Professional Documents
Culture Documents
Administrators Guide
"F-Secure" and the triangle symbol are registered trademarks of F-Secure Corporation and F-Secure product names and symbols/logos are either trademarks or registered trademarks of F-Secure Corporation. All product names referenced herein are trademarks or registered trademarks of their respective companies. F-Secure Corporation disclaims proprietary interest in the marks and names of others. Although F-Secure Corporation makes every effort to ensure that this information is accurate, F-Secure Corporation will not be liable for any errors or omission of facts contained herein. F-Secure Corporation reserves the right to modify specifications cited in this document without prior notice. Companies, names and data used in examples herein are fictitious unless otherwise noted. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of F-Secure Corporation. Copyright 1993-2006 F-Secure Corporation. All rights reserved. Portions Copyright 1991-2006 Kaspersky Lab. This product includes software developed by the Apache Software Foundation (http:// www.apache.org/). Copyright 2000-2006 The Apache Software Foundation. All rights reserved. This product includes PHP, freely available from http://www.php.net/. Copyright 1999-2006 The PHP Group. All rights reserved. This product includes code from SpamAssassin. The code in the files of the SpamAssassin distribution are Copyright 2000-2002 Justin Mason and others, unless specified otherwise in that particular file. All files in the SpamAssassin distribution fall under the same terms as Perl itself, as described in the Artistic License.
This product may be covered by one or more F-Secure patents, including the following:
GB2353372 GB2374260 GB2366691 GB2366692 GB2366693 GB2367933 GB2368233
12000040-6J16
Contents
About This Guide 9
How This Guide Is Organized ............................................................................................ 10 Conventions Used in F-Secure Guides .............................................................................. 12 Symbols .................................................................................................................... 12
Chapter 1
1.1 1.2 1.3 1.4
Introduction
14
Overview ....................................................................................................................15 How F-Secure Anti-Virus for Microsoft Exchange Works........................................... 16 Key Features.............................................................................................................. 19 F-Secure Anti-Virus Mail Server and Gateway Products ........................................... 21
Chapter 2
2.1 2.2 2.3
Deployment
23
Installation Modes ...................................................................................................... 24 Network Requirements............................................................................................... 24 Deployment Scenarios ............................................................................................... 25 2.3.1 Minimum Installation....................................................................................... 25 2.3.2 Medium to Large Installation .......................................................................... 27 2.3.3 Performance-Critical Installation..................................................................... 28 2.3.4 Microsoft Exchange Cluster Environment ...................................................... 30
Chapter 3
3.1
Installation
32
System Requirements................................................................................................ 33 3.1.1 Minimum System Requirements..................................................................... 33 3.1.2 Which SQL Server to Use for the Quarantine Database? .............................. 35
Improving Reliability and Performance ...................................................................... 38 Centrally Administered or Stand-alone Installation? .................................................. 39 Installation Overview .................................................................................................. 39 Installing F-Secure Anti-Virus for Microsoft Exchange............................................... 41 After the Installation ................................................................................................... 60 3.6.1 Importing Product MIB files to F-Secure Policy Manager Console................. 60 3.6.2 Configuring the Product.................................................................................. 61 Upgrading the Previous Version ................................................................................ 61 Upgrading the Evaluation Version.............................................................................. 64 Uninstalling F-Secure Anti-Virus for Microsoft Exchange .......................................... 65
Chapter 4
4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8
66
Overview ....................................................................................................................67 Administering F-Secure Anti-Virus for Microsoft Exchange ....................................... 67 Using F-Secure Anti-Virus for Microsoft Exchange Web Console ............................. 68 4.3.1 Logging in for the First Time........................................................................... 68 Home Page ................................................................................................................ 71 Checking the Product Status...................................................................................... 71 Configuring the F-Secure Anti-Virus for Microsoft Exchange Web Console .............. 74 Using F-Secure Policy Manager Console .................................................................. 75 Modifying Settings and Viewing Statistics.................................................................. 76 4.8.1 Centrally Administered Mode ......................................................................... 76 4.8.2 Stand-alone Mode .......................................................................................... 78 Manually Processing Mailboxes and Public Folders .................................................. 78 4.9.1 Centrally Administered Mode ......................................................................... 79 4.9.2 Stand-alone Mode .......................................................................................... 88 4.9.3 Creating Scanning Operations ....................................................................... 89
4.9
4.10 Configuring Alert Forwarding ...................................................................................121 4.10.1 Centrally Administered Mode .......................................................................121 4.10.2 Stand-Alone Mode........................................................................................123 4.11 Alert Forwarding.......................................................................................................124 4.12 Viewing Alerts ..........................................................................................................125
Chapter 5
5.1 5.2
127
Overview ..................................................................................................................128 F-Secure Anti-Virus for Microsoft Exchange Settings ..............................................128 5.2.1 Real-Time Processing ..................................................................................130 5.2.2 Manual Processing .......................................................................................161 5.2.3 Scheduled Processing..................................................................................176 5.2.4 Content Scanner Servers .............................................................................177 5.2.5 Quarantine....................................................................................................180 5.2.6 Reporting ......................................................................................................184 5.2.7 Advanced......................................................................................................184 F-Secure Anti-Virus for Microsoft Exchange Statistics.............................................186 5.3.1 Common .......................................................................................................187 5.3.2 Real-Time Processing ..................................................................................188 5.3.3 Manual Processing .......................................................................................191 5.3.4 Quarantine....................................................................................................194 F-Secure Content Scanner Server Settings.............................................................195 5.4.1 Interface........................................................................................................197 5.4.2 Virus Scanning .............................................................................................198 5.4.3 Virus Statistics ..............................................................................................201 5.4.4 Database Updates........................................................................................203 5.4.5 Spam Filtering ..............................................................................................204 5.4.6 Threat Detection Engine...............................................................................206 5.4.7 Proxy Configuration ......................................................................................207 5.4.8 Advanced......................................................................................................208 F-Secure Content Scanner Server Statistics ...........................................................210 5.5.1 Server ...........................................................................................................210 5.5.2 Scan Engines ...............................................................................................211 5.5.3 Common .......................................................................................................212 5.5.4 Spam Control................................................................................................212 5.5.5 Virus Statistics ..............................................................................................213 F-Secure Automatic Update Agent Settings ............................................................214 F-Secure Management Agent Settings ....................................................................216
5.3
5.4
5.5
5.6 5.7
Chapter 6
6.1
219
Overview ..................................................................................................................220
6.2
F-Secure Anti-Virus for Microsoft Exchange Settings ..............................................221 6.2.1 Summary ......................................................................................................221 6.2.2 Virus Scanning .............................................................................................223 6.2.3 Stripping Attachments ..................................................................................239 6.2.4 Content Filtering ...........................................................................................249 6.2.5 Manual Scanning..........................................................................................256 6.2.6 Quarantine....................................................................................................260 6.2.7 Advanced......................................................................................................270 6.2.8 Internal Domains ..........................................................................................276 F-Secure Content Scanner Server Settings.............................................................278 6.3.1 Summary ......................................................................................................278 6.3.2 Database Updates........................................................................................285 6.3.3 Scan Engines ...............................................................................................287 6.3.4 Proxy Configuration ......................................................................................292 6.3.5 Archive Scanning..........................................................................................295 6.3.6 Advanced......................................................................................................298 6.3.7 Interface........................................................................................................300 F-Secure Automatic Update Agent Settings ............................................................301 6.4.1 Summary ......................................................................................................302 6.4.2 Automatic Updates .......................................................................................304 6.4.3 HTTP Settings ..............................................................................................306 6.4.4 PM Proxies ...................................................................................................307 F-Secure Management Agent Settings ....................................................................308
6.3
6.4
6.5
Chapter 7
7.1 7.2 7.3 7.4 7.5 7.6 7.7 7.8 7.9
Quarantine Management
311
Introduction ..............................................................................................................312 Configuring Quarantine Options...............................................................................314 Searching the Quarantined Content.........................................................................314 Query Results Page .................................................................................................318 Viewing Details of a Quarantined Message .............................................................321 Reprocessing the Quarantined Content...................................................................323 Releasing the Quarantined Content.........................................................................324 Removing the Quarantined Content.........................................................................326 Deleting Old Quarantined Content Automatically.....................................................326
7.11 Quarantine Statistics ................................................................................................328 7.12 Moving the Quarantine Storage ...............................................................................329
Chapter 8
8.1 8.2 8.3 8.4
331
Overview ..................................................................................................................332 Spam Control Settings in Centrally Managed Environments ...................................333 Spam Control Settings in Web Console...................................................................336 Realtime Blackhole List Configuration .....................................................................341 8.4.1 Enabling Realtime Blackhole Lists ...............................................................341 8.4.2 Optimizing F-Secure Spam Control Performance ........................................343
Chapter 9
9.1 9.2 9.3 9.4
345
Overview ..................................................................................................................346 Automatic Updates with F-Secure Automatic Update Agent....................................346 Configuring Automatic Updates ...............................................................................347 Manual Updates .......................................................................................................347 9.4.1 Using FSUPDATE ........................................................................................347 9.4.2 Updating the Virus Definition Database Remotely Using LATEST.ZIP ........348
349
System and Network Recommendations ................................................................ 350 Installation Overview ................................................................................................352 Creating Quarantine Storage ...................................................................................353 A.3.1 Quarantine Storage in Active-Passive Cluster .............................................353 A.3.2 Quarantine Storage in Active-Active Cluster ................................................358 Installing the Product................................................................................................361 A.4.1 Installing on Active-Passive Cluster .............................................................361 A.4.2 Installing on Active-Active Cluster ................................................................363 Administering the Cluster Installation with F-Secure Policy Manager......................365 Using the Quarantine in the Cluster Installation.......................................................368 Troubleshooting .......................................................................................................368
A.4
369
373 379
D.1 Overview ..................................................................................................................380 D.2 Starting and Stopping...............................................................................................380 D.3 Viewing the Log File.................................................................................................380 D.4 Common Problems and Solutions............................................................................381 D.4.1 Installing Service Packs................................................................................384 D.4.2 Securing the Quarantine...............................................................................384 D.4.3 Administration Issues ...................................................................................385 D.5 Frequently Asked Questions ....................................................................................386 D.6 F-Secure Automatic Update Agent Troubleshooting................................................391
Technical Support
397
F-Secure Online Support Resources ............................................................................... 398 Web Club .........................................................................................................................400 Virus Descriptions on the Web .........................................................................................400
10
Chapter 2. Deployment. Instructions and examples how to set up your network environment before you can install F-Secure Anti-Virus for Microsoft Exchange. Chapter 3. Installation. Instructions how to install and set up F-Secure Anti-Virus for Microsoft Exchange. Chapter 4. Using F-Secure Anti-Virus for Microsoft Exchange. Instructions how to use and administer F-Secure Anti-Virus for Microsoft Exchange. Chapter 9. Updating Virus and Spam Definition Databases. Instructions
how to update your virus definition database.
Chapter 5. Centrally Managed Administration. Instructions how to remotely administer F-Secure Anti-Virus for Microsoft Exchange and F-Secure Content Scanner Server when they have been installed in centralized administration mode. Chapter 6. Administration with Web Console. Instructions how to administer F-Secure Anti-Virus for Microsoft Exchange with the Web Console. Chapter 8. Administering F-Secure Spam Control. General information about and instructions on how to configure F-Secure Spam Control. Appendix A. Deploying the Product on a Cluster. Describes how the product can be deployed and used on the cluster environment. Appendix B. Variables in Warning Messages. Lists variables that can be included in virus warning messages. Appendix C. Services and Processes. Describes services, devices and processes of F-Secure Anti-Virus for Microsoft Exchange.
11