background image

Configuration Guide

31

Setting policies for the product

Detection tab

Specify what is scanned and not scanned during an on-access scan.

1

In the lower details pane, select the 

Detection

 tab.

2

Deselect 

Inherit

.

3

Configure these policy options:

a

Under 

Scan files

, choose when to scan files and whether files on network 

drives are scanned.

b

Under 

What to scan

, choose which file types to scan. Use the 

Additions

 

button to add file types to the list of default file types, or the 

Specified

 

button to define a custom list of file types to scan.

c

Under 

What not to scan

, use the 

Exclusions

 button to define a custom list 

of specific files, folders, and drives to exclude from scanning. 

d

Select 

Overwrite client exclusions

 to use only the exclusions that have been 

added in the policy. If 

Overwrite client exclusions

 is not selected, the client 

computer uses the exclusions that were set locally and the exclusions set 
here.

4

Click 

Apply 

to save these settings.

Summary of Contents for NAPCKE-AB-AA - VirusScan For NetApp

Page 1: ...VirusScan for NetApp for use with ePolicy Orchestrator 3 0 Service Pack 1 version 7 1 0 Configuration Guide Revision 1 0 ...

Page 2: ...PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE AS A BOOKLET A FILE ON THE PRODUCT CD OR A FILE AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT DO NOT INSTALL THE SOFTWA...

Page 3: ...ral tab 15 Messages tab 16 Reports tab 17 Setting policies for default processes 18 Processes tab 19 Detection tab 20 Advanced tab 21 Actions tab 22 Setting policies for low risk processes 23 Use different settings for low risk processes 24 Processes tab for low risk processes 25 Detection tab 26 Advanced tab 27 Actions tab 27 Setting policies for high risk processes 28 Use different settings for ...

Page 4: ... configuring tasks 40 On demand scan tasks 41 Creating a new on demand scan task 41 Configuring the on demand scan task settings 42 Where tab 43 Detection tab 44 Advanced tab 45 Actions tab 46 Reports tab 47 Task tab 48 Update tasks 49 Creating a new update task 49 Configuring the update task settings 50 Mirror tasks 51 Creating a new mirror task 51 Configuring the mirror task settings 52 Scheduli...

Page 5: ... product using ePolicy Orchestrator The following information is provided in this guide Installing the VirusScan for NetApp 7 1 0 Network Associates Package NAP files Configuring VirusScan for NetApp policies Creating configuring and scheduling tasks from the ePolicy Orchestrator console Audience This information is intended primarily for network administrators who are responsible for their compan...

Page 6: ...Program Files Network Associates VirusScan Visit the Network Associates web site at http www networkassociates com Run this command on the client computer C SETUP EXE Italic For emphasis or when introducing a new term for names of product manuals and topics headings within the manuals Example Refer to the VirusScan Enterprise Product Guide for more information TERM Angle brackets enclose a generic...

Page 7: ...rity product through ePolicy Orchestrator management software Implementation Guide Supplemental information for product features tools and components Release Notes ReadMe Product information resolved issues any known issues and last minute additions or changes to the product or its documentation Contacts Contact information for McAfee Security and Network Associates services and resources technica...

Page 8: ... join DAT list asp Download Site Home Page http www networkassociates com us downloads DAT File and Engine Updates http www networkassociates com us downloads updates ftp ftp nai com pub antivirus datfiles 4 x Product Upgrades https secure nai com us forms downloads upgrades login asp Training McAfee Security University http www networkassociates com us services education mcafee univer sity htm Ne...

Page 9: ...asks from the ePolicy Orchestrator console These topics are included in this section Adding the VirusScan for NetApp NAP file on page 10 Accessing the VirusScan for NetApp policy pages on page 12 Setting policies for the product on page 13 Enforcing policies on page 40 Creating and configuring tasks on page 40 Scheduling tasks on page 52 ...

Page 10: ...dd the VirusScan for NetApp NAP file to the Repository 1 Log on to the ePolicy Orchestrator server with administrator rights 2 Open the Configuration Wizard using one of these methods In the console tree under ePolicy Orchestrator right click Repository then select Configure Repository In the right pane under AutoUpdate Tasks select Check in NAP Figure 1 1 Configure Repository ...

Page 11: ...iguration Wizard dialog box appears 3 Select Add new software to be managed then click Next to open the Select a Software Package dialog box 4 Locate and select the VNA710 NAP file 5 Click Open to add the file to the Repository 6 Click OK when complete Figure 1 2 Configure Software Repository ...

Page 12: ...th administrator rights 2 In the console tree under ePolicy Orchestrator Directory select the site group single computer or the entire Directory The Policies Properties and Tasks tabs appear in the upper details pane 3 Select the Policies tab in the upper details pane then expand VirusScan for NetApp 7 1 4 Select an item under VirusScan for NetApp 7 1 to display its policy pages Figure 1 3 VirusSc...

Page 13: ...etApp policies are nearly identical to the dialog boxes and their tabs in the VirusScan Console For complete information about the options that you can set for VirusScan for NetApp refer to the VirusScan for NetApp 7 1 0 Product Guide Once you have configured and saved the desired policy options you must enforce the policies to make them available to the ePolicy Orchestrator agent For more informa...

Page 14: ...s on the General Policies tabs apply to default low risk and high risk processes for on access scanning See the VirusScan for NetApp 7 1 0 Product Guide for more information about low risk and high risk processes Policies can be configured on these tabs General tab on page 15 Messages tab on page 16 Reports tab on page 17 ...

Page 15: ...herit 4 Configure these policy options a Under Scan choose whether to scan boot sectors and or floppy disks during shutdown b Under General choose whether to enable or disable on access scanning at startup c Under Scan time type the maximum scan time in seconds for archives and the maximum scan time for all files You can also enforce the scan time limit for all files 5 Click Apply to save these se...

Page 16: ...sages for local users choose whether to display the On Access Scan Messages dialog box for local users and which actions local users without administrator rights can take on infected files b Under Response to network users choose whether to send network users a message in the event of an outbreak and whether to disconnect remote users and deny access to the network share in the event of an outbrea...

Page 17: ...2 Deselect Inherit 3 Configure the logging policies a Under Log file choose whether to log virus activity data to a log file whether to limit the size of the log file and specify the location of the log file b Under What to log in addition to virus activity choose what types of information you want logged 4 Click Apply to save these settings Figure 1 6 General Policies Reports tab ...

Page 18: ...ocesses for on access scanning which are defined as any processes that are not specified as low risk or high risk See the VirusScan for NetApp 7 1 0 Product Guide for information about assigning risk to a process Policies can be configured on these tabs Processes tab on page 19 Detection tab on page 20 Advanced tab on page 21 Actions tab on page 22 ...

Page 19: ...sk processes 1 In the upper details pane under VirusScan for NetApp 7 1 select Default Processes Policies 2 In the lower details pane select the Processes tab 3 Deselect Inherit 4 Choose from these options Use the settings on these tabs for all processes Use different settings for high risk and low risk processes 5 Click Apply to save these settings Figure 1 7 Default Processes Policies Processes ...

Page 20: ...scan Use the Additions button to add file types to the list of default file types or the Specified button to define a custom list of file types to scan c Under What not to scan use the Exclusions button to define a custom list of specific files folders and drives to exclude from scanning d Select Overwrite client exclusions to use only the exclusions that have been added in the policy If Overwrite...

Page 21: ...hese policy options a Under Heuristics choose whether to scan for unknown program viruses and or unknown macro viruses b Under Non viruses choose whether to scan for potentially unwanted programs and joke programs c Under Compressed files choose whether to scan packed executables inside multiple file archives and MIME encoded files 4 Click Apply to save these settings Figure 1 9 Default Processes ...

Page 22: ...o perform on infected files during an on access scan 1 In the lower details pane select the Actions tab 2 Deselect Inherit 3 Use the drop down lists to select the primary action for When a virus is found and the secondary action If the above Action fails 4 Click Apply to save these settings Figure 1 10 Default Processes Policies Actions tab ...

Page 23: ...options on these tabs affect processes specified as low risk on the Processes tab The Detection Advanced and Actions tabs are identical to the tabs of the same names under Default Processes Policies For more information about configuring these options see the VirusScan for NetApp 7 1 0 Product Guide Policies can be configured on these tabs Use different settings for low risk processes on page 24 P...

Page 24: ... you want to use different settings for low risk and high risk processes 1 In the upper details pane under VirusScan for NetApp 7 1 select Default Processes Policies 1 In the lower details pane select the Processes tab 2 Deselect Inherit 3 Select Use different settings for high risk and low risk processes 4 Click Apply to save these settings Figure 1 11 Default Processes Policies Processes tab ...

Page 25: ...ing infection 1 In the upper details pane under VirusScan for NetApp 7 1 select Low Risk Processes Policies 2 In the lower details pane select the Processes tab 3 Deselect Inherit 4 Use the Add and Remove buttons to define the list of low risk processes 5 Click Apply to save these settings Figure 1 12 Low Risk Processes Policies Processes tab ...

Page 26: ...hoose which file types to scan Use the Additions button to add file types to the list of default file types or the Specified button to define a custom list of file types to scan c Under What not to scan use the Exclusions button to define a custom list of specific files folders and drives to exclude from scanning d Select Overwrite client exclusions to use only the exclusions that have been added ...

Page 27: ...ether to scan for potentially unwanted programs and joke programs c Under Compressed files choose whether to scan packed executables inside multiple file archives and MIME encoded files 4 Click Apply to save these settings Actions tab Define the primary and secondary actions to perform on infected files during an on access scan 1 In the lower details pane select the Actions tab 2 Deselect Inherit ...

Page 28: ...n these tabs affect processes specified as high risk on the Processes tab The Detection Advanced and Actions tabs are identical to the tabs of the same names under Default Processes Policies For more information about configuring these options see the VirusScan for NetApp 7 1 0 Product Guide Policies can be configured on these tabs Use different settings for high risk processes on page 29 Processe...

Page 29: ...se different settings for low risk and high risk processes 1 In the upper details pane under VirusScan for NetApp 7 1 select Default Processes Policies 1 In the lower details pane select the Processes tab 2 Deselect Inherit 3 Select Use different settings for high risk and low risk processes 4 Click Apply to save these settings Figure 1 13 Default Processes Policies Processes tab ...

Page 30: ...risk of spreading infection 1 In the upper details pane under VirusScan for NetApp 7 1 select High Risk Processes Policies 2 In the lower details pane select the Processes tab 3 Deselect Inherit 4 Use the Add and Remove buttons to define the list of high risk processes 5 Click Apply to save these settings Figure 1 14 High Risk Processes Policies Processes tab ...

Page 31: ...e types to scan Use the Additions button to add file types to the list of default file types or the Specified button to define a custom list of file types to scan c Under What not to scan use the Exclusions button to define a custom list of specific files folders and drives to exclude from scanning d Select Overwrite client exclusions to use only the exclusions that have been added in the policy I...

Page 32: ...ruses choose whether to scan for potentially unwanted programs and joke programs c Under Compressed files choose whether to scan packed executables inside multiple file archives and MIME encoded files 4 Click Apply to save these settings Actions tab Define the primary and secondary actions to perform on infected files during an on access scan 1 In the lower details pane select the Actions tab 2 De...

Page 33: ... interface policies These policies apply to display and password options Policies can be configured on these tabs Display Options tab on page 34 Password Options tab on page 36 For complete information about these options see the VirusScan for NetApp 7 1 0 Product Guide ...

Page 34: ...0 Display Options tab Configure security related display settings 1 In the upper details pane under VirusScan for NetApp 7 1 select User Interface Policies 2 Select the Display Options tab in the lower details pane 3 Deselect Inherit Figure 1 15 User Interface Policies Display Options ...

Page 35: ...icy Orchestrator update mirror and on demand scan tasks in the VirusScan Console Disable default AutoUpdate task schedule Select this option to disable the schedule for the default AutoUpdate task in VirusScan for NetApp The schedule is disabled when the policy is enforced This policy depends on the Task Manager service which must be running in order for the task s schedule to be disabled When thi...

Page 36: ...e password select the desired level of password protection No password Password protection for all items listed below Password protection for the selected items below 4 If you selected password protection in Step 3 type and confirm the password in the boxes provided 5 If you selected the Password protection for the selected items below in Step 3 select the items for which you want protection 6 Cli...

Page 37: ... the destination for alerts NOTE For complete information about configuring these options see the Alert Manager Product Guide Alert Manager Alerts tab Configure alert policies 1 In the upper details pane under VirusScan for NetApp 7 1 select Alert Manager Alerts Policies 2 On the Alert Manager Alerts tab in the lower details pane deselect Inherit Figure 1 17 Alert Manager Alerts ...

Page 38: ...le alerting If you enable alerting you must select whether to enable centralized alerting or Alert Manager alerting and the location of the folder or server to receive the alerts 4 Click Apply to save these settings Setting NetApp policies Configure these policies to add filers ensure communications between the scanner server and the filer and clear the clean file cache 1 In the upper details pane...

Page 39: ...u create here overwrites the locally configured filer list b After you have added filers here click Remove to delete any filers for which you do not want to process scans 4 Enable keep alive probes Select this option to ensure that the filer and scanner are in communication 5 Reset filer clean file cache after each DAT or Engine update Select this option to clear the cache of files already scanned...

Page 40: ... VirusScan for NetApp 7 1 The VirusScan for NetApp 7 1 page appears in the lower details pane 3 Deselect Inherit 4 Select Enforce policies for VirusScan for NetApp 7 1 when you want this installation policy to be available to the ePolicy Orchestrator agent 5 Click Apply to save these settings Creating and configuring tasks You can create VirusScan for NetApp tasks and configure them to meet your n...

Page 41: ...ng the on demand scan task settings on page 42 Creating a new on demand scan task 1 In the console tree under ePolicy Orchestrator right click Directory or the desired site group or computer then select Schedule Task The Schedule Task dialog box appears 2 Type a New Task Name 3 Select VirusScan for NetApp 7 1 On Demand Scan from the Software Task Type list 4 Click OK to create the task Figure 1 20...

Page 42: ...hestrator Scheduler dialog box appears 2 Click Settings to open the On Demand Scan Task dialog box then configure the task Policies can be configured on these tabs Where tab on page 43 Detection tab on page 44 Advanced tab on page 45 Actions tab on page 46 Reports tab on page 47 Task tab on page 48 For complete information about these options see the VirusScan for NetApp 7 1 0 Product Guide Figure...

Page 43: ... where scanning takes place 1 Select the Where tab 2 Deselect Inherit 3 Use the Add Remove and Edit buttons to define the locations to scan 4 Under Scan Options choose whether to include subfolders and whether to scan boot sectors Figure 1 22 On Demand Scan Task Where tab ...

Page 44: ...lect Inherit 3 Configure these policy options a Under What to scan select All files Default additional types or Specified file types you can select only one of these options Use the Additions button to add file types to the list of default file types or the Specified button to define a custom list of file types to scan Figure 1 23 On Demand Scan Task Detection tab ...

Page 45: ...erwrite client exclusions is not selected the exclusions that are set for the client s default on demand scanning are appended to the exclusions that were set for the task on the ePolicy Orchestrator server d Under Compressed files choose whether to scan inside packed executables whether to scan inside multiple file archives and whether to scan MIME encoded files Advanced tab Define additional set...

Page 46: ... whether to scan for potentially unwanted programs and whether to scan for joke programs c Under CPU utilization choose the maximum percentage of CPU usage for the scan task d Under Miscellaneous choose whether to scan files that have been migrated to storage and whether to rescan all files when DAT files are updated Actions tab Specify the actions to take on infected files 1 Select the Actions ta...

Page 47: ...older choose a destination folder Reports tab Configure logging activity and specify what information to log 1 Select the Reports tab 2 Deselect Inherit 3 Configure these policy options a Under Log file choose whether to log virus activity whether to limit the size of the log file and the location of the log file b Under What to log in addition to virus activity choose what types of information to...

Page 48: ...ser account settings type the user name password and domain name in the appropriate fields if you want the task to run under a specific account If no account is entered the task runs under the system account 4 When finished editing all the desired options on all tabs click OK to return to the ePolicy Orchestrator Scheduler dialog box Figure 1 27 On Demand Scan Task Task tab ...

Page 49: ...ge 49 Configuring the update task settings on page 50 NOTE For information about scheduling a task see Scheduling tasks on page 52 Creating a new update task 1 In the console tree under ePolicy Orchestrator right click Directory or the desired site group or computer then select Schedule Task The Schedule Task dialog box appears 2 Type a New Task Name 3 Select ePolicy Orchestrator Agent Update from...

Page 50: ...on the client computer Show update progress dialog Allows display of the update progress dialog box on the client computer Deselecting this option prevents display of the progress dialog on client computers Allow users to postpone this update Gives users the opportunity to postpone this task Maximum number of postpones allowed Type a number or select a number from the drop down list for the maximu...

Page 51: ...onfiguring the mirror task settings on page 52 NOTE For information about scheduling a task see Scheduling tasks on page 52 Creating a new mirror task 1 In the console tree under ePolicy Orchestrator right click Directory or the desired site group or computer then select Schedule Task The Schedule Task dialog box appears 2 Type a New Task Name 3 Select ePolicy Orchestrator Agent Mirror from the So...

Page 52: ...rs 5 Click Settings to display the Mirror task dialog box 6 Deselect Inherit 7 Under Destination options type the location to which to copy the contents of the Repository 8 Click OK when finished editing the desired options to return to the ePolicy Orchestrator Scheduler dialog box Scheduling tasks You can schedule a task to run at specific dates and time or specific intervals Policies can be conf...

Page 53: ...ble to allow this task to be scheduled NOTE If you do not select Enable the task does not start regardless of the other options you select in this dialog box 5 Select Stop the task if it runs for to specify a time limit in hours and minutes for which the task can run before it is automatically cancelled NOTE If you choose to stop the task after a defined amount of time the task resumes from the po...

Page 54: ...able must be selected under Schedule Settings on the Task tab to enable the options on the Schedule tab 3 Select the options on this tab to schedule the task NOTE For more information about scheduling tasks see the VirusScan for NetApp 7 1 0 Product Guide 4 Click OK when you are through configuring and scheduling the task Figure 1 33 ePolicy Orchestrator Scheduler Schedule tab ...

Reviews: