Policy for Using Anti-virus Software on S8100 Media Servers, IP600 Communications Servers, & DEFNITY ONE Communications Systems

Size: px

Start display at page:

Download "Policy for Using Anti-virus Software on S8100 Media Servers, IP600 Communications Servers, & DEFNITY ONE Communications Systems"

Chloe Hodges
6 years ago
Views:

1 Policy for Using Anti-virus Software on S8100 Media Servers, IP600 Communications Servers, & DEFNITY ONE Communications Systems Abstract This paper provides general guidelines and policies for the use of anti-virus software on the S8100 Media Server, IP600 Internet Protocol Communications Server, and DEFINITY ONE Communications System. Avaya does not guarantee protection of its products against network attacks such as viruses or worms when anti-virus software is installed. 1

2 Table of Contents 1. Introduction Policy Changes General Policy Interoperability with Specific Anti-virus Packages...4 McAfee NetSheild Anti-virus...4 Symantec AntiVirus TM Conclusion...5 2

3 1. Introduction This document provides information and guidance on use of anti-virus software with the S8100 Media Server, IP600 Internet Protocol Communications Server, and DEFINITY ONE Communications System. Due to ongoing vulnerabilities and exploits of the Microsoft Windows operating system, Avaya feels it is important to allow running of anti-virus software on the S8100 Media Server, IP600 Internet Protocol Communications Server, and DEFINITY ONE Communications Systems. Avaya takes security seriously and is working on solutions that provide the utmost in reliability and security. 2. Policy Changes This policy applies solely to the aforementioned products that run the Windows operating system and may be superseded by newer global policies issued by Avaya. 3. General Policy Avaya allows the loading and running of third-party anti-virus software on S8100 Media Servers, IP600 Internet Protocol Communications Servers, and DEFINITY ONE Communications Systems. Avaya supports the S8100 server when anti-virus software is loaded in accordance with existing warranty or maintenance agreements. However, Avaya is not responsible for support of any anti-virus application. For anti-virus application support, contact the vendor of the specific anti-virus software that is being used. The loading and use of any additional thirdparty software beyond anti-virus software will violate the terms of the Avaya maintenance agreement. The loading of the anti-virus software will be the sole responsibility of the customer. It does not require any update to the operating system unless stated by the software vendor. This can include Microsoft Service Packs and/or Microsoft updates. It is recommended that the customer run the Microsoft Security Baseline Analyzer, which can be obtained from Microsoft, before loading any anti-virus software. This helps improve the overall security of the system (on R10 and later systems, this software is included). Customers should understand that anti-virus software can compromise the stability of the S8100 Media Server, IP600 Internet Protocol Communications Server, or DEFINITY ONE Communications System and that Avaya has communicated that risk through this policy. If a problem requiring diagnosis occurs on a server running anti-virus software, and the antivirus software is suspected of causing or contributing to the problem, Avaya Technical Support will likely ask the customer to remove the anti-virus software before proceeding with further diagnosis. To help Avaya Technical Support diagnose problems, the presence of anti-virus software will be reflected in support and maintenance records. 3

4 If the anti-virus software corrupts the overall operation of the S8100 Media Server, IP600 Internet Protocol Communications Server, or DEFINITY ONE Communications System, Avaya is not responsible for repair within the terms of the maintenance contract. Any and all applicable fees will be charged in re-provisioning and/or reinstalling the solution. Avaya does not provide assistance with loading anti-virus software nor does Avaya provide suggested anti-virus vendors. Avaya has tested software from two vendors and provides the results of that testing for informational purposes only. Avaya offers a variety of products and services to assist in maximizing the security of each individual communication system. These software products and services can be customized depending on individual voice, data, and multimedia needs and policies. Avaya Security Services can be contacted at 4. Interoperability with Specific Anti-virus Packages Avaya s testing of a particular anti-virus package provides no endorsement of any anti-virus software vendor. Interoperability testing does not guarantee or certify any level of reliability from a support or maintenance perspective. McAfee NetSheild Anti-virus Avaya has performed basic interoperability testing with McAfee NetShield Anti-Virus SP1, Virus definitions , and scan engine This testing occurred on an S8100 Media Server running Communication Manager 1.3. Further testing was performed on a DEFINITY ONE Communications System running Release 9.5 software. 1. Testing was performed with 4,000 busy hour calls (medium call traffic). 2. Automatic DAT updates were executed with no impact to call processing. 3. Full system scans were executed with detrimental impacts to call processing. b. The full system scan lasted roughly one hour with processor occupancy spikes up to 100% for periods of 5 10 minutes. c. During periods of 100% processor occupancy 50% of call traffic failed. d. Eventually, Communication Manager is stopped, causing call processing to be unavailable. Processing of calls does not resume until the full system scan is completed. 4. Full system scanning should not be performed unless one hour of virtually no call traffic can be guaranteed at a consistent time daily or weekly. 4

5 Symantec AntiVirus Avaya has performed basic interoperability testing with Symantec AntiVirus Corporate Edition Version 8.1. This testing occurred on an S8100 Media Server running Communication Manager Testing was performed with 4,000 busy hour calls (medium call traffic). 2. Live updates were executed with no impact to call processing. 3. Real time protection was enabled and run on all system files with no impact to call processing. 4. Full system scans were executed with some minor impact to call processing. b. The full system scan lasted roughly one hour with processor occupancy spikes up to 100% for periods of seconds. c. During periods of 100% processor occupancy call processing was slow or delayed, but did not fail outright. 5. Full system scanning should not be performed unless one hour of virtually no call traffic can be guaranteed at a consistent time daily or weekly. 5. Conclusion Avaya understands and acknowledges the desire to install anti-virus software on Avaya products and is providing this policy document for guidance in this area. In general, a customer may decide, at their discretion, to install anti-virus software as an appropriate measure to protect their communication system. If the decision is made to install anti-virus software, the customer takes responsibility of support and maintenance of that software and the impact it has on the operation of the S8100 Media Server, IP600 Internet Protocol Communications Server, or DEFINITY ONE Communications System. Avaya and the Avaya Logo are trademarks of Avaya Inc. All trademarks identified by and are registered trademarks or trademarks, respectively, of Avaya Inc. All other trademarks are the property of their respective owners. The information provided in this document is subject to change without notice. The configurations, technical data, and recommendations provided in this document are believed to be accurate and dependable, but are presented without express or implied warranty. Users are responsible for their application of any products specified in this document. Avaya makes no warranty or claims as to the accuracy or completeness of this document. 5

CERANET SERVICE LEVEL AGREEMENT

Page 1 of 5 CERANET SERVICE LEVEL AGREEMENT This CeraNet Service Level Agreement ("SLA") applies to all dedicated servers and Co-location services. The Client agrees that CeraNet internal measurements