Security Incident


Report Problem
Lost/Stolen Device

VPN


Login to vpn@ucsf
VPN Help

Help


Login to help@ucsf
email us
Call (415) 514-4100,
option 2




Advanced Search
Recent Changes

Sygate Frequently Asked Questions

What is Sygate?

Sygate Enterprise Firewall is security software comprised of a host based firewall and an intrusion detection system.

What is a Host Based Firewall?

A host based firewall is security oriented software that installs on individual workstations, servers, and laptops. Host based firewalls control network traffic through the enforcement of policies that govern permissions for network traffic allowed into and out of the computer. Once installed, Sygate provides a centrally controlled, customizable firewall providing a layer in the overall scheme of computer protection. 

What is an Intrusion Detection System?

An Intrusion Detection System (IDS) is software designed to detect Trojans, port scans, and other common attacks. An IDS uses signatures of known attack types to prevent them from entering the computer from the network. Sygate’s IDS component receives signature updates from the central server at UCSF.

Why is Sygate important to UCSF?

UCSF computers frequently store sensitive data containing personal and patient information which must be protected. When partnered with antivirus and anti-malware software, Sygate provides a final level of defense for UCSF workstations from attacks by hackers, internet worms and other intrusion attempts. UCSF’s campus networks are not protected from outside attacks by border firewalls. This means anyone on the Internet has access to unprotected computers on the UCSF campus networks. Sygate is configured to deny several types of potentially harmful traffic that originates outside of UCSF’s network boundaries. Sygate’s Intrusion Detection System also protects the workstation from Internet based worms even if they originate from within the UCSF network.

What desktop/laptop operating systems is Sygate compatible with?

THIS VERSION OF SYGATE IS NOT COMPATIBLE WITH WINDOWS VISTA

Is there a Windows Server version of Sygate Available?

The version of Sygate available for download from this OAAIS web site is for workstations and laptops. If you would like a server version, please open a help ticket with UCSF/OAAIS Customer Support at (415) 514-4100, option 2 and request the server version.

How do I obtain and install Sygate?

  1. Download the Sygate installer
  2. Save the installer to your desktop or a folder of your choice on your hard drive.
  3. Close/exit all open programs then double click on the Sygate installer to launch the installation process.
  4. Accept all defaults and allow the computer to reboot at the end of the installation.

Windows comes with a firewall. Should I leave it on even after installing Sygate?

No. The Windows firewall interferes with Sygate’s ability to correctly analyze and control the data coming into the computer. Please turn the Windows Firewall off when you install Sygate.

My computer came with McAfee or Norton Internet Security Suite pre-installed. Do I still need to load Sygate?

If you have subscribed to the trial software that came with your computer and that software includes a firewall feature, you do not need to load Sygate on your computer. You should remove any such software before loading Sygate if you decide not to subscribe to the manufacturer for updates. Please remember that McAfee and Norton Internet Security Suites also include Anti-Virus software so you will need to replace that software also. UCSF offers Sophos Anti-Virus and SpySweeper Anti-Spyware at no cost to UCSF students, faculty and staff. Please see the OAAIS/EIS Products and Services page for information on Sophos and SpySweeper.

How do I uninstall Sygate?

  1. Click the Start Menu on your task bar.
  2. Click Settings|Control Panel|Add/Remove Programs.
  3. Click Sygate Security Agent 4.1.
  4. Click Remove. Windows guides you through the process and the computer will reboot at the end of the uninstall process.

How do I repair Sygate?

Besides the normal installation and un-installation, you can also repair a Security Agent installation. With this feature, you can restore any files that are missing or damaged. You should only do this if instructed to do so by your administrator.

To repair a Security Agent installation:

  1. Click the Start Menu on your task bar.
  2. Click Settings|Control Panel|Add or Remove Programs.
  3. Click Sygate Security Agent 4.1.
  4. Click Change. Windows prompts you to Remove or Repair.
  5. Choose Repair and click Next. Windows repairs your installation.

How can I tell that Sygate is installed and running?

Once installed, the Agent displays a small icon in your system tray (located on the right end of your task bar), consisting of two arrows. The arrows represent system traffic: the upward-pointing arrow is outgoing traffic; the downward-pointing arrow is incoming traffic. In addition, The Status Light, in the lower-right hand corner of the icon, gives a real-time update of the Management Server-Agent communication status. If green, the light indicates that the Agent is online and communicating with the Management Server. If absent, the Agent is not connected to the Management Server. These arrows give you a real-time update of your computer’s traffic flow. You might not see a constant icon appearance for more than a few seconds, especially if you frequently use the Internet or your network connection.

My Sygate Icon in the Systray changes colors from time to time. What does that mean?

The Sygate Icon is designed to change color to provide an indication of the type of control it is applying to the data flow in and out of the computer. 

When either or both arrows in the agent icon are…

RED ...traffic is being blocked by the Agent.

Blue ...traffic is flowing uninterrupted by the Agent.

GRAY ...no traffic is flowing in that direction.

Both RED with Flashing Center …the Agent is blocking a worm attack.

I think Sygate is interfering with my ability to reach a network resource. How do I determine if it is blocking me?

To see if traffic from your computer to a resource you’re trying to reach is being blocked, check is the traffic log. To check your traffic log, right click on the Sygate icon in the systray and select Logs -> Traffic Log from the menu. In the traffic log, look for blocked traffic to/from your computer and the resource you’re trying to reach. For more information on this topic, please see the Sygate Security Agent User Guide available from the downloads page.

I don’t see anything in the logs but I still can’t get to the network resource. What do I do now?

Temporarily disable the Sygate security agent. To do this, right click on the Sygate icon in the systray and select Disable Sygate Security Agent from the menu. Then try to reach your resource again. If you are still unsuccessful, then something other than Sygate is interfering with your traffic. You can re-enable the Sygate Security Agent by right clicking on the Sygate icon in the systray and selecting Enable Sygate Security Agent. If you forget to do this, the Agent will automatically re-enable itself in 10 minutes.

I have a home network. Can I still have Sygate enabled and get to my network resources at home?

Yes, Sygate is configured to trust the private IP ranges, 192.168.x.x, 172.16.x.x and 10.x.x.x used by most home routers.

I also work at a place other than UCSF. Can I access network resources on a different network than UCSF’s?

No. This version of Sygate is only configured to trust UCSF networks and the private network ranges specified above.

Please tell us what you think of our new website