Copyright 2004 ESET. ESET reserves the right to change any of the described application modules without prior notice.

Similar documents
INSTALLING NOD32. NOD32 Setup Tutorial. Page 1 of 76. Double clicking on the Nod32 executable file that has been downloaded begins the setup process.

Installation Manual. and User Guide

ESET NOD32 ANTIVIRUS 8

ESET NOD32 ANTIVIRUS 7

Focus on the ESET NOD32 antivirus system

AVG Server Edition

AVG File Server. User Manual. Document revision ( )

ESET Mobile Security for Windows Mobile. Installation Manual and User Guide - Public Beta

Antivirus: Proactively detects and disables more known and even unknown new malware threats than any other security product.

w e p r o t e c t d i g i t a l w o r l d s NOD32 Server Edition for Lotus Domino Installation

Quick Start Guide. Microsoft Windows 7 / Vista / XP / 2000 / 2003 / 2008

Typical Installation Guide. Installation Guide. Typical installation only. Standard version 2.5

QUICK START GUIDE. Microsoft Windows 10 / 8.1 / 8 / 7 / Vista / Home Server Click here to download the most recent version of this document

FOR macos. Quick Start Guide. Click here to download the most recent version of this document

Internet Security Mail Anti-Virus

Configuring Symantec AntiVirus for BlueArc Storage System

How to Get and Configure Barracuda Exchange Antivirus Agent 7.1 and Above

User s Guide. SingNet Desktop Security Copyright 2010 F-Secure Corporation. All rights reserved.

Airtel PC Secure Trouble Shooting Guide

Small Office Security 2. Mail Anti-Virus

Protegent Total Security Solution USER GUIDE Unistal Systems Pvt. Ltd. All rights Reserved Page 1

Quick Start Guide. Microsoft Windows Vista / XP / 2000 / 2003 / 2008

QUICK CONFIGURATION GUIDE

AVG 9.0 Server Edition

ESET SMART SECURITY 10

GFI MailSecurity 2011 for Exchange/SMTP. Administration & Configuration Manual

Small Office Security 2. Scan PC for viruses and vulnerabilities

QUICK START GUIDE. Microsoft Windows 10 / 8.1 / 8 / 7 / Vista / Home Server Click here to download the most recent version of this document

WorldSecure/Mail Getting Started Guide

AVG Server Edition 2011

ESET REMOTE ADMINISTRATOR PLUG-IN FOR KASEYA. Technical Setup and User Guide

IceWarp Unified Communications. AntiVirus Reference. Version 10.4

Anti-Virus. Anti-Virus Scanning Overview. This chapter contains the following sections:

AVG Server Edition 2011

Kaspersky PURE 2.0. Mail Anti-Virus: security levels

ESET ENDPOINT SECURITY FOR ANDROID

User Guide. This user guide explains how to use and update Max Secure Anti Virus Enterprise Client.

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

Mission Control for the Microsoft Cloud. 5nine Cloud Security. Web Portal Version 12.o. Getting Started Guide

User Manual. Dockit Archiver

WASP 2.0. Installation and Admin Guide

User Guide Online Backup

Office 365 Standalone Security

SIMATIC. Process Control System PCS 7 V7.0 SP1 Security Information Note: Setting up antivirus software. Preface. Using virus scanners 2

Report on ESET NOD 32 Antivirus

Avira Free Mac Security Version HowTo

KASPERSKY LAB. Kaspersky Administration Kit version 6.0. Reference Book

Enterprise Vault.cloud Journaling Guide

SIMATIC. Process Control System PCS 7 Symantec Endpoint Protection 11.0 Configuration. Using virus scanners 1. Configuration 2. Commissioning Manual

User Guide. Version R93. English

Configuring Symantec. device

Avira Endpoint Security. HowTo

Postini Message Security Using Postini with Google Apps Education Edition

Kaseya 2. User Guide. Version 7.0. English

Symantec ST Symantec Messaging Gateway Download Full Version :

Antivirus Solution Guide for Clustered Data ONTAP: Symantec

Avira Premium Security Suite User Manual

Getting Started Guide

Symantec 10.0, McAfee 8.0i and McAfee 8.5i anti-virus installation

User Guide. Version R95. English

ESET ENDPOINT SECURITY

Configuring Symantec Protection Engine for Network Attached Storage for Hitachi Unified and NAS Platforms

QUICK START GUIDE. Microsoft Windows 10 / 8.1 / 8 / 7 / Vista / Home Server 2011

TAC INET Notifier. - Installation and configuration -

Symantec 9.0, Symantec 10.0 Norton 2005, Norton 2006 and McAfee 8.0i anti-virus installation

AUTOMATIC PROCESSOR 1

Managing SonicWall Gateway Anti Virus Service

Symantec Hosted Mail Security Console and Spam Quarantine User s Guide

Reference Guide. McAfee Security for Microsoft Exchange 8.6.0

Quick Heal for Novell Netware User Guide

ESET CYBER SECURITY PRO for Mac

QUICK START GUIDE. Microsoft Windows 10 / 8.1 / 8 / 7 / Vista / Home Server 2011

Panda Antivirus Server for Mac User Manual

w e p r o t e c t d i g i t a l w o r l d s NOD32 for Novell Netware Server Installation

Small Office Security 2. File Anti-Virus

DocAve Content Shield v2.2 for SharePoint

For Businesses with more than 25 seats.

WeCloud Security. Administrator's Guide

w e p r o t e c t d i g i t a l w o r l d s NOD32 for Novell Netware Server Installation

OUTLOOK ATTACHMENT EXTRACTOR 3

ForeScout Extended Module for Symantec Endpoint Protection

DocAve Content Shield v2.2 for SharePoint

Avira Ultimate Protection Suite. Short guide

User Guide. Version R93. English

ESET ENDPOINT ANTIVIRUS

ESET REMOTE ADMINISTRATOR PLUG-IN FOR TIGERPAW Technical Setup and User Guide

Configuring Symantec Protection Engine for Network Attached Storage. Compuverde vnas Cluster

KASPERSKY LABS. Kaspersky Anti-Virus 5.1 for Microsoft ISA Server. Administrator s guide

Zillya Internet Security User Guide

ESET REMOTE ADMINISTRATOR PLUG-IN FOR CONNECTWISE Technical Setup and User Guide

Downloading VirusScan Enterprise 8.5i. August 2008 End User Computing

Exchange Security Small Business Edition. User Manual

Kaseya 2. User Guide. Version 2.1

escan Quick Reference and Installation Guide This document provides information to install escan and serves as a quick reference to run key tasks.

User Guide. Version 2.1

Antivirus Solution Guide. NetApp Clustered Data ONTAP 8.2.1

Comodo Antivirus Software Version 2.2

Remco Hobo. Virus and Worm scanning January 18, 2005

Sophos Anti-Virus standalone startup guide. For Windows and Mac OS X

Antivirus Solution Guide for Clustered Data ONTAP: Sophos

Transcription:

Copyright 2004 ESET All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise without a prior written agreement. ESET reserves the right to change any of the described application modules without prior notice. Certain names of program products and company names used in this document might be registered trademarks or trademarks owned by other companies. ESET 1317 Ynez Place, Suite CD Coronado, CA 92 118 U.S.A. Website: www.eset.com Phone: +1 (619) 437 7037

NOD32 for MS Exchange Server 2.0 NOD32 for MS Exchange Server 2.0 is a brand new NOD32 antivirus version designed for scanning e mail traffic routed by the MS Exchange Servers. The major differences between the NOD32 and the NOD32 for MS Exchange Server include a new module designed specifically for MS Exchange Servers called XMON and the absence of IMON and EMON modules. This document describes the XMON module. Before reading this document, please read the NOD32 users guide first. The XMON module communicates with the MS Exchange Server via its antivirus interface VSAPI and checks all the stored and routed e mail messages through the MS Exchange server. XMON runs on MS Exchange Server 5.5 Service Pack 3 and higher, MS Exchange Server 2000 Service Pack 1 and higher and MS Exchange Server 2003. XMON scans e mail messages stored in the MS Exchange Server storage. This storage is placed on the server file system as a single file and using non standard settings in AMON (on access scanner) running on the same server might lead to collision between XMON and AMON. To avoid the collision make sure that the AMON module is not set to scan all files. If you have set AMON to scan all files (not recommended) exclude the following two directories from scanning: %ProgramFiles%\exchsrvr\mdbdata\ %ProgramFiles%\exchsrvr\mtadata\ It is not recommended to set the default settings for infected files to rename while using the option to scan all files. All infected files would be rechecked at each scan and further renamed. The consequent renaming would slow down your computer. 3

Installation If you are running any previous version of the NOD32 for Exchange Server, please uninstall it before the installation of the NOD32 for Exchange Server 2.0 The installation wizard will help you to install the NOD32 for MS Exchange Server. Please follow the on screen instructions. If you want to install XMON, check the Activate antivirus protection for MS Exchange Server checkbox. To activate the XMON service, you need to locate and select the license file provided upon purchase of the XMON license. Use the Browse button to locate the license file. This screen is present in all installation scenarios. 4

XMON The main window To open the XMON main window, click on the XMON icon in the Control Center window. If the XMON is displayed in grey color, the MS Exchange Server is not present on the local computer or the MS Exchange server version is not supported by XMON. If the XMON is displayed in red color, the XMON module is not active. To activate the XMON, check the Activate Control checkbox. The main XMON window shows the number of scanned, infected and cleaned files (a file is each e mail message and its attachments). The main window also displays the virus data base version (with the date of the last update in the parentheses) and MS Exchange version running on the local server. Active control check box for XMON activation. To activate the XMON, mark the check box. To disable it, uncheck it. Before XMON deactivation you will be requested to confirm its shutdown. If you really want to turn off XMON, press Yes. The MS Exchange server checks the settings of the XMON module each minute, so the new XMON settings come into effect after a few seconds. Turning XMON on and off will take about a minute to take effect. Settings enables you to alter the default XMON settings Run NOD32 activates the NOD32 on demand scanner 5

XMON Setting The left part of the XMON Settings window shows nine possible setting areas of XMON. The setting parameters in each setting area are shown in the right part of the window. The MS Exchange server checks the settings of the XMON module each minute, so the new XMON settings come into effect after a few seconds. The Scanner page shows the following properties: Background scanning if checked, all the messages handled by the Exchange server are scanned in the background. XMON keeps track of what messages it scanned and the version of virus database it used. If you are opening a message not scanned by the most current virus database, XMON scans it before opening it in your e mail client. The back ground testing will save you time when opening messages from the Exchange server, because upon opening the message it is already scanned. Proactive scanning new inbound messages are scanned in the order they are received. If this checkbox is marked and a user opens a message that has not been scanned yet, this message is scanned before the other messages waiting in the scanning queue. Scan plain text message bodies enables scanning plain text messages Scan RTF message bodies enables scanning RTF message bodies. The RTF message bodies may contain macro viruses Verify file size When checked, XMON determines the precise size of file attachments in e mail messages going through the Exchange server and does not rely on the file size provided by the Exchange server. The Exchange server provides only an approximate attachment size for encoded messages. Determination of the precise attachment size may slow down the scanning process, but raises the virus detection precision. Scan transported messages When checked, XMON scans also messages that are not stored on the local MS Exchange server and are delivered to other e mail servers through the local Exchange server. Repeat scanning button By clicking the Repeat scanning button all the messages stored on the local MS Exchange server are scanned again. Upon each virus database update the XMON scans all the messages stored on the Exchange server again as well. 6

Default button By clicking the Default button, all the properties on Scanner page are set to default. When clicking the Default button, a confirmation window will allow you to confirm or reject your selection. By clicking Yes, you will activate the default settings. The Detection page contains the following settings: Signatures when checked, XMON uses the signature based virus detection Heuristics when checked, XMON uses heuristic method based virus detection Advanced Heuristics when checked, XMON uses Advanced Heuristics based virus detection. Advanced Heuristics is a unique set of heuristic methods capable of detecting the most dangerous internet worms. To get the best virus detection results, use all three above mentioned virus detection methods. The Heuristics level settings enable you to set the extent of using the NOD32 heuristics method in virus detection. It is recommended to use the Standard level of heuristics, because selecting the Deep heuristics may cause false positive alarms. The Targets settings lets you select the types of attachments that should be scanned. When scanning archives the scanning procedure is more time consuming, because the archive must be opened for scanning. 7

The Extensions page enables you to set which file types should be included in virus scanning. It is recommended to use the default settings and let XMON scan all the possibly dangerous file types. Adding new file types into the scanning process may decrease the scanning rate. Scan all files marking this check box, XMON will scan all files types found in message attachments. The file types list will show file types excluded from scanning. Extensions included in scanning this list shows the file types included in the virus scanning. You can use wild cards such as? and * to define file extensions of files that should be scanned Add button enables you to add a new file extension to the file extension list Remove button removes the selected file extension from the list Default button restores the default extension list setting Scan extension less files adds scanning files without extensions To add a new extension use alpha numerical characters and wildcards such as? and *. To add an extension, click OK. 8

The Actions page lets you select what actions should be taken upon virus detection. When scanning archives is enabled, the Actions page shows what action should be taken upon virus detection in files and various archive types. The When virus is found settings let you choose what action should be taken upon virus detection. When scan archives option in the Targets section is activated, this pane contains separate settings for archives and files. Clean XMON attempts to clean the virus from the infected file. When the attempt fails, the action selected in the When virus cannot be cleaned settings is executed. No action, mark as infected when selected the Exchange server is notified about the infection and the user cannot open the infected message attachment. Rename attachment/ delete message XMON changes the attachment extension, so that it cannot be opened or run. If the message body contains a virus, the message will be deleted. Delete XMON deletes the infected message, or the attachment if only the attachment is infected. The deletion process can be adjusted in the Deleting setting page. Quarantine when checked, the infected messages will be stored in Quarantine. Messages stored in Quarantine can be scanned again using a newer virus database if possible for precise virus detection. When virus cannot be cleaned settings lets you select what action should be taken when attempt to clean an infected message fails. Some of the infections cannot be cleaned, because the XMON does not have a cleaning procedure for them. 9

The Rules settings lets you select a default action for handling specified file types listed in this list. If there are more than one rule for a single file type, the first rule in the list is applied. The actions listed in this list are executed prior to virus scanning Add button enables you to add a new rule. Modify button modifies the selected rule Remove button removes the selected rule Move up moves up the selected rule and increases its priority Move down moves down the selected rule and decreases its priority 10

Sender of message the rule applies to a message sent by the selected sender. Subject of message the rule applies to a message with the selected subject line The string in the two above mentioned fields is used as a substring for searching the matching messages, so that you do not have to know the whole subject line or e mail address. When using other than alphanumerical characters, use parentheses and quotes. You can also create conditions using logical operators AND, OR, NOT. File name mask File name mask enables you to select a certain file selection using a mask created from alphanumerical characters and wildcards? and *.To use more than one mask, separate them by a comma. The Action section lets you select what actions should be taken upon match with the above mentioned search criteria. Scan for viruses as XMON will scan for viruses as if the file attachment was one of the selected file types. No action XMON declares the message to be clean Rename attachment/ delete message XMON alters the file extension so that it cannot be opened or run. Delete XMON deletes the selected message Mark as infected XMON marks the selected message as infected Quarantine The selected message will be stored in Quarantine Description Rule description used in the Exchange server log when the rule is applied 11

The Deleting page lets you select what action should be made when a message is selected for deletion. When deleting message settings lets you select what actions should be taken when the whole message is marked for deletion. Delete message body XMON deletes the body of the infected message. The recipient will receive the message header and non infected attachments Overwrite message body with virus protocol XMON overwrites the message body with a virus protocol or a rule description. Delete whole message XMON deletes the whole message including all attachments When deleting attachments settings lets you select what action should be taken when a message is marked for deletion. Truncate file to zero size XMON truncates the attachment to zero size and lets the recipient see the attachment file name. Replace file with virus protocol XMON replaces the infected file with a virus protocol or rule description Delete whole message XMON deletes the whole message along with all its attachments 12

The Performance page lets you select performance parameters for XMON. Number of threads this parameter lets you select how many threads should be used for virus scanning. More threads on multiprocessor machines can increase the scanning rate. Microsoft recommends using the following formula to determine the number of threads used: Number of physical processors times 2 plus 1 = number of threads used. Time limit (for Exchange 5.5) sets the time interval for running the virus scanner Time limit (for Exchange 2000 and 2003) a time limit for scanning an individual file 13

The Protocol settings page lets you select how the virus scanning protocol/log should be assembled. Log all files when checked, all scanned files are listed in the scanning log, including non infected files Synchronous logging when checked, all the log entries are immediately written into the log file without storing them in the log cache Scope This setting lets you select what the scope of logging activities. The more detailed the scope, the more activities are written into the log file Log server version when checked, XMON writes the server version into the log file Log license when checked, XMON writes the XMON license into the log file Log rules when checked, XMON writes the list of currently enabled rules into the log file The License page lets you view details of the currently used XMON license. Update button opens a file selection dialogue box for selecting a new license key. 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback