SIMATIC. Process Control System PCS 7 Symantec Endpoint Protection 11.0 Configuration. Using virus scanners 1. Configuration 2. Commissioning Manual

Similar documents
SIMATIC. Process Control System PCS 7 Trend Micro OfficeScan (V8.0; V8.0 SP1) Configuration. Using virus scanners 1.

SIMATIC. Process Control System PCS 7 V7.0 SP1 Security Information Note: Setting up antivirus software. Preface. Using virus scanners 2

SIMATIC. Process Control System PCS 7 Configuration Symantec Endpoint Protection V14. Security information 1. Preface 2.

Siemens Industrial SIMATIC. Process Control System PCS 7 Configuration Trend Micro OfficeScan Server XG. Security information 1.

Readme SiVArc V14 SP1 Update 6

SIMATIC. Process Control System PCS 7 Configuration McAfee Endpoint Security Security information 1. Preface 2.

Team engineering via Inter Project. Engineering. TIA Portal. Team engineering via Inter Project Engineering. Basics of "Inter Project Engineering"

Class documentation. COMOSKDictionary COMOS. Platform Class documentation COMOSKDictionary. Trademarks. General. KDictionary. Programming Manual

Creating the program. TIA Portal. SIMATIC Creating the program. Loading the block library 1. Deleting program block Main [OB1]

SIMATIC. Process Control System PCS 7 PCS 7 system documentation - Readme V8.0 SP2 (Update 1) Options for Accessing Documentation 1

MindSphere. Visual Explorer. Introduction. User roles for "Visual Explorer" Connecting "Visual Explorer" to MindSphere data. Creating Visualizations

COMOS. Platform Class documentation RevisionMaster_dll. Class: RevisionInfo 1. Class: RevisionMaster 2. Programming Manual

SIMATIC. S7/HMI SIMATIC Automation Tool V3.1 SP1 product information. SIMATIC Automation Tool features 1. Known problems. Product Information

SIMATIC. Process Control System PCS 7 VT Readme V8.2 (online) Security information 1. Overview 2. Notes on Installation 3. Notes on usage 4.

Performance data abgn SCALANCE W770/W730 SIMATIC NET. Industrial Wireless LAN Performance data abgn SCALANCE W770/W730.

Performance data abgn PCIe Minicard MPCIE-R1-ABGN-U3 SIMATIC NET

PD PA AP How To Configure Maxum II TimeServer Access

Optional package printer driver V1.4

S7-300 Getting Started - Commissioning a CPU 31xC: Closed-loop control

Class: DocumentManager 1 COMOS. Platform Class documentation DocumentManager_dll. Programming Manual 03/2017 V10.2.

Validity 1. Improvements in STEP 7 2. Improvements in WinCC 3 SIMATIC. Readme. Readme

DANGER indicates that death or severe personal injury will result if proper precautions are not taken.

SIMATIC. STEP 7 PLUS TIA Portal Teamcenter Gateway. Introduction to TIA Portal Teamcenter Gateway 1. System requirements 2

Siemens Drives & PLCs

SINEMA Remote Connect - Client SIMATIC NET. Industrial Remote Communication SINEMA Remote Connect - Client. Preface. Requirements for operation

RF-MANAGER simulator SIMATIC. RFID-Systems RF-MANAGER simulator. Simulating projects. Compact Operating Instructions 06/2010 A5E

Key Panels Library SIMATIC HMI. Key Panels Library. Preface 1. Installation of Key Panels Library. Working with the Key Panels Library

SIMATIC. Process Control System PCS 7 Advanced Process Functions Operator Manual. Preface. Security information 1. Overview 2. Material management 3

SIMATIC IPC Wizard for. Widescreen devices with multitouch SIMATIC. Industrial PC SIMATIC IPC Wizard for. Preface.

party software COMOS Platform Third-party software Trademarks 1 Requirements for the system environment Third-party software releases Operating Manual

Operator Station (V8.0) SIMATIC. Process Control System PCS 7 Operator Station (V8.0) Preface 1. The PCS 7 Operator Station

SIMATIC. SIMATIC Logon V User management and electronic signatures 1. Hardware and Software Requirements 2. Scope of delivery 3.

Getting Started - Startdrive. Startdrive SINAMICS. Introduction 1. Connecting the drive unit to the PC. Creating a project 3

Process Historian Administration SIMATIC. Process Historian V8.0 Update 1 Process Historian Administration. Basics 1. Hardware configuration 2

SIMATIC. Industrial PC Microsoft Windows 7 (USB stick) Safety instructions 1. Initial startup: Commissioning the operating system

Class: POptions 1 COMOS. Platform Class documentation POptions_dll. Programming Manual 04/2014 A5E AA

SIMATIC. WinCC Readme Runtime Professional. Validity 1. Improvements in Update 2 2. Improvements in Update 1 3

B.Data V6.0 Installation SIMATIC. B.Data V6.0 Installation. Introduction. Installing B.Data. Setting up B.Data Web 3

SIMATIC. SIMATIC Energy Manager V1.0 App for ios and Android. Preface. SIMATIC Energy Manager app. Establish connection to SIMATIC Energy Manager PRO

Web Option for OS (V8.0) SIMATIC. Process Control System PCS 7 Web Option for OS (V8.0) Preface 1. Additional documentation

ET 200S distributed I/O system 4DO DC24V/2A ST digital electronic module (6ES7132-4BD32-0AA0)

SIMATIC NET. Industrial Remote Communication - Remote Networks SINEMA Remote Connect - Client. Preface. Requirements for operation 1

SIMATIC. PCS 7 Process Control System SIMATIC Logon Readme V1.6 (Online) Security information 1. Overview 2. Notes on installation 3.

SIMATIC. Process control system PCS 7 Operator Station (V9.0 SP1) Security information 1. Preface 2

Deckblatt. APL Operator Guide SIMATIC PCS 7. Application description June Applikationen & Tools. Answers for industry.

MindSphere. MindConnect IoT Extension Getting Started. Introduction to MindSphere. Prerequisites 2. Preparations 3. MindConnect IoT Extension

SIMATIC. Industrial PC Microsoft Windows 7. Safety instructions 1. Initial startup: Commissioning the operating. system

SIMATIC. Process Control System PCS 7 OS Process Control (V8.1) Preface 1. Additional documentation 2. Functions of the PCS 7 OS in process mode 3

SIMATIC. WinCC Readme Runtime Professional. Validity 1. Improvements in Update 6 2. Improvements in Update 3 3. Improvements in Update 2 4

SIMATIC. PCS 7 Licenses and configuration limits (V9.0) Security information 1. Preface 2. Selecting the correct license keys 3

SIMATIC/SINAMICS. Getting started with SINAMICS V90 PN on S Motion Control. Fundamental safety instructions 1. Introduction

SIMATIC. WinCC Readme Runtime Professional. Validity 1. Improvements in Update 7 2. Improvements in Update 6 3. Improvements in Update 5 4

SIMATIC. Process Control System PCS 7 Licenses and quantity structures (V8.0) Preface 1. Selecting the correct license keys 2

SIMATIC NET. Industrial Ethernet Security SCALANCE S615 Getting Started. Preface. Connecting SCALANCE S615 to the WAN 1

SIMATIC. Process Control System PCS 7 Product Brief on Software Updates from V5.1/V5.2 to PCS 7 V7.0 SP1. Preface 1

SIMATIC. Process Control System PCS 7 OS Process Control (V8.1) Security information 1. Preface 2. Additional documentation 3

Use with 0 to 70 C ambient. temperature SIMATIC. Process Control System PCS 7 Use with 0 to 70 C ambient temperature. Preface 1. Product combination 2

SIMATIC. Industrial PC Microsoft Windows Embedded Standard 7. Safety instructions 1. Initial startup: Commissioning the operating.

Primary Setup Tool (PST) SIMATIC NET. Industrial Ethernet / PROFINET Primary Setup Tool (PST) Preface. Description. Software installation 2

SIMATIC NET. Industrial Ethernet / PROFINET Primary Setup Tool (PST) Preface. Functions 1. Software installation 2. Operation. Configuration Manual

DI 8x24VDC ST digital input module SIMATIC. ET 200SP DI 8x24VDC ST digital input module (6ES7131-6BF00-0BA0) Preface. Documentation guide

Setting up securityglobal FW Rulesets SIMATIC NET. Industrial Ethernet Security Setting up security. Preface. Firewall in standard mode

Settings. Prior information notice 1. Introduction to "Settings" 2. User rights in "Settings" 3. Settings interface 4.

DANGER indicates that death or severe personal injury will result if proper precautions are not taken.

SIMATIC Ident RFID systems MDS D423 Compact Operating Instructions

SIMATIC. ET 200SP Open Controller Product information on CPU 1515SP PC. Preface. Product Information. Technical update. Technical specifications 3

SIMATIC. Process Control System PCS 7 CFC Readme V9.0 (online) Security information 1. Overview 2. Notes on Installation 3. Notes on usage 4.

Siemens Spares. Setting up security in STEP 7. Professional SIMATIC NET. Industrial Ethernet Security Setting up security in STEP 7 Professional

First Steps in Commissioning CPU. 31xC: Positioning with digital output SIMATIC

SIMATIC HMI. Software RemoteOperate V2. Preface. Overview 1. Range of functions of the RemoteOperate software. Hardware and software requirements

SIMATIC. PCS 7 Process Control System Support and Remote Dialup. Security information 1. Preface 2. Support and Remote Dialup 3.

SIMATIC. Process Control System PCS 7 SIMATIC Management Console (V9.0) Security information 1. Preface 2. Basics 3

SIMATIC. SIMATIC Logon V1.6. Security information 1. Conditions for secure operation of SIMATIC Logon 2. User management and electronic signatures 3

SIMATIC. Process Control System PCS 7 Software update with utilization of new functions. Security information 1. Preface 2.

B.Data V6.0 SP1 Installation SIMATIC. B.Data V6.0 SP1 Installation. Introduction 1. Installing B.Data. Setting up B.Data Web

SIMATIC. Process Control System PCS 7 PCS 7 Documentation (V8.1) Options for Accessing Documentation 1. Documentation for the Planning Phase 2

SIMOCODE pro. Read me SIMOCODE ES. Introduction 1. Installation notes 2. Installation/License key/ Uninstallation 3.

Power module PM-E DC24V HF SIMATIC. ET 200S distributed I/O Power module PM-E DC24V HF (6ES7138-4CA60-0AB0) Preface. Properties.

SIMOTION. Motion Control Task Trace. Preface 1. Overview 2. Configuring 3. Working with the SIMOTION Task Profiler 4.

SIMATIC. Process Control System PCS 7 SIMATIC Management Console (V9.0 Update 1) Security information 1. Preface 2. Basics 3

MCIS DNC Cell/Plant SINUMERIK. Motion Control Information System MCIS DNC Cell/Plant. Introduction 1. Prerequisite. Installation 3.

SIMATIC. PCS 7 Web Option for OS (V8.2) Security information 1. Preface 2. Overview of the Web Option for OS 3. Additional documentation 4

Line reactors SINAMICS. SINAMICS G120P Line reactors. Safety information 1. General. Mechanical installation 3. Electrical installation 4

COMOS. Operations MRO. Introduction 1. Maintenance objects 2. "General maintenance" plugins 3. "Events" plugin 4. "Resources" plugin 5

Developer Cockpit. Introduction 1. Prerequisites 2. Application Lifecycle in MindSphere 3. User interfaces "Developer Cockpit" 4

CP 1623 SIMATIC NET. PG/PC - Industrial Ethernet CP Preface. Description of the device. Software installation. Hardware installation

COMOS. Operations Shutdown. Introduction 1. Milestones 2. "Shutdown management" plugin 3. "Quick edit" plugin 4. User interface reference 5

COMOS. Operations MRO (Maintenance Repair and Overhaul) Introduction 1. Maintenance objects 2. "General maintenance" plugins 3.

SIMATIC. Process Historian 2014 SP2 SIMATIC Process Historian. Process Historian - Installation Notes 1. Process Historian - Release Notes

Siemens Spares COMOS. Operations Inspection. Introduction 1. Working with the "Inspection" plugin 2. Working with the "Inspection diagram" plugin 3

SITOP UPS1600 under STEP 7 V5. SITOP UPS1600 under STEP 7 V5. Introduction. Safety notes. Description 3. Assigning the IP address

General Information 1. Connection 2. User Interface 3 ATC5300. Menus 4. Automatic Transfer Controller. Remote Control Software Manual A5E

COMOS. Automation Automation interfaces. Note on file-based data exchange 1 SPI 2. Generic Excel import 3. Process visualization via OPC client 4

Siemens Drives & PLCs

COMOS. Automation COMOS Automation Interfaces SPI 1. Generic Excel import 2. Process visualization via OPC client 3.

SIMATIC. Process Control System PCS 7 Compendium Part D - Operation and Maintenance (V8.2) Security information 1. Preface 2

SIMATIC HMI. WinCC V7.4 SP1 SIMATIC HMI WinCC V7.4 Getting Started. Welcome 1. Icons 2. Creating a project. Configure communication

SITOP UPS1600 under STEP 7 V13. SITOP UPS1600 under STEP 7 V13. Introduction. Safety notes. Description. Assigning the IP address

DANGER indicates that death or severe personal injury will result if proper precautions are not taken.

DANGER indicates that death or severe personal injury will result if proper precautions are not taken.

Transcription:

SIMATIC Process Control System PCS 7 Using virus scanners 1 Configuration 2 SIMATIC Process Control System PCS 7 Symantec Endpoint Protection 11.0 Configuration Commissioning Manual 08/2009 A5E02634984-01

Legal information Legal information Warning notice system This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are graded according to the degree of danger. DANGER indicates that death or severe personal injury will result if proper precautions are not taken. WARNING indicates that death or severe personal injury may result if proper precautions are not taken. CAUTION with a safety alert symbol, indicates that minor personal injury can result if proper precautions are not taken. CAUTION without a safety alert symbol, indicates that property damage can result if proper precautions are not taken. NOTICE indicates that an unintended result or situation can occur if the corresponding information is not taken into account. If more than one degree of danger is present, the warning notice representing the highest degree of danger will be used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to property damage. Qualified Personnel The product/system described in this documentation may be operated only by personnel qualified for the specific task in accordance with the relevant documentation for the specific task, in particular its warning notices and safety instructions. Qualified personnel are those who, based on their training and experience, are capable of identifying risks and avoiding potential hazards when working with these products/systems. Proper use of Siemens products Note the following: WARNING Siemens products may only be used for the applications described in the catalog and in the relevant technical documentation. If products and components from other manufacturers are used, these must be recommended or approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and maintenance are required to ensure that the products operate safely and without any problems. The permissible ambient conditions must be adhered to. The information in the relevant documentation must be observed. Trademarks All names identified by are registered trademarks of the Siemens AG. The remaining trademarks in this publication may be trademarks whose use by third parties for their own purposes could violate the rights of the owner. Disclaimer of Liability We have reviewed the contents of this publication to ensure consistency with the hardware and software described. Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the information in this publication is reviewed regularly and any necessary corrections are included in subsequent editions. Siemens AG Industry Sector Postfach 48 48 90026 NÜRNBERG GERMANY A5E02634984-01 P 08/2009 Copyright Siemens AG 2009. Technical data subject to change

Table of contents 1 Using virus scanners... 5 1.1 Preface...5 1.2 Using virus scanners...6 1.2.1 Introduction...6 1.2.2 Definitions and information...6 1.2.3 Principle structure of the virus scanner architecture...7 1.2.4 Using antivirus software...8 2 Configuration... 9 2.1 Introduction...9 2.2 Client Modules...9 2.3 Policies...9 2.4 Virus Definition Manager...10...12 2.5.1 File System Auto-Protect...12 2.5.2 File System...12 2.5.3 Email Protection...18 2.5.4 Antispyware Protection TruScan Proactive Threat Scans...19 2.5.5 Quarantine settings...21 2.5.6 Report Submission settings...23 2.5.7 Miscellaneous settings...24 2.6 Client Administrator and Tamper Protection Options...28 2.7 Endpoint Console Firewall Settings...31 2.8 Endpoint Intrusion Detection Settings...33 Commissioning Manual, 08/2009, A5E02634984-01 3

Using virus scanners 1 1.1 Preface Important information about this whitepaper The compatibility of the virus scanners recommended for PCS 7 and WinCC has been tested with the systems. The recommended settings for these virus scanners have been chosen to ensure the reliable real time operation of PCS 7 is not adversely affected by the virus scanner software. These recommendations describe how to discover and make effective as comprehensively as possible the currently known, best possible compromise between the target, virus and damage software, and ensure an as determinable as possible time response of the PCS 7 control system can be achieved in all operating phases. If you choose different settings for the virus scanner, this could have negative effects on the real-time behavior. Purpose of this documentation This documentation describes the recommended settings for virus scanner software in combination with PCS 7 and WinCC following the virus scanner installation. Required knowledge This documentation is aimed at anyone who is involved in configuring, commissioning and operating automated systems based on SIMATIC PCS 7 or WinCC. Knowledge of administration and IT techniques for Microsoft Windows operating systems is assumed. Validity of the documentation The documentation applies to process control systems equipped with the respective product version of PCS 7 or WinCC. NOTICE Note that certain virus scanners are only approved for certain product versions. Additional information is available in the Internet at the following address: http://support.automation.siemens.com/ww/view/en/10154608 Commissioning Manual, 08/2009, A5E02634984-01 5

Using virus scanners 1.2 Using virus scanners 1.2 Using virus scanners 1.2.1 Introduction Using virus scanners in a process control system is only effective when they are part of a comprehensive security concept. A virus scanner alone cannot protect a process control system against hostile attacks. The security concept PCS 7 / WinCC is available on the Internet under: http://support.automation.siemens.com Virus scanners should comply with the requirements described in the security concepts of PCS 7 / WinCC. 1.2.2 Definitions and information Basic principle The use of a virus scanner should never inhibit a plant in runtime. Virus scanners A virus scanner is a software that detects, blocks or eliminates harmful program routines (computer viruses, worms, etc.). Scan engine (scanner module) The scan engine is a component of the virus scanner software that can examine data for harmful software. Virus signature file (virus pattern file or virus definition file) This file provides the virus signatures to the scan engine, which uses it to search through data for harmful software. Virus scan client The virus scan client is a computer which is examined for viruses and managed by the virus server. Virus scan server The virus scan server is a computer which centrally manages virus scan clients, loads virus signature files and deploys them on the virus scan clients. 6 Commissioning Manual, 08/2009, A5E02634984-01

Using virus scanners 1.2 Using virus scanners 1.2.3 Principle structure of the virus scanner architecture A virus scan server receives its virus signatures from the update server of the respective virus scan manufacturer in the Internet or from an upstream virus scan server and manages its virus scan clients. Remote access to the virus scan server is available via web console. Internet Virus scan server Web console Virus scan client Virus scan client Virus scan client Commissioning Manual, 08/2009, A5E02634984-01 7

Using virus scanners 1.2 Using virus scanners 1.2.4 Using antivirus software Information for configuration of local virus scanners Integrated firewall of the virus scanner The local Windows firewall is used as of PCS 7 V7.0 and configured with the SIMATIC Security Control (SSC) component. The firewalls integrated in the virus scanners are therefore not installed. Manual scan (manual scan, on demand scan) A manual scan should never be performed on virus scan clients during process mode (runtime). This should take place at regular intervals, e.g. during maintenance, on all computers of the system. Automatic scan (auto-protect, on-access scanning) With automatic scanning, it is sufficient to check the incoming data traffic. Scheduled scan (planned search, on demand scan) A scheduled scan should never be performed on virus scan clients during process mode (runtime). Displaying messages To ensure that process mode is not inhibited, no messages should be displayed on the virus scan clients. Drives To avoid overlapping scanning of network drives, only local drives are scanned. E-mail scan Scanning of e-mail can be disabled except on the engineering station which receives e- mails. Division into groups Organize your virus scan clients in groups. Deployment of the virus signature (pattern update) The deployment of the virus signatures to the virus scan clients is performed by the upstream virus scan server. Test the virus signatures in a test system before deploying them in process mode to ensure that work correctly. Distribute the virus signatures manually to the respective groups. Update the virus scan engine Do not conduct the virus scan engine update in runtime as these updates will probably require you to restart the virus scan client. Note on installation The software installation must be carried out from a virus-free storage location (e.g. from a file server with its own virus scanner or from a certified DVD). During the software installation, automatic changes are often carried out in the operating system. An enabled virus scanner must not obstruct or falsify the software installation. 8 Commissioning Manual, 08/2009, A5E02634984-01

2 2.1 Introduction Symantec Endpoint Protection 11.0 by Symantec is the successor to Norton Antivirus 10.2. Only version 11.0 of the Symantec Endpoint Protection virus scanner has been approved for some versions of PCS 7. The settings described below that have changed in comparison to the standard version were tested for PCS7. Approved virus scanners for the following PCS 7 versions You can find the latest overview of the virus scanners authorized for a PCS 7 version at the following Internet address: http://support.automation.siemens.com/ww/view/en/10154608 2.2 Client Modules The only module that needs to be enabled in the "Deployment Wizard" dialog is "Antivirus and Antispyware Protection". The following client modules should be disabled: Email Protection Network Threat Protection Proactive Threat Protection These client modules should also be disabled on the management server. 2.3 Policies Client groups (computer groups) can be assigned different settings. The settings for client groups are defined by policies. Each program component (antivirus, firewall, updates, etc.) has its own policy, which has to be defined in the Endpoint Protection Manager Console. Commissioning Manual, 08/2009, A5E02634984-01 9

2.4 Virus Definition Manager 2.4 Virus Definition Manager Updates The following distinctions should be noted: Management server updates are set as local properties of a computer. Client updates are defined as a "policy". Server update settings in the "Site Properties" dialog box Menu Admin > Servers > Edit Site Properties > "LiveUpdate" tab "Frequency" option button: Continuously 10 Commissioning Manual, 08/2009, A5E02634984-01

2.4 Virus Definition Manager Client update settings in the "Site Properties" dialog box Menu Policies > Live Update Policy > "Server Settings" tab "Use the default management server" check box: Selected Only enabled update options can serve as a source for updates. Clients are not updated if both update options are disabled. When both update options are enabled, clients only obtain updates from the "Management Server". For manual deployment of the virus definition files, enable this check box only for deploying virus definition files. The deployment of the virus definition files is performed automatically when this check box is selected. Check the deployment in the log. Commissioning Manual, 08/2009, A5E02634984-01 11

2.5.1 File System Auto-Protect This option was known as "Client Auto-Protect" in ealier versions of Symantec antivirus software. 2.5.2 File System File System Auto-Protect settings in the "Scan Details" dialog box Menu Policies > Antivirus and Antispyware > File System Auto-Protect > "Scan Details" tab "Enable File System Auto-Protect" check box: Selected "Block security risks from being installed" check box: Cleared "Network Settings" check box: Cleared "Check floppies for boot viruses when accessed" check box: Selected 12 Commissioning Manual, 08/2009, A5E02634984-01

File System Auto-Protect settings in the "Advanced Scanning and Monitoring" dialog box Menu Policies > Antivirus and Antispyware > File System Auto-Protect > "Scan Details" tab > Advanced Scanning and Monitoring "Scan when a file is modified" option button: Selected "Scan when a file is backed up" check box: Selected "Delete newly created infected files if the action is Leave alone (log only)" check box: Cleared Commissioning Manual, 08/2009, A5E02634984-01 13

File System Auto-Protect settings in the "Actions" dialog box Menu Policies > Antivirus and Antispyware > File System Auto-Protect > "Actions" tab Selection in "First action" drop-down list: Leave alone (log only) This selection also applies to "Non-macro virus" and "Security Risks" "Back up files before attempting to repair them" check box: Cleared "Terminate processes automatically" check box: Cleared "Stop services automatically" check box: Cleared 14 Commissioning Manual, 08/2009, A5E02634984-01

File System Auto-Protect settings in the "Notifications" dialog box Menu Policies > Antivirus and Antispyware > File System Auto-Protect > "Notifications" tab "Display a notification message on the infected computer" check box: Cleared "Display the Auto-Protect results dialog on the infected computer" check box: Cleared Commissioning Manual, 08/2009, A5E02634984-01 15

File System Auto-Protect settings in the "Advanced" dialog box Menu Policies > Antivirus and Antispyware > File System Auto-Protect > "Advanced" tab "Check floppies when the computer shuts down" check box: Cleared "Enable after " check box: Cleared "Wait until the computer is restarted" option button: Selected 16 Commissioning Manual, 08/2009, A5E02634984-01

File System Auto-Protect settings in the "File Cache" dialog box Menu Policies > Antivirus and Antispyware > File System Auto-Protect > "Advanced" tab > "File Cache..." dialog File System Auto-Protect settings in the "Risk Tracer" dialog box Menu Policies > Antivirus and Antispyware > File System Auto-Protect > "Advanced" tab > "Risk Tracer..." dialog Commissioning Manual, 08/2009, A5E02634984-01 17

2.5.3 Email Protection E-mail virus protection is not necessary in a PCS 7 environment because the options for Internet Email, Microsoft Outlook and Lotus Notes are disabled. Menu Policies > Antivirus and Antispyware Policy > Make these setting in the following tabs: "Internet Email Auto-Protect" tab "Microsoft Outlook Auto-Protect" tab "Lotus Notes Auto-Protect" tab Setting "Internet Email Auto-Protect" check box: Cleared 18 Commissioning Manual, 08/2009, A5E02634984-01

2.5.4 Antispyware Protection TruScan Proactive Threat Scans Introduction Antispyware protection is not necessary because it is performed by other applications; all settings need to be disabled. TruScan Proactive Threat Scans settings in the "Scan Details" dialog box Menu Policies > Antivirus and Antispyware Policy > TruScan Proactive Threat Scans > "Scan Details" tab "Scan for trojans and worms" check box: Cleared "Scan for keyloggers" check box: Cleared Commissioning Manual, 08/2009, A5E02634984-01 19

TruScan Proactive Threat Scans settings in the "Notifications" dialog box Menu Policies > Antivirus and Antispyware Policy > TruScan Proactive Threat Scans > "Notifications" tab "Display a message when there is a detection" check box: Cleared 20 Commissioning Manual, 08/2009, A5E02634984-01

2.5.5 Quarantine settings Quarantine settings in the "General" dialog box Menu Policies > Antivirus and Antispyware Policy > Quarantine > "General" tab "Do nothing" option button: Selected Commissioning Manual, 08/2009, A5E02634984-01 21

Quarantine settings in the "Cleanup" dialog box Menu Policies > Antivirus and Antispyware Policy > Quarantine > "Cleanup" tab "Enable automatic deleting of repaired files" check box: Cleared "Enable automatic deleting of backup files" check box: Cleared "Enable automatic deleting of quarantined files that could not be repaired" check box: Cleared 22 Commissioning Manual, 08/2009, A5E02634984-01

2.5.6 Report Submission settings A client cannot sent a report; it can only log it for the server (Log only). "Report Submissions" therefore must be disabled. Submissions settings Menu Policies > Antivirus and Antispyware Policy > Submissions "Allow client computers to submit processes detected by scans" check box: Cleared "Allow client computers to submit threat detection rates" check box: Cleared "Allow client computers to manually submit quarantined items to Symantec Security Response" check box: Cleared Commissioning Manual, 08/2009, A5E02634984-01 23

2.5.7 Miscellaneous settings Settings in the "Miscellaneous" tab Menu Policies > Antivirus and Antispyware Policy > Miscellaneous > "Miscellaneous" tab Selection in "Disable Windows Security Center" drop-down list: Never Selection in "Display antivirus events within Windows Security Center" drop-down list: Disable 24 Commissioning Manual, 08/2009, A5E02634984-01

Settings in the "Log Handling" tab Menu Policies > Antivirus and Antispyware Policy > Miscellaneous > "Log Handling" tab Selection in "Show" drop-down list: All antivirus and antispyware events The settings should correspond to those in the figures below. Commissioning Manual, 08/2009, A5E02634984-01 25

26 Commissioning Manual, 08/2009, A5E02634984-01

Settings in the "Notifications" tab Menu Policies > Antivirus and Antispyware Policy > Miscellaneous > "Notifications" tab "Display a warning when definitions are outdated" check box: Cleared "Display a warning when Symantec Endpoint Protection is running without virus definitions" check box: Cleared "Display error messages with a URL to a solution" check box: Cleared Commissioning Manual, 08/2009, A5E02634984-01 27

2.6 Client Administrator and Tamper Protection Options 2.6 Client Administrator and Tamper Protection Options You can find the general settings below. Menu Clients > "Policies" tab > General Settings 28 Commissioning Manual, 08/2009, A5E02634984-01

2.6 Client Administrator and Tamper Protection Options Security and privileges settings Menu Clients > "Policies" tab > General Settings > "Security Settings" tab "Require a password to stop the client service" check box: Cleared "Require a password to uninstall the client" check box: Cleared Enter password Commissioning Manual, 08/2009, A5E02634984-01 29

2.6 Client Administrator and Tamper Protection Options Tamper Protection settings Menu Clients > "Policies" tab > General Settings > "Tamper Protection" tab "Protect Symantec security software from being tampered with or shut down" check box: Selected Selection in "Actions to take " drop-down list: Log the event only "Display a notification message when tampering is detected" check box: Cleared 30 Commissioning Manual, 08/2009, A5E02634984-01

2.7 Endpoint Console Firewall Settings 2.7 Endpoint Console Firewall Settings Because Endpoint ignores the functions of the firewall, all of the configured rules need to be disabled. Firewall Policy - Rules Menu Policies > Firewall Policy > "Rules" tab ALL check boxes of the firewall rules: Cleared Commissioning Manual, 08/2009, A5E02634984-01 31

2.7 Endpoint Console Firewall Settings Menu Policies > Firewall Policy> "Smart Traffic Filtering" tab "Enable Smart DHCP" check box: Cleared "Enable Smart DNS" check box: Cleared "Enable Smart WINS" check box: Cleared 32 Commissioning Manual, 08/2009, A5E02634984-01

2.8 Endpoint Intrusion Detection Settings 2.8 Endpoint Intrusion Detection Settings Symantec Endpoint Protection is not used for intrusion detection in PCS 7. All associated functions are therefore disabled. "Settings" tab Menu Policies > Intrusion Prevention Policy > "Settings" tab "Enable Intrusion Prevention" check box: Cleared "Enable denial of service detection" check box: Cleared "Enable port scan detection" check box: Cleared "Enable excluded hosts" check box: Cleared "Automatically block an attacker s IP address" check box : Cleared Commissioning Manual, 08/2009, A5E02634984-01 33

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback