F-SECURE ANTI-VIRUS FOR MICROSOFT EXCHANGE 8.00 - Скачать руководство пользователя страница 279 | Manualshive

Страница: 279 / 349

background image

CHAPTER 8

279

Administering F-Secure Spam Control

8.1

Overview

When F-Secure Spam Control is enabled, incoming messages that are
considered as spam can be marked as spam automatically. The product
can add an X-header with the spam flag or predefined text in the
message header and end users can then create filtering rules that direct
the messages marked with the spam flag header into a junk mail folder.

F-Secure Spam Control databases can be updated with F-Secure
Automatic Update Agent. Database updates are digitally signed for
maximum security, and you can use only these updates for updating the
F-Secure Spam Control spam definition databases.

In Microsoft Exchange 2007 environment, the Microsoft Exchange server
can move messages to the Junk mail folder based on the spam
confidence level value. This feature is available immediately after the
product has been installed, if the end user has activated this functionality.
For more information on how to configure this functionality at the
end-user’s workstations, consult the documentation of the used e-mail
client.

F-Secure Spam Control databases are needed for the heuristic
spam scanning only.

«
...
277
278
279
280
281
...
»

Содержание ANTI-VIRUS FOR MICROSOFT EXCHANGE 8.00 -

Страница 1: ...F Secure Anti Virus for Microsoft Exchange Administrator s Guide...

Страница 2: ...ransmitted in any form or by any means electronic or mechanical for any purpose without the express written permission of F Secure Corporation Copyright 1993 2009 F Secure Corporation All rights reser...

Страница 3: ...s 21 1 5 F Secure Anti Virus Mail Server and Gateway Products 22 Chapter 2 Deployment 23 2 1 Installation Modes 24 2 2 Network Requirements 25 2 3 Deployment Scenarios 26 2 3 1 Single Exchange Server...

Страница 4: ...Version 6 62 63 3 9 Upgrading the Evaluation Version 65 3 10 Uninstalling F Secure Anti Virus for Microsoft Exchange 66 Chapter 4 Using F Secure Anti Virus for Microsoft Exchange 67 4 1 Administering...

Страница 5: ...erver 142 5 5 2 Scan Engines 143 5 5 3 Common 144 5 5 4 Spam Control 144 5 5 5 Virus Statistics 145 5 6 F Secure Management Agent Settings 145 5 7 F Secure Automatic Update Agent Settings 147 Chapter...

Страница 6: ...tine Options 264 7 3 Quarantine Status 264 7 3 1 Quarantine Logging 264 7 4 Searching the Quarantined Content 264 7 5 Query Results Page 269 7 5 1 Viewing Details of the Quarantined Message 270 7 6 Qu...

Страница 7: ...stallation Overview 304 C 2 Creating Quarantine Storage 305 C 2 1 Quarantine Storage in Active Passive Cluster 305 C 2 2 Quarantine Storage in Active Active Cluster 310 C 2 3 Creating the Quarantine S...

Страница 8: ...Troubleshooting 336 E 1 Overview 337 E 2 Starting and Stopping 337 E 3 Viewing the Log File 338 E 4 Common Problems and Solutions 338 E 4 1 Installing Service Packs 341 E 4 2 Securing the Quarantine 3...

Страница 9: ...9 ABOUT THIS GUIDE How This Guide Is Organized 10 Conventions Used in F Secure Guides 13...

Страница 10: ...Exchange Chapter 5 Centrally Managed Administration Instructions how to remotely administer F Secure Anti Virus for Microsoft Exchange and F Secure Content Scanner Server when they have been installe...

Страница 11: ...oblems Technical Support Contains the contact information for assistance About F Secure Corporation Describes the company background and products See the F Secure Policy Manager Administrator s Guide...

Страница 12: ...s black is used for file and folder names for figure and table captions and for directory tree names Courier New is used for messages on your computer screen WARNING The warning symbol indicates a sit...

Страница 13: ...used for online viewing and printing using Adobe Acrobat Reader When printing the manual please print the entire manual including the copyright and disclaimer statements For More Information Visit F...

Страница 14: ...14 1 INTRODUCTION Overview 15 How F Secure Anti Virus for Microsoft Exchange Works 16 Key Features 19 Scanning Methods 21 F Secure Anti Virus Mail Server and Gateway Products 22...

Страница 15: ...d the company network from any malicious code that travels in HTTP or SMTP traffic In addition they protect your company network against spam The protection can be implemented on the gateway level to...

Страница 16: ...d Stripped attachments can also be placed in the Quarantine for further examination Flexible and Scalable Anti Virus Protection F Secure Anti Virus for Microsoft Exchange is installed on Microsoft Exc...

Страница 17: ...or Microsoft Exchange can be installed either in stand alone or centrally administered mode Depending on how it has been installed F Secure Anti Virus for Microsoft Exchange is managed either with the...

Страница 18: ...ication between F Secure Anti Virus for Microsoft Exchange and F Secure Policy Manager Console It exchanges security policies software updates status information statistics alerts and other informatio...

Страница 19: ...cursive scanning of ARJ BZ2 CAB GZ JAR LZH MSI RAR TAR TGZ Z and ZIP archive files Automatic and consistent virus definition database updates Suspicious and unsafe attachments can be stripped away fro...

Страница 20: ...he products remotely with F Secure Policy Manager or F Secure Anti Virus for Microsoft Exchange Web Console Possibility to configure and manage stand alone installations with the convenient F Secure A...

Страница 21: ...rus patterns and security threats All possibly harmful messages are quarantined as unsafe The proactive virus threat detection can detect new viruses during the first minutes of the outbreak Grayware...

Страница 22: ...per for Linux provides a high performance solution at the Internet gateway level stopping viruses and other malicious code before they spread to end users desktops or corporate servers The product sca...

Страница 23: ...23 2 DEPLOYMENT Installation Modes 24 Network Requirements 25 Deployment Scenarios 26...

Страница 24: ...cure Policy Manager components F Secure Policy Manager Server and F Secure Policy Manager Console To administer F Secure Anti Virus for Microsoft Exchange in the centrally administered mode you have t...

Страница 25: ...UDP and TCP 1433 TCP only with the dedicated SQL server F Secure Automatic Update Agent ProgramFiles F Secure FSA UA program fsaua exe DNS 53 UDP and TCP HTTP 80 and or another port used to connect t...

Страница 26: ...07 27 If you have multiple Microsoft Exchange Servers see Multiple Exchange 2000 2003 Servers 28 If you have multiple Microsoft Exchange Servers with Exchange Edge and Mailbox Server roles see Multipl...

Страница 27: ...uter Installing F Secure Anti Virus for Microsoft Exchange Install F Secure Anti Virus for Microsoft Exchange to the server running Microsoft Exchange Server or Microsoft Small Business Server Install...

Страница 28: ...zation back end servers may be clustered Installing F Secure Anti Virus for Microsoft Exchange Install F Secure Anti Virus for Microsoft Exchange to both front end and back end Exchange servers Instal...

Страница 29: ...change Edge and Mailbox Server roles are deployed to separate servers and the Hub Server is deployed either on a separate server or on the same server with the Mailbox Server The Edge Server handles i...

Страница 30: ...licy Manager Console When you install the product configure each installation to connect to the same F Secure Policy Manager Server The product installations receive anti virus and spam database updat...

Страница 31: ...trol If you have a license for F Secure Spam Control you can install it on the Edge server Administration Modes Install F Secure Policy Manager Server on a dedicated server You can administer the prod...

Страница 32: ...r installations For example you have front end and back end servers running Exchange Server 2000 2003 or a network configuration with Edge and Mailbox roles running Exchange Server 2007 Microsoft SQL...

Страница 33: ...erver 2005 Express Edition included in F Secure Anti Virus for Microsoft Exchange the Quarantine database size is limited to 4 GB You can use F Secure Anti Virus for Microsoft Exchange Web Console to...

Страница 34: ...neral page and change the password Confirm the new password that you entered 6 Open the Status page and select Enabled in the Login section 7 Click OK 8 In Object Explorer right click on the server na...

Страница 35: ...Improving Reliability and Performance 43 Installation Overview 45 Installing F Secure Anti Virus for Microsoft Exchange 46 After the Installation 60 Upgrading from the Version 6 62 63 Upgrading the E...

Страница 36: ...t contains the latest information about the product and might have changes to system requirements and the installation procedure It is highly recommended to read the release notes before you proceed w...

Страница 37: ...sk space to install 300 MB For performance and security reasons it is not possible to install the product on any other than an NTFS partition Disk space for processing 10 GB or more The required disk...

Страница 38: ...system Microsoft Windows Server 2003 Standard x64 Edition with the latest service pack Microsoft Windows Server 2003 Enterprise x64 Edition with the latest service pack Microsoft Windows Server 2003 R...

Страница 39: ...Copy Cluster SCC For performance and security reasons it is not possible to install the product on any other than an NTFS partition Disk space for processing 10 GB or more The required disk space dep...

Страница 40: ...ions of Microsoft SQL Server are recommended to use Microsoft SQL Server 2005 Enterprise Standard Workgroup or Express edition with the latest service pack Microsoft SQL Server 2008 Enterprize Standar...

Страница 41: ...rver 2005 2008 Express Edition supports Microsoft Windows Server 2008 It is not recommended to use Microsoft SQL Server 2005 Express Edition if you are planning to use centralized quarantine managemen...

Страница 42: ...on 2 0 is required to install Microsoft SQL Server 2005 Express Edition and Microsoft NET Framework version 3 5 is required with Microsoft SQL Server 2008 Express Edition If you plan to have Microsoft...

Страница 43: ...If the system load is high a fast processor on the Microsoft Exchange Server speeds up the e mail message processing As Microsoft Exchange Server handles a large amount of data a fast processor alone...

Страница 44: ...tem 3 4 Centrally Administered or Stand alone Installation F Secure Anti Virus for Microsoft Exchange can be managed either with F Secure Anti Virus for Microsoft Exchange Web Console or F Secure Poli...

Страница 45: ...soft Exchange Follow these steps to set up F Secure Anti Virus for Microsoft Exchange Centralized Administration mode 1 Run F Secure Policy Manager setup to set up F Secure Policy Manager Server See F...

Страница 46: ...ases For more information see Updating Virus and Spam Definition Databases 293 After the installation is complete check and configure the product settings 3 6 Installing F Secure Anti Virus for Micros...

Страница 47: ...tallation Step 2 Read the information in the Welcome screen Click Next to continue Step 3 Read the license agreement If you accept the agreement check the I accept this agreement checkbox and click Ne...

Страница 48: ...4 Enter the product keycode Click Next to continue Step 5 Choose the components to install For more information about F Secure Spam Control see Administering F Secure Spam Control 278 Click Next to c...

Страница 49: ...ation Click Next to continue Step 7 Choose the administration method If you install F Secure Anti Virus for Microsoft Exchange in stand alone mode you cannot configure settings and receive alerts and...

Страница 50: ...during F Secure Policy Manager Console setup You can transfer the public key in various ways use a shared folder on the file server a USB device or send the key as an attachment in an e mail message C...

Страница 51: ...r URL of the F Secure Policy Manager Server you installed earlier Click Next to continue If the product MIB files cannot be uploaded to F Secure Policy Manager during installation you can import them...

Страница 52: ...e SMTP address should be a valid existing address that is allowed to send messages Click Next to continue Step 11 Specify the Quarantine management method If you want to manage the Quarantine database...

Страница 53: ...same server as the product installation select a Install and use Microsoft SQL Server 2005 Express Edition If you are using Microsoft SQL Server already select b Use the existing installation of MIcr...

Страница 54: ...tores information about the quarantined content Enter the user name and the password that you want to use to connect to the quarantine database Use a different account than the server administrator ac...

Страница 55: ...atabase Enter the password for the sa account that you use to log on to the server Click Next to continue If the server has a database with the same name you can either use the existing database remov...

Страница 56: ...atistics about viruses and other malware to the F Secure World Map service If you agree to send statistics to F Secure World Map select Yes and click Next to continue If you enable F Secure World Map...

Страница 57: ...ll F Secure Anti Virus for Microsoft Exchange MIB files If the installation program cannot connect to F Secure Policy Manager Server the following dialog opens Make sure that the computer where you ar...

Страница 58: ...install MIB files later either manually or by running the Setup again Step 16 The list of components that will be installed is displayed Click Start to install listed components Step 17 The installat...

Страница 59: ...CHAPTER3 59 Installation Step 18 The installation is complete Click Finish to close the Setup wizard...

Страница 60: ...o import the MIB files if F Secure Anti Virus for Microsoft Exchange is located in a different network segment than F Secure Policy Manager and there is a firewall between them blocking access to Poli...

Страница 61: ...Microsoft Exchange and distribute the policy For more information see Centrally Managed Administration 75 If F Secure Anti Virus for Microsoft Exchange has been installed in stand alone mode use the...

Страница 62: ...er hosts are considered inbound 4 E mail messages submitted via MAPI or Pickup Folder are treated as if they are sent from the internal SMTP sender host If F Secure Anti Virus for Microsoft Exchange h...

Страница 63: ...version of the product upgrade F Secure Policy Manager to version 8 11 1 Install F Secure Anti Virus for Microsoft Exchange For more information see Installing F Secure Anti Virus for Microsoft Excha...

Страница 64: ...Policy Manager Console b Go to F Secure F Secure Anti Virus for Microsoft Exchange Operations Policy Migration c Click Migrate 6 After the policy migration is complete check the migration report and...

Страница 65: ...and Statistics To register the new keycode from F Secure Settings and Statistics 1 Open F Secure Settings and Statistics by double clicking the F Secure icon in the Windows system tray and select F S...

Страница 66: ...e Programs from the Windows Control Panel To uninstall F Secure Anti Virus for Microsoft Exchange completely uninstall the components in the following order 1 F Secure Spam Control if it was installed...

Страница 67: ...67 4 USING F SECURE ANTI VIRUS FOR MICROSOFT EXCHANGE Administering F Secure Anti Virus for Microsoft Exchange 68 Using Web Console 69 Using F Secure Policy Manager Console 72...

Страница 68: ...ou can use the F Secure Anti Virus for Microsoft Exchange Web Console to start and stop F Secure Anti Virus for Microsoft Exchange check its current status and to connect to F Secure Web Club for supp...

Страница 69: ...in page opens enter your user name and the password and click Log In Note that you must have administrator rights to the host where F Secure Anti Virus for Microsoft Exchange Web Console is installed...

Страница 70: ...e Anti Virus for Microsoft Exchange Web Console service to take the certificate into use 4 Wait until the utility completes and the window closes Now you can proceed to logging in Step 2 Log in and in...

Страница 71: ...ed or log back in to the F Secure Anti Virus for Microsoft Exchange Web Console 8 When the login page opens log in to Web Console with your user name and the password 9 The Web Console displays Gettin...

Страница 72: ...elect Windows Start menu Programs F Secure Policy Manager Console When the Policy Manager Console opens go to the Advanced Mode user interface by selecting View Advanced Mode F Secure Policy Manager C...

Страница 73: ...ew policy file To view statistics select the Status tab of the Properties pane Statistics are updated periodically and can be reset by choosing Reset Statistics on the Policy tab of the Properties pan...

Страница 74: ...tings for which you need to use the Final restriction You can also check in F Secure Policy Manager Console whether you need to use the Final restriction for a setting Do the following 1 Select the Po...

Страница 75: ...for Microsoft Exchange Settings 76 F Secure Anti Virus for Microsoft Exchange Statistics 126 F Secure Content Scanner Server Settings 132 F Secure Content Scanner Server Statistics 142 F Secure Manag...

Страница 76: ...y settings with it 5 2 F Secure Anti Virus for Microsoft Exchange Settings In the centralized administration mode you can change settings and start operations using F Secure Policy Manager Console For...

Страница 77: ...ts are considered inbound 4 E mail messages submitted via MAPI or Pickup Folder are treated as if they are sent from the internal SMTP sender host If e mail messages come from internal SMTP sender hos...

Страница 78: ...72 16 1 172 16 4 0 16 172 16 250 255 If end users in the organization use other than Microsoft Outlook e mail client to send and receive e mail it is recommended to specify all end user workstations a...

Страница 79: ...ains keywords file patterns or e mail addresses Filter Specify file names extensions keywords or email addresses that the match list contains Description Specify a short description for the list Templ...

Страница 80: ...icrosoft Exchange adjusts the access rights to the Quarantine Storage so that only the product operating system and the local administrator can access it If you change the Quarantine Storage setting m...

Страница 81: ...the specified value the product sends an alert to the administrator If the threshold is specified as zero 0 the size of the Quarantine is not checked Quarantined Items Threshold Specify the critical...

Страница 82: ...safe Messages setting to specify the action that takes place if the message is retained in the Quarantine after the maximum attempts Final Action on Unsafe Messages Specify the action on unsafe messag...

Страница 83: ...ait before trying to send the sample again if the previous submission failed Connection Timeout Specify the time in seconds how long the product tries to contact the F Secure Hospital server Send Time...

Страница 84: ...the product During the installation F Secure Anti Virus for Microsoft Exchange automatically adjusts the access rights so that only the operating system and the local administrator can access files i...

Страница 85: ...disallowed attachments are handled Drop Attachment Remove the attachment from the message and deliver the message to the recipient without the disallowed attachment Drop the Whole Message Do not deliv...

Страница 86: ...messages By default notification messages are not sent Do Not Notify on These Attachments Specify attachments that do not generate notifications When the product finds specified file or file extensio...

Страница 87: ...behavior so that the product can detect unknown malware By default the heuristic scan is enabled for inbound mails and disabled for outbound and internal mails The heuristic scan may affect the produ...

Страница 88: ...ssage is not quarantined For more information see Lists and Templates 79 Send Virus Notification Message to Recipient Specify the template for the notification message that is sent to the intented rec...

Страница 89: ...Specify whether the administrator is notified when F Secure Anti Virus for Microsoft Exchange finds a virus in a message Configure the Alert Forwarding table to specify where the alert is sent based...

Страница 90: ...eliver the message to the recipient Action on Password Protected Archives Specify the action to take on archives which are protected with passwords These archives can be opened only with a valid passw...

Страница 91: ...ge to the recipient Quarantine Dropped Archives Specify whether archives that are not delivered to recipients are placed in the quarantine For more information see Quarantine Management 261 Notify Adm...

Страница 92: ...ected When proactive virus threat detection is disabled mails are only scanned by antivirus engines Grayware Scanning Specify how the product processes grayware items in inbound outbound and internal...

Страница 93: ...Lists and Templates 79 Send Warning Message to Recipient Specify the template for the notification message that is sent to the intented recipient when a grayware item is found in a message Note that...

Страница 94: ...Alert Forwarding table to specify where the alert is sent based on the severity level The Alert Forwarding table can be found in F Secure Management Agent Settings Alerting Filter Disallowed Content S...

Страница 95: ...sage with disallowed content Send Notification Message to Recipient Specify whether recipients are notified when disallowed content is found Send Notification Message to Sender Specify whether the ori...

Страница 96: ...the message envelope headers and body during the first minutes of the new spam or virus outbreak example Matches any message text or subject that contains the word example another example Matches any...

Страница 97: ...Recognition strengthens the security but can degrade the system performance Action on Malformed Mails Specify the action for non RFC compliant e mails If the message has an incorrect structure the pro...

Страница 98: ...are scanned up to level specified in the Max Levels of Nested Messages setting Exceeding nesting levels are not scanned but the message is delivered to the recipient Quarantine Problematic Messages S...

Страница 99: ...anning Settings Specify which messages you want to scan during the real time scanning Trusted Senders Specify senders who are excluded from the mail scanning and processing Trusted Recipients Specify...

Страница 100: ...boxes except those specified in the Excluded Mailboxes list Included Mailboxes Specify mailboxes that are scanned for viruses when the Scan Mailboxes setting is set to Scan Only Included Mailboxes Exc...

Страница 101: ...ttempt to Disinfect Infected Attachments Specify whether the product should try to disinfect an infected attachment before processing it If the disinfection succeeds the product does not process the a...

Страница 102: ...fy how many levels deep to scan in nested archives if Scan Viruses Inside Archives is enabled A nested archive is an archive that contains another archive inside If zero 0 is specified the maximum nes...

Страница 103: ...h Leave the password protected archive in the message Drop archive Remove the password protected archive from the message Quarantine Dropped Archives Specify whether archives that are not delivered to...

Страница 104: ...osoft Exchange Operations Manual Scanning branch in F Secure Policy manager Console 2 Click Start 3 Distribute the policy Grayware Exclusion List Specify the list of keywords for grayware types that a...

Страница 105: ...all mailboxes except those specified in the Excluded Mailboxes list Included Mailboxes Specify mailboxes that are scanned for viruses when the Scan Mailboxes setting is set to Scan Only Included Mailb...

Страница 106: ...Folders Incremental Scanning Specify which messages are scanned for viruses during the manual scan All Messages Scan all messages Only Recent Messages Scan only messages that have not been scanned dur...

Страница 107: ...removed from the message For more information see Lists and Templates 79 Scan Messages for Viruses Enable or disable the virus scan The virus scan scans messages for viruses and other malicious code L...

Страница 108: ...ecify infections that are never placed in the quarantine If a message is infected with a virus or worm which has a name that matches a keyword specified in this list the message is not quarantined For...

Страница 109: ...vel specified in the Max Levels in Nested Archives setting Pass Through Nested archives are scanned up to level specified in the Max Levels in Nested Archives setting Exceeding nesting levels are not...

Страница 110: ...rom the message Quarantine Dropped Archives Specify whether archives that are not delivered to recipients are placed in the quarantine For more information see Quarantine Management 261 Scan Messages...

Страница 111: ...s as attachments If zero 0 is specified the maximum nesting level is not limited Quarantine Dropped Grayware Specify whether grayware attachments are quarantined Do Not Quarantine This Grayware Specif...

Страница 112: ...to make it active again Click Add to add a new scheduled task to the list To duplicate a task select it from the list and click Copy To edit a previously created task click Edit To remove the selecte...

Страница 113: ...cify the name of the scheduled operation Do not use any special characters in the task name Perform this task Specify how frequently you want the operation to be performed Once Only once at the specif...

Страница 114: ...e date when the first operation is scheduled to start Start time Enter the start time of the task in hh mm format Start date Enter the start date of the task in mm dd yyyy format Mailboxes Specify mai...

Страница 115: ...specified mailboxes Click Add or Remove to edit mailboxes that are scanned Scan all except excluded mailboxes Do not scan specified mailboxes but scan all other Click Add or Remove to edit mailboxes t...

Страница 116: ...Scan all public folders Scan all public folders Scan only included public folders Scan all specified public folders Click Add or Remove to edit public folders that are scanned Scan all except excluded...

Страница 117: ...chment stripping Targets Strip these attachments Specify which attachments are stripped from messages For more information see Lists and Templates 79 Exclude these attachments from stripping Specify a...

Страница 118: ...not quarantined even when they are stripped For more information see Lists and Templates 79 Notifications Replacement text template Specify the template for the text that replaces the infected attach...

Страница 119: ...Scan these attachments Specify attachments that are scanned for viruses For more information see Lists and Templates 79 Exclude these attachments from scanning Specify attachments that are not scanned...

Страница 120: ...n the quarantine For more information see Lists and Templates 79 Notifications Replacement text template Specify the template for the text that replaces the infected attachment when the infected attac...

Страница 121: ...ayware Specify the action to take on items which contain grayware Report only Leave grayware items in the message and notify the administrator Drop attachment Remove grayware items from the message Gr...

Страница 122: ...ntine this grayware Specify grayware that are never placed in the quarantine For more information see Lists and Templates 79 Notifications Replacement text template Specify the template for the text t...

Страница 123: ...canning Max levels in nesting archives Specify how many levels of archives inside other archives the product scans when Scan Viruses Inside Archives is enabled Detect disallowed files inside archives...

Страница 124: ...oduct cannot scan their content Pass through Deliver the message with the password protected archive to the recipient Drop archive Remove the password protected archive from the message and deliver th...

Страница 125: ...hments If zero 0 is specified the maximum nesting level is not limited It is not recommended to set the maximum nesting level to unlimited as this will make the product more vulnerable to DoS Denial o...

Страница 126: ...nd open the Statistics subtree It displays statistics for the host for each F Secure Anti Virus for Microsoft Exchange installation If a policy domain is selected the Status view displays the number o...

Страница 127: ...h 2 Set Real Time Scanning to Yes 3 Go to the Anti Virus for Microsoft Exchange Operations Reset Storage Statistics Reset branch 4 Click Start in the Editor pane The Status above the button displays O...

Страница 128: ...the last reset of statistics Number of Infected Messages Displays the number of messages with attachments that are infected and cannot be automatically disinfected Number of High Medium Virus Risk Me...

Страница 129: ...d Displays the time when the last infection was found Number of Mailboxes Displays the number of currently protected user mailboxes Number of Public Folders Displays the number of currently protected...

Страница 130: ...e number of suspicious content found for example password protected archives and nested archives Last Infection Found Displays the name of the last infection found Last Time Infection Found Displays t...

Страница 131: ...he estimated time left to finish the current manual scan Elapsed Time Displays the time that has elapsed since the manual scan was started Number of Processed Items Displays the total number of proces...

Страница 132: ...ngs Use the variables under the F Secure Content Scanner Server Settings branch to define the settings for content providers and to change the general content scanning options Last Infection Found Dis...

Страница 133: ...ated list of IP addresses the server accepts incoming requests from If the list is empty the server accepts connections from any host Max Connections Specifies the maximum number of simultaneous conne...

Страница 134: ...le Return Scan Error Drop the file being scanned and send a scan error Scan with Other Engines Scan the file with other available scan engines Scan Inside Archives Specify whether files inside compres...

Страница 135: ...file is stopped if Treat as Unsafe is selected If Treat as Safe is selected the archive file is sent to the user Suspect Password Protected Archives Compressed archive files can be protected with pas...

Страница 136: ...imum time that one scanning task can last The Max Scan Timeout is 10 minutes by default Time Period Specify the time period for the most active viruses list The product shows statistics about most act...

Страница 137: ...dresses or user names You can also forward unencrypted reports to a configurable e mail address and use the same statistics for your own internal purposes Mail Server Address Specify the IP address of...

Страница 138: ...taking them to use Notify When Databases Become Old Specify whether F Secure Content Scanner Server should notify the administrator if virus definition databases have not been updated recently Notify...

Страница 139: ...on and each spam scanner instance takes approximately 25MB of memory process fsavsd exe Do not increase the number of instances unless the product is running on a powerful computer VOD Cache Size Spec...

Страница 140: ...ning F Secure Content Scanner Server checks the message using spam heuristics Trusted Networks Specify networks and hosts in the mail relay network which can be trusted not to be operated by spammers...

Страница 141: ...t During the setup access rights are adjusted so that only the operating system and the local administrator can access files in the Working directory If you make changes to Working Directory settings...

Страница 142: ...Scanner Server whether it has been started and it is running or it is stopped Start Time The date and time when the server was started Previous Reset of Statistics The date and time of the last reset...

Страница 143: ...The scan engine can be loaded and enabled or disabled by the administrator or not loaded at all Last Database Update Displays the last date and time when virus definition database was taken into use...

Страница 144: ...cted by the scan engine Database Version Displays the current version of database updates used by the scan engine Spam Scanner Version Displays the version and build number of the Spam Scanner Status...

Страница 145: ...gement Agent For detailed information on F Secure Management Agent see the F Secure Policy Manager Administrator s Guide Communications Number of Processed Messages Displays the total number of e mail...

Страница 146: ...ections F Secure Management Agent measures the speed of the network link to F Secure Policy Manager Server and stops the download if the minimum speed specified by this setting is not met Management S...

Страница 147: ...c updates are enabled Internet connection checking Specify whether the product should check the connection to the Internet before trying to retrieve updates Assume always connected The computer is con...

Страница 148: ...Secure Policy Manager Proxy If the product cannot connect to any user specified update server during the failover time it retrieves the latest virus definition updates from F Secure Update Server if A...

Страница 149: ...ADMINISTRATION WITH WEB CONSOLE Overview 150 Home 150 Transport Protection 155 Storage Protection 179 Spam Control 216 Quarantine 218 Automatic Updates 228 Content Scanner Server 235 Server Propertie...

Страница 150: ...is installed with F Secure Anti Virus for Microsoft Exchange To open the Web Console see Using Web Console 69 6 2 Home The Web Console displays Getting Started page when you log in for the first time...

Страница 151: ...CHAPTER6 151 Administration with Web Console Summary The Summary tab displays the current status of the product components Normal the feature is enabled and everything is working as it should...

Страница 152: ...ned Content 264 Log Files Click View F Secure Log to view the F Secure log file LogFile log in a new Internet browser window Click Download to download and save the LogFile log for later use Click Vie...

Страница 153: ...153 Administration with Web Console Services Under the Services tab you can start stop and restart F Secure Anti Virus for Microsoft Exchange F Secure Content Scanner Server and F Secure Automatic Upd...

Страница 154: ...scan F Secure World Map Support The product can collect and send statistics about viruses and other malware to the F Secure World Map service If you enable F Secure World Map support make sure that t...

Страница 155: ...on options see Network Configuration 247 After you apply new transport protection settings it can take up to 20 seconds for the new settings to take effect You cannot add automatic disclaimers to mess...

Страница 156: ...essed messages since the last reset of statistics Infected messages Displays the number of messages with attachments that are infected and cannot be automatically disinfected High Medium virus risk me...

Страница 157: ...s content found for example password protected archives nested archives and malformed messages Stripped attachments Displays the number of filtered attachments Filtered messages Displays the number of...

Страница 158: ...und and internal messages based on the file name or the file extension Strip Attachments from e mail messages Enable or disable the attachment stripping Targets Strip these attachments Specify which a...

Страница 159: ...whether stripped attachments are quarantined Do not quarantine these attachments Specify files which are not quarantined even when they are stripped For more information see Match Lists 255 Notificati...

Страница 160: ...n no notification is sent Send alert to administrator Specify whether the administrator is notified when the product strips an attachment If you enable the notification specify the alert level of the...

Страница 161: ...with Web Console 6 3 2 Virus Scanning Specify inbound outbound and internal messages and attachments that should be scanned for malicious code Disabling virus scanning disables grayware scanning and...

Страница 162: ...ctive virus threat detection Select whether Proactive Virus Threat Detection is enabled or disabled Proactive virus threat detection can identify new and unknown e mail malware including viruses and w...

Страница 163: ...ed even when the setting is enabled Action on infected messages Specify whether infected messages are disinfected or dropped Drop Attachment Remove the infected attachment from the message and deliver...

Страница 164: ...the notification field empty For more information see Message Templates 257 Do not notify on these infections Specify infections that do not generate notifications When the product finds the specifie...

Страница 165: ...fy how the product processes grayware items in inbound outbound and internal messages Note that grayware scanning increases the scanning overhead By default grayware scanning is enabled for inbound me...

Страница 166: ...canned Leave the list empty if you do not want to exclude any grayware types from the scan For more information see Match Lists 255 Quarantine dropped grayware Specify whether grayware attachments are...

Страница 167: ...is grayware Specify a list of keywords for grayware types on which no notifications are sent If the product finds a grayware item with a name that matches the keyword the recipient and the sender are...

Страница 168: ...bound and internal archive files Note that scanning inside archives takes time Disabling scanning inside archives improves performance but it also means that the network users need to use up to date v...

Страница 169: ...ruses Inside Archives is enabled Detect disallowed files inside archives Specify files which are not allowed inside archives For more information see Match Lists 255 Actions Action on archives with di...

Страница 170: ...scan their content Pass through Deliver the message with the password protected archive to the recipient Drop archive Remove the password protected archive from the message and deliver the message to...

Страница 171: ...change blocks a suspicious overnested or password protected archive file If the archive is blocked because it contains malware grayware or disallowed files the administrator receives a notification ab...

Страница 172: ...Secure Anti Virus for Microsoft Exchange filters disallowed content in inbound outbound and internal messages Filter out e mail messages with disallowed undesirable content Specify whether e mail mes...

Страница 173: ...lowed keywords Report only Deliver the message to the recipient and notify the administrator that the scanned message contained disallowed content Drop the whole message Do not deliver the message to...

Страница 174: ...ecify whether the administrator is notified when F Secure Anti Virus for Microsoft Exchange finds a message with disallowed content Configure the Alert Forwarding table to specify where the alert is s...

Страница 175: ...CHAPTER6 175 Administration with Web Console For example to match the SPAM string enter spam 6 3 6 Security Options Configure security options to limit actions on malformed and problematic messages...

Страница 176: ...rformance Trusted senders and recipients List of trusted senders Specify senders who are excluded from the mail scanning and processing List of trusted recipients Specify recipients who are excluded f...

Страница 177: ...setting Exceeding nesting levels are not scanned but the message is delivered to the recipient Action on malformed mails Specify the action for non RFC compliant e mails If the message has an incorrec...

Страница 178: ...he administrator is notified when F Secure Anti Virus for Microsoft Exchange detects a malformed or a suspicious e mail message Configure the Alert Forwarding table to specify where the alert is sent...

Страница 179: ...179 Administration with Web Console 6 4 Storage Protection Configure Storage Protection settings to specify how e mail messages and attachments in selected mailboxes and public folders should be scann...

Страница 180: ...reset of statistics Infected items Displays the number of items that are infected and cannot be automatically disinfected Grayware items Displays the number of grayware items including spyware adware...

Страница 181: ...CHAPTER6 181 Administration with Web Console 6 4 1 Real Time Scanning The real time scanning can automatically scan messages that have been created or received General Real Time Scanning Settings...

Страница 182: ...esult After the specified time the client that tries to access the scanned message gets the virus scanning in progress notificaion File Type Recognition Intelligent file type recognition Select whethe...

Страница 183: ...ify messages and attachments in the Microsoft Exchange Storage that should be scanned for malicious code Targets Scan mailboxes Specify mailboxes that are scanned for viruses Do not scan mailboxes Dis...

Страница 184: ...folders Click Edit to add or remove public folders that should be scanned Scan all except excluded public folders Do not scan specified public folders but scan all other Click Edit to add or remove p...

Страница 185: ...y whether infected attachments are quarantined Do not quarantine these infections Specify virus and malware infections that are never placed in the quarantine For more information see Match Lists 255...

Страница 186: ...are items during real time scanning Scan messages for grayware Enable or disable the grayware scan Actions Action on grayware Specify the action to take on items which contain grayware Report only Lea...

Страница 187: ...om the scan For more information see Match Lists 255 Quarantine dropped grayware Specify whether grayware attachments are quarantined when dropped Do not quarantine this grayware Specify grayware that...

Страница 188: ...ives Specify if files inside archives are scanned for viruses and other malicious code Targets List of files to scan inside archives Specify files that are scanned for viruses inside archives Exclude...

Страница 189: ...lt setting is 3 Actions Action on max nested archives Specify the action to take on nested archives with nesting levels exceeding the upper level specified in the Max Levels in Nested Archives setting...

Страница 190: ...in the message Drop archive Remove the password protected archive from the message Quarantine dropped archives Specify whether archives that are not delivered to recipients are placed in the quaranti...

Страница 191: ...CHAPTER6 191 Administration with Web Console 6 4 2 Manual Scanning You can scan mailboxes and public folders for viruses and strip attachments manually at any time...

Страница 192: ...time left when the manual scan is running Elapsed time Displays how long it has been since the manual scan started Processed items Displays the number of items processed during the scan Infected items...

Страница 193: ...scan Click Stop Scanning to stop the manual scan Click View Scanning Report to view the latest manual scan report General If the manual scan scans an item that has not been previously scanned for viru...

Страница 194: ...dd or remove mailboxes that should not be scanned Scan public folders Specify public folders that are scanned for viruses Do not scan public folders Do not scan any public folders during the manual sc...

Страница 195: ...tensions which are usually considered safe to use Intelligent File Type Recognition can recognize the real file type of the message attachment and use that while the attachment is processed Using Inte...

Страница 196: ...ble or disable the attachment stripping Targets Strip these attachments Specify which attachments are stripped from messages For more information see Match Lists 255 Exclude these attachments Specify...

Страница 197: ...antine these attachments Specify files which are not quarantined even when they are stripped For more information see Match Lists 255 Notifications Replacement Text Template Specify the template for t...

Страница 198: ...be scanned for malicious code during the manual scan Scan messages for viruses Enable or disable the virus scan The virus scan scans messages for viruses and other malicious code Disabling virus scan...

Страница 199: ...are not scanned Leave the list empty if you do not want to exclude any attachments from the scanning Actions Try to disinfect Specify whether the product should try to disinfect an infected attachment...

Страница 200: ...ng Notifications Replacement text template Specify the template for the text that replaces the infected attachment when the infected attachment is removed from the message For more information see Mes...

Страница 201: ...on list Specify the list of keywords for grayware types that are not scanned Leave the list empty if you do not want to exclude any grayware types from the scan For more information see Match Lists 25...

Страница 202: ...e scanned for viruses and other malicious code Targets List of files to scan inside archives Specify files inside archives that are scanned for viruses For more information see Match Lists 255 Exclude...

Страница 203: ...sallowed content Pass through Deliver the message with the archive to the recipient Drop archive Remove the archive from the message and deliver the message to the recipient without it Drop the whole...

Страница 204: ...r for the next time Pass through Deliver the message with the archive to the recipient Drop archive Remove the password protected archive from the message Quarantine dropped archives Specify whether a...

Страница 205: ...k Add new task in the Scheduled Scanning page to start the Scheduled Operation Wizard Step 1 Specify Scanning Task Name and Schedule Enter the name for the new task and select how frequently you want...

Страница 206: ...e date when the first operation is scheduled to start Start time Enter the start time of the task in hh mm format Start date Enter the start date of the task in mm dd yyyy format Targets Scan mailboxe...

Страница 207: ...can all other Click Edit to add or remove public folders that should not be scanned Incremental scanning Specify whether you want to process all messages or only those messages that have not been proc...

Страница 208: ...messages Specify how many levels deep to scan in nested e mail messages A nested e mail message is a message that includes one or more e mail messages as attachments If zero 0 is specified the maximu...

Страница 209: ...ments that are not filtered Leave the list empty if you do not want to exclude any attachments from the filtering Action Quarantine stripped attachments Specify whether stripped attachments are quaran...

Страница 210: ...ns messages for viruses and other malicious code If you disable the virus scan grayware scanning and archive processing are disabled as well Heuristic Scanning Enable or disable the heuristic scanning...

Страница 211: ...sinfection succeeds the product does not process the attachment further Disinfection may affect the product performance Infected files inside archives are not disinfected even when the setting is enab...

Страница 212: ...ecify the action to take on items which contain grayware Report only Leave grayware items in the message and notify the administrator Drop attachment Remove grayware items from the message Grayware ex...

Страница 213: ...s are quarantined when dropped Do not quarantine this grayware Specify grayware that are never placed in the quarantine For more information see Match Lists 255 Notifications Replacement text template...

Страница 214: ...side other archives the product scans when Scan Viruses Inside Archives is enabled Detect disallowed files inside archives Specify files which are not allowed inside archives For more information see...

Страница 215: ...protected with passwords These archives can be opened only with a valid password so the product cannot scan their content Pass through Deliver the message with the password protected archive to the r...

Страница 216: ...incoming messages are scanned for spam see Administering F Secure Spam Control 278 The threat detection engine of F Secure Anti Virus for Microsoft Exchange can identify spam and virus patterns from...

Страница 217: ...The Status page displays the statistics of the spam scanner Spam scanner version Displays the version number of the installed spam scanner Number of processed messages Displays the total number of pr...

Страница 218: ...f the quarantined content for example searching for and deleting quarantined content For more information about searching and deleting quarantined content see Quarantine Management 261 Last updated Di...

Страница 219: ...tools and other unwanted applications Disallowed content Displays the number of messages that have been found to contain disallowed keywords in the message subject or text Suspicious Displays the num...

Страница 220: ...age to search for the quarantined content For more information see Searching the Quarantined Content 264 6 6 2 Options You can configure the quarantine storage location and threshold how quarantined f...

Страница 221: ...ine it saves the content as separate files into the Quarantine Storage and inserts an entry to the Quarantine Database with information about the quarantined content Quarantine storage Quarantine stor...

Страница 222: ...ge is from 0 to 10240 Quarantined items threshold Specify the critical number of items in the Quarantine storage If the specified value is reached or exceeded the product sends an alert If zero 0 is s...

Страница 223: ...with Web Console Quarantine Maintenance When quarantined content is reprocessed it is scanned again and if it is found clean it is sent to the intended recipients For more information see Reprocessing...

Страница 224: ...the action on unsafe messages after the maximum number of reprocesses have been attempted Leave in Quarantine Leave messages in the Quarantine and process them manually Release to Intended Recipients...

Страница 225: ...ve Enable or disable the selected entry in the table Quarantine category Select a category the retention period or cleanup interval of which you want to modify The categories are Infected Suspicious D...

Страница 226: ...Database You can specify the database where information about quarantined e mails is stored and from which it is retrieved Quarantine database SQL server name The name of the SQL server where the data...

Страница 227: ...the quarantine database with the configured user name and password Quarantine Logging Database name The name of the quarantine database The default name is FSMSE_Quarantine User name The user name the...

Страница 228: ...and spam databases are not up to date updates are downloaded automatically Click Change communication settings to configure how the product connects to F Secure Update Server For more information see...

Страница 229: ...te Channel name Displays the channel from where the updates are downloaded Channel address Displays the address of the Automatic Updates Server Latest installed update Displays the version and name of...

Страница 230: ...ded and installed update packages Last check result Displays the result of the last update check Next check time Displays the date and time for the next update check Last successful check time Display...

Страница 231: ...ole 6 7 1 Communications Specify how the product connects to F Secure Update Server Automatic Updates General Settings Edit General settings to select whether you want to use automatic updates and how...

Страница 232: ...Allow fetching updates from F Secure Update Server Specify whether the product should connect to F Secure Update Server when it cannot connect to any user specified update server To edit the list of...

Страница 233: ...r proxies If no update servers are configured the product retrieves the latest virus definition updates from F Secure Update Server automatically To add a new update source address to the list follow...

Страница 234: ...m the primary sources first secondary update sources can be used as a backup The product connects to the source with the smallest priority number first 1 If the connection to that source fails it trie...

Страница 235: ...rver statistics and the current status of scanning engines Server Statistics Number of scanned files The number of files that have been scanned Last virus database update The last date and time when t...

Страница 236: ...Working directory and performance under the advanced settings Last time infection found The date and time when the last infection was found Last infection found The name of the last infection that was...

Страница 237: ...checking Notify when databases are older than Specify when virus definition databases are outdated If databases are older than the specified amount of days F Secure Content Scanner Server sends an ale...

Страница 238: ...rmation see Alerts 251 Database verification Verify integrity of downloaded databases Specify whether the product verifies that the downloaded virus definition databases are the original databases pub...

Страница 239: ...CHAPTER6 239 Administration with Web Console Proxy Server F Secure Content Scanner Server can use a proxy server to connect to the threat detection center...

Страница 240: ...on method to use to authenticate to the proxy server NoAuth The proxy server does not require authentication Basic The proxy uses the basic authentication scheme NTLM The proxy uses NTLM authenticatio...

Страница 241: ...utbreak patterns from messages Cache VOD cache size Specify the maximum number of patterns to cache for the virus outbreak detection service By default the cache size is 10000 cached patterns Class ca...

Страница 242: ...when the threat detection center cannot be contacted and the threat detection engine cannot classify the message Pass through The message is passed through without scanning it for spam Heuristic Scann...

Страница 243: ...t performance Working directory Working directory Specify the working directory Enter the complete path to the field or click Browse to browse to the path you want to set as the new working directory...

Страница 244: ...rver via shared memory in the local interaction mode When the amount of data exceeds the specified limit a local temporary file will be used for data transfer If the option is set to zero 0 all data t...

Страница 245: ...ge at a time this setting defines how many messages undergo the spam analysis simultaneously You have to restart the Content Scanner Server after you change this setting to take the new setting into u...

Страница 246: ...246 6 9 Server Properties The Host information displays the following details of the host WINS name DNS names IP addresses Unique ID...

Страница 247: ...MTP sender hosts and mail recipients belong to one of the specified internal domains internal recipients 2 E mail messages are considered outbound if they come from internal SMTP sender hosts and mail...

Страница 248: ...om internal example net Internal SMTP senders Specify the IP addresses of hosts that belong to your organization Specify all hosts within the organization that send messages to Exchange Edge or Hub se...

Страница 249: ...rs in the organization use other than Microsoft Outlook e mail client to send and receive e mail it is recommended to specify all end user workstations as Internal SMTP Senders If the organization has...

Страница 250: ...cify the URL of F Secure Policy Manager Server Do not add a slash at the end of the URL For example http fsms example com Select Stand alone if you use F Secure Anti Virus for Exchange Web Console to...

Страница 251: ...s severity level You can send the alert to any of the following F Secure Policy Manager Windows Event Log If you choose to forward alerts to e mail specify the SMTP server address alert message subjec...

Страница 252: ...ient 3 Select the types of alerts that are to be sent to this address 4 Click Apply Web Console Informational and warning level alerts are not sent to F Secure Policy Manager Console by default If you...

Страница 253: ...a warning The default value is 60 minutes Connections Listen on address Specify the IP address of the F Secure Anti Virus for Microsoft Exchange Web Console Server Port Specify the port where the ser...

Страница 254: ...Anti Virus for Microsoft Exchange for sending warning and informational messages to the end users for example recipients senders and mailbox owners Make sure that the notification sender address is a...

Страница 255: ...ith Web Console 6 9 4 Lists and Templates Match Lists are lists of file name patterns keywords or e mail addresses that can be used with certain product settings Message Templates can be used for noti...

Страница 256: ...If you are creating a new match list specify the name for the new match list Type Specify whether the list contains keywords file patterns or email addresses Filter Specify file names extensions keyw...

Страница 257: ...the name of an existing template to edit it or Add new item to create a new template Name Select the template you want to edit If you are creating a new template specify the name for the new template...

Страница 258: ...dy Specify the notification message text For more information about the variables you can use in notification messages see Variables in Warning Messages 296 Description Specify a short description for...

Страница 259: ...defined malware to F Secure for analysis Max submission attempts Specify how many times the product attempts to send the sample if the submission fails Resend interval Specify the time interval in min...

Страница 260: ...on timeout Specify the time in seconds how long the product tries to contact the F Secure Hospital server Send timeout Specify the time in seconds how long the product waits for the sample submission...

Страница 261: ...NTINE MANAGEMENT Introduction 262 Configuring Quarantine Options 264 Quarantine Status 264 Searching the Quarantined Content 264 Query Results Page 269 Quarantine Operations 271 Moving the Quarantine...

Страница 262: ...us for Microsoft Exchange Web Console The quarantine consists of Quarantine Database and Quarantine Storage Quarantine Database The quarantine database contains information about the quarantined messa...

Страница 263: ...rom a single F Secure Anti Virus for Microsoft Exchange Web Console 7 1 1 Quarantine Reasons The quarantine storage can store Messages and attachmentts that are infected and cannot be automatically di...

Страница 264: ...3 1 Quarantine Logging To view the Quarantine Log open the Quarantine page Then click the View Quarantine Log link In centrally managed installations the quarantine settings are configured with F sec...

Страница 265: ...antine ID of the quarantined message The quarantine ID is displayed in the notification sent to the user about the quarantined message and in the alert message Object type Select the type of the quara...

Страница 266: ...time but you can widen the search by using the wildcards Recipients Enter the e mail address of the message recipient Subject Enter the message subject to be used as search criteria Message ID Enter t...

Страница 267: ...ot been released yet E mails to be reprocessed Displays only e mails that are currently set to be reprocessed but have not been reprocessed yet E mails to be released or reprocessed Displays e mails t...

Страница 268: ...se the following SQL wildcards in the quarantine queries Wildcard Explanation Any string of zero or more characters _ underscore Any single character Any single character within the specified range a...

Страница 269: ...ail status Quarantined e mail The administrator has not specified any actions to be taken on this e mail Quarantined e mail with attachments The administrator has not specified any actions to be taken...

Страница 270: ...arantined mails and attachments Quarantined e mail set to be released which failed Quarantined e mail set to be reprocessed which failed Quarantined e mail set to be submitted to F Secure which failed...

Страница 271: ...ntine storage after you have searched the quarantined content you want to process Location The location of the mailbox or public folder where the quarantined attachment was found Quarantined attachmen...

Страница 272: ...ion see Removing the Quarantined Content 275 Click Send to F Secure to submit a sample of quarantined content to F Secure for analysis Quarantined Attachment Operations You can select an operation to...

Страница 273: ...sorted select the sorting criteria and order from the Sort results and order drop down menus 4 Select the number of items to be displayed on a results page from the Display drop down menu 5 Click the...

Страница 274: ...ined a When the quarantined content is an e mail message click the Release to release the displayed quarantined content The Release Quarantined Content dialog opens b When the quarantine contains an a...

Страница 275: ...quarantined messages that have been classified as spam Click the Delete All button to delete all the displayed quarantined content 5 You are prompted to confirm the deletion Click OK The content is n...

Страница 276: ...ntine storage directory make sure that the directory exists and it has proper security permissions You can use the xcopy command to create and change the Quarantine storage directory by copying the ex...

Страница 277: ...ame and F Secure Quarantine Storage as the description ii On the Permissions page select Administrators have full access other users have read only access Note that the Quarantine storage has file dir...

Страница 278: ...278 8 ADMINISTERING F SECURE SPAM CONTROL Overview 279 Spam Control Settings in Centrally Managed Environments 280 Spam Control Settings in Web Console 284 Realtime Blackhole List Configuration 289...

Страница 279: ...Update Agent Database updates are digitally signed for maximum security and you can use only these updates for updating the F Secure Spam Control spam definition databases In Microsoft Exchange 2007...

Страница 280: ...t even if you enable spam filtering For information on configuring Realtime Blackhole Lists see Realtime Blackhole List Configuration 289 Heuristic Spam Analysis Specify whether heuristic spam analysi...

Страница 281: ...ular mails will be falsely identified as spam Action on Spam Messages Specify actions to take with messages considered as spam based on the spam filtering level Quarantine Place the message into the q...

Страница 282: ...as spam The default value is SPAM Forward Spam Messages To E mail Address Specify the e mail address where messages considered as spam are forwarded when the Action on Spam Messages setting is set to...

Страница 283: ...velope not from the message headers Max Message Size Specify the maximum size in kilobytes of messages to be scanned for spam If the size of the message exceeds the maximum size the message is not fil...

Страница 284: ...284 8 3 Spam Control Settings in Web Console You can configure the spam control settings under the Options page in Spam Control...

Страница 285: ...hat the threat detection engine does not classify as spam are further analyzed for spam When the heuristic spam analysis is disabled only the threat detection engine filters messages for spam Heuristi...

Страница 286: ...arded when the Action on Spam Messages setting is set to Forward Spam confidence level Click Add new action to add a new action for messages with the spam level above the specified Spam Filtering Leve...

Страница 287: ...separated list of tests run against the mail Modify spam message subject Specify if the product modifies the subject of mail messages considered as spam Add this text to spam message subject Specify...

Страница 288: ...rom the specified addresses are always treated as spam List of blocked recipients Specify blocked recipients Messages sent to the specified addresses are always treated as spam The product checks the...

Страница 289: ...g The primary DNS server should be configured to allow recursive DNS queries DNS protocol is used to make the DNSBL RBL queries 2 Make sure you do not have a firewall preventing DNS access from the ho...

Страница 290: ...see this kind of headers in messages classified as spam X Spam Status YES database version 2005 04 06_1 hits 9 required 5 tests RCVD_IN_DSBL RCVD_IN_NJABL_PROXY RCVD_IN_SORBS_DUL Tests like RCVD_IN_DS...

Страница 291: ...g time for each mail increases when DNS queries are made If needed the performance can be improved by increasing the number of mails being processed concurrently by F Secure Spam Control By default th...

Страница 292: ...500 has been set to 5 To take the new setting into use restart F Secure Content Scanner Server IMPORTANT Each additional instance of the Spam Scanner takes approximately 25Mb of memory process fsavsd...

Страница 293: ...293 9 UPDATING VIRUS AND SPAM DEFINITION DATABASES Overview 294 Automatic Updates with F Secure Automatic Update Agent 294 Configuring Automatic Updates 294...

Страница 294: ...affic detection to make sure that it works without disturbing other Internet traffic even over a slow line You may install and use F Secure Automatic Update Agent in conjunction with licensed F Secure...

Страница 295: ...te Agent settings To change these settings you need to use F Secure Policy Manager Console For more information see F Secure Automatic Update Agent Settings 147 If necessary reconfigure the firewall a...

Страница 296: ...296 A APPENDIX Variables in Warning Messages List of Variables 297...

Страница 297: ...t the corresponding variable will be replaced with Unknown Variable Description ANTI VIRUS SERVER The DNS WINS name or IP address of F Secure Anti Virus for Microsoft Exchange NAME OF SENDER The e mai...

Страница 298: ...ME The name of the original file or attachment AFFECTED FILESIZE The size of the original file or attachment THREAT The name of the threat that was found in the content For example it can contain the...

Страница 299: ...299 B APPENDIX Services and Processes List of Services and Processes 300...

Страница 300: ...ading and writing policy settings statistics and sending alerts F Secure Automatic Update Agent fsaua exe This service takes care of fetching updates from FSPM or FS Update server F Secure Content Sca...

Страница 301: ...t Agent is an FSMA service responsible for starting other services and monitoring them F Secure Network Request Broker fnrb32 exe The service handles the communication with F Secure Policy Manager via...

Страница 302: ...e LogFile log Windows event log and SMTP server fsm32 exe The F Secure Settings and Statistics User Interface The process is not running unless the user is logged in to the system fih32 exe F Secure I...

Страница 303: ...on a Cluster Installation Overview 304 Creating Quarantine Storage 305 Administering the Cluster Installation with F Secure Policy Manager 328 Using the Quarantine in the Cluster Installation 329 Uni...

Страница 304: ...entication and SQL Server Authentication After the installation make sure that Named Pipes and TCP IP protocols are enabled in SQL Server network configuration 3 Create the quarantine storage where th...

Страница 305: ...ure Policy Manager 328 6 Log on each node and configure the Web Console to accept connections from authorized hosts C 2 Creating Quarantine Storage Follow instructions in this section to create the Qu...

Страница 306: ...306 Enter the following information Name F Secure Quarantine Storage Resource Type File Share Group make sure that your Exchange Virtual Server is selected Click Next 5 Possible Owners dialog opens...

Страница 307: ...APPENDIX C 307 Deploying the Product on a Cluster 6 Verify that all nodes that are running Exchange Server are listed under Possible owners and click Next 7 Dependencies dialog opens...

Страница 308: ...opens Type FSAVMSEQS as Share name Note the dollar character at the end of the share name makes the share hidden when you view network resources of the cluster with Windows Explorer Enter the director...

Страница 309: ...and Read permissions for Exchange Domain Servers and SYSTEM and Full Control Change and Read permissions for Administrator account Click OK 10 In File Share Parameters dialog click Advanced Make sure...

Страница 310: ...d computer This computer should be the member of the same domain as your Exchange Servers 1 Log on to the server where you plan to create the quarantine storage for example APPSERVER with a domain adm...

Страница 311: ...ions 5 Permissions dialog opens Add Administrator Exchange Domain Servers and SYSTEM to the Group or user names Remove Everyone account Grant Change and Read permissions for Exchange Domain Servers an...

Страница 312: ...r Click OK 7 To verify that the quarantine storage is accessible log on as the domain administrator to any node in the cluster and try to open Server FSAVMSEQS with Windows Explorer where Server is th...

Страница 313: ...example create Quarantine directory on disk D 3 Go to Start menu All Programs Administrative Tools Cluster Administrator 4 Right click the Exchange Virtual Server under the Groups and select New Reso...

Страница 314: ...314 Click Next to continue 7 Select the Exchange Server Network Name and the Physical Disk under Available resources and click Add to move them to the Resource dependencies list Click Next to continue...

Страница 315: ...nge permissions 9 Change permissions as follows a Add Administrator Exchange Domain Servers and SYSTEM to the Group or user names list b Remove the Everyone account c Grant Change and Read permissions...

Страница 316: ...lick OK to continue 10 Click Advanced to open Advanced File Share Properties Make sure that Normal share is selected Click OK to continue 11 Click Finish to create the F Secure Quarantine Storage reso...

Страница 317: ...or account 2 Create a directory for the quarantine storage on the physical disk shared by the cluster nodes You can create it on the same disk where the Exchange Server storage and logs are located 3...

Страница 318: ...s Exchange Servers and SYSTEM with Contributor permission levels Press Share to close the window and enable the share 4 Check that everything is configured correctly The Failover Cluster Manager view...

Страница 319: ...Continuous Cluster Replication Environment For a Continuous Cluster Replication CCR cluster installation the quarantine storage must be set on a dedicated computer This computer has to be a member in...

Страница 320: ...cure Quarantine Storage as comment b Make sure that User Limit is set to Maximum allowed Click Permissions to set permissions The dollar character at the end of the share name makes the share hidden w...

Страница 321: ...all existing groups and users a Add Administrator Exchange Domain Servers and SYSTEM to the Group or user names list b Grant Change and Read permissions for Exchange Domain Servers and SYSTEM c Grant...

Страница 322: ...or Exchange Domain Servers and SYSTEM c Grant all permissions for the Administrator account Click OK to finish To make sure that the quarantine storage is accessible follow these instructions 1 Log on...

Страница 323: ...tor account 2 Run F Secure Anti Virus for Microsoft Exchange setup wizard Install the product in the centralized management mode Specify the IP address of F Secure Policy Manager Server and admin pub...

Страница 324: ...he quarantine database Select the server running Microsoft SQL Server 5 The setup program asks to specify the database name where quarantined items are stored Specify the name for the database and ent...

Страница 325: ...ive node C 3 2 Installing on Active Active Cluster This section describes how to install the product on an active active cluster 1 Log on to the first node of the cluster using a domain administrator...

Страница 326: ...stallation as the Quarantine Directory For example Server FSAVMSEQS where Server is the name of the server where you created the quarantine storage share 4 The setup program asks to specify the SQL Se...

Страница 327: ...ame for the database and enter user name and password that will be used to access the database 6 Complete the installation on the first active node 7 Log on to the second node of the cluster using a d...

Страница 328: ...your organization or network domain Import all cluster nodes to this subdomain To change product configuration on all cluster nodes follow these instructions 1 Select the cluster subdomain in the Pol...

Страница 329: ...Manager Server C 5 Using the Quarantine in the Cluster Installation You can manage quarantined items with the Web Console by connecting to any node of the cluster You can release reprocess and downlo...

Страница 330: ...lControl and Special for the Pickup Folder for the Exchange Servers group or directly for the Mailbox Role Servers Mailbox Role Server 1 Open the Windows Registry Editor and go to HKEY_LOCAL_MACHINE S...

Страница 331: ...uct from passive nodes 3 After the product has been uninstalled from every node reboot computers one at the time C 7 Troubleshooting If the product fails to quarantine a file or reports that the quara...

Страница 332: ...332 D APPENDIX Sending E mail Alerts And Reports Overview 333 Solution 333...

Страница 333: ...ed even on servers that are not connected to the Internet By default only e mail messages that come from authenticated or allowed sources can be relayed This means that the product cannot send SMTP al...

Страница 334: ...accepted_hosts is the IP address or IP address range from which inbound connections are accepted The IP address or IP address range can be entered in one of the following formats IP address 192 168 1...

Страница 335: ...sages grant ms Exch SMTP Accept Any Recipient the permission to the anonymous account To do this run the following command Get ReceiveConnector connector_name Add ADPermission User NT AUTHORITY ANONYM...

Страница 336: ...336 E TROUBLESHOOTING Overview 337 Starting and Stopping 337 Viewing the Log File 338 Common Problems and Solutions 338 Frequently Asked Questions 343...

Страница 337: ...or Microsoft Exchange Web Console and select Home Services Click Start to activate F Secure Anti Virus for Microsoft Exchange and Stop to stop it From the command line when the product is installed on...

Страница 338: ...alerts generated by the host regardless of the severity Logfile log file size can be configured in F Secure Management Agent Settings Alerting Alert Agents Logfile Maximum File Size Quarantine Logs Q...

Страница 339: ...m the command line on the Microsoft Exchange Server telnet 127 0 0 1 18971 If you get the cursor blinking in the upper left corner it means that the connection has been established and F Secure Conten...

Страница 340: ...e is unable to contact F Secure Content Scanner Server A service or process may not be running on F Secure Content Scanner Server Make sure that all processes and services of F Secure Content Scanner...

Страница 341: ...le Daemon Check the Task Manager The following process should be running fswebuid exe 2 If you try to connect to the F Secure Anti Virus for Microsoft Exchange Web Console from a remote host make sure...

Страница 342: ...he Quarantine storage on a FAT drive everyone who has access to that drive will be able to get access to the quarantined content Create and adjust access rights to the Quarantine storage manually if y...

Страница 343: ...ubleshooting E 5 Frequently Asked Questions All support issues frequently asked questions and hotfixes can be found under the support pages at http support f secure com For more information see Techni...

Страница 344: ...344 Technical Support F Secure Online Support Resources 345 Web Club 347 Virus Descriptions on the Web 347...

Страница 345: ...mple Anti Virus Norway f secure com If there is no authorized F Secure Anti Virus Business Partner in your country you can submit a support request directly to F Secure There is an online Web submit f...

Страница 346: ...the version number of the operating system on which F Secure products and protected systems are running For Windows include the build number and Service Pack number The version number and the configur...

Страница 347: ...he banner Alternatively right click on the F Secure icon in the Window taskbar and choose the Web Club command To connect to the Web Club directly from within your Web browser go to http www f secure...

Страница 348: ...er in the market of internet and computer security The solutions are also available as licensed products through thousands of resellers globally F Secure aspires to be the most reliable mobile and com...

Страница 349: ......

Отзывы:

Нет отзывов

Похожие инструкции для ANTI-VIRUS FOR MICROSOFT EXCHANGE 8.00 -

Бренд: McAfee Страницы: 2

Бренд: McAfee Страницы: 205

LIVE CYCLE 7.2 - INSTALLING AND CONFIGURING LIVECYCLE FOR JBOSS

Бренд: Adobe Страницы: 90

PlateRunner P24 Processor

Бренд: Xante Страницы: 6

Бренд: Nero Страницы: 95

Бренд: Avermedia Страницы: 97

Бренд: APPLIED ACOUSTICS SYSTEMS Страницы: 70

Бренд: I.R.I.S. Страницы: 10

IRISPOWERSCAN 9.0

Бренд: I.R.I.S. Страницы: 153

3CR15600 - Enterprise Management Suite

Бренд: 3Com Страницы: 218

AVC HD Player 5.7

Бренд: Elecard Страницы: 39

Бренд: ACT Страницы: 124

AutoCAD Design Suite 2013

Бренд: Autodesk Страницы: 138

Бренд: Xerox Страницы: 60

FLASH 8-USING FLASH

Бренд: MACROMEDIA Страницы: 678

Бренд: FARONICS Страницы: 4

REGISTRYBOOSTER 2010 - V1

Бренд: UNIBLUE Страницы: 11

TASCAM PCM Recorder

Бренд: Tascam Страницы: 2

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды