KAPERSKY ANTI-VIRUS 5.5 - FOR MICROSOFT EXCHANGE SERVER 2000-2003 Скачать руководство пользователя страница 1

Страница: 1 / 143

K A S P E R S K Y L A B

Kaspersky Anti-Virus

5.5

for Microsoft Exchange Server 2000/2003

Administrator's Guide

Содержание ANTI-VIRUS 5.5 - FOR MICROSOFT EXCHANGE SERVER 2000-2003

Страница 1: ...KASPERSKY LAB Kaspersky Anti Virus 5 5 for Microsoft Exchange Server 2000 2003 Administrator s Guide...

Страница 2: ...K A S P E R S K Y A N T I V I R U S 5 5 F O R M I C R O S O F T E X C H A N G E S E R V E R 2 0 0 0 2 0 0 3 Administrator s Guide Kaspersky Lab Ltd http www kaspersky com Revision date June 2005...

Страница 3: ...nance 17 2 4 Application s operation on a cluster of servers 18 CHAPTER 3 INSTALLING UPDATING AND REMOVING THE APPLICATION 20 3 1 Installing the application 20 3 1 1 First time installation 21 3 1 2 R...

Страница 4: ...tes from a shared network folder 64 6 3 Automatic updates 66 6 4 Manual updating 67 CHAPTER 7 BACKUP COPYING 68 7 1 Viewing backup storage 69 7 2 Backup storage filter 70 7 3 Restoring objects from th...

Страница 5: ...2 2 License key details 116 12 3 License related notifications 118 12 4 Installing the license key 119 12 5 Removing a license key 120 12 6 Unprotected storage areas 120 CHAPTER 13 FREQUENTLY ASKED QU...

Страница 6: ...l messages SPAM cause the loss of working time and inflict serious financial losses Additionally it is to be noted that the newest malicious programs use the so called spamming technologies for effici...

Страница 7: ...his simple definition helps determine that the main action a virus per forms is infecting computer programs Viruses spread somewhat slower than worms Trojan horses perform unauthorized actions on infe...

Страница 8: ...rnographic resources Hacking tools tools used by hackers to obtain access to the user s computer This type of software includes various illegal vulnerability scanners password hacking programs and oth...

Страница 9: ...as they emerge and notifying about such events The application identifies attempts of mass mailing infected messages both from the internet and from the computers within the corporate net work configu...

Страница 10: ...Server has the following distinc tions from the previous version Completely revised intuitive graphical interface implemented according to the MMC Microsoft Management Console standards Using the new...

Страница 11: ...system al lows setting up the degree of completeness of the data stored in the logs as well as the extent of detail of these data Log viewing feature is imple mented using the standard Microsoft Windo...

Страница 12: ...hange Server 2003 Standard Edition Microsoft Windows Server 2000 with Service Pack 4 installed or higher Microsoft Windows 2000 Advanced Server with Service Pack 4 installed or higher Microsoft Window...

Страница 13: ...you and Kaspersky Lab Ltd which contains the terms and conditions on which you may use the anti virus product which you have purchased Read the License Agreement carefully If you do not agree with the...

Страница 14: ...are product Services will be provided by phone or via email information about new Kaspersky Lab products and about new viruses appearing worldwide this service is provided to users who subscribe to th...

Страница 15: ...ave any effect on the performance of the mail server If the user requests a message that has not been scanned with the updated anti virus database such message will be scanned prior to the delivery to...

Страница 16: ...i Virus for Windows File Servers or of other anti virus applications The Internal Application Management and Integrity Control Module is launched in a separate process and is an Microsoft Windows serv...

Страница 17: ...Configure the anti virus database updating settings see Chapter 6 page 61 Verify the correctness of the settings and of the Anti Virus operation using a test virus EICAR see para 4 7 page 38 Configur...

Страница 18: ...events registered in the Windows logs and in the application s logs values of virus outbreak counters will be provided only for those messages that had been forwarded to this node of the cluster by t...

Страница 19: ...to the servers see para 4 4 page 34 5 Configure the anti virus protection system for each server using identical settings values taking into consideration the following As the backup storage folder se...

Страница 20: ...installation of the application or repair an incorrect installation of Kaspersky Anti Virus For installation of Kaspersky Anti Virus 5 5 for Microsoft Exchange Server 2000 2003 the local administrator...

Страница 21: ...ent Console In this case you have to install Microsoft Exchange Server that meets the software requirements and then reinstall Kaspersky Anti Virus If any of the required Service Packs for the operati...

Страница 22: ...equired files from the distribution kit and copying them to the hard drive of your computer After this a greeting window and a window containing will the License Agreement will open Read the text of t...

Страница 23: ...otected Exchange server select the Security Server component If this computer is the administrator s workstation and you plan to manage the anti virus protection of the Exchange servers from this comp...

Страница 24: ...level and with the parameters applied by default see section 4 6 page 36 meets the requirements of your server we recommend to accept the option of automatic anti virus protection startup after comple...

Страница 25: ...and you will only be able to start the Management Console Step 8 Installing the license key During this step of the installation process the license key for Microsoft Exchange Server is installed The...

Страница 26: ...it yet you can install it later when you run the application for the first time using the Management Console Note that without the license key you cannot start using Kaspersky Anti Virus 3 1 2 Reinst...

Страница 27: ...ault and correspond to optimal values recommended by Kaspersky Lab experts see para 4 6 page 36 Additional configuration should be performed manually In order to make the system configuration identica...

Страница 28: ...icrosoft Exchange Server 2000 2003 from your computer using standard Windows Add Remove Programs tool or the application distribution kit This will remove all installed Kaspersky Anti Virus components...

Страница 29: ...When removing the application using standard Windows Add Remove Programs tool a prompt asking whether you wish to stop the Microsoft Exchange Information Store service will also be displayed see Figu...

Страница 30: ...e Management Console is installed 4 2 Application interface Kaspersky Anti Virus user interface is provided by the Management Console component The Management Console is a dedicated isolated facility...

Страница 31: ...pdates used to configure settings for downloading the anti virus database updates manual updates and setting up an auto matic update schedule If the connection to the server was established the Server...

Страница 32: ...rver from the console tree Remove an Exchange server from the list of servers that have their Security servers managed via the Management Console Notification templates New notification template Creat...

Страница 33: ...rver window see Figure 9 2 Specify a computer with the Security Server component installed If the server component is installed on the same computer as the Management Console select Local computer In...

Страница 34: ...flagged with the icon You can connect to such server only manually see para 4 4 page 34 In order to remove a server from the list of managed servers select the node that corresponds to the server you...

Страница 35: ...the Security Server the user must have the local administrator s right on the computer to which the connection is at tempted The rights verification is performed based on the standard Windows network...

Страница 36: ...of the application is as follows The Anti Virus will scan objects for the presence of currently known mali cious software with the standard anti virus protection level applied Anti virus protection wi...

Страница 37: ...ith a notification of the following format The attached file OBJECT_NAME was deleted by Kaspersky AV File was password protected or corrupted If a protected or corrupt object is detected in the attach...

Страница 38: ...organization at http www eicar org anti_virus_test_file htm If you have no Internet connection you can create your own test virus To create a test virus type the following string in any text editor an...

Страница 39: ...test virus for example DELE X5O P AP 4 PZX54 P 7CC 7 EICAR STANDARD ANTIVIRUS TEST FILE H H After adding a prefix to the test virus save it for example to a file under the name eicar_dele com assign...

Страница 40: ...lled on your computer If the message that contains a test virus was created in the RTF or HTML format it will not be scanned 2 Copy the text of the standard or the modified test virus to the beginning...

Страница 41: ...yzes the mail traffic received from the Exchange server and transfers it to the Anti Virus Scan Subsystem The Anti Virus Scan Subsystem processes the e mail messages based on the settings as follows s...

Страница 42: ...ation will analyze the body of the message and attached files of any format It is to be noted that Kaspersky Anti Virus differentiates between simple objects an executable file a message with a simple...

Страница 43: ...his software category in cludes adware various harmless utilities that can be used by malicious software and intruders automatic dialing programs that connect the user s computer to commercial interne...

Страница 44: ...ous software An example of such software are backdoor and remote surveillance software If you transfer software via your mail server the type of program you are transferring should be excluded from th...

Страница 45: ...he server you need in the console tree and follow the Anti virus protection link in the results pane 2 Go to the General tab in the Anti virus protection see Figure 11 window that will open Select the...

Страница 46: ...ity If you still need to disable Kaspersky Anti Virus 5 5 for MS Exchange Server 2000 2003 service manually do the following 1 Disable anti virus mail protection using the Management Console 2 Restart...

Страница 47: ...ad to the server in the traffic protection mode it is recommended not to scan e mail messages routed by the server In order to define objects that will not be scanned 1 Select the node corresponding t...

Страница 48: ...from the scan scope in the Exclude from the scan scope group check the Objects containers with nesting level above and specify the level The application will scan all nested objects within the contai...

Страница 49: ...ns using the Append and the Delete buttons Enter a new mask in the Adding a mask see Figure 13 window that will open Figure 13 Adding a mask for files to be excluded from the scan scope Examples of le...

Страница 50: ...scan scope 1 Select the node corresponding to the server you need in the console tree and follow the Anti virus protection link in the results pane 2 Go to the Protected mail see Figure 15 tab in the...

Страница 51: ...Non disinfectable object disinfection failed A special processing procedure can be used for non disinfectable objects Infected objects found in the message body are processed using the action that is...

Страница 52: ...he Windows events log see Chapter 8 page 78 and Chapter 11 page 108 By default the application attempts to disinfect infected objects detected and if the disinfection is not possible the application w...

Страница 53: ...tatuses each status individually infected suspicious and protected corrupted 3 Determine the order of the object processing of for each status individually In order to do this press the Modify rule bu...

Страница 54: ...on the selection you have made In order to continue using the wizard press the Next button If no additional settings configuration is required the Finish button will become enabled In order to comple...

Страница 55: ...copied to the message body and into the replacement txt file Create a replacement template In order to do this enter the message text into the wizard window The text of this notification may include i...

Страница 56: ...ication window select the Microsoft Exchange Servers node in the console tree open it select the node corresponding to the server you need and follow the Anti virus protection link in the results pane...

Страница 57: ...the default value is 3 Microsoft recommends that the value of this setting equals the number of processors x 2 1 The number of instances of the anti virus kernels running at the same time the default...

Страница 58: ...n If background storage scan is disabled e mail messaged stored on the server will be scanned only when a particular e mail message is requested by the user In this case such e mail message will be sc...

Страница 59: ...immediately press the Scan now button 4 If you selected the scheduled scan launch option you will have to create the schedule In order to do this press the Configure button and specify the mode and t...

Страница 60: ...60 Kaspersky Anti Virus for Microsoft Exchange Server Figure 23 Creating the background scan schedule...

Страница 61: ...ky Anti Virus downloads updates from the dedicated update servers and then installs the required file on your computer Information about the anti virus database version used by the application and abo...

Страница 62: ...After the settings are configured press the Apply or the button You can restore the default settings by pressing the Restore default settings button Figure 24 Anti virus database updates settings win...

Страница 63: ...t will open and select Kaspersky Lab update servers default option as the source of updates Figure 25 Configuring internet updates downloading 3 After this configure the network connection settings in...

Страница 64: ...e the passive FTP mode box if you need to use the active mode uncheck this box We recommend using the passive mode 4 After you are done with the settings press the Apply or the OK button You can resto...

Страница 65: ...tes folder as the updates source and specify the path to the required network or local folder You can enter the path manually or select it using the Browse button in the standard Windows Select folder...

Страница 66: ...llow the Anti virus updates link in the results pane 2 Check the Update the anti virus database automatically box in the General tab of the Anti virus updates window see Figure 29 that will open and c...

Страница 67: ...database in the manual mode 1 In the main application window select the Microsoft Exchange Servers node in the console tree open it select the node corresponding to the server you need and follow the...

Страница 68: ...virus protection parameters box Save a copy of the original object in the backup storage box on the Actions tabs of the Anti Virus protection window see Figure 16 is checked details see para 5 4 page...

Страница 69: ...a 7 5 page 75 features are available via the Backup Storage service folder see Figure 30 This folder is included into the structure of each node reflecting the managed Exchange server For convenient v...

Страница 70: ...o the backup storage Message body or Attachment indicates where the infected object was detected Storage folder Path to the disk folder where the backup copy is stored You can perform ascending and de...

Страница 71: ...er When the filter is selected in the console tree only data that comply with the filter criterion will be displayed in the results pane Later you can alter then filter parameters value or delete the...

Страница 72: ...m under the Action menu As a result of these actions the filter will be removed from the Backup Storage folder When the filter is deleted no objects are removed from the backup storage Objects that me...

Страница 73: ...ss the Yes button to restore the object As a result of these actions the object will be moved from the backup storage into the specified folder decoded and saved with the specified name The restored f...

Страница 74: ...ee 7 2 page 70 3 Open the shortcut menu and use the Send for analysis or the analogous command under the Action menu As a result of these actions an e mail message with the selected object attached wi...

Страница 75: ...help In order to manually delete an object from the backup storage 1 Select the Backup Storage folder in the console tree 2 Select the object you wish to delete in the table displaying the content of...

Страница 76: ...nding folder using the Browse button see Figure 36 By default the backup copy of the object is stored in qb folder This is a service application folder which is created ins the application installatio...

Страница 77: ...e value in the entry text field the default value is 50 MB During the calculations the total size of all objects is summed up no matter which folder a particular object is stored in Maximum object sto...

Страница 78: ...s installed In this case access to the information will be provided using Events Viewer a standard Windows tool used for viewing and managing logs There is a possibility to notify the sender and the r...

Страница 79: ...in the settings window that opens by the Properties command available through the shortcut menu details see para 8 1 page 79 Figure 37 The Notifications folder The administrator can create new templat...

Страница 80: ...ar to the New Notification Properties see Figure 41 parameters are changed the same way they are specified when the notification was created details see 8 2 page 82 5 You can view and modify name of t...

Страница 81: ...gure 40 contains notification methods recipients and computers that receive notification messages if the corresponding notification options have been selected You can select other methods of notificat...

Страница 82: ...an analogous command under the Action menu 3 As a result of these actions a New notification windows used for configuring new notification template will open Figure 41 Specify the required values for...

Страница 83: ...be sent as a notification on the Text tab see Figure 42 Enter a brief description of the notification in the Notification Subject field This line will be used as the header of the message Create the m...

Страница 84: ...cts detected check the Recipients and Senders boxes In order to notify other users as for example administrator enter his or her e mail address in the Additional e mail addresses field The validity of...

Страница 85: ...egister events in the Windows system log check the Register in the Windows event log box 4 After you are done with the settings press the Apply or the OK button As a result of these actions the notifi...

Страница 86: ...n the specified threshold a notification will be issued Notifications can be delivered using several methods by e mail messages by messages sent over the network using Net Send by registration of the...

Страница 87: ...e Figure 44 The table displays the name of the type for each counter The counter type corresponds to the type of events traced by this counter Detailed information about the virus outbreak counter set...

Страница 88: ...tions a counter settings window Counter name Properties will open see Figure 45 This window includes the following tabs General Text Notifications and is completely analogous to the New counter window...

Страница 89: ...or modify its settings in the Text tab see Figure 46 Figure 46 Configuring the virus outbreak counter The Text tab The Notification tab see Figure 47 contains the methods of delivery the list of reci...

Страница 90: ...s the Cancel button 9 2 Creating a new virus outbreak counter In order to create a new virus outbreak counter 1 Select the Virus outbreak counters folder in the console tree 2 Open the shortcut menu a...

Страница 91: ...ues o Corrupted objects detected o Suspicious objects detected o Viruses detected o The same virus detected several times Specify the value of the virus activity level threshold In order to do this sp...

Страница 92: ...outbreak counter The Text tab Enter a brief description of the notification in the Notification Subject field This line will be used as the header of the message Create the message text in the Full no...

Страница 93: ...messages via network using the Net Send service check the Network notifications using Net Send box and specify the addresses of the computers recipients in the Computers recipients field IP address or...

Страница 94: ...nter will be added to the Virus outbreak counters folder and will be displayed as a table in the results pane if the Notify about virus outbreaks box in the General tab is checked the specified types...

Страница 95: ...support frame based report structure and enable report viewing details see para 10 2 page 104 This folder is created with the name that reflect the date and the time when the report is created in the...

Страница 96: ...he managed Exchange server The list of the report templates created is displayed in the form of a table in the results pane see Figure 51 Apart from the reports names this table contains information o...

Страница 97: ...i virus server scan report 1 Select the Report templates folder in the console tree 2 Select the report template you need in the table displaying the list of created templates see Figure 51 3 Open the...

Страница 98: ...riod group 4 After you have made the changes press the Apply or the OK button to apply the new settings The settings will change within one hour after the changes have been made For exit without savin...

Страница 99: ...ous to the New report window see Figure 41 Template settings can be modified the same way as they are specified when the template is created details see 10 1 2 page 101 You can enable or disable creat...

Страница 100: ...re 55 contains the reporting methods the address of the folder where the report is stored and e mail addresses of the report recipients if the corresponding reporting method is selected You can change...

Страница 101: ...Settings and Actions Specify the required settings value in the tabs as follows Perform the following in the General tab see Figure 48 Enter the template name in the Name field If required enter a mor...

Страница 102: ...inning and the end of the re porting period In order to do this select For the period op tion in the Reporting period group and specify the desired date in the From and To fields In order to create a...

Страница 103: ...y typing in the path and the name of the new folder or by using the Browse button In order to create and send reports via the e mail server check the Send report by e mail box and enter the e mail add...

Страница 104: ...er As a result the system default browser will be loaded The required report about the anti virus server scan results will be displayed in the main window of the browser see Figure 59 Immediately afte...

Страница 105: ...y Kaspersky Anti Virus during the reporting period Average speed of objects processing The number of objects processed per second average value for the reporting period Maximum speed of objects proces...

Страница 106: ...re 60 The upper part of the report contains the list of sections table of contents This part is followed by the sections including the information they contain The sections are arranged in the same or...

Страница 107: ...Reports 107 Figure 60 Viewing a report delivered by e mail...

Страница 108: ...main application s events log The DATE part in the filename shall be replaced with the date the log was created on in the YYYYMMDD format For example kavscmesrv20050410 log If by the time when data mu...

Страница 109: ...red into the logs depend on the diagnostics level for each application module specified in the application settings If a module consists of several components the level of diagnostics will be specifie...

Страница 110: ...he list of components included into the selected module and the diagnostics level for each module 4 Select the module in the left part of the table and then select the required component in the right...

Страница 111: ...he new folder in the Server folder for log files field 4 Select the frequency for creating logs in the Start a new file every field by selecting the required value from the drop down list 5 Specify th...

Страница 112: ...plication verifies the validity of the license agreement by the license key that is an integral part of any Kaspersky Lab s product Kaspersky Anti Virus WILL NOT WORK without a license key An applicat...

Страница 113: ...outdated versions of anti virus database to disinfect objects In this case it is difficult to guarantee comprehensive anti virus protection against new viruses that appeared after the Kaspersky Anti V...

Страница 114: ...agreement restrictions were changed Kaspersky Labs terminates the license agreement with the user In this case the serial number of the license key will be added to the list of cancelled license keys...

Страница 115: ...tionality available based on the current license key o Full The application operates as provided for in the license agreement o Updates are not available The anti virus database updat ing feature is n...

Страница 116: ...fore the anti virus scan cannot be performed 12 2 License key details In order to view information about the license keys installed for the use with the application 1 Select the node corresponding to...

Страница 117: ...tion Status The type of the license key installed for example commercial trial License owner information License expiration date The maximum number of protected mailboxes The following license key det...

Страница 118: ...e will be sent by e mail By default a notification will be issued 14 days before your license period is expired You can set up an earlier or a later notification date In order to configure license rel...

Страница 119: ...nt license key can be installed In order to install or to replace the current license key 1 Select the node corresponding to the required server in the console tree and follow the General parameters l...

Страница 120: ...the removal of the license key in the warning message that will be displayed on your screen As a result information in the fields of the corresponding sections will be updated 5 Close the General set...

Страница 121: ...om received to or stored in mail boxes within unprotected storage areas will not be scanned for viruses Uncheck boxes next to the names of public folders in the Protected public folders storage areas...

Страница 122: ...y Anti Virus for Microsoft Exchange Server As a result the mailboxes located in the unprotected storage areas will not be counted when the verification of the compliance with the license restrictions...

Страница 123: ...ed Question What happens when my Kaspersky Anti Virus license expires After the expiration of the license Kaspersky Anti Virus will continue operating but anti virus database updating feature will be...

Страница 124: ...lp you if they fully understand it and have been able to reproduce it 5 Forward to the technical support service the following data packed in one archive the current application events logs produced w...

Страница 125: ...etwork settings using one of the two below methods using your Microsoft Internet Explorer settings or using custom settings In certain cases detailed below the update service may use the Microsoft Int...

Страница 126: ...ACTION action performed with the object during the anti virus scan AVBASES_LAST_UPDATE last anti virus database update date CC the list of the recipients of the message carbon copy cc CONTENT_CODEPAG...

Страница 127: ...NNER_VENDOR application vendor name Kaspersky Lab SENT_REPRESENTING_N AME displayed name of the message exchange user provided by the sender SERVER_NAME name of the server on which the object was dete...

Страница 128: ...st version of the anti virus database This scan involves public folders and protected stor ages mailbox storage The scan may identify new viruses that were not described in the anti virus database at...

Страница 129: ...ckup copy of the object can be used to restore the object in its original state I Infected object an object containing malicious code We do not recom mend accessing these objects because this may resu...

Страница 130: ...ains a set of parameters that define the reporting period the reporting schedule and the report format Restoring a process that involves moving of the backup copy of an object from the backup storage...

Страница 131: ...V Virus activity level threshold a maximum allowable number of events of a certain type within a specified time interval when this number is ex ceeded the situation is classified as increased virus ac...

Страница 132: ...tion from current and future threats Resistance to future attacks is the basic policy implemented in all Kaspersky Lab s products At all times the company s products remain at least one step ahead of...

Страница 133: ...le protection against viruses that attempt to penetrate computers via email messages The application automatically scans and disinfects all incoming POP3 and outgoing SMTP email messages and efficient...

Страница 134: ...action it prevents the suspicious application from accessing the network This enhances your privacy and provides 100 security for confidential data stored on your computer The product s SmartStealth t...

Страница 135: ...nternet gateways CheckPoint Firewall 1 Microsoft ISA Server The Kaspersky Anti Virus Business Optimal distribution kit includes Kaspersky Administration Kit a unique tool for automated deployment and...

Страница 136: ...ation of services allows users to identify and wipe out up to 95 of unwanted traffic Installed at the entrance to a network Kaspersky Anti Spam monitors incoming email and acts as a barrier to unsolic...

Страница 137: ...ad to assist you in any matters related to our product by phone or via email All of your recommendations and suggestions will be thoroughly reviewed and considered Technical support Please find the te...

Страница 138: ...NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT DO NOT BREAK THE CD s SLEEVE DOWNLOAD INSTALL OR USE THIS SOFTWARE IN ACCORDANCE WITH THE LEGISLATION REGARDING KASPERSKY SOFTWARE INTENDED FOR INDIVIDU...

Страница 139: ...are is in use on a Client Device when it is loaded into the temporary memory i e random access memory or RAM or installed into the permanent memory e g hard disk CD ROM or other storage device of that...

Страница 140: ...of licenses you have obtained then you must have a reasonable mechanism in place to ensure that your use of the Software does not exceed the use limits specified for the license you have obtained This...

Страница 141: ...the Privacy Policy iv Support Services means a Daily updates of the anti virus database b Free software updates including version upgrades c Extended technical support via e mail and phone hotline pro...

Страница 142: ...the consent of Kaspersky Lab b use the Software in a manner for which it was not intended or c use the Software other than as permitted under this Agreement vi The warranties and conditions stated in...

Страница 143: ...aspersky Lab whether oral or in writing which have been given or may be implied from anything written or said in negotiations between us or our representatives prior to this Agreement and all prior ag...

Результаты поиска

Содержание ANTI-VIRUS 5.5 - FOR MICROSOFT EXCHANGE SERVER 2000-2003

Отзывы:

Похожие инструкции для ANTI-VIRUS 5.5 - FOR MICROSOFT EXCHANGE SERVER 2000-2003

Бренды по названию

Популярные бренды

KAPERSKY ANTI-VIRUS 5.5 - FOR MICROSOFT EXCHANGE SERVER 2000-2003, Руководство администратора

Результаты поиска

Содержание ANTI-VIRUS 5.5 - FOR MICROSOFT EXCHANGE SERVER 2000-2003

Отзывы:

Похожие инструкции для ANTI-VIRUS 5.5 - FOR MICROSOFT EXCHANGE SERVER 2000-2003

Бренды по названию

Популярные бренды