Getting Started Symantec Mail Security for Microsoft Exchange About Symantec Mail Security for Microsoft Exchange Symantec Mail Security for Microsoft Exchange is a complete, customizable, and scalable solution that scans email messages that pass through the Microsoft Exchange server. Symantec Mail Security protects your Exchange server from the following: Threats (such as viruses, Trojan horses, worms, and denial-of-service attacks) Security risks (such as adware and spyware) Unwanted content Unsolicited email messages (spam) Symantec Mail Security also lets you manage the protection of one or multiple Exchange servers from a single console. The Exchange environment is only one avenue by which a threat can penetrate a network. For complete protection, ensure that every computer and workstation is protected by an antivirus solution.
2 Symantec Mail Security for Microsoft Exchange What s new in Symantec Mail Security What s new in Symantec Mail Security Table 1-1 lists the new and enhanced features in Symantec Mail Security 5.0.3 for Microsoft Exchange. Table 1-1 Feature New and enhanced features Description Protection from mail-based security risks Redesigned console Improved support for cluster environments Automatic server discovery User-based and group-based policies File attachment content scanning Multimedia and executable file detection based on true file type Summary and Detailed reports Symantec Mail Security protects your mail environment from security risks, such as spyware and adware. You can manage a single mail server or a group of servers from the same console. The new console lets you view summary information about the activities on an individual mail server or a group of servers. Symantec Mail Security is Microsoft cluster-aware. In a clustering environment, multiple nodes on the network operate like a single system to ensure high availability. Symantec Mail Security is installed as a cluster resource on an active/passive cluster. It is designed to interact with and detect the nodes that are within the cluster environment. Symantec Mail Security can automatically detect the Exchange servers that are within your organization using Active Directory. You can select the users or groups for which a content filtering policy applies. You can configure the rule to apply to all Active Directory groups or to only the users or Active Directory groups that you select. You can also specify users or groups who are exceptions to the rule. You can scan for content violations within file attachments. Symantec Mail Security supports over 300 file attachment types and common file types, such as Microsoft Office documents, Adobe Acrobat PDF files, text files, RTF files, and database files. Symantec Mail Security can detect multimedia and executable files based on an analysis of their true file type instead of relying on their file extensions. You can generate a report that contains statistics about the scanning activities that occurred on one or more mail servers. You can configure Symantec Mail Security to send the report to the email addresses that you specify.
Symantec Mail Security for Microsoft Exchange Components of Symantec Mail Security 3 Table 1-1 Feature New and enhanced features (Continued) Description Automatically save messages to a folder You can save messages that are identified as spam or suspected spam, or messages that trigger content filtering violations, to a specified folder. This lets you use an archiving program to automatically archive messages in the folder. Components of Symantec Mail Security Table 1-2 lists the components of Symantec Mail Security. Table 1-2 Product components Component Description Location on the product CD Symantec Mail Security for Microsoft Exchange This is the software that you install to protect your Exchange servers. It protects your servers from threats (such as viruses and denial-of-service attacks), security risks (such as adware and spyware). It also detects spam email messages and unwanted content. \SMSMSE\Install\ LiveUpdate Administration Utility This is the utility that lets you configure one or more intranet FTP, HTTP, or LAN servers to act as internal LiveUpdate servers. LiveUpdate lets Symantec products download program and definition file updates directly from Symantec or from a LiveUpdate server. For more information, see the LiveUpdate Administrator s Guide on the Symantec Mail Security product CD in the following location: \DOCS\LUA\Luadmin.pdf \ADMTOOLS\LUA\
4 Symantec Mail Security for Microsoft Exchange Components of Symantec Mail Security Table 1-2 Product components (Continued) Component Description Location on the product CD Symantec Spam Folder Agent for Exchange Outlook Plug-in This is the program that lets you install a spam foldering agent. The foldering agent works with the Symantec Premium AntiSpam service. It lets you automatically route spam and suspected spam messages to a spam folder in each user s inbox. The Symantec Spam Folder Agent is recommended for Exchange 2000 servers only. This is the software that lets you submit missed spam and false positives to Symantec. It also lets users administer allowed senders and blocked senders lists and block email messages based on language identification. The Outlook Plug-in is used with the Symantec Premium AntiSpam service. The Outlook Plug-in can be used on Exchange 2000 and Exchange 2003 servers. \ADMTOOLS\SPA \BSFA\ \ADMTOOLS\SPA \BMOP\ Symantec Enterprise Security Administration (SESA) Integration Package (SIP) Adobe Acrobat Reader 6.0 Symantec Central Quarantine This is the software configuration package that you must install on each computer that runs a SESA Manager. The SIP extends SESA functionality to include Symantec Mail Security event data. This is the software that makes it possible to read electronic documentation in Portable Document Format (PDF). Symantec Mail Security can forward infected messages and messages that contain violations from the local quarantine to the Central Quarantine, which acts as a central repository. For more information, see the Symantec Central Quarantine Administrator s Guide on the Symantec Mail Security product CD in the following location: \DOCS\DIS\CentQuar.pdf \ADMTOOLS\SIPI\ \DOCS \ar60enu.exe \ADMTOOLS\DIS
Symantec Mail Security for Microsoft Exchange Before you install 5 Before you install Before you install Symantec Mail Security, ensure that all pre-installation and system requirements are met. You also should ensure that you have an installation plan that best matches your organization s needs. See System requirements on page 6. Symantec Mail Security supports upgrades from Symantec Mail Security 4.x. If you are upgrading from a prior version, you should review the migration information. See Migrating to version 5.0.3 on page 8. Before you install the product, you should do the following: If you are running Symantec Brightmail AntiSpam on the same server on which you want to install Symantec Mail Security, you must uninstall Symantec Brightmail AntiSpam before you install Symantec Mail Security. The email tools feature of Symantec AntiVirus Corporate Edition is not compatible with Microsoft Exchange or Symantec Mail Security for Microsoft Exchange. You must uninstall the feature before you install Symantec Mail Security. You must disable any antivirus software that is on the server in which you want to install Symantec Mail Security. After installation, you should reenable the antivirus protection. To install Symantec Mail Security components correctly, log on as a Windows domain administrator. For optimal visibility, modify your screen resolution to 1024 x 768. For information about the default locations in which Symantec Mail Security installs software components, see the Symantec Mail Security for Microsoft Exchange Implementation Guide. About security and access permissions Users must have System Administrator privileges to configure or modify Symantec Mail Security settings. When you install the product, Symantec Mail Security automatically creates the SMSMSE viewers group in Active Directory and assigns the group read-only access to Symantec Mail Security components and features. Users in this group cannot change settings for Symantec Mail Security. Users can run reports, view event logs, and view settings through the console.
6 Symantec Mail Security for Microsoft Exchange System requirements The SMSMSE viewers group is domain-wide for Active Directory. You can use the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in to change membership in this group. During the security set-up process, security is also set for the Symantec Mail Security registry key and file folders. You must have administrator access to the local servers and domain administrator rights for the security set-up to proceed. System requirements Ensure that you meet the appropriate system requirements for the type of installation that you are performing. Server system requirements You must have domain administrator-level privileges to install Symantec Mail Security. The server system requirements are as follows: Operating system Windows 2000 Server/Advanced Server /Data Center SP4 Windows Server 2003 Standard/Enterprise /Data Center SP1 Exchange platform Exchange 2000 Server SP3/Enterprise Server Exchange Server 2003/Enterprise Server Minimum system requirements Intel Server class 32-bit processor 1 GB RAM 775 MB available disk space Required available disk space for Symantec Mail Security and required third-party components. This does not include the space required for items such as quarantined messages and attachments, reports, and log data..net Framework version 1.1 SP1 (is automatically installed if not detected) MDAC 2.6 or higher (is automatically installed if not detected) DirectX 8.01 or higher (automatically installs DirectX 9 DirectX 8.01 or higher if not detected)
Symantec Mail Security for Microsoft Exchange Installing Symantec Mail Security for Microsoft Exchange 7 If you install Symantec Mail Security on a Windows 2000 Server Domain Controller that does not allow impersonation, you might have difficulty changing settings in a group view or from a remote console. You should run Microsoft Exchange on a computer that is not a Domain Controller. If this is not feasible, set the computer to allow impersonation by configuring the Impersonate a client after authentication policy for the IWAM account. Console only system requirements You can install the Symantec Mail Security console only. The console only system requirements are as follows: Operating system Windows 2000 Server SP4 Windows Server 2003 SP1 Windows XP SP1 Minimum system requirements Intel Server class 32-bit processor 512 MB RAM 162 MB available disk space This does not include the space required for items such as quarantined messages and attachments, reports, and log data..net Framework version 1.1 SP1 (is automatically installed if not detected) Installing Symantec Mail Security for Microsoft Exchange You can choose from the following types of installation: Local server installation Remote server installation Console only installation You can install or upgrade Symantec Mail Security on a local computer that is running Microsoft Exchange Server. If you have multiple servers on which you want to install or upgrade Symantec Mail Security, after you install Symantec Mail Security to a local server, you can use the Asset Management tool in the console to install the product to remote servers. You can install the product console on a computer that is not running Symantec Mail Security. This lets you manage your servers from any computer that has access to your Exchange servers.
8 Symantec Mail Security for Microsoft Exchange Migrating to version 5.0.3 Microsoft Clustering service installation If you are installing Symantec Mail Security with the Microsoft Clustering service, follow the instructions for clustering service installation. See Migrating to version 5.0.3 on page 8. For information about installation procedures, see the Symantec Mail Security for Microsoft Exchange Implementation Guide. Migrating to version 5.0.3 Symantec Mail Security supports upgrades from Symantec Mail Security 4.x. If you are upgrading from a previous version, the policy settings that you configured on the previous installation are incorporated into the applicable policy on the new installation. If you are upgrading from version 5.0x, all user settings are retained. Symantec Mail Security 5.x for Exchange does not contain a separate multiserver console. Single and multiple servers are administered from the same console. Multiserver console settings do not migrate to the new version. You must add any existing servers to be upgraded to an asset group (for example, Global). You can use the Install/Upgrade servers feature to upgrade the selected server. Once all of the servers are upgraded, you can uninstall the console from the prior version using the Add/Remove Programs feature in the Control Panel. Custom policies, content filtering rules, and report templates do not migrate to the new version. Table 1-3 lists the data and settings that migrate from version 4.x to the new version. Table 1-3 Category Auto-protect Version 4.x migration settings Migration status Migrates to the new version as the standard policy Auto-protect statistics Mass-Mailer Rule Basic Virus Rule Virus subpolicy Migrates as is Only the enable/disable setting migrates Migrates as is Only the enable/disable setting migrates
Symantec Mail Security for Microsoft Exchange Post-installation tasks 9 Table 1-3 Category Filtering subpolicy Version 4.x migration settings (Continued) Migration status Migrates to the new version as the standard policy Enable/disable setting migrates Exception subpolicy Certificate, license files, and registry keys Quarantine files Quarantine settings Spam settings Clear outbreak settings Alerting/Notification settings LiveUpdate/Rapid Release settings Match lists Spam XML file All existing exceptions rules and settings migrate All settings migrate except the AMS and Messenger settings All settings migrate Migrates as is Post-installation tasks After you install Symantec Mail Security, you can perform the following postinstallation tasks: If you are using Windows 2000, set up the appropriate impersonation privileges on the IWAM account. Restart Internet Information Service (IIS). Implement SSL communications. Install the license file if it was not installed during setup. Update definitions if a LiveUpdate was not performed during setup. Configure other antivirus products that are on the same computer as Symantec Mail Security. For more information about performing the post-installation tasks, see the Symantec Mail Security for Microsoft Exchange Implementation Guide.
10 Symantec Mail Security for Microsoft Exchange Where to get more information about Symantec Mail Security Where to get more information about Symantec Mail Security The Symantec Mail Security for Microsoft Exchange Implementation Guide provides information about using this product and is found on the product CD in the following location: \DOCS\SMSMSE\SymantecMailSecurity.pdf You can visit the Symantec Web site for more information about your product. The following online resources are available: Provides access to the technical support Knowledge Base, newsgroups, contact information, downloads, and mailing list subscriptions Provides information about registration, frequently asked questions, how to respond to error messages, and how to contact Symantec License Administration Provides product news and updates Provides access to the Virus Encyclopedia, which contains information about all known threats; information about hoaxes; and access to white papers about threats www.symantec.com/ techsupp/ent/ enterprise.html www.symantec.com /licensing/els/help/en/ help.html www.enterprisesecurity. symantec.com www.securityresponse. symantec.com Copyright 2006 Symantec Corporation. All rights reserved. Printed in the U.S.A. 03/06 PN:10536314 Symantec and the Symantec logo are U.S. registered trademarks of Symantec Corporation. Symantec AntiVirus is a trademark of Symantec Corporation. Other brands and products are trademarks of their respective holder/s.