Cisco ICM/IPCC Enterprise and Hosted Anti-Virus Software Guidelines



Similar documents
McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide

Using McAfee VirusScan. Professional Edition Version 8.0. Software On a DX8000 DVR

Sophos Anti-Virus for NetApp Storage Systems startup guide

Features - Microsoft Data Protection Manager

w e p r o t e c t d i g i t a l w o r l d s ESET NOD32 Antivirus for Novell Netware Server Installation

Desktop Release Notes. Desktop Release Notes 5.2.1

GFI Product Manual. Administration and Configuration Manual

Antivirus Solution Guide for Clustered Data ONTAP 8.2.1: McAfee

System Compatibility. Enhancements. Operating Systems. Hardware Requirements. Security

In this note, you will learn the basic applications of McAfee VirusScan Enterprise (hereafter McAfee ). Six topics will be covered as below:

McAfee Enterprise Edition v Installation & Configuration For Windows 98 and Me

McAfee VirusScan Enterprise for Storage 1.1.0

ES Exchange Server - How to Remove XMON

User's Manual. Intego VirusBarrier Server 2 / VirusBarrier Mail Gateway 2 User's Manual Page 1

McAfee Enterprise Edition v Installation & Configuration For Windows NT, 2000, and XP

SMALL BUSINESS EDITION. Sophos Control Center startup guide

Installing GFI MailSecurity

Getting Started Guide

Selected Windows XP Troubleshooting Guide

Database Administration

Product Guide. McAfee Endpoint Protection for Mac 2.1.0

Symantec AntiVirus Corporate Edition Patch Update

F-Secure Client Security. Administrator's Guide

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide

Software Testing Methodology: Anti-spyware and AntiVirus

Total Protection Service

McAfee MOVE / VMware Collaboration Best Practices

Microsoft SQL Server Staging

How to Configure Terminal Services for Pro-Watch in Remote Administration Mode (Windows 2000)

Total Protection Service

Installation Guide for Cisco Unified ICM/Contact Center Enterprise & Hosted Release 8.0(1a)

Owner of the content within this article is Written by Marc Grote

GFI Product Guide. Administrator Guide

Sophos Endpoint Security and Control Help. Product version: 11

Networking Best Practices Guide. Version 6.5

Malware Protection II White Paper Windows 7

Application Whitelisting - Extend your Security Arsenal? Mike Baldi Cyber Security Architect Honeywell Process Solutions

Symantec AntiVirus Business Pack Administrator s Guide

IIS Deployment Procedures

Best Practice Configurations for OfficeScan (OSCE) 10.6

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide

Sophos Anti-Virus for NetApp Storage Systems startup guide. Runs on Windows 2000 and later

Non-ThinManager Components

McAfee VirusScan Enterprise 8.7 Users Guide

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide

Sophos Endpoint Security and Control Help

IceWarp Unified Communications. AntiVirus Reference. Version 10.4

Microsoft Baseline Security Analyzer

GFI Product Manual. Getting Started Guide

Program Update IPedge Feature Description IPedge Feature Desc. 8/2/13

Kaspersky Anti-Virus 8.0 for Microsoft ISA Server and Forefront TMG Standard Edition

Net Protector Admin Console

TABLE OF CONTENTS. Features - SharePoint Server idataagent. Page 1 of 72 OVERVIEW SYSTEM REQUIREMENTS - SHAREPOINT SERVER IDATAAGENT INSTALLATION

Sophos Anti-Virus for Mac OS X Help

Getting started. Symantec AntiVirus Corporate Edition 8.1 for Workstations and Network Servers

Using McAfee VirusScan Enterprise 8.7i Jocelyn Kasamoto

Symantec Protection for SharePoint Servers Implementation Guide

GFI Product Manual. Getting Started Guide

Out n About! for Outlook Electronic In/Out Status Board. Administrators Guide. Version 3.x

Sophos Anti-Virus for NetApp Storage Systems user guide. Product version: 3.0

FTP, IIS, and Firewall Reference and Troubleshooting

OfficeScan 10 Enterprise Client Firewall Updated: March 9, 2010

AVG File Server. User Manual. Document revision ( )

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide

Best Practice Configurations for OfficeScan 10.0

Using TS-ACCESS for Remote Desktop Access

Barracuda Message Archiver Vx Deployment. Whitepaper

ESET Mobile Security Business Edition for Windows Mobile

Integrate Check Point Firewall

Microsoft Exchange 2003 Disaster Recovery Operations Guide

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

AND SERVER SECURITY

AND SERVER SECURITY

PureMessage for Microsoft Exchange Help. Product version: 4.0

Connecting to the Firewall Services Module and Managing the Configuration

Anti-Virus/Malware Policy

Trend Micro OfficeScan Best Practice Guide for Malware

Upgrade Guide BES12. Version 12.1

P e r s o n a l E d i t i o n For Windows 95, 98, NT

GFI Product Manual. Administrator Guide

HOUR 3. Installing Windows Server 2003

HP Device Manager 4.6

Best Practices for Deploying Behavior Monitoring and Device Control

Filter. SurfControl Filter 5.0 for SMTP Getting Started Guide. The World s #1 Web & Filtering Company

Manually Add Programs to Your Firewall or Anti-Virus Programs Trusted List. ZoneAlarm

version 9.0 SP10 August P01851 FreeFlow Security Guide

Anti-Spyware Enterprise Module software

Lab Configuring Access Policies and DMZ Settings

Chapter 5: Fundamental Operating Systems

Integrate Astaro Security Gateway

FreeFlow Core, Version 4.0 August P Xerox FreeFlow Core Security Guide

McAfee VirusScan Enterprise 8.8 Best Practices Guide

Product Guide. McAfee Security for Microsoft SharePoint 3.0.0

EasyBiz. Business Software Solutions for South African Businesses NETWORK SETUP IN QUICKBOOKS ACCOUNTING MADE EASY

Installation Guide. McAfee Security for Microsoft Exchange Software

McAfee Total Protection Service Installation Guide

Getting Started with Symantec Endpoint Protection

Getting Started. Symantec Client Security. About Symantec Client Security. How to get started

2. Installation and System requirements

Third Party Security and Backup Application Guidelines

Transcription:

Introduction Cisco ICM/IPCC Enterprise and Hosted Anti-Virus Software Guidelines This document provides guidelines for implementing anti-virus software in a Cisco ICM/IPCC Enterprise (or Hosted) solution. Caution Cisco CCBU does not formally certify anti-virus software products; the guidelines in this document are based on the experience of Cisco CCBU QA test laboratory environments and customers who have successfully implemented anti-virus software with Cisco software solutions. Viruses can be unpredictable; Cisco cannot assume responsibility for consequences of virus attacks on mission-critical applications. The guidelines in this document apply to the following CCBU software products: Cisco Intelligent Contact Management (ICM) Enterprise Cisco ICM Hosted Cisco IPCC Enterprise Cisco IPCC Hosted All CCBU components of these solutions Of these products, particular care should be taken for systems that use Microsoft Internet Information Server (IIS): Web Collaboration Option, Cisco Media Blender, E-Mail Manager Option, and Cisco WebView / WebView II. In addition, your corporate anti-virus strategy should include specific provisions for any server positioned outside the corporate firewall or subject to frequent connections to the Public Internet. Cisco CCBU QA test laboratories currently use the following anti-virus software products: Network Associates (McAfee) NetShield 4.5.1 service pack 1 (Full Mode) McAfee ScanEngine 4.2.60 (upgraded weekly) McAfee Virus Definitions 4.0.4285 (updated nightly) ScanEngine and Virus Definition versions as of August 13, 2003. 1

Anti-Virus Software Caveats Anti-Virus Software Caveats Please take note the following caveat before running anti-virus software on systems installed with CCBU software products: Many default anti-virus software configuration settings can adversely affect the performance of the Cisco CCBU products listed on page 1. This performance degradation is a result of increased CPU load and memory use by the anti-virus software program. The anti-virus software should not be set to run in an automatic or background mode where all incoming data or modified files are scanned in real time. Full scans of systems by the anti-virus software should be set to run only during scheduled maintenance windows. Anti-virus software scanning engines and definition files should be updated on a regular basis, following your organization s current security/anti-virus policy. Anti-Virus Software Configuration Guidelines Before scheduling anti-virus software activity on Cisco ICM nodes, it is important to note a few parameters that control the application s activity at specific times. Anti-virus software configuration settings should avoid scheduling Daily Scans, Automatic DAT Updates, and Automatic Product Upgrades during the times specified as described below. Beginning with Release 5.0 of Cisco ICM, the Recovery process in the Logger and Distributor no longer perform the Update Statistics operation. Therefore, it is important to take into consideration the schedule specified in the Update Statistics registry keys. Logger. Check the Schedule settings for the Purge and Update Statistics registry keys on the ICM Logger: Logger registry keys, Release 5.0: HKLM\SOFTWARE\Cisco Systems, Inc.\ICM\<inst>\Logger<A/B>\Recovery\CurrentVersion \Purge\Schedule\Schedule HKLM\SOFTWARE\Cisco Systems, Inc.\ICM\<inst>\Logger<A/B>\Recovery\CurrentVersion \UpdateStatistics\Schedule Logger registry keys, Release 4.6.2: HKLM\SOFTWARE\GeoTel\ICR\<inst>\Logger<A/B>\Recovery\CurrentVersion \Purge\Schedule\Schedule HKLM\SOFTWARE\GeoTel\ICR\<inst>\Logger<A/B>\Recovery\CurrentVersion \UpdateStatistics\Schedule 2

Distributor. Check the Schedule settings for the Purge and Update Statistics registry keys on the Distributor nodes: Distributor registry keys, Release 5.0: HKLM\SOFTWARE\Cisco Systems, Inc. \ICM\<inst>\Distributor\RealTimeDistributor \CurrentVersion\Recovery\CurrentVersion\Purge\Schedule\Schedule HKLM\SOFTWARE\Cisco Systems, Inc.\ICM\<inst>\Distributor\RealTimeDistributor \CurrentVersion\Recovery\CurrentVersion\UpdateStatistics\Schedule Distributor registry keys, Release 4.6.2: HKLM\SOFTWARE\GeoTel\ICR\<inst>\Distributor\RealTimeDistributor\CurrentVersion \Recovery\CurrentVersion\Purge\Schedule\Schedule HKLM\SOFTWARE\GeoTel\ICR\<inst>\Distributor\RealTimeDistributor\CurrentVersion \Recovery\CurrentVersion\UpdateStatistics\Schedule Router/PG. On the ICM Router and Peripheral Gateway (PG), do not schedule anti-virus program tasks: During times of heavy or peak call load. At the half hour and hour marks, as ICM processes increase during those times. All Nodes. Other scheduled ICM processes activities can be found on Windows 2000 servers by inspecting the Scheduled Tasks Folder. In Windows NT 4.0, running an application such as WinAT (or typing AT at the command prompt) will reveal the scheduled activity and actions. Scheduled anti-virus program activity should not conflict with those ICM scheduled activities. File Exclusions. There are a number of binary files that are written to during the operation of ICM processes which have little risk of virus infection. Files with the following file extensions can be safely omitted from the drive and on-access scanning configuration of the anti-virus program: File Type *.hst *.ems ICM Node PG ALL 3

Anti-Virus Software Configuration Example This section shows an example of the Network Associates (McAfee) NetShield software configuration found on a typical Cisco CCBU QA test laboratory system. Figure 1 shows a screen capture of the NetShield AntiVirus Console; describes the property settings for each console task. Figure 1 NetShield AntiVirus Console NetShield On-Access Monitor Detection 1. In the Scan section, select: Inbound files Boot sector(s) Floppy during shutdown 2. In the Files to scan section, select: All files Advanced 1. In the Heuristics section, select: Find unknown program viruses Find unknown macro viruses 2. In the Compressed files section, select: Scan compressed files Scan files in archives Max archive scan time: 5 sec 3. In the General section, select: Enable file scan caching Enable on-access scanning at system startup 4

NetShield On-Access Monitor (continued) Actions 1. In the When a virus is found section, select: Clean infected files automatically Reports 1. In the Log file section, select: Log to file Limit size of log file 5000 Kb 2. In the What to log section, select: Virus detection Virus cleaning Session summary Date and time User name Exclusions 1. Click Add; the Add Exclusion item dialog box appears. 2. In the File, folder, or drive to exclude field, click Browse to access the folder where the *.hst and *.ems files reside. 3. Select the Include subfolders checkbox. 4. In the Exclude from section, select: Inbound Outbound Automatic DAT Update Update Options 1. In the Select Transfer Method section: Select Get from an FTP source Specify an value in the Enter an FTP computer name and director field (for example, ftp.nai.com/virusdefs/4.x) 2. Click Schedule; the Schedule dialog box appears. 3. Select the Enable scheduler checkbox. 4. In the Run section, select Daily. 5. In the Start At section, specify the time you want the update to begin. Scheduled time of the DAT Update must not conflict with the scheduled Cisco ICM operations. For more information, see the Anti-Virus Software Configuration Guidelines section on page 2. 5

Automatic Product Upgrade Transfer Method 1. In the Select Transfer Method section: Select Get from an FTP source In the Enter an FTP computer name and directory field, specify the location provided by your McAfee resource. This information is available to registered users. 2. Click Schedule; the Schedule dialog box appears. 3. Select the Enable scheduler checkbox. 4. In the Run section, select Weekly. 5. In the Start At section, specify the time you want the update to begin. Scan Detection 1. In the Item section, select: All local drives 2. In the What to scan section, select: Include subfolders Scan boot sector(s) Advanced 1. In the Heuristics and Compressed files section, select: Find unknown program viruses Find unknown macro viruses Scan files in archives 2. In the Scan priority section, select: Low Medium (depending on scheduled time window) Actions 1. In the When a virus is found section, select: Clean infected files Reports 1. In the Log file section, select: Log to file Limit size of log file 5000 Kb 2. In the What to log section, select: Virus detection Virus cleaning Session summary Date and time User name 6

Scan (continued) Schedule 1. Select the Enable scheduler checkbox. 2. In the Run section, select Daily. 3. In the Start At section, specify the time you want the update to begin. Scheduled time of the DAT Update must not conflict with the scheduled Cisco ICM operations. For more information, see the Anti-Virus Software Configuration Guidelines section on page 2. Exclusions 1. In the Item section, select: pagefile.sys 2. In the File, folder, or drive to exclude field, click Browse to access the folder where the *.hst and *.ems files reside. 3. Select the Include subfolders checkbox. 4. In the Exclude from section, select: Inbound Outbound While the configuration settings in are specific to the NetShield AntiVirus product, the principles that can be applied to most anti-virus software programs. 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information