McAfee GroupShield for Lotus Domino on Microsoft Windows

Similar documents
VirusScan Enterprise. Product Guide Revision 1.0. version 7.1.0

How To Update From The Network Associates Repository On A Virus Scan Enterprise 7.0 (Windows) On A Pc Or Macbook Or Macintosh (Windows 7) On An Ubuntu 7.5 (Windows 8) On Your Computer Or Mac Mac

Release Notes for McAfee(R) Customer Submission Tool Version 1.0 Copyright (C) 2004 McAfee, Inc. All Rights Reserved

Total Protection Service

Total Protection Service

McAfee VirusScan Enterprise for Linux Software

Anti-Spyware Enterprise Module software

Alert Manager. Product Guide Revision 1.0. version 4.7.1

Release Notes for McAfee VirusScan Mobile (Smartphone) (readme).txt

McAfee Host Data Loss Prevention 9.1 Cluster Installation Guide

McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide

Release Notes for McAfee VirusScan Enterprise for Storage 1.0

Product Guide Revision 1.0. Version 7.5

Product Guide Revision A. McAfee Secure Web Mail Client Software

Product Guide Revision A. McAfee Secure Web Mail Client Software

Desktop Release Notes. Desktop Release Notes 5.2.1

McAfee epolicy Orchestrator 4.5 Cluster Installation Guide

Release Notes for McAfee epolicy Orchestrator 4.5

epolicy Orchestrator Log Files

PRODUCT GUIDE. McAfee QuickClean VERSION 3.0

McAfee Optimized Virtual Environments for Servers. Installation Guide

VirusScan Wireless. Product Guide. Version 2.0

McAfee GTI Proxy Administration Guide

McAfee Gateway 7.x Encryption and IronPort Integration Guide

McAfee Risk Advisor 2.7

Installation Guide. McAfee Security for Microsoft Exchange Software

Release Notes McAfee Risk Advisor Software For use with epolicy Orchestrator and Software

McAfee Security for Microsoft SharePoint User Guide

Product Guide. McAfee Security-as-a-Service Partner SecurityDashboard 5.2.0

McAfee Cloud Identity Manager

Sophos Anti-Virus for NetApp Storage Systems startup guide

Product Guide. McAfee Endpoint Protection for Mac 2.1.0

Issued September 2005/ McAfee PrivacyService software

Configuring Checkpoint VPN-1 for use with the PGP VPN Client. PGP Version Checkpoint VPN-1 Version 4

McAfee VirusScan Enterprise 8.8 software Product Guide

Hardware Sizing and Bandwidth Usage Guide. McAfee epolicy Orchestrator Software

Sophos for Microsoft SharePoint startup guide

Host Intrusion Prevention

McAfee Total Protection Service Installation Guide

McAfee Host Data Loss Prevention Best Practices: Protecting against data loss from external devices

TRADEMARK ATTRIBUTIONS

McAfee Solidcore Product Guide

Product Guide. LinuxShield. version 1.5. McAfee System Protection. Industry-leading intrusion prevention solutions

Application Note. Configuring McAfee Firewall Enterprise for McAfee Web Protection Service

Product Guide. McAfee Endpoint Security for Mac Threat Prevention

Release Notes for McAfee(R) GroupShield(TM) version Patch 1 for Microsoft Exchange. Copyright (C) 2011 McAfee, Inc. All Rights Reserved CONTENTS

Archive Attender Version 3.5

McAfee SaaS Archiving

Implementing McAfee Device Control Security

Sophos Anti-Virus for Windows, version 7 user manual. For Windows 2000 and later

Setup Guide. Archiving for Microsoft Exchange Server 2003

Sophos Anti-Virus for NetApp Storage Systems startup guide. Runs on Windows 2000 and later

Citrix Access Gateway Plug-in for Windows User Guide

Product Guide. McAfee SaaS Endpoint Protection (October, 2012 release)

McAfee Cloud Identity Manager

Application Note Configuring Department of Defense Common Access Card Authentication on McAfee. Firewall Enterprise

Installation Guide. McAfee SaaS Endpoint Protection 5.2.0

Verizon Internet Security Suite Powered by McAfee User Guide

Product Guide. McAfee SaaS Endpoint Protection 5.2.0

GFI Product Manual. Administration and Configuration Manual

McAfee Policy Enforcer

Setup Guide Revision B. McAfee SaaS Archiving for Microsoft Exchange Server 2010

McAfee Solidcore Change Reconciliation and Ticket-based Enforcement

Archive Add-in Administrator Guide

User Guide revision 1.0. McAfee GroupShield. version 7.0. For Microsoft Exchange

Sophos Anti-Virus for NetApp Storage Systems user guide. Product version: 3.0

Release Notes for Host Intrusion Prevention 8.0

Installation Guide. McAfee VirusScan Enterprise for Linux Software

Best Practices Guide. McAfee Security for Microsoft Exchange Software

WhatsUp Gold v16.2 Installation and Configuration Guide

Sophos Enterprise Console Help. Product version: 5.1 Document date: June 2012

Sophos for Microsoft SharePoint Help. Product version: 2.0

Product Guide. McAfee Endpoint Security 10

Sophos Anti-Virus for Mac OS X Help

User Guide Revision 1.0. VirusScan for Mac. Version 8.6. McAfee System Protection. Proven security

Sophos Anti-Virus for Mac OS X: Home Edition Help

McAfee Endpoint Encryption for PC 7.0

How To Install Caarcserve Backup Patch Manager (Carcserver) On A Pc Or Mac Or Mac (Or Mac)

F-Secure and Server Security. Administrator's Guide

Sophos for Microsoft SharePoint Help

Recommended Recommended for all environments. Apply this update at the earliest convenience.

McAfee Endpoint Security Software

Upgrade Guide. McAfee Vulnerability Manager Microsoft Windows Server 2008 R2

Upgrading to Document Manager 2.7

McAfee SiteAdvisor Enterprise 3.5 Patch 2

McAfee Network Protection. McAfee Secure Content Management appliances. Product Guide revision 2.0. version 4.0

For a list of supported environments for VirusScan Enterprise 8.7i on Microsoft Windows, see (McAfee) KnowledgeBase article KB51111.

TRADEMARK ATTRIBUTIONS

Best Practices Guide. McAfee Endpoint Protection for Mac 1.1.0

Data Center Connector for vsphere 3.0.0

Setup Guide. Archiving for Microsoft Exchange Server 2007

Administrator s Guide

McAfee Cloud Identity Manager

Installation Guide. McAfee epolicy Orchestrator Software

Symantec AntiVirus Corporate Edition Patch Update

McAfee MOVE AntiVirus Multi-Platform 3.5.0

McAfee Directory Services Connector extension

WhatsUp Gold v16.1 Installation and Configuration Guide

Setup Guide. Archiving for Microsoft Exchange Server 2010

Xcalibur Global Version 1.2 Installation Guide Document Version 3.0

Transcription:

Configuration Guide McAfee GroupShield for Lotus Domino on Microsoft Windows version 5.3 for use with epolicy Orchestrator 2.5.1 and 3.0

COPYRIGHT Copyright 2003 Networks Associates Technology, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of Networks Associates Technology, Inc., or its suppliers or affiliate companies. To obtain this permission, write to the attention of the Network Associates legal department at: 5000 Headquarters Drive, Plano, Texas 75024, or call +1-972-963-8000. TRADEMARK ATTRIBUTIONS Active Firewall, Active Security, Active Security (in Katakana), ActiveHelp, ActiveShield, AntiVirus Anyware and design, Appera, AVERT, Bomb Shelter, Certified Network Expert, Clean-Up, CleanUp Wizard, ClickNet, CNX, CNX Certification Certified Network Expert and design, Covert, Design (stylized N), Disk Minder, Distributed Sniffer System, Distributed Sniffer System (in Katakana), Dr Solomon s, Dr Solomon s label, E and Design, Entercept, Enterprise SecureCast, Enterprise SecureCast (in Katakana), epolicy Orchestrator, Event Orchestrator (in Katakana), EZ SetUp, First Aid, ForceField, GMT, GroupShield, GroupShield (in Katakana), Guard Dog, HelpDesk, HelpDesk IQ, HomeGuard, Hunter, Impermia, InfiniStream, Intrusion Prevention Through Innovation, IntruShield, IntruVert Networks, LANGuru, LANGuru (in Katakana), M and design, Magic Solutions, Magic Solutions (in Katakana), Magic University, MagicSpy, MagicTree, McAfee, McAfee (in Katakana), McAfee and design, McAfee.com, MultiMedia Cloaking, NA Network Associates, Net Tools, Net Tools (in Katakana), NetAsyst, NetCrypto, NetOctopus, NetScan, NetShield, NetStalker, Network Associates, Network Performance Orchestrator, NetXray, NotesGuard, npo, Nuts & Bolts, Oil Change, PC Medic, PCNotary, PortalShield, Powered by SpamAssassin, PrimeSupport, Recoverkey, Recoverkey International, Registry Wizard, Remote Desktop, ReportMagic, RingFence, Router PM, Safe & Sound, SalesMagic, SecureCast, SecureSelect, SecurityShield, Service Level Manager, ServiceMagic, SmartDesk, Sniffer, Sniffer (in Hangul), SpamKiller, SpamAssassin, Stalker, SupportMagic, ThreatScan, TIS, TMEG, Total Network Security, Total Network Visibility, Total Network Visibility (in Katakana), Total Service Desk, Total Virus Defense, Trusted Mail, UnInstaller, VIDS, Virex, Virus Forum, ViruScan, VirusScan, WebScan, WebShield, WebShield (in Katakana), WebSniffer, WebStalker, WebWall, What's The State Of Your IDS?, Who s Watching Your Network, WinGauge, Your E-Business Defender, ZAC 2000, Zip Manager are registered trademarks or trademarks of Network Associates, Inc. and/or its affiliates in the US and/or other countries. Sniffer brand products are made only by Network Associates, Inc. All other registered and unregistered trademarks herein are the sole property of their respective owners. LICENSE INFORMATION License Agreement NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO NETWORK ASSOCIATES OR THE PLACE OF PURCHASE FOR A FULL REFUND. Attributions This product includes or may include: Software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). Cryptographic software written by Eric A. Young and software written by Tim J. Hudson. Some software programs that are licensed (or sublicensed) to the user under the GNU General Public License (GPL) or other similar Free Software licenses which, among other rights, permit the user to copy, modify and redistribute certain programs, or portions thereof, and have access to the source code. The GPL requires that for any software covered under the GPL which is distributed to someone in an executable binary format, that the source code also be made available to those users. For any such software covered under the GPL, the source code is made available on this CD. If any Free Software licenses require that Network Associates provide rights to use, copy or modify a software program that are broader than the rights granted in this agreement, then such rights shall take precedence over the rights and restrictions herein. Software originally written by Henry Spencer, Copyright 1992, 1993, 1994, 1997 Henry Spencer. Software originally written by Robert Nordier, Copyright 1996-7 Robert Nordier. All rights reserved. Software written by Douglas W. Sauder. Software developed by the Apache Software Foundation (http://www.apache.org/). International Components for Unicode ( ICU ) Copyright 1995-2002 International Business Machines Corporation and others. All rights reserved. Software developed by CrystalClear Software, Inc., Copyright 2000 CrystalClear Software, Inc. FEAD Optimizer technology, Copyright Netopsystems AG, Berlin, Germany. Outside In Viewer Technology 1992-2001 Stellent Chicago, Inc. and/or Outside In HTML Export, 2001 Stellent Chicago, Inc. Software copyrighted by Thai Open Source Software Center Ltd. and Clark Cooper, 1998, 1999, 2000. Software copyrighted by Expat maintainers. Software copyrighted by The Regents of the University of California, 1989. Software copyrighted by Gunnar Ritter. Software copyrighted by Sun Microsystems, Inc. Software copyrighted by Gisle Aas. All rights reserved, 1995-2003. Software copyrighted by Michael A. Chase, 1999-2000. Software copyrighted by Neil Winton, 1995-1996. Software copyrighted by RSA Data Security, Inc., 1990-1992. Software copyrighted by Sean M. Burke, 1999, 2000. Software copyrighted by Martijn Koster, 1995. Software copyrighted by Brad Appleton, 1996-1999. Software copyrighted by Michael G. Schwern, 2001. Software copyrighted by Graham Barr, 1998. Software copyrighted by Larry Wall and Clark Cooper, 1998-2000. Software copyrighted by Frodo Looijaard, 1997. Issued OCTOBER 2003 / McAfee GroupShield version 5.3 for Lotus Domino on Microsoft Windows DOCUMENT BUILD 003-EN

Contents Preface............................................... 5 Purpose................................................................ 5 Audience............................................................... 5 Conventions............................................................ 6 Getting information....................................................... 7 Contacting McAfee Security & Network Associates............................... 8 1 Introduction........................................... 9 Pre-requisites for using epolicy Orchestrator.................................. 10 Features that you can configure............................................ 10 Features not available through epolicy Orchestrator......................... 11 Starting the epolicy Orchestrator console..................................... 11 Installing GroupShield in the software repository................................ 12 What is the software repository?........................................ 12 Adding the GroupShield software to the repository.......................... 12 Using the property pages to configure and apply policies......................... 13 Installing the epolicy Orchestrator agent...................................... 17 Enforcing policies....................................................... 18 2 Setting Up On-Access Scanning......................... 21 On-Access property page................................................. 21 Setting the Scan Options.............................................. 22 Setting the Attachment Scan options.................................... 23 Setting the LotusScript options......................................... 27 Setting the Lotus Formula options....................................... 29 Setting the Content options............................................ 31 Configuration Guide iii

Contents 3 Setting Up Mailbox Settings............................. 35 Mailbox property page.................................................... 36 Setting the Scan Options.............................................. 37 Setting the Attachment Scan options.................................... 38 Setting the LotusScript options......................................... 39 Setting the Lotus Formula options....................................... 40 Setting the Content options............................................ 41 4 Configuring Alert Notifications........................... 43 Alert Settings property page............................................... 44 Configuring the Alert Settings.......................................... 44 5 Setting Up Content Scan Rules.......................... 47 Content Scan Rules property page.......................................... 48 Defining Content Scan Rules.......................................... 48 6 Scheduling AutoUpdates............................... 53 Setting up a Scheduled AutoUpdate task..................................... 53 Configuring a scheduled task.............................................. 54 7 Scheduling On-Demand Scans........................... 61 Creating an On-Demand Scan task.......................................... 61 8 Setting Up Outbreak Manager............................ 65 9 Viewing Server Properties............................... 67 iv GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Preface Purpose This Configuration Guide provides you with the information you need to configure McAfee GroupShield version 5.3 for Lotus Domino on Microsoft Windows using McAfee epolicy Orchestrator management software. This guide shows you how to register the GroupShield software with epolicy Orchestrator, then describes how to configure GroupShield within epolicy Orchestrator. Audience This guide is designed for system and network administrators who are responsible for their company s anti-virus program. Configuration Guide 5

Preface Conventions This guide uses the following conventions: Bold All words from the user interface, including options, menus, buttons, and dialog box names. Example Type the User name and Password of the desired account. Courier Text that represents something the user types exactly; for example, a command at the system prompt. Example To enable the agent, run this command line on the client computer: FRMINST.EXE /INSTALL=AGENT /SITEINFO=C:\TEMP\SITELIST.XML Italic For emphasis or when introducing a new term; for names of product manuals and topics (headings) within the manuals. Example Refer to the VirusScan Enterprise Product Guide for more information. <TERM> Angle brackets enclose a generic term. Example In the console tree under epolicy Orchestrator, right-click <SERVER>. NOTE WARNING Supplemental information; for example, an alternate method of executing the same command. Important advice to protect a user, computer system, enterprise, software installation, or data. 6 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Getting information Getting information Installation Guide * Product Guide * Help Configuration Guide * Release Notes Contacts System requirements and instructions for installing and starting the software. GroupShield version 5.3 for Lotus Domino on Microsoft Windows Installation Guide Product introduction and features, detailed instructions for configuring the software, information on deployment, recurring tasks, and operating procedures. GroupShield version 5.3 for Lotus Domino on Microsoft Windows Product Guide Product information and descriptions on configuring and using the user interface screens and fields is available from the GroupShield Help database that is accessed from within Lotus Notes. The database is called GSD53_Help.nsf and is located in the Lotus\Domino\Data\McAfee folder For use with epolicy Orchestrator. Procedures for configuring, deploying, and managing your McAfee Security product through epolicy Orchestrator management software. ReadMe. Product information, resolved issues, any known issues, and last-minute additions or changes to the product or its documentation. Contact information for McAfee Security and Network Associates services and resources: technical support, customer service, AVERT (Anti-Virus Emergency Response Team), beta program, and training. This file also includes phone numbers, street addresses, web addresses, and fax numbers for Network Associates offices in the United States and around the world. * An Adobe Acrobat.PDF file on the product CD or the McAfee Security download site. A printed manual that accompanies the product CD. Note: Some language manuals may be available only as a.pdf file. Text files included with the software application and on the product CD. Help accessed from the software application. Configuration Guide 7

Preface Contacting McAfee Security & Network Associates Technical Support Home Page KnowledgeBase Search PrimeSupport Service Portal * McAfee Security Beta Program http://www.networkassociates.com/us/support/ https://knowledgemap.nai.com/phpclient/homepage.aspx http://mysupport.nai.com http://www.networkassociates.com/us/downloads/beta/ Security Headquarters AVERT (Anti-Virus Emergency Response Team) Home Page Virus Information Library Submit a Sample AVERT WebImmune AVERT DAT Notification Service Download Site Home Page DAT File and Engine Updates Product Upgrades * Training http://www.networkassociates.com/us/security/home.asp http://vil.nai.com https://www.webimmune.net/default.asp http://www.networkassociates.com/us/downloads/updates/ http://www.networkassociates.com/us/downloads/ http://www.networkassociates.com/us/downloads/updates/ ftp://ftp.nai.com/pub/antivirus/datfiles/4.x https://secure.nai.com/us/forms/downloads/upgrades/login.asp McAfee Security University Network Associates Customer Service E-mail Web US, Canada, and Latin America toll-free: http://www.networkassociates.com/us/services/education/mcafee/unive rsity.htm services_corporate_division@nai.com http://www.nai.com/us/index.asp http://www.networkassociates.com/us/products/mcafee_security_home.htm Phone +1-888-VIRUS NO or +1-888-847-8766 Monday Friday, 8 a.m. 8 p.m., Central Time For additional information on contacting Network Associates and McAfee Security including toll-free numbers for other geographic areas see the Contact file that accompanies this product release. * Logon credentials required. 8 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Introduction 1 This guide describes how to configure GroupShield version 5.3 for Lotus Domino on Microsoft Windows using McAfee epolicy Orchestrator versions 2.5.1 and 3.0 management software. To use this guide effectively, you need to be familiar with the use of epolicy Orchestrator. For more information, see the epolicy Orchestrator Product Guide. The epolicy Orchestrator software provides a single point of control for all of your McAfee anti-virus products, from which to manage anti-virus policies and view reports of anti-virus events and virus activity in an enterprise environment. Using epolicy Orchestrator, you can configure GroupShield on the target servers across your network; you do not need to configure them individually from the GroupShield Configuration Properties window. This guide includes the following information: Installing GroupShield in the epolicy Orchestrator software repository. See Installing GroupShield in the software repository on page 12. Setting anti-virus policies on the target servers to configure the following GroupShield features: Administration Logging Notification of anti-virus activity and other events On-access scanning On-demand scanning Updating virus-definition (DAT) files Handling encrypted e-mail messages VSAPI Alerting Interaction with Alert Manager and epolicy Orchestrator Reports Viewing the GroupShield configuration from a remote server. Configuration Guide 9

Introduction NOTE This guide does not provide detailed information about installing or using epolicy Orchestrator software. That information is provided in the epolicy Orchestrator Product Guide. Pre-requisites for using epolicy Orchestrator Before epolicy Orchestrator software can configure GroupShield, the following steps are required: 1 Install GroupShield on a Lotus Domino server. For information about installing GroupShield on the Lotus Domino server, refer to the GroupShield Installation Guide. 2 Install GroupShield software in the epolicy Orchestrator software repository. See Installing GroupShield in the software repository on page 12. 3 Deploy an epolicy Orchestrator agent to the server where GroupShield is installed. Features that you can configure The following GroupShield features can be configured using epolicy Orchestrator. Feature Configuration On-Access scans Mailbox scans Content Scan Rules Configure scanning options, type of files to be scanned, type of action to be performed upon virus detection and blocking of the mail items. Whether to scan Database Reads and/or Database Writes. Apply blocking options: block by extension, filename, subject, number of attachments or file size. Configure scanning options, type of files to be scanned, type of action to be performed upon virus detection and blocking of the mail items. Apply blocking options: block by extension, filename, subject, number of attachments or file size. Create and manage your content scan rules. 10 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Starting the epolicy Orchestrator console Feature On-Demand scanning AutoUpdate Engine AutoUpdate DAT Only Configuration Specify what to scan. Configure scanning options, types of files to scan, and action to perform upon virus detection. Type of Scan - Data Documents and/or Design Documents. Specify an AutoUpdate method (from the Internet, the GroupShield Update Database (GSD53_Update.nsf) or a remote location on your network) for updating the Virus-scanning engine. Configure user detail and path to the source. Specify an update method (from the Internet, the GroupShield Update Database (GSD53_Update.nsf) or a remote location on your network). Configure user detail and path to the source. Features not available through epolicy Orchestrator Some features cannot be implemented using epolicy Orchestrator, and must be accessed directly through GroupShield: View GroupShield's configuration summary page on the target server. However, you can find out about GroupShield's current configuration settings from the Properties tab. View quarantine and log databases from the target GroupShield servers. Execute an on-demand scan from the command line on the target GroupShield server. Install, upgrade, repair or remove GroupShield software on the target GroupShield server. Starting the epolicy Orchestrator console 1 Open the epolicy Orchestrator Console from the Start menu. The console uses standard Microsoft Management Console (MMC) features. 2 To connect to the epolicy Orchestrator server, click the Login icon and enter your user details. After the successful log-on, the console appears with the Console Root highlighted in the console tree. Configuration Guide 11

Introduction Installing GroupShield in the software repository What is the software repository? The software repository is the storehouse located on the epolicy Orchestrator server. The repository contains the McAfee anti-virus software products that the epolicy Orchestrator product manages. Software packages must first be placed in the repository before you can configure their anti-virus settings or schedule scans and updates. Adding the GroupShield software to the repository 1 Right-click Repository in the console tree and select Configure Repository from the menu to open the Configure Software Repository dialog box. 2 Select Add new software to be managed. Click Continue. 3 Navigate to the location that contains the file, GSD53.NAP. The file is available on the GroupShield CD within each language sub-folder of the MSI folder. If you are installing from a downloaded copy of GroupShield, it is in the TEMP folder within the system folder of your server. 4 Select the NAP file and click Open. The installation begins. When the files are successfully installed, a message confirms the installation. The console then reflects the new software as a node on the console tree. 5 If you intend to manage Outbreak Manager through epolicy Orchestrator, follow the same procedure, but use the Outbreak NAP file. 12 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Using the property pages to configure and apply policies Figure 1-1. epolicy Orchestrator Console showing GroupShield 5.3 for Lotus Domino installed Using the property pages to configure and apply policies The epolicy Orchestrator interface uses property pages that closely mimic features of the GroupShield interface. The epolicy Orchestrator issues policies to GroupShield servers, but it cannot validate that the requested resources are actually available on the target servers. To validate the requests from epolicy Orchestrator, you must access GroupShield properties using the MMC console on the relevant GroupShield server directly. To configure the settings from a property page: 1 Install GroupShield in the epolicy Orchestrator repository, if you have not already done so. 2 Install the epolicy Agent on the target GroupShield server if you have not already done so. See the epolicy Orchestrator Product Guide for details. 3 Register the GroupShield server with epolicy Orchestrator, if you have not already done so. Configuration Guide 13

Introduction 4 Select the GroupShield server or domain, for which you wish to set-up the policy by expanding the Directory sub-tree from the left pane of the epolicy Orchestrator console. Figure 1-2. Console tree directory NOTE To enforce policies successfully, configure epolicy Orchestrator on the physical nodes of the GroupShield server and not the virtual nodes. The Policies, Properties, and Tasks tabs appear in the right pane. 5 Click the Policies tab. 14 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Using the property pages to configure and apply policies 6 In the upper details pane, click next to GroupShield version 5.3 for Lotus Domino on Microsoft Windows to view the policies that can be configured. Figure 1-3. Policies page 7 Click one of the pages On-Access Settings, Mailbox Settings, Alert Settings or Content Scan Rules. The selected property page appears. It may have one or more tabs. For example: Figure 1-4. Typical property page Configuration Guide 15

Introduction 8 Deselect Inherit. (Inheritance is described in the epolicy Orchestrator Product Guide.) NOTE If you want to access the fields on this page, ensure that Inherit is deselected. 9 Configure the settings as required, then click Apply. The epolicy Orchestrator agent later collects these settings and applies them to the selected server. To enforce the changes immediately, send an agent wake-up call, which is described in the epolicy Orchestrator Product Guide. NOTE You must click Apply whenever you configure the settings. If you fail to do so your settings will be lost. 16 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Installing the epolicy Orchestrator agent Installing the epolicy Orchestrator agent To install the epolicy Orchestrator agent on the client GroupShield server, you need to establish a two-way trust relationship between the domains of epolicy Orchestrator server and the client GroupShield server. If you do not use full Windows trust relationships in your network, you need to have Full local administrative rights on the client GroupShield server. In other words, the Administrator account must belong to the local administrator group on all client computers. To install the epolicy Orchestrator agent: 1 Log on to the epolicy Orchestrator server. 2 In the console tree under epolicy Orchestrator and Directory, right-click the site or computer. Select Send Agent Install to open the following window. Figure 1-5. Send Agent Install window Configuration Guide 17

Introduction 3 To send the agent to the selected site or computer regardless of whether the agent already exists, deselect Only send agent to computers that currently have no agent. NOTE When you install the agent on the target GroupShield server for the first time, this option is not active. 4 Select the Level for this installation. If you are installing the agent on a single computer, Current selection only is already selected. 5 To hide the installation of the agent from the user, select Suppress Agent installation GUI. 6 Enter the Installation path. The default is <system_drive>\epoagent. You can click the arrow to select a recommended path for this field, or you can type a different path for this client. 7 To embed user credentials in the agent installation package, deselect Use epo server credentials, then enter User account and Password. 8 For more information about each field in the Send Agent Install user interface, click Help. Enforcing policies epolicy Orchestrator controls the enforcement of anti-virus policy centrally from the epolicy Orchestrator server by communicating with the agent on each GroupShield server. To examine the activity of the epolicy Orchestrator Agent service on a GroupShield server, go to the GroupShield server, and double-click the epolicy Orchestrator Agent icon or to open the epolicy Orchestrator Agent Monitor window. This window displays a log. Typical messages show how the current properties are collected, current policy is checked, and then enforced. 18 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Enforcing policies Agent Status bar Enforcing policies... Checking policies... Collecting properties... Log Figure 1-6. epolicy Orchestrator Agent Monitor The buttons on the right side include the following: Collect and Send Props Collect and Send current properties to the epolicy Orchestrator server. Check New Policies Check the current policies to update the plug-in DLLs. Enforce Policies Enforce the current GroupShield policies from the epolicy Orchestrator server. Agent Settings Display details such as how often policy is enforced and how often the agent communicates to the epolicy Orchestrator server. Save Contents Save the contents of the log to a file. Close Close the window. This does not stop the service. The appearance of the screen, and the buttons displayed may vary according to which version of epolicy Orchestrator you have installed. Configuration Guide 19

Introduction 20 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Setting Up On-Access Scanning 2 GroupShield can check all documents for viruses when they are created, updated and read from databases on e-mail servers. Set up the on-access scanning feature for one or more GroupShield servers in your network from the On-Access property page within epolicy Orchestrator. Figure 2-1. Policies page To open this property page, see Using the property pages to configure and apply policies on page 13. On-Access property page Use the On-Access property page to set the policy for on-access scanning. The page always displays the tab: Scan Options. See Setting the Scan Options on page 22. Additionally, some of the following tabs may be visible, depending upon which selections have been made in the Objects to scan area. How to configure each of the following options is described later in this chapter. Attachment Scan. See Setting the Attachment Scan options on page 23. LotusScript. See Setting the LotusScript options on page 27 Lotus Formula. See Setting the Lotus Formula options on page 29 Content. See Setting the Content options on page 31 Configuration Guide 21

Setting Up On-Access Scanning Setting the Scan Options The Scan Options tab allows you to define how GroupShield scans your Lotus Domino server. Click Scan Options and work through the displayed options. Figure 2-2. On-Access Scan Options page Inclusions specify the databases to be included within the on-access scan. Exclusions specify the databases to exclude from the on-access scan. Activities to scan specify whether to scan Notes documents when they are created and updated, when they are read, or both. WARNING Exercise caution when using the Database Reads checkbox because scanning documents each time they are read causes considerable system overhead. Objects to scan specify the objects that GroupShield scans. Digital signatures specify if you want the scan to be able to clean infected attachments in documents that have a digital signature Click Apply to save your settings and ensure that they are subsequently sent to the GroupShield servers within the selected domain. 22 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

On-Access property page Setting the Attachment Scan options The Attachment Scan tab allows you to specify how attachments are scanned by the on-access scan. Click Attachment Scan to work through the displayed options. Figure 2-3. Attachment Scan tab Configuration Guide 23

Setting Up On-Access Scanning Attachment Scan Choose between the first two options All file attachments or Scan only specified attachments. If you choose the latter of these options, click Extension and specify the file extensions you want to scan. Now select or deselect the following options: Scan compressed files Checks all contents of compressed files, created by utilities such as PKLITE. Scan archived files Checks all contents of archived files, such as.zip and self-extracting files. Enable file heuristics Uses heuristic scanning technology to identify potential new file viruses. Enable macro heuristics Uses heuristic scanning technology to identify potential new macro viruses. Enable OLE object scanning Checks all embedded or linked objects, such as macros. Find all macros Quarantines any documents that contain macros. Delete all macros Removes the macros from the original document (users can still access the document), and logs the action in the Log database. The Delete all macros checkbox is only available if Find all macros is selected. NOTE Unless other exceptions are also found within the document, it is not quarantined. Find suspicious programs Scans for programs that might be dangerous but are not actually viruses. McAfee defines suspicious programs as legitimate applications that systems administrators might want to restrict to specific individuals within their organization, such as the Information Technology department. Examples of such applications are password crackers, software for taking remote control of a machine, and programs which can be used to identify security holes over a network. Find joke programs Scans for non-malicious tools or joke programs. An example of such programs is an applet that opens your computer s CD-ROM tray. The Find joke programs checkbox is only available if Find suspicious programs is selected. 24 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

On-Access property page Treat password protected files as infected GroupShield treats all password-protected files as being infected. If this option is unchecked, GroupShield will log the file as unscannable and then continue. Treat unscannable files as infected any files that GroupShield cannot scan are treated as infected. Attachment Blocking This section allows you to: Block attachments by size Blocks all attachments over the specified size. Block attachments by number Blocks all attachments where more than the specified number of attachments are found. When a Virus is found select the scan action that GroupShield performs when it finds a virus (or potential virus). This is also known as the primary or first action. Log and continue GroupShield logs the existence of the virus but does not clean the infected attachment. Users can access the Lotus Notes document and its infected attachment. WARNING Allowing a Lotus Notes document to remain infected is not recommended as it increases the chances of infection within your organization. We recommend that you use extreme caution with this option. Move document to quarantine GroupShield moves the Lotus Notes document and its attachments to the Quarantine database, so that they can be inspected. Users cannot access the Lotus Notes document and its attachments while they are in the Quarantine database. Clean infected attachment GroupShield attempts to clean the infected attachments. Move attachment to quarantine GroupShield removes the infected attachment from the Lotus Notes document and moves it to the Quarantine database with a copy of the document, so that they can be inspected. Users can access the original document but they cannot access the infected attachment. NOTE If the Move attachment to quarantine action has been selected with Block attachments by size or Block attachments by number, the whole document is moved to the Quarantine database, not just the attachment. If the specified action fails Use this section to select the scanning action that GroupShield performs if it is unable to perform the action you specified in the When a Virus is Found section. (Known as the first or primary action.) Configuration Guide 25

Setting Up On-Access Scanning The actions that are available in this section depend on the first action that you have selected. (The action selected in this section is also known as the secondary action.) Delete attachment GroupShield deletes the infected attachment. Users can still access the Lotus Notes document. Move attachment to quarantine GroupShield moves the infected attachment to the Quarantine database, so that it can be inspected. Click Apply to save your settings and ensure that they are subsequently sent to the GroupShield servers within the selected domain. 26 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

On-Access property page Setting the LotusScript options The LotusScript tab allows you to specify the LotusScript commands that the on-access scan searches for. Click the LotusScript tab and work through the displayed options. Figure 2-4. LotusScript tab LotusScript Scanning allows you to specify the LotusScript commands you want to block. Enter LotusScript commands to ban (delimited by Return): Specify the LotusScript commands that you want to detect. NOTE If you type more than one command, separate each command by pressing RETURN on your keyboard, to put each command on a separate line. When an Exception is Found allows you to define the action to take when the blocked LotusScript is found: Log and continue Records the existence of the LotusScript command but does not remove it from the Lotus Notes document. Users can access the document and the command. Configuration Guide 27

Setting Up On-Access Scanning WARNING Allowing a potentially harmful LotusScript command to remain in the document is not recommended as it increases the chances of infection within your organization. We recommend that you use extreme caution with this option. Move document to quarantine Moves the Lotus Notes document and its LotusScript commands to the Quarantine database, so that they can be inspected. Users cannot access the Lotus Notes document and its LotusScript commands while they are in the Quarantine database. Click Apply to save your settings and ensure that they are subsequently sent to the GroupShield servers within the selected domain. 28 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

On-Access property page Setting the Lotus Formula options The Lotus Formula tab allows you to define the Lotus Formulae that the on-access scan searches for. Click the Lotus Formula tab and work through the displayed options. Figure 2-5. Lotus Formula tab Lotus Formula Scanning allows you to specify the Lotus Formula commands you want to block: Enter Lotus Formulae to ban (delimited by Return): Specify the Lotus Formula that you want to detect. NOTE If you type more than one command, separate each formula by pressing RETURN on your keyboard, to put each formula on a separate line. When an Exception is Found allows you to define the action to take when the blocked Lotus Formula is found: Log and continue Records the existence of the Lotus Formula but does not remove it from the Lotus Notes document. Users can access the document and the Lotus Formula. Configuration Guide 29

Setting Up On-Access Scanning WARNING Allowing a potentially harmful Lotus Formula to remain in the document is not recommended as it increases the chances of infection within your organization. We recommend that you use extreme caution with this option. Move document to quarantine GroupShield moves the Lotus Notes document and its Lotus formulae to the Quarantine database, so that they can be inspected. Users cannot access the Lotus Notes document and its Lotus formulae while they are in the Quarantine database. Click Apply to save your settings and ensure that they are subsequently sent to the GroupShield servers within the selected domain. 30 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

On-Access property page Setting the Content options The Content tab allows you to specify the Content Scan Rules that the on-access scan applies to messages. Figure 2-6. Content tab 1 Click the Content tab. If you have Content Scan rules already defined, continue with Step 2 of this procedure, if you do not have any Content Scan rules defined, go to Step 1 on page 32. 2 Select the required content scan rules from the Defined rules: list on the right. 3 Click Add to move the selected content scan rules to the Scan using the following rules: list on the left. 4 Click Apply to save your settings and ensure that they are subsequently sent to the GroupShield servers within the selected domain. Configuration Guide 31

Setting Up On-Access Scanning If you do not have any Content scan rules defined: 1 Click Add New. The New Content Scanning Rule dialog appears: Figure 2-7. Item Blocking tab 2 In the Rule description field enter a name for the new content scanning rule that you are creating. 3 In the Options section define the document areas that you want the new content scan rule to check. Search for attachment named The rule searches the attachment names of the Lotus Notes documents that it checks, searching for the specified text string (in the text box). If you want to search for a specific file name extension, specify the extension. You can use wildcard characters (such as *) for attachment name scanning. For example, jp* finds picture.jpg and picture.jpeg. Search in body text and / or The rule searches the body text (message area) of the Lotus Notes documents that it checks, searching for the text string that you specify in the text box called, for the following phrase(s). NOTE You cannot use wildcard characters when searching for text within body text, as the search will look for the actual characters (either * or? ). 32 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

On-Access property page Search in subject line The rule searches the subject line (heading) of the Lotus Notes documents that it checks, searching for the specified text string specified in the for the following phrase(s): text box. NOTE You cannot use wildcard characters when searching for text within the subject line, as the search will look for the actual characters (either * or? ). Any of the above If the for the following phrase(s): text box contains multiple text strings (on separate lines in the text box), the content scan rule checks for the existence of any of the text strings in each document. All of the above If the for the following phrase(s): text box contains multiple text strings (on separate lines in the text box), the content scan rule checks for the existence of all of the text strings in each document. If it finds only some of the text strings, the rule does not register a match. NOTE Lotus Domino sometimes stores the file names of attachments within the body text of e-mail messages. This can result in a body text search finding the specified word within a file name. 4 Click OK to add the rule to the Defined rules: list. Configuration Guide 33

Setting Up On-Access Scanning 34 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Setting Up Mailbox Settings 3 GroupShield can check documents for viruses and banned content within Lotus Domino Mail.box databases. Set up the Mail.box settings for one or more GroupShield servers in your network from the Mailbox Settings property page within epolicy Orchestrator. Figure 3-1. Policies page To open this property page, see Using the property pages to configure and apply policies on page 13. The page always displays the following tab: Scan Options. Additionally, some of the following tabs may be visible, depending upon which selections have been made in the Objects to scan area. How to configure each of the following options is described later in this chapter. Attachment Scan. See Setting the Attachment Scan options on page 23. LotusScript. See Setting the LotusScript options on page 27 Lotus Formula. See Setting the Lotus Formula options on page 29 Content. See Setting the Content options on page 31 Configuration Guide 35

. Setting Up Mailbox Settings Mailbox property page The Mailbox property page determines the policy for scanning the Mail.box database. Click Scan Options and work through the displayed options. The tabs that appear on the Mailbox properties page depend upon the selections made in the Objects to scan section of the Mailbox Scan Options page. Figure 3-2. Mailbox Settings - Scan Options tab 36 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Mailbox property page Setting the Scan Options Encrypted mail specify how the mailbox scans handle encrypted e-mail messages for the server: Trust no one All encrypted e-mail messages are blocked and sent to the Quarantine database. Trust from selected Only encrypted e-mail messages from the specified trusted people are allowed to pass through the mail router database(s). All other encrypted messages are blocked and sent to the Quarantine database. Trust all All encrypted e-mail messages are allowed to pass through the mail router database(s), regardless of their senders. WARNING GroupShield is unable to scan encrypted messages. We recommend that you only allow encrypted e-mail messages from sources that you can fully trust and that you know to be using McAfee anti-virus software. Objects to scan specify the objects that GroupShield scans. Digital signatures specify if you want the scan to be able to clean infected attachments in documents that have a digital signature Click Apply to save your settings and ensure that they are subsequently sent to the GroupShield servers within the selected domain. Configuration Guide 37

Setting Up Mailbox Settings Setting the Attachment Scan options The Attachment Scan tab specifies how attachments are scanned by the Mailbox scan. Figure 3-3. Attachment Scan tab See Setting the Attachment Scan options on page 23 for information on setting the Attachment Scan options. 38 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Mailbox property page Setting the LotusScript options The LotusScript tab specifies the LotusScript that the Mailbox scan searches for. Figure 3-4. LotusScript tab See Setting the LotusScript options on page 27 for information on setting the LotusScript search options. Configuration Guide 39

Setting Up Mailbox Settings Setting the Lotus Formula options The Lotus Formula tab specifies the Lotus Formulae that the mailbox scan searches for. Figure 3-5. Lotus Formula tab See Setting the Lotus Formula options on page 29 for information on setting the Lotus Formula search options. 40 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Mailbox property page Setting the Content options The Content tab specifies the Content Scan Rules that the on-access scan applies to messages. Figure 3-6. Content tab See Setting the Content options on page 31 for information on setting the Content Scan rules. Configuration Guide 41

Setting Up Mailbox Settings 42 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Configuring Alert Notifications 4 When GroupShield detects a virus or other potentially dangerous content within a message, alert notifications can be generated. Set up the alert notifications from the Alert Settings property page within epolicy Orchestrator. Figure 4-1. Policies page To open this property page, see Using the property pages to configure and apply policies on page 13. Configuring the Alert Settings is described on page 44. Configuration Guide 43

Configuring Alert Notifications Alert Settings property page The Alert Settings property page contains only the Settings tab. Figure 4-2. Settings - Trigger Settings property page Configuring the Alert Settings The Settings tab allows you to determine who is notified when GroupShield events of different types are triggered. The Alert Setup view displays the following columns: Trigger this column lists the scan actions for which notification messages are generated. Each action generates a notification message when triggered, and you must use the checkboxes in the Sender, Recipient and Admin columns to select who the notification messages will be sent to. Sender check the box corresponding to a given trigger if you want a notification message sent to the sender of the e-mail message. Recipient check the box corresponding to a given trigger if you want a notification message sent to the recipient of the e-mail message. 44 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Alert Settings property page Admin check the box corresponding to a given trigger if you want a notification message sent to the Lotus Domino Administrator. If an administrator is not specified, GroupShield uses the administrator listed in the Lotus Domino software s NOTES.INI file. Other check the box corresponding to a given trigger if you want a notification message sent to one or more additional, named, users. Select the people that you want notified for each of the listed triggers, then click Apply to display the Alert Setup dialog box. Use the Message Preview field to edit the message if required. If you selected Other, enter the mailbox names of additional recipients in the Enter name field. If more than one name is entered, use a semicolon (;) as a separator character between the names. Figure 4-3. Alert Setup page Click Apply to save your settings and ensure that they are subsequently sent to the GroupShield servers within the selected domain. Configuration Guide 45

Configuring Alert Notifications 46 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Setting Up Content Scan Rules 5 You can create content scan rules using the Content Scan Rules properties page within epolicy Orchestrator. Figure 5-1. Policies page To open this property page, see Using the property pages to configure and apply policies on page 13. Defining Content Scan Rules is described on page 48 Configuration Guide 47

Setting Up Content Scan Rules Content Scan Rules property page The Content Scan Rules property page contains only the Settings tab. Defining Content Scan Rules The Settings tab enables you to define filters for GroupShield to use to when searching for unwanted content within messages. Figure 5-2. Administration property page When GroupShield is first installed, or if Content scanning has not been enabled, no content scanning rules are defined. 48 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

Content Scan Rules property page To define a new content scan rule: 1 Click Add. The New Content Scanning Rule dialog box appears: Figure 5-3. New Content Scanning Rule Dialog 2 In the Rule description: section, enter a name in the text box for the new content scan rule. Do not include the string that you are scanning for in the name of the rule. This causes the rule to trigger itself and report upon itself. For example, if you want GroupShield to scan messages for the string Cheap Mortgages, do not call the rule Find_String Cheap Mortgages. 3 In the Options: section define the document areas that the content scan rule checks: Search for attachment named If you select this box, you must enter in the text box the name of the attachment that you want the rule to search for. The rule searches the attachment names of the Lotus Notes documents that it checks. If you want to search for a specific file name extension, specify the extension. You can use wildcard characters (such as *) for attachment name scanning. For example, jp* finds picture.jpg and picture.jpeg. Search in body text and / or and Search in Subject Line Use these checkboxes to define which part of the e-mail message you want the content scan rules to search. Configuration Guide 49

Setting Up Content Scan Rules If you select Search in body text and / or the rule searches the body text (message area) of the Lotus Notes documents that it checks, searching for the text string specified in the text box called, for the following phrase(s). If you select Search in subject line The rule searches the subject line (heading) of the Lotus Notes documents that it checks, searching for the text string specified in the text box called, for the following phrase(s). NOTE You cannot use wildcard characters when searching for text within body text, as the search will look for the actual characters (either * or? ). You must enter in the for the following phrase(s): text box, the text string that you want the rule to search for. Any of the above If the for the following phrase(s): text box contains multiple text strings (on separate lines in the text box), the content scan rule checks for the existence of any of the text strings in each document. All of the above If the for the following phrase(s): text box contains multiple text strings (on separate lines in the text box), the content scan rule checks for the existence of all of the text strings in each document. If it finds only some of the text strings, the rule does not register a match. NOTE Lotus Domino sometimes stores the file names of attachments within the body text of e-mail messages. This can result in a body text search finding the specified word within a file name. 4 Click OK to add the rule to the Defined rules: list. To remove an existing content scan rule: 1 Select the rule that you want to remove. 2 Click Remove. 50 GroupShield version 5.3 for Lotus Domino on Microsoft Windows

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information