F-SECURE CLIENT SECURITY 7.00 Скачать руководство пользователя страница 54

Страница: 54 / 315

Step 22.

After the key-pair is generated, F-Secure Policy Manager Console will
start.

From here, it is possible to continue by creating policy domains and
installing hosts. For more information, see “

Creating the Domain

If you decide to exit from F-Secure Policy Manager Console, and want to
login again later, see “

Logging in for the First Time

”

, 126

If you want to familiarize yourself with the F-Secure Policy Manager
Console user interface, see “

Introduction to F-Secure Policy Manager

Anti-Virus Mode User Interface

”

, 56

Содержание CLIENT SECURITY 7.00

Страница 1: ...F Secure Client Security Administrator s Guide...

Страница 2: ...Corporation will not be liable for any errors or omission of facts contained herein F Secure Corporation reserves the right to modify specifications cited in this document without prior notice Compani...

Страница 3: ...1 Virus and Spy Protection 18 1 2 2 Internet Shield 21 1 2 3 Application Management 22 1 3 Introduction to F Secure Policy Manager 23 1 3 1 Main Components of F Secure Policy Manager 24 1 3 2 F Secure...

Страница 4: ...117 3 6 Settings Inheritance 120 3 6 1 How Settings Inheritance is Displayed on the User Interface 122 3 6 2 Locking and Unlocking all Settings on a Page at Once 123 3 6 3 Settings Inheritance in Tab...

Страница 5: ...osts to Use Real Time Scanning 169 5 3 4 Excluding Microsoft Outlooks s pst File from Real Time Scanning 170 5 4 Configuring System Control 171 5 4 1 System Control Configuration Settings 171 5 5 Conf...

Страница 6: ...t Security Level for the Managed Hosts 199 6 2 3 Adding a New Security Level for a Certain Domain Only 200 6 3 Configuring Network Quarantine 203 6 3 1 Network Quarantine Settings 203 6 3 2 Enabling N...

Страница 7: ...28 Chapter 8 Upgrading Software 229 8 1 Overview Upgrading Software 230 8 1 1 Using the Installation Editor 230 Chapter 9 Local Host Operations 234 9 1 Overview 235 9 2 Scanning File Viruses Manually...

Страница 8: ...ion Posture Token 255 Chapter 12 Advanced Features Virus and Spyware Protection 257 12 1 Overview 258 12 2 Configuring Scheduled Scanning 258 12 3 Configuring Policy Manager Proxy 260 12 4 Configuring...

Страница 9: ...dix B E mail Scanning Alert and Error Messages 292 B 1 Overview 293 Glossary 297 Technical Support 311 Overview 312 Web Club 312 Virus Descriptions on the Web 312 Advanced Technical Support 312 F Secu...

Страница 10: ...10 ABOUT THIS GUIDE Overview 11 Additional Documentation 13...

Страница 11: ...s the F Secure Policy Manager Anti Virus Mode user interface components Chapter 4 Setting up the Managed Network Describes how to plan and create the centrally managed network Chapter 5 Configuring Vi...

Страница 12: ...13 Advanced Features Internet Shield Covers the advanced Internet Shield features such as using port and IP checking with Application Control adding new services and troubleshooting connection proble...

Страница 13: ...Secure Policy Manager Advanced Mode user interface and other advanced operations can be found under F Secure Policy Manager in the navigation tree F Secure Client Security Online Help The F Secure Cl...

Страница 14: ...Secure products It also includes information on F Secure Management Agent F Secure Policy Manager Web Reporting and F Secure Anti Virus Proxy F Secure Policy Manager Reporting Option Administrator s G...

Страница 15: ...s black is used for file and folder names for figure and table captions and for directory tree names Courier New is used for messages on your computer screen WARNING The warning symbol indicates a sit...

Страница 16: ...used for online viewing and printing using Adobe Acrobat Reader When printing the manual please print the entire manual including the copyright and disclaimer statements For More Information Visit F...

Страница 17: ...17 1 INTRODUCTION Overview 18 F Secure Client Security Components and Features 18 Introduction to F Secure Policy Manager 23 Basic Terminology 26...

Страница 18: ...includes several scanning methods Real Time Scanning E mail Scanning Web Traffic Scanning Rootkit Scanning and Manual Scanning It also includes System Control Automatic Updates the F Secure Automatic...

Страница 19: ...removes viruses automatically For more information see Configuring Web Traffic HTTP Scanning 178 Rootkit Scanning If you want to ensure there are no suspicious hidden files hidden processes hidden ap...

Страница 20: ...F Secure Anti Virus Research If the integrity is compromised the code will not be executed For more information see Configuring Automatic Updates 162 F Secure Automatic Update Agent With F Secure Auto...

Страница 21: ...aptops with F Secure Client Security Internet Shield also protects the entire LAN because the individual computers cannot be used as a stepping stone to gain access to the LAN Internet Shield offers s...

Страница 22: ...be either denied access or the user is prompted to decide whether the application can initiate a connection For more information see Configuring Application Control 209 Intrusion Prevention System In...

Страница 23: ...n to F Secure Policy Manager This section contains a brief introduction to F Secure Policy Manager For more information see F Secure Policy Manager Administrator s Guide F Secure Policy Manager provid...

Страница 24: ...or any intervention by the end user F Secure Policy Manager Console includes two different user interfaces Anti Virus Mode user interface that is optimized for managing F Secure Client Security and F...

Страница 25: ...allows users to receive virus definition database updates and informational content without interrupting their work to wait for files to download from the Web It downloads files automatically in the b...

Страница 26: ...gement of virus scanning tasks and other operations 1 4 Basic Terminology Host In this document it means a computer that is centrally managed with F Secure Policy Manager Policy A security policy is a...

Страница 27: ...f large networks The inherited settings may be overridden for individual hosts or domains When a domain s inherited settings are changed the changes are inherited by all of the domain s hosts and subd...

Страница 28: ...28 2 INSTALLING F SECURE POLICY MANAGER Overview 29 System Requirements 30 Installation Steps 33 Uninstalling F Secure Policy Manager 55...

Страница 29: ...native installation scenarios as well as the server security issues see chapters Installing F Secure Policy Manager Console and Installing F Secure Policy Manager Server in F Secure Policy Manager Adm...

Страница 30: ...ments Operating system Microsoft Windows 2000 Server SP 3 or higher Windows 2000 Advanced Server SP 3 or higher Windows Server 2003 Standard Edition or Web Edition Windows 2003 Small Business Server P...

Страница 31: ...ents depend on the size of the installation In addition to this it is recommended to allocate about 1 MB per host for alerts and policies The actual disk space consumption per host is hard to anticipa...

Страница 32: ...003 Small Business Server Processor Intel Pentium III 450 MHz processor or faster Managing more than 5000 hosts requires Pentium III 750 MHz processor or faster Memory 256 MB of RAM Managing more than...

Страница 33: ...ive 2 Select Corporate Use Click Next to continue 3 Select F Secure Policy Manager from the Install or Update Management Software menu Step 2 View the Welcome screen and follow the setup instructions...

Страница 34: ...34 Step 3 Read the license agreement information If you agree select I accept this agreement Click Next to continue...

Страница 35: ...d on the same computer is allowed access to F Secure Policy Manager Server Access to Web Reports is allowed also from other computers Custom This is the default recommended option that lets you specif...

Страница 36: ...Select the following components to be installed F Secure Policy Manager Console F Secure Policy Manager Server F Secure Policy Manager Update Server Agent F Secure Installation Packages Click Next to...

Страница 37: ...2 37 Step 6 Choose the destination folder It is recommended to use the default installation directory Use the Browse feature to install F Secure Policy Manager in a different directory Click Next to c...

Страница 38: ...ectory and this will be the directory that F Secure Policy Manager Server will use as a repository You can use the previous commdir as a backup or you can delete it once you have verified that F Secur...

Страница 39: ...ion file HTTPD conf This option automatically keeps the existing administration host and web reporting ports If you want to change the ports from the previous installation select the Change settings o...

Страница 40: ...porting module is used for communication with F Secure Policy Manager Web Reporting Select whether it should be enabled Web Reporting uses a local socket connection to the Admin module to fetch server...

Страница 41: ...CHAPTER2 41 Click Next to continue...

Страница 42: ...42 Step 10 Specify F Secure Policy Manager Server address and Administration port number Click Next to continue Depending on the installation method this window is not always displayed...

Страница 43: ...CHAPTER2 43 Step 11 Select to add product installation package s from the list of available packages if you selected F Secure Installation Packages in Step 5 36 Click Next...

Страница 44: ...44 Step 12 Review the changes that setup is about to make Click Start to start the installation...

Страница 45: ...CHAPTER2 45 Step 13 When the setup is completed the setup shows whether all components were installed successfully...

Страница 46: ...46 Step 14 Click Finish to complete the F Secure Policy Manager Server installation After this you should run the F Secure Policy Manager Console for the fist time...

Страница 47: ...ind the shortcut from Start Programs F Secure Policy Manager Console F Secure Policy Manager Console When F Secure Policy Manager Console is run for the first time the Console Setup Wizard collects th...

Страница 48: ...llows you to view administrator data but no changes can be made If you select Read only mode you will not be able to administer hosts To change to Administrator mode you will need the admin pub and ad...

Страница 49: ...CHAPTER2 49 Step 17 Enter the address of the F Secure Policy Manager Server that is used for communicating with the managed hosts...

Страница 50: ...ivate key files will be stored By default key files are stored in the F Secure Policy Manager Console installation directory Program Files F Secure Administrator Click Next to continue If the key pair...

Страница 51: ...the random seed used by the management key pair generator Using the path of the mouse movement ensures that the seed number for the key pair generation algorithm has enough randomness When the progres...

Страница 52: ...52 Step 20 Enter a passphrase which will secure your private management key Re enter your passphrase in the Confirm Passphrase field Click Next Step 21 Click Finish to complete the setup process...

Страница 53: ...ure Policy Manager Console will generate the management key pair For information on backing up the admin pub key see chapter Maintaining F Secure Policy Manager Server in F Secure Policy Manager Admin...

Страница 54: ...more information see Creating the Domain Structure 130 and Adding Hosts 132 If you decide to exit from F Secure Policy Manager Console and want to login again later see Logging in for the First Time...

Страница 55: ...Control Panel Select Add Remove Programs 2 Select the component you want to uninstall F Secure Policy Manager Console or Server and click the Add Remove button 3 The F Secure Uninstall dialog box app...

Страница 56: ...56 3 INTRODUCTION TO F SECURE POLICY MANAGER ANTI VIRUS MODE USER INTERFACE Overview 57 Policy Domains Tab 58 Management Tabs 58 Toolbar 116 Menu Commands 117 Settings Inheritance 120...

Страница 57: ...nd monitoring F Secure Client Security installed on hosts as well as for carrying out operations Message View at the bottom of the window that displays informative messages from the Policy Manager for...

Страница 58: ...ains Move hosts or domains using cut and paste operations Export a policy file After selecting a domain or host you can access the above options from the Edit menu or by right clicking the selected ho...

Страница 59: ...gned to display the most important information concerning the selected domain s or host s at a glance When a domain is selected the Summary tab displays information about the whole domain When a singl...

Страница 60: ...tations and Internet Shield When a host is selected the sections are Policy Manager Host Virus Protection and Internet Shield These sections are described in detail below Summary Tab When a Domain is...

Страница 61: ...policy data and distribute the new policies to hosts See the status of the virus definitions on the server See the status of the spyware definitions on the server See the status of System Control upd...

Страница 62: ...also access a detailed list displaying the hosts connection status by clicking View disconnected hosts which takes you to the Status tab and Centralized Management page See a summary of new alerts If...

Страница 63: ...Protection page See how many infections have been found in the domain If you want to see host specific infection information click View hosts infection status to access the Status tab and Overall Prot...

Страница 64: ...nternet Shield installed See what is the most common latest attack and how many percents of the domain has been affected If you want to get more detailed information on the latest attacks you can clic...

Страница 65: ...file the host is using is the latest or not the latest one See whether the host is disconnected or not See a summary of new alerts If you want to get more detailed information on the alerts click on...

Страница 66: ...ection shows security news from F Secure Security news are usually news about new virus outbreaks and they state the virus definitions version required on the hosts to protect against this new virus o...

Страница 67: ...ews show the alert level of the security threat In the Security News Details section you can see the details about the selected virus news You can obtain even more details with your web browser by cli...

Страница 68: ...hosts are displayed as unprotected you can most likely ignore them since they will automatically update the virus and spyware definitions once they are turned on Update delta tells you how well the ho...

Страница 69: ...efined on the current level Force Value The Force Value menu item is available only when a Policy Domain is selected You can enforce the current domain setting to also be active in all subdomains and...

Страница 70: ...elected policy domain together with the value of the selected field Click any domain or host name to quickly select the domain or host on the Policy Domains tab It is possible to open more than one Do...

Страница 71: ...urity 6 x and later In the Automatic Updates for F Secure Client Security 6 x and later section you can Enable or disable automatic updates Note that deselecting this setting disables all ways for the...

Страница 72: ...P Proxy can be used and specify the HTTP Proxy address For configuration examples and more information see Configuring Automatic Updates 162 Automatic Updates for F Secure Client Security 5 5x Clickin...

Страница 73: ...CHAPTER3 73 Figure 3 9 Settings Automatic Updates Automatic Updates F Secure Client Security 5 x page Automatic Updates In the Automatic Updates section you can Enable or disable automatic updates...

Страница 74: ...ger server polling Interval to access the Centralized Management page where you can configure the polling interval See a list of Anti Virus Proxy Servers You can also add new servers on the list delet...

Страница 75: ...CHAPTER3 75 Real Time Scanning Figure 3 10 Settings Real Time Scanning page...

Страница 76: ...e created or modified Define what is the action to take when an infected file is found For configuration examples explanation of the Action on infection options and more information see Configuring Re...

Страница 77: ...r floppy disk boot sectors Select whether boot sectors are scanned at startup Select what is the action to take when an infection is found From the Action on infection drop down list you can select th...

Страница 78: ...78 Manual Scanning Figure 3 11 Settings Manual Scanning...

Страница 79: ...Scan inside compressed files Select this check box to scan inside compressed ZIP ARJ LZH RAR CAB TAR BZ2 GZ JAR and TGZ files Scanning inside large compressed files might use a lot of system resources...

Страница 80: ...ion see Configuring Spyware Scanning 181 Action Definition Ask after scan Starts the F Secure Disinfection Wizard when an infected file is detected Disinfect automatically Disinfects the file automati...

Страница 81: ...ples and more information see Configuring Rootkit Scanning 172 Scheduled Scanning The Configure scheduled scanning in advanced mode link takes you to the F Secure Policy Manager Console Advanced Mode...

Страница 82: ...82 Spyware Control Figure 3 12 Settings Spyware Control...

Страница 83: ...have allowed to run on the hosts Spyware and Riskware Reported by Hosts The Spyware and Riskware Reported by Hosts table displays spyware and riskware that the hosts have reported and spyware and risk...

Страница 84: ...84 E mail Scanning Figure 3 13 Settings E mail Scanning page This page includes separate settings for incoming and outgoing E mail Scanning The settings in the General section are common for both...

Страница 85: ...ect the action to take on malformed message parts Select to save the blocked messages in the end user s outbox General In the General section you can Select whether all or just some attachments are sc...

Страница 86: ...eb Traffic Scanning General In the General section you can enable or disable HTTP scanning HTTP Scanning Select the action to take on infection Select the action to take on scanning failure Select whe...

Страница 87: ...able displays a list of HTTP sites from which are defined as trusted Downloads from these sited are not scanned for viruses For more information on Web Traffic Scanning and for practical configuration...

Страница 88: ...88 Firewall Security Levels Figure 3 15 Settings Firewall Security Levels...

Страница 89: ...to inbound and outbound packets by selecting Enable firewall engine For more information see Configuring Internet Shield Security Levels and Rules 198 Enable the use of trusted interface For more info...

Страница 90: ...and performance level For configuration examples and more information see Configuring the Intrusion Prevention 218 Firewall Security Levels Table Global The Firewall Security Levels Table displays the...

Страница 91: ...CHAPTER3 91 Firewall Rules Figure 3 16 Settings Firewall Rules...

Страница 92: ...ty level The table also displays the location for these rules The Firewall Rules table displays the following information for each rule Whether the rule is enabled or disabled The name and comment for...

Страница 93: ...ckets from ordinary applications need to be allowed by the rules in the firewall rules table For more information on how to create and modify firewall rules see Configuring Internet Shield Security Le...

Страница 94: ...17 Settings Firewall Services Service short for Network Service means a service that is available on the network e g file sharing remote console access or web browsing It is most often described by w...

Страница 95: ...ble to create or allow the end users to create new services for the firewall For more information on how to add or modify firewall services see Adding New Services 269 You can also restrict the users...

Страница 96: ...Application Control page displays a list of known applications and the rules defined for them for inbound and outbound connection attempts Unknown Applications Reported by Hosts The Unknown Applicatio...

Страница 97: ...section contains the following options Show default messages for unknown applications can be used to select whether users see default messages on unknown application connection attempts Define defaul...

Страница 98: ...Alert Sending General In the General section you can Select the alerting language E mail Alert Sending Define the E mail server address SMTP Define the E mail sender address and E mail subject to be...

Страница 99: ...the alerts that are of certain severity are to be forwarded For examples on how to configure Anti Virus alert forwarding see Configuring F Secure Client Security Alert Sending 190 For examples on how...

Страница 100: ...on contains the following options Allow users to change all settings This option makes all the settings throughout the F Secure Policy Manager Anti Virus and Advanced Mode user interface non final whi...

Страница 101: ...eselecting this option prevents end users from uninstalling F Secure software from their computer Uninstallation always requires administrative rights This applies to all Windows operating systems eve...

Страница 102: ...e policy files The default value is 10 minutes Outgoing packages update interval Defines how often the host tries to send new versions of periodically sent information for example statistics towards t...

Страница 103: ...ny row on Status tab page you can access a context menu that contains the following options Copy as Text copies the currently selected row s and column headings from the table as text Select All selec...

Страница 104: ...definitions version on F Secure Gateway products The date and time when spyware definitions were last updated Spyware definitions version The date and time when spam definitions on F Secure Gateway G...

Страница 105: ...ure Anti Virus for Citrix Servers F Secure Anti Virus for Windows Servers F Secure Internet Gatekeeper or F Secure Anti Virus for Microsoft Exchange installed Virus Protection Figure 3 23 Status Virus...

Страница 106: ...Internet Shield page displays the following information Latest attack date and time in the Latest Attack Timestamp column Latest attack service Latest attack source Recent attacks this column can be s...

Страница 107: ...t s F Secure Client Security software version including the build number and possible hotfixes List of Anti Spyware hotfixes Whether Internet Shield is installed Whether E Mail Scanning is installed W...

Страница 108: ...tion Policy file timestamp Policy file counter this is the number of the policy file currently in use at the host The date when the last statistics update has been sent to the F Secure Policy Manager...

Страница 109: ...ties Figure 3 27 Status Host Properties The Host Properties page displays the following information for each host The WINS name of the host The IP address of the host The DNS name of the host The oper...

Страница 110: ...rom the selected host s and domain s It can also be used to manage the alert reports The Alerts tab displays the following information for each alert severity see Viewing Alerts 226 for more informati...

Страница 111: ...rts may also have an attached report This report will be displayed in the lower half of the page By clicking Configure Alert Forwarding you can access the Settings tab and Alerts page where you can co...

Страница 112: ...in s It can also be used to manage the scanning reports The Reports tab displays the following information about each report severity date and time description host and user the product the report rel...

Страница 113: ...mation on how alerts can be used for monitoring see Viewing Scanning Reports 225 3 3 7 Installation Tab Figure 3 30 Installation tab The Installation tab is the first one that opens when the Policy Ma...

Страница 114: ...appear in the NT domain browse list of the Autodiscover view Import autoregistered hosts Hosts will send autoregistration messages to F Secure Policy Manager whenever the first product is installed to...

Страница 115: ...AN For more information see What to Do in Case of a Virus Outbreak 250 Update Virus Definitions Operation With this operation you can order the selected hosts or all hosts in the selected domain to ge...

Страница 116: ...Go to the previous domain or host in the domain tree selection history Go to the next domain or host in the domain tree selection history Go to the parent domain Cuts a host or domain Pastes a host or...

Страница 117: ...llation packages Updates the virus definition database Displays all alerts The icon is highlighted if there are new alerts When you start F Secure Policy Manager Console the icon is always highlighted...

Страница 118: ...ports hosts that have sent an autoregistration request Autodiscover Windows Hosts Imports hosts from the Windows domain structure Push Install to Windows Hosts Installs software remotely and imports t...

Страница 119: ...ge with all alerts showing Advanced Mode Changes to the Advanced mode user interface Anti Virus Mode Changes to the Anti Virus mode user interface which is the user interface described in this manual...

Страница 120: ...domain level or the default value of the setting is re inherited Reporting Lets you select the reporting methods and the domains hosts and products included in the reports Update Virus Definitions on...

Страница 121: ...sers are not allowed to change them Final always forces the policy the policy variable overrides any local host value and the end user cannot change the value as long as the Final restriction is set I...

Страница 122: ...defined on the current level If the lock symbol is grey the setting is inherited An open lock symbol means that the user is allowed to change the setting at the current level If the lock symbol is blu...

Страница 123: ...re displayed as dimmed with grey text Settings that are not inherited are displayed as black text on a white background Check boxes Inherited values are displayed as dimmed on a grey background Values...

Страница 124: ...d global tables which means that all computers in the domain have the same values However different subdomains and different hosts may have different security levels enabled In tables the default valu...

Страница 125: ...NAGED NETWORK Overview 126 Logging in for the First Time 126 Creating the Domain Structure 130 Adding Hosts 132 Local Installation 156 Installing on an Infected Host 158 How to Check That the Manageme...

Страница 126: ...nto consideration so that you can profit the most from the centralized management of the security applications later on This includes for example planning the structure of the managed domain carefully...

Страница 127: ...defined when you installed the program This is not your network administrator password You can start the program also in Read Only mode in which case you do not need to enter a passphrase In this cas...

Страница 128: ...ole will generate a new key pair Check the Communication Preferences Select the Communication tab to customize communication settings 1 To change polling intervals click Polling Period Options In most...

Страница 129: ...then For example laptop computers may not be able to access the server daily but in most cases this is normal 4 The communication protocol selection affects the default polling intervals You should m...

Страница 130: ...good idea to plan the domain structure based on these criteria This makes it easier for you to manage the hosts later on If you have designed the policy domain structure beforehand you can import the...

Страница 131: ...ices as subdomains Figure 4 4 An example of a policy domain country offices as sub domains A third possibility is to group the hosts into subdomains based on the installed F Secure Client Security ver...

Страница 132: ...for the domain will be created in the Policy Domains tab 3 In the same way you can create the subdomains select the domain you created click in the toolbar and enter a name for the new subdomain 4 4...

Страница 133: ...s and in domains where F Secure Client Security has been installed locally on hosts the most convenient way of importing hosts into F Secure Policy Manager Console is by using the autoregistration fea...

Страница 134: ...g installation see step 6 in Using the Customized Remote Installation JAR Package section It is possible to sort autoregistration messages according to the values of any column by clicking the corresp...

Страница 135: ...CHAPTER4 135 Autoregistration Import Rules Figure 4 6 Import Autoregistered Hosts dialog Import Rules tab...

Страница 136: ...ort Rules window Only the values in the currently visible columns are used as matching criteria when importing hosts to the policy domain The values in the currently hidden columns are ignored You can...

Страница 137: ...select the row and click Clone Now you can edit the criteria on the new duplicated row When you want to start the import operation select the Autoregistered Hosts tab and click Import The importing ru...

Страница 138: ...ty on hosts you should make sure that there are not conflicting antivirus or firewall applications installed on them F Secure Setup recognizes and removes automatically the following antivirus program...

Страница 139: ...5 50 Norman Virus Control version 5 5 Norton Symantec Anti Virus Corporate Edition version 8 1 0 821 Panda AdminSecure version 3 02 Panda AdminSecure version 3 06 10 Panda ClientShield Corporate vers...

Страница 140: ...AntiVirus Corporate Edition 7 6 0 0000 Trend Micro Internet Security 2004 version 11 10 1299 Trend Micro Officescan Corporate Edition version 5 5 Trend Micro Officescan version 5 02 only when installe...

Страница 141: ...u and select Autodiscover Windows Hosts alternatively click the button 3 From the NT Domains list select one of the domains and click Refresh The host list is updated only when you click Refresh Other...

Страница 142: ...SPACE bar to check selected host s Several hosts can be easily selected by holding down the SHIFT key and doing one of the following clicking the mouse on multiple host rows dragging the mouse over se...

Страница 143: ...names of those hosts to which you want to push install and click Next to continue You can click Browse to check the F Secure Management Agent version s on the host s 4 After you have selected your tar...

Страница 144: ...products to install You can choose to force reinstallation if applications with the same version number already exist Click Next to continue 3 Choose to accept the default policy or specify which host...

Страница 145: ...administrator with a password that matches the local administrator s password on the target host Another Account Enter account and password The administrator can enter any proper Domain Administrator...

Страница 146: ...l at any time to stop the installation When the Status line displays finished the process has finished You can select in which domain the new hosts should be placed using the import settings Click Fin...

Страница 147: ...Agent fetches the installation package specified in the task parameters from the server and starts installation program When the installation is complete F Secure Management Agent sends the result of...

Страница 148: ...the product If there are multiple versions of the product installed all version numbers will be displayed For hosts this is always a single version number Version to Install Version numbers of the ava...

Страница 149: ...on or uninstallation operation succeeded This message will disappear when the Installation Editor is closed Empty field No operations are active The Installed Version field displays the currently inst...

Страница 150: ...ill cancel the installation operations defined for the selected policy domain or host It is possible to stop all installation tasks in the selected domain and all subdomains by selecting the Recursive...

Страница 151: ...3 If F Secure Anti Virus was uninstalled successfully uninstall F Secure Management Agent 4 If uninstallation of F Secure Management Agent is unsuccessful F Secure Policy Manager Console will display...

Страница 152: ...This will open the Installation Packages dialog box 3 Select the installation package that contains the products you want to install and click Export 4 Specify the file format JAR or MSI and the loca...

Страница 153: ...Select the components you want to install d Select the language for the product you are about to install e Select the installation type The default Centrally managed installation is recommended You ca...

Страница 154: ...le selection all the hosts from one unit can be imported to their target domain Note that the target domain can be changed directly from the autoregistration view and after that the hosts from another...

Страница 155: ...n package was exported If you want the installation to run in silent mode enter the command in format ilaunchr package name jar Q Also in this case the user may be prompted to restart the computer aft...

Страница 156: ...lication directory e g F Secure Client Security 6 0 files are in the directory software fsavcs 2 Copy the admin pub file to the same installation directory as above 3 Edit the prodsett ini file This f...

Страница 157: ...kstations When setting up workstations you must provide them with a copy of the Admin pub key file or access to it If you install the F Secure products on the workstations remotely with F Secure Polic...

Страница 158: ...installation For more information see Step 18 50 For information on backing up the admin pub key see chapter Maintaining F Secure Policy Manager Server in F Secure Policy Manager Administrator s Guide...

Страница 159: ...Connections Work 1 Check the Policy Distribution Status on the Summary tab Save and distribute the polices if necessary 2 Go to the Status tab and select Centralized Management page Check the timestam...

Страница 160: ...ime Scanning 166 Configuring System Control 171 Configuring Rootkit Scanning 172 Configuring E mail Scanning 173 Configuring Web Traffic HTTP Scanning 178 Configuring Spyware Scanning 181 Preventing U...

Страница 161: ...ow to configure alert forwarding and how to test the virus protection Scheduled Scanning is an advanced feature and it is discussed in Adding a Scheduled Scan from a Local Host 236 and Configuring Sch...

Страница 162: ...l Time Scanning Configuration Settings 166 and E mail Scanning Configuration Settings 173 5 2 Configuring Automatic Updates This section explains the different configuration settings available for Aut...

Страница 163: ...ate Server through each Policy Manager Proxy in turn e If the client is configured to use HTTP Proxy it tries to download the updates through the HTTP Proxy from F Secure Update Server f After that th...

Страница 164: ...Root in the Policy Domains tab 2 Go to the Settings tab and select the Automatic Updates page 3 Make sure that Enable automatic updates is selected 4 Make sure that the polling interval defined in Int...

Страница 165: ...servers on the list This opens the F Secure Policy Manager Proxy Server Properties window 5 Enter a priority number in the Priority text box for the Policy Manager Proxy The priority numbers are used...

Страница 166: ...available for selecting what to scan All Files All files will be scanned regardless of their file extension This option is not recommended for general use because it might slow down the system perfor...

Страница 167: ...in the Excluded extensions field This is most useful when scanning is set to All Files Enable excluded objects Excluded objects are individual files or folders which are normally set locally They can...

Страница 168: ...to Real Time Scanning Manual Scanning and E mail Scanning Action Definition Ask after scan Starts the F Secure Disinfection Wizard when an infected file is detected Disinfect automatically Disinfects...

Страница 169: ...rom the File Scanning Action on infection drop down list 6 Check that the other settings on this page are suitable for your system and modify them if necessary For more information on the other Real T...

Страница 170: ...pst File from Real Time Scanning If you have set real time scanning to scan all files you might want to exclude Microsoft Outlook s PST file from the scanning in order not to slow down the system unn...

Страница 171: ...in those cases when System Control does not trust an application 5 4 1 System Control Configuration Settings To enable System Control select the Enable System Control check box You can select what to...

Страница 172: ...Select Enable rootkit scanning to enable scanning for files and drives hidden by rootkits This option also enables users to run local quick scans for rootkits and other hidden items Select Include ro...

Страница 173: ...ing E mail Scanning can be used to keep both inbound and outbound e mails protected against viruses Enabling it for outbound e mails also ensures that you do not accidentally send out infected e mail...

Страница 174: ...ve Attachment deletes the attachment Report Only ignores the attachment but reports it to the administrator 3 Action on malformed message parts Drop Message Part deletes the message Report Only ignore...

Страница 175: ...nter each file extension separated by a space Scan inside compressed attachments Select this check box to scan inside compressed ZIP ARJ LZH RAR CAB TAR BZ2 GZ JAR and TGZ attachments Scanning inside...

Страница 176: ...ncoming E mail Scanning 2 Select the action to take from the Action on incoming infected attachment drop down list For explanations on the different actions see E mail Scanning Configuration Settings...

Страница 177: ...the other settings on this page are suitable for your system and modify them if necessary For more information on the other E mail Scanning settings see Configuring E mail Scanning 173 Step 5 1 Click...

Страница 178: ...scanning check box From the Action on infection drop down list you can select what to do when an infection is found in HTTP traffic The actions available are Block blocks access to the infected file R...

Страница 179: ...xcluding a Web Site from HTTP Scanning You can exclude a web site or certain web pages from HTTP scanning by defining them in the Trusted Sites table Excluding a web site might be a good idea for exam...

Страница 180: ...eated so that it becomes active and type http example com This excludes the second level domain Step 3 Excluding a Sub Directory from HTTP Scanning To exclude a sub directory from HTTP scanning enter...

Страница 181: ...cation and a virus trojan Some spyware may be necessary to run ordinary applications while most spyware is just malware and should not be allowed to run even once By default F Secure Spyware Scanning...

Страница 182: ...canning are not shown Show Always Detection dialogs of spyware detected by real time scanning are always shown to the user Action Definition Report only The spyware is reported only but no action is t...

Страница 183: ...al spyware scanning targets in advanced mode link takes you to the F Secure Policy Manager Console Advanced Mode user interface where you can configure manual spyware scanning targets Applications Exc...

Страница 184: ...Displays the severity of the spyware item This is a value from 3 to 10 Host Displays the name of the host on which the spyware item was found Spyware Status Displays the current status of the spyware...

Страница 185: ...move automatically and quarantine On Spyware Control page the Deny access to spyware setting is enabled 5 8 2 Setting up Spyware Control for the Whole Domain This example explains how to set up spywar...

Страница 186: ...tab and select the Real Time Scanning page Enable spyware scanning on the hosts by selecting Scan for spyware in the Spyware Scanning on File Access section Alternatively you can launch a manual spywa...

Страница 187: ...naged domain They are located in the Spyware Scanning on File Access section 4 Check that the manual spyware scanning settings are valid for the managed domain They are located in the Manual Spyware S...

Страница 188: ...spyware scanning is allowed for one host 1 In the Policy Domains tab select the host for which you want to allow the use of spyware or riskware 2 Go to the Settings tab and select the Spyware Control...

Страница 189: ...ttings for both Virus Protection and Internet Shield final go to the Settings tab and Centralized Management page and click Do not allow users to change any settings This operation sets also the Advan...

Страница 190: ...product to send virus alets an e mail address and how to disable the alert pop ups 5 10 1 Setting F Secure Client Security to Send Virus Alerts to an E mail Address In this example all the security a...

Страница 191: ...ssage subject Step 3 Set up E mail Alert Forwarding The Alert Forwarding table is used to configure where different types of alerts are to be forwarded 1 Select the E mail check box on the Security Al...

Страница 192: ...on by clicking the View hosts infection status link It takes you to the Status tab and Virus Protection page where you can see details of each host s infection status You can also check the Alerts and...

Страница 193: ...Save this file to any name with a com extension for example EICAR COM Make sure that you save the file in the standard MS DOS ASCII format Note also that the third character of the extension is an up...

Страница 194: ...195 Configuring Internet Shield Security Levels and Rules 198 Configuring Network Quarantine 203 Configuring Internet Shield Rule Alerts 205 Configuring Application Control 209 How to use Alerts for C...

Страница 195: ...cations the IP addresses and the ports used Intrusion Detection System stops the malicious packets aimed at open ports in the host Internet Shield contains seven predefined security levels and each of...

Страница 196: ...ules can be added to enable new network functionality Office This security level allows all outbound TCP traffic and FTP file retrievals Everything else is denied by default and only malicious connect...

Страница 197: ...e needed the firewall must be reconfigured This however is a small price to pay for increased security The opposite concept to deny dangerous services and allow the rest is not acceptable because no o...

Страница 198: ...curity level Office is set as the active security level for the workstations in Desktops Eng subdomain To change the Internet Shield Security level for the Desktops Eng subdomain do as follows 1 Selec...

Страница 199: ...s in the domain 1 Select the Laptops Eng domain in the Policy Domains tab 2 Go to the Settings tab and select the Firewall Security Levels page 3 In the Firewall Security Levels table click the Defaul...

Страница 200: ...ngs tab and select the Firewall Security Levels page 3 Click Add to add a new security level This opens the Security Level Description dialog box 4 Give a name for the new security level for example B...

Страница 201: ...at denies all other traffic both ways as the last one on the list 10 In the Rule Type window select Deny as the rule type 11 In the Remote Hosts window select Any remote host to apply the rule to all...

Страница 202: ...this security level in the Policy Domains tab 5 Enable the BrowserSecurity security level by selecting the Enabled check box beside it in the Firewall Security Levels table 6 Set the new security lev...

Страница 203: ...uarantine 204 6 3 1 Network Quarantine Settings The network Quarantine Settings are located on the Firewall Security Levels page In the Network Quarantine section you can Enable or disable network qua...

Страница 204: ...cing hosts to the Network Quarantine security level which has a restricted set of firewall rules You can add new Allow rules to the firewall rules in the Network Quarantine security level to allow add...

Страница 205: ...ted for inbound ICMP traffic for a certain subdomain This means that when somebody tries to ping the computer an alert is issued In the end of this example the rule is tested by pinging one of the com...

Страница 206: ...the rule to an IP address a range of IP addresses or DNS addresses When this option is selected you can specify the addresses in the text field below If you want to enter several addresses or address...

Страница 207: ...ity Alert 3 Select the alert trap to be sent in the Alert trap drop down list For this rule select Network event inbound service denied 4 Enter a descriptive comment for the alert in the Alert comment...

Страница 208: ...ecurity Alert check box in the Policy Manager Console column For more information on configuring alert forwarding see the Policy Manager Administrator s Guide Step 8 Take the New Rule into Use 1 Make...

Страница 209: ...to define more specific restrictions to network traffic on top of the restrictions defined in firewall rules The application permissions cannot be used to allow traffic that has been denied by static...

Страница 210: ...nection attempt based on this rule 2 If there is no rule for the application in the Application Rules for Known Applications table Application Control allows or denies the connection attempt based on...

Страница 211: ...pplication Displays the executable file name Act as Client out The following actions are available Deny Allow User Decision See for explanations below Act as Server in The following actions are availa...

Страница 212: ...o install only trusted plug ins 6 5 2 Setting up Application Control for the First Time When you are setting up application control for the first time you should use a small test environment to create...

Страница 213: ...cations drop down list 2 Select the default action to take when an unknown application tries to make an inbound connection Default action for server applications drop down list 3 Set the new applicati...

Страница 214: ...ion to take when the application acts as a client and tries to make an outbound connection 2 Select Deny as the action to take when the application acts as a server and an inbound connection attempt i...

Страница 215: ...r Known Applications table The Unknown Application Reported by Hosts table has been refreshed Step 5 Take the New Rule into Use 1 Click to save the policy data 2 Click to distribute the policy 6 5 4 E...

Страница 216: ...se select Engineering Testing If the target host or domain already has a rule for any of the applications affected by the rule you are prompted to select whether to proceed and overwrite the existing...

Страница 217: ...w to use Alerts for Checking that Internet Shield Works In normal use you should not get any alerts from the Internet Shield If you suddenly start to receive a lot of alerts it means that there is eit...

Страница 218: ...at the rule is correct and enter a descriptive comment for the rule 9 Click to save the policy data 10 Click to distribute the policy 11 You can now test the rule by pinging one of the managed hosts a...

Страница 219: ...Log and drop the packet means that the packet is logged into the alertlog with the packet header information IPs ports and protocol and it is not allowed to pass through the intrusion detection compo...

Страница 220: ...happened In the F Secure Client Security Internet Shield the alert text usually indicates this by using words like probable or possible These kind of alerts should be eliminated or minimized 6 7 2 Co...

Страница 221: ...lect the Desktops Eng subdomain in the Policy Domains tab 2 Go to the Settings tab and select the Firewall Security Levels page 3 Select the Enable intrusion detection check box 4 Select Log without d...

Страница 222: ...Hosts Have the Latest Policy 223 How to Check that the Server has the Latest Virus Definitions 224 How to Check that the Hosts have the Latest Virus Definitions 224 How to Check that there are no Dis...

Страница 223: ...utbreak tab It displays a list of F Secure Virus News items and shows how many hosts are protected against each virus When you select a news item detailed information about that virus is displayed 3 I...

Страница 224: ...2 Go to the Summary tab and check what is displayed in the Virus Protection for Workstations section beside Virus definitions 3 If the virus definitions on some hosts are outdated there are two alter...

Страница 225: ...ollows 1 Select the hosts in the Policy Domain tab 2 Go to the Reports tab 3 The scanning information from the selected hosts is displayed in the Reports table 4 Select a single host by clicking on a...

Страница 226: ...Alternatively you can click View alert summary on the Summary tab The Alerts tab will open All alerts received will be displayed in the following format Ack Click the Ack button to acknowledge an ale...

Страница 227: ...ls you have two options F Secure Policy Manager Web Reporting a web based tool with which you can generate a wide range of graphical reports from F Secure Client Security alerts and status information...

Страница 228: ...t in the Policy Domains tab 2 Go to the Summary tab 3 Check what is displayed beside Most common recent attack If there has been an attack you can access more detailed information by clicking View Int...

Страница 229: ...229 8 UPGRADING SOFTWARE Overview Upgrading Software 230...

Страница 230: ...installation packages available are listed in the installation editor in the lower half of this tab 2 You can select the products and product versions to be installed on the currently selected host o...

Страница 231: ...in Progress Progress of the installation task The Progress field displays information that is different for hosts and for domains In progress The installation operation has been started added to polic...

Страница 232: ...st is not currently connected to the network or if the active installation operation requires a user to restart his host before the installation is completed If the hosts are connected to the network...

Страница 233: ...subdomains and hosts option in the confirmation dialog Figure 8 2 Installation cancellation confirmation dialog The Stop All button is enabled only if the current host or domain has an installation o...

Страница 234: ...Scanning Report on a Local Host 236 Adding a Scheduled Scan from a Local Host 236 Logging and Log File Locations on Local Hosts 237 Connecting to F Secure Policy Manager and Importing a Policy File Ma...

Страница 235: ...omputer for viruses manually To scan files manually do the following 1 Select the Virus Spy Protection page 2 Click Scan my computer 3 From the pop up menu that appears select to Scan hard drives for...

Страница 236: ...from a Local Host You can add a scheduled scanning task from the local user interface for a scan to be executed daily weekly or monthly It is done as follows 1 Go to the Virus Spy Protection page and...

Страница 237: ...After computer is not used for check box and select the idle time from the drop down list For instructions on how to configure scheduled scanning from the Policy manage Advanced Mode user interface s...

Страница 238: ...e maximum log file size is reached or manually by clicking Stop Logging The packet logs are collected into 10 different files so that previous logs can be viewed while the new log is generated The log...

Страница 239: ...view the action log by clicking Show Action Log on the Logging page Practical examples of how to read the action log Change of firewall policy for example a security level change 07 16 03 15 48 01 suc...

Страница 240: ...his applications use only The fields are 1 2 3 4 5 6 7 8 9 10 07 15 03 16 48 00 info appl control unknown allow receive 17 10 128 129 146 138 1 Date 2 Time 3 Type 4 Internal Reason 5 Name of applicati...

Страница 241: ...Click Check now to initiate a new connection If you need to import a new policy file manually to a host you first have to export a host specific policy from the F Secure Policy Manager Console and th...

Страница 242: ...tistics and Automatic Updates temporarily 1 Select the host in the Policy Domains tab 2 Go to the Settings tab and select the Centralized Management page 3 Select the Allow users to suspend all downlo...

Страница 243: ...CHAPTER9 243 3 Select one of the options from the Allow users to unload products drop down menu 4 Click to save the policy data 5 Click to distribute the policy...

Страница 244: ...244 10 VIRUS INFORMATION Virus Information on F Secure Web Pages 245 Latest Threats 245 Viruses in the Wild 246 How to Send a Virus Sample to F Secure 246 What to Do in Case of a Virus Outbreak 250...

Страница 245: ...acks the better you can protect your network against them The list of latest threats can be found at F Secure Security Information Center http www europe f secure com virus info virus news The latest...

Страница 246: ...n covers the following topics for sending a virus sample to F Secure VirusLab How to package a virus sample What files to send Where to send a virus sample In what language should questions and virus...

Страница 247: ...RSONAL XLS file if it exists in addition to the infected XLS files If the macro virus also infected other applications for example Tristate send a sample of every file type 2 Virus that infects execut...

Страница 248: ...rly to avoid damage during postage Note that we do not send diskettes back If an infection is on a hard drive use the GetMBR utility to collect boot sector samples The GetMBR utility should be put on...

Страница 249: ...Suspicious e mail message If have a suspicious e mail message or a hoax try to save it as a file and then send it to samples f secure com in a ZIP archive If you cannot save a suspicious e mail messag...

Страница 250: ...ake a longer time to investigate If you do not get a reply from us within a week please re send your message to samples f secure com 10 5 What to Do in Case of a Virus Outbreak This section contains a...

Страница 251: ...earch Team samples f secure com according to the following guidelines http www europe f secure com support technical general samples shtml Provide as much information about the problem as possible It...

Страница 252: ...the employees about the outbreak and warn them against running unknown attachments and visiting suspicious Internet sites Check the security settings of installed software on workstations Make sure th...

Страница 253: ...253 11 SETTING UP CISCO NAC SUPPORT Introduction 254 Installing Cisco NAC Support 254 Attributes to be Used for Application Posture Token 255...

Страница 254: ...http www cisco com go nac The installation package for F Secure Client Security contains an option to install Cisco NAC Support When you select this option both the F Secure NAC plug in and the CTA w...

Страница 255: ...ou can do this by using CSUtil tool at the Cisco Secure ACS server Use the following command CSUtil exe addAVP fsnacpva def The fsnacpva def file is located on the F Secure product CD 11 3 Attributes...

Страница 256: ...i Virus Posture Validation Attributes for Firewall Attribute name Type Example Software Name string F Secure Anti Virus Software Version version 7 0 0 0 Dat Date date the date of database Protection E...

Страница 257: ...VIRUS AND SPYWARE PROTECTION Overview 258 Configuring Scheduled Scanning 258 Configuring Policy Manager Proxy 260 Configuring Automatic Updates on Hosts from Policy Manager Proxy 261 Configuring a Hos...

Страница 258: ...5 2003 1 Open the View menu and select the Advanced Mode option The Advanced Mode user interface is opened 2 Select Root in the Policy Domains pane 3 Select the Policy tab in the Properties pane the m...

Страница 259: ...ns select Scan Local Drives 11 The scanning task is now ready for distribution 12 Click to save the policy data 13 Click to distribute the policy For instructions on how to configure scheduled scan on...

Страница 260: ...00 rmonthly s5 s20 means that the scan is run on the 5th and 20th of each month at 6 p m 12 3 Configuring Policy Manager Proxy F Secure Policy Manager Proxy offers a solution to bandwidth problems in...

Страница 261: ...ing Automatic Updates on Hosts from Policy Manager Proxy A list of Policy Manager Proxies through which the hosts fetch updates can be configured on Policy Manager s Settings tab This is described in...

Страница 262: ...o the extension agent is always loaded The NT master agent hosts the extensions and passes the requests to the Management Agent which is responsible for returning the request to the management console...

Страница 263: ...ADVANCED FEATURES INTERNET SHIELD Overview 264 Managing Internet Shield Properties Remotely 264 Configuring Security Level Autoselection 266 Troubleshooting Connection Problems 268 Adding New Service...

Страница 264: ...ns that in some corporate environments the administrator needs to disable the packet logging 1 Open the View menu and select the Advanced Mode option The Advanced Mode user interface is opened 2 Selec...

Страница 265: ...iew menu and select the Advanced Mode option The Advanced Mode user interface is opened 2 Select the subdomain where you want to enable Trusted Interface in the Policy Domains pane 3 Select the Policy...

Страница 266: ...th F Secure Internet Shield Settings Firewall Engine Firewall Engine To make sure the packet filtering is always enabled set this variable to Yes and select the Final check box Remember to distribute...

Страница 267: ...ld add the following data Priority The rules are checked in the order defined by the priority numbers starting from the smallest number Security level Enter the ID composed of number and name of the s...

Страница 268: ...thod 1 Select Dialup from the drop down list Argument 1 You can leave this empty Method 2 Select Always from the drop down list Argument 2 You can leave this empty 11 The configuration is now ready 12...

Страница 269: ...managed domain has been changed is there a new policy in use and does this policy contain some settings that might cause these problems 9 Check from firewall rules that outbound HTTP connections are...

Страница 270: ...not using the standard HTTP port any more This new service is HTTP port 8000 and it is based on the default HTTP service 1 Select the subdomain for which you want to create the new service in the Pol...

Страница 271: ...is service from the Protocol drop down list It contains the most commonly used protocols TCP UDP ICMP If your service uses any other protocol refer to the table below and enter the respective number I...

Страница 272: ...6 Transmission Control Protocol EGP 8 Exterior Gateway Protocol PUP 12 Xerox PUP routing protocol UDP 17 User Datagram Protocol IDP 22 Xerox NS Internet Datagram Protocol IPV6 41 IP Version 6 encapsul...

Страница 273: ...than port port all ports equal and lower than port port only the port minport maxport minport and maxport plus all ports between minport and maxport notice that there are no spaces on either side of...

Страница 274: ...mple define the initiator port as 1023 Step 4 Responder Ports If your service uses the TCP or UDP protocol you need to define the responder ports the service covers In this example define the responde...

Страница 275: ...number for the service from the drop down list You can accept the default value Step 6 Extra Filtering Select whether any extra filtering is to be applied for the traffic allowed by the service you ar...

Страница 276: ...and you do not have Application Control enabled you can select Active mode FTP from the Extra Filtering drop down menu Active mode FTP requires special handling from the Firewall as the information a...

Страница 277: ...ake the New Rule into Use To take this new service into use you will have to create a new Internet Shield rule that allows the use of the HTTP 8000 firewall service in the currently used Internet Shie...

Страница 278: ...278 A APPENDIX Modifying PRODSETT INI Overview 279 Configurable Prodsett ini Settings 279...

Страница 279: ...InstallMode settings The RequestInstallMode setting can override the selection for components which have InstallMode 0 F Secure common Common settings CD Key XXXX XXXX XXXX XXXX XXXX Enter the CD Key...

Страница 280: ...anguages ENG FRA DEU FIN SVE ITA List of languages being installed at the host This setting typically equals SupportedLanguages You can make the set of languages smaller if you want some unnecessary l...

Страница 281: ...nting full access to authorized users and administrators and read only access to everyone 2 strict policy files and folders are protected with permissions granting full access to administrators read w...

Страница 282: ...r a confirmation Note This choice executes a normal reboot at the host and therefore in some cases the user could delay the restart and also completely prevent it default 3 Do not reboot after install...

Страница 283: ...Unique Identity to identify itself for the first time to the F Secure Policy Manager Server 1 F Secure Management Agent only uses its Unique Identity to identify itself to the F Secure Policy Manager...

Страница 284: ...rver URL to the F Secure Policy Manager Server FsmsExtensionUri fsms fsmsh dll Do not change this setting FsmsCommdirUri commdir Do not change this setting Debug 1 0 Do not generate debug information...

Страница 285: ...the installation will be aborted This applies in silent installation mode only default 1 If F Secure Anti Virus 4 x is installed on the computer then F Secure Anti Virus 5 x will be installed and F S...

Страница 286: ...component is always run during the installation You do not need to edit the RequestInstallMode or InstallMode settings for this component Debug 0 1 0 Do not generate debug information default 1 Write...

Страница 287: ...nstall this component default 1 Install this component except if a newer version already exists ES_Setup DLL Settings for the installation of E mail Scanning RequestInstallMode 1 0 Install this compon...

Страница 288: ...install this component default 1 Install this component except if a newer version already exists FWINST DLL Settings for F Secure Client Security Internet Shield RequestInstallMode 1 0 Install this c...

Страница 289: ...et Shield installation FSBWINST DLL Settings for F Secure Automatic Update Agent RequestInstallMode 1 0 Install this component as defined in the InstallMode setting 1 Install this component if newer o...

Страница 290: ...tall this component except if a newer version already exists DisableScanningForApps Wget exe mplayer exe Disables Network Scanning for certain executables This is a comma separated list of executable...

Страница 291: ...rsion exists CTAversion 1 0 55 CTAversion defines the version of the Cisco Trust Agent included in the package Cisco Trust Agent installation package can be updated by replacing the ctasetup msi file...

Страница 292: ...292 B APPENDIX E mail Scanning Alert and Error Messages Overview 293...

Страница 293: ...he problem persists please contact the system administrator E Mail Scanning Message Parser Failed System Error Message ID 604 Message Could not scan an e mail due to message parser error The session w...

Страница 294: ...ecipient filed email addresses subject Email header The title subject filed of the message Malformed E Mail Alert Message ID 630 633 Definition When a malformed message is found it is treated based on...

Страница 295: ...Definition When a scan fails the message is treated based on the configuration set in Advanced configuration The options to handle a message that cannot be properly scanned are Scanning failure was o...

Страница 296: ...the scanning failure Attachment The attachment causing the scanning failure Action Action Taken Message Message ID from Email header sender filed email address to Email header recipient filed email a...

Страница 297: ...297 GLOSSARY...

Страница 298: ...oduct if there has been a problem with a program or with an operation Alerts are also generated when a virus is found The administrator and the user can define which alerts are generated either by def...

Страница 299: ...ther detailed information recognizable by the computer s processing system Broadcast traffic Broadcast traffic comes from one specific computer and is sent to a whole network or subnetwork Usually don...

Страница 300: ...fferent web sites Usually data miners work without your knowledge Denial of Service DoS attack An explicit attempt by attackers to prevent legitimate users of a service from using that service by disr...

Страница 301: ...le is executable False positive False positive is an alert that wrongly indicates that the related event has happened In the F Secure Internet Shield the alert text usually indicates this by using wor...

Страница 302: ...The specification is maintained and developed by the World Wide Web Consortium IDS Intrusion Detection System A component of Internet Shield that scans incoming network traffic for certain patterns th...

Страница 303: ...gs user mode applications and services use an API to interact with the computer s hardware The Kernel mode also contains an interface to user mode and a facility for synchronizing it s own services an...

Страница 304: ...rnet Protocol valid groups use the multicasting networking addresses 224 0 0 0 to 239 255 255 255 defined for IP Management of group membership and multicast traffic forwarding in switches and routers...

Страница 305: ...itecture of F Secure software uses policies that are centrally configured by the administrator for optimum control of security in a corporate environment Policy based management Controlling the action...

Страница 306: ...ntains all applications that have been detected during the scan and moved into the Quarantine repository You can add new applications to the Quarantine when Virus Spy Protection detects them Random Se...

Страница 307: ...omputers and mail servers SNMP Simple Network Management Protocol A standard TCP IP protocol used for monitoring and setting network parameters and counters of LAN and WAN connected repeaters bridges...

Страница 308: ...ssion Control Protocol Internet Protocol This is the suite of protocols that defines the Internet Originally designed for the UNIX operating system TCP IP software is now available for every major kin...

Страница 309: ...one specific computer to another specific computer URL Uniform Resource Locator The standard way to give the address of any resource on the Internet User mode The protected part of an operating system...

Страница 310: ...310 Worm A computer program capable of replication by inserting copies of itself in networked computers...

Страница 311: ...311 Technical Support Overview 312 Web Club 312 Advanced Technical Support 312 F Secure Technical Product Training 313...

Страница 312: ...ocation To connect to the Web Club directly from your Web browser go to http www f secure com webclub Virus Descriptions on the Web F Secure Corporation maintains a comprehensive collection of virus r...

Страница 313: ...he computer with minimum effort F Secure Technical Product Training F Secure provides technical product training material and information for our distributors resellers and customers to succeed with F...

Страница 314: ...nd hands on parts At the end of each course there is a certification exam Contact your local F Secure office or F Secure Certified Training Partner to get information about the courses and schedules C...

Страница 315: ...er Communications The latest real time virus threat scenario news are available at the F Secure Antivirus Research Team weblog at http www f secure com weblog Services for Individuals and Businesses F...

Результаты поиска

Содержание CLIENT SECURITY 7.00

Отзывы:

Похожие инструкции для CLIENT SECURITY 7.00

Бренды по названию

Популярные бренды

F-SECURE CLIENT SECURITY 7.00, Руководство администратора

Результаты поиска

Содержание CLIENT SECURITY 7.00

Отзывы:

Похожие инструкции для CLIENT SECURITY 7.00

Бренды по названию

Популярные бренды