLive IAR-5000 User Manual v2
.
IAR-5000
Internet Activity Recorder
User’s Manual
Copyright and Disclaimer
Copyright & Disclaimer
No part of this publication may be reproduced in any form or by any means, whether
electronic, mechanical, photocopying, or recording without the written consent of OvisLink
Corp.
OvisLink Corp. has made the best effort to ensure the accuracy of the information in this
user’s guide. However, we are not liable for the inaccuracies or errors in this guide.
Please use with caution. All information is subject to change without notice
All Trademarks are properties of their respective holders.
AirLive IAR-5000 User’s Manual
Table of Contents
Table of Contents
1. Introduction................................................................................................1
1.1 Overview..............................................................................................1
1.2 Firmware Upgrade and Tech Support..................................................1
1.3 Features...............................................................................................2
2. Installing the IAR-5000 ..............................................................................3
2.1 Before You Start...................................................................................3
2.2 Package Content .................................................................................3
2.3 Knowing your IAR-5000.......................................................................4
2.4 LED Table ............................................................................................5
2.5 Hardware Installation...........................................................................6
2.6 Restore Settings to Default..................................................................8
3. Configuring the IAR-5000........................................................................11
3.1 Important Information.........................................................................11
3.2 Prepare your PC................................................................................11
3.3 Management Interface.......................................................................12
3.4 Introduction to Web Management......................................................13
3.5 Initial Configurations ..........................................................................16
3.6 About IAR-5000’s Menu Structure......................................................21
4. System......................................................................................................22
4.1 Admin.................................................................................................22
4.2 Interface.............................................................................................24
4.3 Settings..............................................................................................25
4.4 Date/Time ..........................................................................................30
4.5 Permitted IPs .....................................................................................31
4.6 Logout................................................................................................32
4.7 Software Update................................................................................32
5. User List....................................................................................................34
6. Authentication..........................................................................................46
i
AirLive IAR-5000 User’s Manual
Table of Contents
6.1 Settings..............................................................................................46
6.2 Auth User...........................................................................................48
6.3 RADIUS .............................................................................................49
6.4 POP3.................................................................................................60
6.5 LDAP .................................................................................................61
7. IM Management........................................................................................74
7.1 Login Notice.......................................................................................75
7.2 Default Rule.......................................................................................78
7.3 Account Rule......................................................................................79
7.4 Configuration Example.......................................................................80
8. Application Management.........................................................................89
8.1 Default Rule.......................................................................................89
8.2 Custom Rule......................................................................................91
9. Record: Settings ......................................................................................93
9.1 Settings..............................................................................................93
9.2 Settings Example...............................................................................96
10. Record: User and Service ...................................................................109
10.1 SMTP.............................................................................................109
10.2 HTTP .............................................................................................115
10.3 IM...................................................................................................118
10.4 Web SMTP.....................................................................................120
10.5 Web POP3.....................................................................................123
10.6 FTP................................................................................................126
10.7 Telnet .............................................................................................129
10.8 Custom Log ...................................................................................131
11. Record: Access Record ......................................................................135
11.1 Accessing Emails Sent via SMTP Protocol....................................135
11.2 Accessing Emails Sent via POP3/IMAP Protocol...........................139
11.3 Accessing Visited Webpages via HTTP Protocol...........................141
11.4 Accessing Details of an IM Conversation.......................................143
AirLive IAR-5000 User’s Manual
ii
Table of Contents
11.5 Accessing Emails Sent via Web-Based Email Service...................146
11.6 Accessing Emails Received via Web-Based Email Service...........147
11.7 Accessing Files Transferred via FTP Protocol................................149
11.8 Accessing Details of Sessions Established via TELNET Protocol..151
12. Content Auditing..................................................................................153
13. Anomaly Flow IP ..................................................................................168
14. Local Disk.............................................................................................174
14.1 Storage Time..................................................................................174
14.2 Disk Space.....................................................................................175
15. Remote Backup....................................................................................177
15.1 Backup Settings.............................................................................177
15.2 Browse Settings.............................................................................180
16. Reporting..............................................................................................182
17. Status....................................................................................................188
17.1 System Info....................................................................................188
17.2 Authentication................................................................................190
17.3 Current Session.............................................................................190
17.4 IM / Application Log .......................................................................191
17.5 Even Log........................................................................................192
18. Specifications.......................................................................................195
iii
AirLive IAR-5000 User’s Manual
1. Introduction
1. Introduction
1
1.1 Overview
Instead to restrict the access right of communication software, the AirLive brings you a
brand new model of Internet Activity Recorder, IAR-5000. It can record the defined service
packets in its hard disk, and provide the log to administrator for monitoring. With Sniffer
mode or Bridge mode, network administrator will not need to change current network
topology, and construct the advanced secure mechanism to protect the confidential
information.
1.2 Firmware Upgrade and Tech Support
If you encounter a technical issue that can not be resolved by information on this guide, we
recommend that you visit our comprehensive website support at www.airlive.com. The
tech support FAQ are frequently updated with latest information.
In addition, you might find new firmwares that either increase software functions or provide
bug fixes for IAR-5000. You can reach our on-line support center at the following link:
http://www.airlive.com/support/support_2.jsp
Since 2009, AirLive has added the “Newsletter Instant Support System” on our website.
AirLive Newsletter subscribers receives instant email notifications when there are new
download or tech support FAQ updates for their subscribed airlive models. To become an
AirLive newsletter member, please visit:
http://www.airlive.com/member/member_3.jsp
Figure: AirLive Newsletter Support System
1 AirLive IAR-5000 User’s Manual
1. Introduction
1.3 Features
Sniffer and Bridge mode
SMTP, POP3/IMAP, HTTP, IM, Web SMTP, Web POP3, FTP, and Telnet Content
Record
IM, P2P, Web mail signature pattern update
IM Management
Application Management for Peer-to-Peer Sharing, Multimedia Streaming, Online
Gaming, VPN Tunneling, and Remote Controlling program
User Authentication
Content Auditing
Anomaly Flow IP
Remote Backup
AirLive IAR-5000 User’s Manual
2
2. Install the IAR-5000
2. Installing the IAR-5000
2
This section describes the hardware features and the hardware installation procedure for
the IAR-5000. For software configuration, please go to chapter 3 for more details.
2.1 Before You Start
It is important to read through this section before you install the IAR-5000
The IAR-5000 is built-in with hard disk installed, so please install IAR-5000 gently
and carefully.
The default hard disk type and size is IDE 160 GB, you can change higher
capacity of hard disk to replace the original one.
You must power off IAR-5000 before to change hard disk. When new hard disk is
installed and power on IAR-5000, system will format hard disk automatically.
The maximum capacity of IDE hard disk is 750 GB.
2.2 Package Content
The IAR-5000 package contains the following items:
One IAR-5000 main unit
User’s Guide CD
Quick Start Guide
CAT-5 UTP Fast Ethernet cable
CAT-5 UTP Fast Ethernet cross-over cable
RS-232 cable
Power code
Rack mount kits and accessories
3 AirLive IAR-5000 User’s Manual
2.3 Knowing your IAR-5000
Below are descriptions and diagrams of the product:
2. Install the IAR-5000
No Port Description
1 Console Port
2 Port 1
3 Port 2
4 USB
5 AC Power
9-pin serial port connector for checking setting and
restore to the factory setting
Use this port to connect to a router, DSL router, or
Cable modem router
Use this port to connect to hub, switch, or switch’s
mirror port
Not Available
Input voltages ranging from 100 ~ 240 VAC, and with
a maximum power output of 85 watts.
AirLive IAR-5000 User’s Manual
4
2.4 LED Table
IAR-5000:
No LED Color Status Description
1 POWER
2 Hard Disk
3
4
IAR-5000 v2:
No LED Color Status Description
1 POWER
2 Hard Disk
3
4
Port1 (L)
Port1 (R)
Port2 (L)
Port2 (R)
Port1 (L)
Port1 (R)
Port2 (L)
Port2 (R)
2. Install the IAR-5000
Green On Power on the device
Green Blinking Data reading / accessing
Orange Blinking Sending / Receiving
Green On 100 Mbps
Orange Blinking Sending / Receiving
Green On 100 Mbps
Green On Power on the device
Green Blinking Data reading / accessing
Orange Blinking Sending / Receiving
-- Off 10 Mbps
Green On 100 Mbps
Orange On 1000 Mbps
Orange Blinking Sending / Receiving
-- Off 10 Mbps
Green On 100 Mbps
Orange On 1000 Mbps
5 AirLive IAR-5000 User’s Manual
2. Install the IAR-5000
2.5 Hardware Installation
Bridge Mode: Connect the Port 1 to the firewall or gateway and Port 2 to a LAN
hub or switch.
AirLive IAR-5000 User’s Manual
6
2. Install the IAR-5000
Sniffer Mode: Connect the Port 1 to the mirror port of a core switch or any port
available on a LAN hub and Port 2 to the network adaptor of the management PC.
Sniffer Mode Bridge Mode
Deployment
Anomaly Flow IP
Application Management
IM Management
Authentication
Connect Port1 to hub or
switch’s mirror port
Alert only Alert and Block connection
N/A Yes
N/A Yes
N/A Yes
Between LAN and firewall
Router
7 AirLive IAR-5000 User’s Manual
2. Install the IAR-5000
2.6 Restore Settings to Default
If you have forgotten your IAR-5000s IP address, you can restore your IAR-5000 to the
default settings by console. Please see diagram below for details.
1. Connect 9-pin RS-232 cable to PC and IAR-5000 console port.
2. Open Hyper Terminal program and configure the following settings.
3. Specify a name to the program
4. Select COM1 as the connecting type
AirLive IAR-5000 User’s Manual
8
5. Fill in Port Setting as following value and clic k OK to save the setting
2. Install the IAR-5000
6. Press “Enter” and input Login name “admin” and password “airlive”.
9 AirLive IAR-5000 User’s Manual
7. Type “ls” to display the command list
2. Install the IAR-5000
8. Type “reset” to reset the device as default.
AirLive IAR-5000 User’s Manual
10
3. Configuring the IAR-5000
3. Configuring the
3
You can configure through standard web browser (http), secured web (https) management.
In this chapter, we will explain IAR-5000’s available management interfaces and how to get
into them. Then, we will provide the introduction on Web Management and recommended
initial settings.
IAR-5000
3.1 Important Information
The following information will help you to get start quickly. However, we recommend you
to read through the entire manual before you start. Please note the password is case
sensitive.
The default IP address is: 192.168.1.1 Subnet Mask: 255.255.255.0
The default user name: admin
The default password: airlive
3.2 Prepare your PC
The IAR-5000 can be managed by a PC. The default IP address of the IAR-5000 is
192.168.1.1 with a subnet mask of 255.255.255.0. This means the IP address of the PC
should be in the range of 192.168.1.2 to 192.168.1.254.
To prepare your PC for management with the IAR-5000, please do the following:
1. Connect your PC directly to the Port1 on the of IAR-5000
2. Set your PC’s IP address manually to 192.168.1.100 (or other address in the same
subnet)
11 AirLive IAR-5000 User’s Manual
3. Configuring the IAR-5000
You are ready now to configure the IAR-5000 using your PC.
3.3 Management Interface
The IAR-5000 can be configured using one the management interfaces below:
Web Management (HTTP): You can manage your IAR-5000 by simply typing its IP
address in the web browser. Most functions of IAR-5000 can be accessed by web
management interface. We recommend using this interface for initial configurations.
To begin, simply enter IAR-5000’s IP address (default is 192.168.1.1) on the web
browser. The default password is “airlive”.
AirLive IAR-5000 User’s Manual
12
3. Configuring the IAR-5000
Secured Web Management (HTTPS): HTTPS is also using web browser for
configuration. But all the data transactions are securely encrypted using SSL
encryption. Therefore, it is a safe and easy way to manage your IAR-5000. We
highly recommend the Internet service provider to use HTTPS for management.
To begin, simply enter https://192.168.1.1 on your web browser. A security alert
screen from your browser will pop up. Please grant all permission and get certificate
to IAR-5000. After you pass the security warning screen, you will enter the
IAR-5000’s secured web management interface. The default password is “airlive”.
3.4 Introduction to Web Management
The IAR-5000 offers both normal (http) and secured (https) Web Management interfaces.
Their share the same interface and functions, and they can both be accessed through web
browsers. The only difference is HTTPS are encrypted for extra security. Therefore, we
will discuss them together as “Web Management” on this guide.
If you are placing the IAR-5000 behind router or firewall, you might need to open virtual
server ports to IAR-5000 on your firewall/router
HTTP: TCP Port 80
HTTPS: TCP/UDP Port 443
This procedure is not necessary in most cases unless there is a router/firewall between
your PC and IAR-5000.
13 AirLive IAR-5000 User’s Manual
3. Configuring the IAR-5000
Normal Web Management (HTTP)
To get into the Normal Web Management, simply type in the IAR-5000’s IP address (default
IP is 192.168.1.1) into the web browser’s address field.
Secured Web Management (HTTPS)
To get into the Secured Web Management, just type “https://192.168.1.1” into the web
browser’s address field. The “192.168.1.1” is IAR-5000’s default IP address. If the IP
address is changed, the address entered in the browser should change also.
A security warning screen from your browser will then pop-up depending on the browser
you use. Please follow step below to clear the security screen.
Internet Explorer: Select “Yes” to proceed
AirLive IAR-5000 User’s Manual
14
Firefox:
1. Select “or you can add an exception”
3. Configuring the IAR-5000
1
2. Click on “Add Exception”
2
3. Click on “Get Certificate”. Then, please enter IAR-5000’s IP address. Finally,
please click on “Confirm Security Exception.”
15 AirLive IAR-5000 User’s Manual
3. Configuring the IAR-5000
3
4
3.5 Initial Configurations
We recommend users to browse through IAR-5000’s web management interface to get an
overall picture of the functions and interface. Below are the recommended initial
configurations for first time login:
Step1. Connecting the administrator’s PC and IAR-5000 (port1 or port2) to the same hub
or switch, and then use the web browser ” IE or Netscape” to connect IAR-5000.
The default IP port address in IAR-5000’s management interface is
http://192.168.1.1.
Step2. The browser prompts you for the user name and password.
User Name: admin
Password: airlive
Click on OK
AirLive IAR-5000 User’s Manual
16
3. Configuring the IAR-5000
Step3. You will be brought to the Installation Wizard screen during your first login. It will
guide you through the settings.
Step4. Select the language and character encoding for your management interface.
Default character encoding will be used on emails with unspecified
character encoding
Step5. Tick Synchronize with an Internet time server as well as configure the offset
hours from GMT to ensure the time correctness.
17 AirLive IAR-5000 User’s Manual
3. Configuring the IAR-5000
Step6. Select an operating mode based on how the device is deployed.
Step7. Choose the basis for recording users’ online activities.
AirLive IAR-5000 User’s Manual
18
Step8. Configure the related interface addresses.
Type a valid IP address from the LAN subnet in the IP Address field and
configure its netmask, default gateway and DNS address accordingly.
To use VLAN, tick Enable VLAN over Port 1 or 2 based on your case and
also assign a VLAN ID to the port.
Specify the maximum downstream and upstream bandwidth respectively.
3. Configuring the IAR-5000
For your reference, you may configure your management address
based on the subnet ranges below:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
19 AirLive IAR-5000 User’s Manual
3. Configuring the IAR-5000
Step9. Configure the device to record the online activities of specific departments or
groups by specifying its subnet and mask address.
Step10. Click on Finish.
Step11. Navigate to User List Æ Settings, and then give each department or group a
friendly name.
AirLive IAR-5000 User’s Manual
20
3. Configuring the IAR-5000
Step12. Under User List Æ Logged, users within the same subnet as the management
address will be included in the same subnet category. In another word, IAR-5000
classifies users by the identity of subnet. Also, the device allows system
administrator to customize user lists for users resided in other subnets.
3.6 About IAR-5000’s Menu Structure
The device’s user interface consists of the following two areas:
The left panel contains all the selectable menu items.
The configuration panel on the right provides all the available settings for
any selected menu item.
Click on OK
Main Menu Configuration
21 AirLive IAR-5000 User’s Manual
4. System
4. System
4
The so-called system administration refers the competency to manage the IAR-5000. In
this Chapter it will be defined to the Admin, Interface IP, Setting, Date/Time, Permitted IPs,
Language, Logout and Software Update.
The IAR-5000 is managed by the main system administrator. The main system
administrator can add or delete any system settings and monitor the system status. The
other group administrator have no competency to modify the system settings (the
administrator’s name is set by the system main administrator), only can monitor the system
status.
4.1 Admin
Administrator/ Group administrator:
The name of system administrator and group administrator . Administrator is the default
name of system administrator in IAR-5000, and it can not be canceled; otherwise the
group administrator can change or cancel it.
The default system administrator can add or modify the other administrator, and also
can decide if the group administrator has the competency to write into main system.
On the other hand, the group administrator who has the write privilege can modify the
competency of default system administrator, or only has the competency to read.
There must be at least one administrator who has the competency to read and write in
IAR-5000.
The default of system administrator in IAR-5000: Account /
password: admin / airlive.
Privilege:
The administrator, who has the competency to read/write, can change the system
settings, monitor the system status, to add and cancel other administrators.
The administrator, who has the competency to read, only can monitor the system
status, but has no competency to change any settings.
Password/New Password/Confirm Password:
To add or modify the main group administrator password.
AirLive IAR-5000 User’s Manual
22
4. System
Group Monitoring:
The group administrator can divide the internal network into several groups. And he
can appoint the specific administrator to view the group but can not view across
groups.
Add New Group-Admin:
Step1. In admin setting window, click the New-Group Admin.
Step2. In add new group-admin window, enter the following information. (Figure 4-1)
Group-Admin set group_admin.
Password enters 12345.
Confirm Password enters 12345.
In View Groups column, select the permitted group record to see.
Step3. Click OK to login the user or click cancel, to delete the new group administrator .
Figure 4-1 Add new group-admin
Change Admin password:
Step1. Find the administrator’s name that correspond to the right column, then click
modify.
Step2. Modify admin password or modify group admin password window. And then
enter the following information:
Password enters airlive.
New Password enters 52364.
Confirm Password enters 52364. (Figure 4-2)
Step3. Click OK to modify the password or click cancel to cancel the setting.
23 AirLive IAR-5000 User’s Manual
4. System
Figure 4-2 To change the admin password
4.2 Interface
Interface Address:
The administrator can set the IP login information in IAR-5000.
Ping:
Enable the function, the user can send Ping (ICMP) packets to Interface.
HTTP:
Enable this function, the user can login IAR-5000 Web UI through HTTP protocol.
HTTPS:
Enable this function, the user can login IAR-5000 Web UI through HTTPS protocol.
Download Bandwidth and Upstream Bandwidth:
The system administrator should set the accurate bandwidth of WAN, in order to be the
basic operation of IAR-5000.
Step1. In System Æ Interface, enter the following setting:
Enter the available IP of the LAN subnet in IP Address, Netmask and
Default Gateway column.
Enter DNS server 1 or DNS server 2.
If necessary, select to enable VLAN feature and provide the VLAN ID
based on the setting.
Enter Max Downstream Bandwidth and Max Upstream Bandwidth.
(It depends on the applied flow statistics of the user.)
Enable the setting of Ping, HTTP and HTTPS function.
Click OK. (Figure 4-3)
AirLive IAR-5000 User’s Manual
24
4. System
Figure 4-3 The interface IP setting
Please do not cancel HTTP and HTTPS before setting the Interface,
because it will let the system administrator could not enter the WebUI
of IAR-5000.
4.3 Settings
System Settings:
The system administrator can import or export the system settings, or they can also
reset the factory setting and format the disk.
Database Check / Repair:
The records can be inspected and / or fixed if damaged or displayed improperly. To
obtain the best performance, please execute it when the network traffic is low in order
to avoid system overload.
System E-mail Notification:
To activate this option, the system administrator will receive the caution message
automatically when IAR-5000 is in the unpredictable trouble.
Device Deployment:
Bridge mode operates as: Port 1 and port 2 function individually.
25 AirLive IAR-5000 User’s Manual
Loading...