Direct Quarantine for Outlook. Administration Guide version 2.0

for Outlook version 2.0

Limited Warranty The content of this manual is for informational use only and is subject to change without notice. Neither Norman nor anyone else who has been involved in the creation or production of this manual assumes any responsibility or liability for any errors or inaccuracies that may occur in this manual, nor for any loss of anticipated profit or benefits, resulting from the use of this manual. This manual is protected by copyright laws and international treaties. Your right to copy this manual is limited by copyright law and the terms of your software license agreement. As the software licensee, you may make a reasonable number of copies or printouts, provided they are for your own use. Making unauthorized copies, adaptations, compilations or derivative works for any type of distribution is prohibited and constitutes a punishable violation of the law. Any references to names of actual companies, products, people and/or data used in screenshots are fictitious and are in no way intended to represent any real individual, company, product, event and/or data unless otherwise noted. Norman, Norman Email Protection, Norman Virus Control and NVC are trademarks of Norman ASA. Windows, Windows NT, Windows 2000, Windows Server 2003, IIS, Internet Information Server and Data Access Components are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Platypus, RODOPI, Emerald, EcoBuilder, Logisense and Worldgroup are trademarks of their respective owners. All other products or services mentioned in this document are identified by the trademarks or service marks of their respective companies or organizations. Portions of this software are based, in part, on ImageMagick, Copyright 1999-2006, ImageMagick Studio LLC. This software is based on the Professional Internet Mail Services product licensed from the University of Edinburgh. Certain algorithms used in parts of this software are derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm. Copyright 1995-2011 Norman ASA. Norman ASA, POBox 43, N-1324 Lysaker, Norway For more information, contact your local Norman subsidiary, contact details found at www.norman.com/contact_norman/53956/61101/ December 2011. Copyright 1990-2011 Norman ASA ii

Table of Contents Table of contents Introduction...4 About this manual... 4 Intended audience... 4 Purpose and scope... 4 Acronyms... 4 Help and support... 4 Contact support... 4 Related documents... 4 Application Overview... 5 Direct Quarantine for Outlook... 5 Introduction... 5 Full or trial version... 5 Upgrading Direct Quarantine... 5 Deploying Direct Quarantine on your network... 6 Overview... 6 Installation...9 Installing the application... 9 Overview... 9 Software requirements... 9 Installing Direct Quarantine... 10 Verify the Email Protection server configuration... 10 Client install prerequisites...11 Optional: Create an OU for the normandqserver account 13 Firewall configuration... 13 Install Direct Quarantine client via a GPO... 14 Test client-server connectivity... 15 Install Direct Quarantine client manually... 16 Getting Started...17 Using Direct Quarantine... 17 Initial login... 17 Quarantine client interface... 17 About quarantine mailbox... 17 Viewing message content... 18 Deleting messages... 18 Message types... 18 Probability sort order... 18 Managing event logs... 19 Manage quarantine events... 19 Server logs... 19 Client logs... 19 View audit logs... 19 Troubleshooting Direct Quarantine... 20 Troubleshooting techniques... 20 Set log level option... 20 Disable the Direct Quarantine client... 21 Uninstall the application... 22 Contact Support... 22 Copyright 1990-2011 Norman ASA iii

Introduction Introduction About this manual Intended audience This document is written for administrators installing and configuring Norman s Direct Quarantine application in a Windows environment. It is assumed that the reader is familiar with: Microsoft Windows operating system. Microsoft Exchange Server and Active Directory. Norman s concepts. Purpose and scope This document is designed to provide administrators with instructions to install and configure the application on a server-client environment. Acronyms The following acronyms are used in this guide. AD = Active Directory DC = Domain Controller dq = Direct Quarantine GPO = Group Policy Object OU = Organizational Unit VM = Virtual Machine Help and support Contact support If you have specific questions concerning the use of one of our products, please contact Norman support at www.norman.com/support. Related documents Documentation for Email Protection can be found at www.norman.com/support/user_manuals Copyright 1990-2011 Norman ASA 4

Application Overview Application Overview Direct Quarantine for Outlook Introduction Direct Quarantine is Email Protection s Outlook add-on that presents a live view of the quarantined messages and all the necessary tools to manage them, using controls that are built right into Outlook. By using Direct Quarantine, users no longer have to wait hours for summary reports, log into the WebQuarantine to check the contents, or to rely on administrators to release messages on their behalf. Email Protection users who currently receive Quarantine Reports and use WebQuarantine can continue to do so: installing Direct Quarantine does not replace or disable either application. Full or trial version The Direct Quarantine server application is included with the Email Protection installation package, and is installed by default. The program is available for use by licensed users, but also provides a free 30-day trial version. If you are interested in buying the product, please contact www.norman.com. Upgrading Direct Quarantine To upgrade Direct Quarantine from version 1.1 or 1.2 to 2.0, you must first uninstall the original client file. If the program had been installed manually, uninstall it manually from the users machines before installing the new file. If the client had been deployed by GPO, use the following instructions: 1. Uninstall the client file using the procedure described at the end of this document: see Uninstall the application on page 22. 2. Remove the client file from the shared folder and replace it with the new dqclient.msi file. 3. Follow the steps outlined in Install Direct Quarantine client via a GPO on page 14 to deploy the new file. If you wish to upgrade from Direct Quarantine 1.0, please contact Norman at www.norman.com/ Support. Copyright 1990-2011 Norman ASA 5

Application Overview Deploying Direct Quarantine on your network Overview The Direct Quarantine application is based on a client-server distributed architecture that is designed to support multiple network configurations: both on-premise (local) and hosted. Deployment requires the following modules: The Direct Quarantine server The Direct Quarantine client The Direct Quarantine server module must be installed on the Email Protection server. It provides a service that establishes a connection between the Microsoft Outlook client and the Email Protection server, and communicates with the quarantine database. Installation is supported on a physical Email Protection server or a Virtual Machine. The Direct Quarantine client module is installed on the client (or users ) computers. It can be deployed using a Group Policy Object (GPO) in an Active Directory environment, or by manually installing the application. Note that manual client installation is required if using a Terminal Server. The following sections illustrate the most frequently-used configurations. On premise Email Protection and mail server In this configuration, both the Email Protection and the mail server are located on the local network. Direct Quarantine Server is installed on the Email Protection server, and end-users (client) machines are configured to communicate directly with Direct Quarantine Server using their email address and network login password. Email Protection and Mail Server on the same LAN Copyright 1990-2011 Norman ASA 6

Application Overview Hosted Email Protection server Illustrated in the figures below, the mail server is housed on the client s own network, and connects to the hosted Email Protection server through a firewall. 1: High level view of a hosted network 2: Close-up view of hosted network with remote Active Directory lookup Requirements for supporting this environment include the following: Each client network must have its own Active Directory/Domain Controller server. Without this, Direct Quarantine will not work. Communication between Email Protection and the Active Directory server is handled through port 389 (LDAP) or 3268 (the Global Catalog). The client must open the following ports on the local firewall to accept communication from Email Protection: Inbound Port 389 or 3268 (accordingly): for Active Directory authentication requests Port 9000 (or a custom port number): for communication between the client machines and Direct Quarantine Server (for details, see Verify the Email Protection server configuration on page 10). Copyright 1990-2011 Norman ASA 7

Application Overview The Direct Quarantine client can either be pushed to the end-users machines using a GPO, or by manually installing the file on the individual machines. NOTE In a Email Protection blockade configuration, Direct Quarantine must be installed on each Email Protection server. Hosted email service provider network In this scenario, the Email Service Provider hosts both the Email Protection and the Mail Server. The clients communicate with the Mail Server through a firewall. Hosted Email Protection and Mail Server with remote AD/DC Server Requirements for supporting this environment include the following: Each client network must have its own Active Directory/Domain Controller server. Without this, Direct Quarantine will not work. Communication between Email Protection and the Active Directory server is handled through port 389 (LDAP) or 3268 (the Global Catalog). The client must open the following ports on the local firewall to accept communication from Email Protection: Inbound Port 389 or 3268 (accordingly): for Active Directory authentication requests Port 9000 (or a custom port number): for communication between the client machines and Direct Quarantine Server (for details, see Verify the Email Protection server configuration on page 10). The Direct Quarantine client file can be installed manually on the individual machines. Copyright 1990-2011 Norman ASA 8

Installation Installation Installing the application Overview The Direct Quarantine installation is composed of two parts: the server and client applications. The server application is an installation option with Email Protection 5.1, and is installed by default. The client application must be installed and configured separately using the instructions below. Software requirements The minimum software requirements for installing the Direct Quarantine application are depicted in the following table. These requirements are for the server and client applications: Applicable to Software Description Server Email Protection Must have version 5.1 installed on the server. Client.NET Framework Email Protection Quarantine Active Directory/ Domain Controller Microsoft Outlook 2003, 2007, 2010.NET Framework Both.NET Framework versions 3.5 SP1 and 4.0 Extended must be installed on the Email Protection server. Configured to use SQL server version 2000, 2005, 2008, 2008 R2 or SQL Server 2005 Express Edition. The SQL server can either be installed on the Email Protection server or separately. Configured on the local or the client network. Outlook versions 2003 SP3, 2007 SP2 and 2010 SP1 (32- bit and 64-bit) are supported. Both.NET Framework versions 3.5 SP1 and 4.0 Extended must be installed on the users computers where Direct Quarantine is to be installed. Copyright 1990-2011 Norman ASA 9

Installation Installing Direct Quarantine Verify the Email Protection server configuration Follow the directions below to ensure that your Email Protection server is properly configured to communicate with the client machines. 4. Open your Email Protection Administration Console to System > Quarantine Reports. 5. In the WebQuarantine URL field, enter http://localhost/quarantine. Click Test URL to verify that the connection tests successfully If connection is successful click Apply. You may instead replace localhost with the web server s IP, or enter an actual web address according to your configuration in IIS. Examples: http://10.10.10.10/quarantine, or http://www.mycompany.com/quarantine.»» This operation is required to support the WebQuarantine link provided in the Direct Quarantine toolbar in Outlook. 6. Direct Quarantine server service uses a dedicated port number. By default port 9000 is used. If you must change the port number, follow the remaining steps below. If no change is required, go to the next section, Client install prerequisites. 7. To change the port, use Windows Notepad or another text editor to open the following file, located on your C: drive. C:\ProgramFiles\Norman\directQuarantine Server\directQuarantine Server.exe.config 8. Replace 9000 in the line below with the port number that you want to use: <add baseaddress= http://localhost:9000/modusquarantine /> 9. Replace 9000 in the line below with the port number that you want to use: <add baseaddress= http://localhost:9000/authenticate /> 10. Save the changes and close the file.»» Make note of the port number used: it will be required in the following steps. 11. Open the Email Protection Administration Console to System > Services, stop and restart MODUSDQ. Copyright 1990-2011 Norman ASA 10

Installation Client install prerequisites Before beginning the client install, you must configure the following prerequisite settings: 1. These steps must be completed before installing the client file - whether it will be done manually or by GPO. 2. Ensure that both.net 3.5 SP1 and.net Framework 4.0 Extended are installed on the users computers where Direct Quarantine is to be installed.»» These applications are not included in the Direct Quarantine client installation package. 3. Create a shared folder on your network that can be accessed by all client machines. 4. Go to Start > (All) Programs > Norman > Norman Email Protection > directquarantine Client Install, locate the dq Client.msi file and copy it to the shared folder created in Step 3. 5. Log in to the Domain Controller Server to create a vircomdqserver user account. This account is required to store the Email Protection server IP and the port number for the Direct Quarantine service.»» To add this new user to the Users group, continue with the steps below.»» After completing the setup, you may optionally create a new Organizational Unit (OU) to store this special user account. For these instructions, see Optional: Create an OU for the vircomdqserver account. 6. Click Start > Programs > Administrative Tools > Active Directory Users and Computers. 7. Expand the domain name to which you want to install the program. 8. Right-click Users and select New > User. NOTE On SBS Server, the new user account will be added to the Users> SBS Users folder. 9. Enter the following information using the exact names and syntax as given: Enter vircomdqserver in First Name Copy and paste it to User Logon Name and click Next. Copyright 1990-2011 Norman ASA 11

Installation 10. Enter a password of your choice and click Next through the remaining screens to finish the setup. 11. Right-click the vircomdqserver user and select Properties > Telephones. 12. Enter the IP address of the Email Protection server and the port number to be used by the Direct Quarantine service in IP phone. For example, 192.168.30.131:9000. If you had modified the port number, replace 9000 with your new port number. Optional: you can enter additional text in Notes. Copyright 1990-2011 Norman ASA 12

Installation Optional: Create an OU for the vircomdqserver account If you wish to isolate vircomdqserver from the main Users group, you can create a new Organizational Unit and move the account into the OU. Follow the procedures below: 1. While still in Active Directory Users and Computers, right-click the domain name and select New > Organizational Unit. 2. Enter ExternalApplicationsRepository in Name and click OK.»» You must enter the name and syntax as specified. 3. Do the following: Right-click the vircomdqserver user account Select Move > ExternalApplicationsRepository Click OK. Firewall configuration If your are configuring Direct Quarantine in a Service Provider or hosted environment, the following ports must be open on the firewall: Port 9000 (or your custom port number: for remote access to Direct Quarantine Server. Port 389/3268 (as applicable): for remote access to the Active Directory/Domain Controller Server. Copyright 1990-2011 Norman ASA 13

Installation Install Direct Quarantine client via a GPO Follow the procedure below to create a Group Policy Object (GPO) for installing the Direct Quarantine client. It is recommended to deploy the Direct Quarantine client on a single machine in order to test the installation and connectivity. Once it is successful, deploy it to multiple machines. 1. On the Domain Controller Server, open Active Directory > Users and Computers. 2. You may optionally deploy Direct Quarantine to the domain as a whole, or use an Organizational Unit (OU) that contains the names of the specific users where Direct Quarantine will be installed. To deploy to the domain, continue at Step 3 below. To create a new OU for Direct Quarantine users, do the following: Right-click the domain name and select New > Organizational Unit. Enter a name, e.g. Direct Quarantine, and click OK. Right-click the Direct Quarantine OU, add the user names and click OK. 3. Click Start > Programs > Administrative Tools > Group Policy Management. 4. Right-click the domain name or the Direct Quarantine OU, select Create and Link a GPO here and click New. 5. Enter a name in New GPO. For example, enter Norman Addin Client, and click OK. 6. Click the Norman Addin Client and then click Edit to open the Group Policy Object Editor. 7. Expand User Configuration > Software Settings. 8. Right-click Software Installation and click New > Package. 9. Enter the full network path to the dq Client.msi file. For example, enter \\servername\sharedpath\dq Client.msi. 10. Select Advanced in Deploy Software and click OK. Copyright 1990-2011 Norman ASA 14

Installation 11. Click Properties > Deployment and click to select all of the following settings: Assigned in Deployment Type Install this application at logon in Deployment options Basic in Installation user interface options Click OK to proceed. 12. Click OK to close the Group Policy Object Editor.»» The GPO will execute immediately to push the files to the specified user(s). Test client-server connectivity Deploying the client GPO on a single machine provides a setup to test the client-server connectivity. If you experience such a problem, then it is recommended to uninstall the client GPO and then reinstall it again. Copyright 1990-2011 Norman ASA 15

Installation Install Direct Quarantine client manually An alternate method to using a GPO deployment is to install the Direct Quarantine client manually on the users computers. To do this: 1. Complete the prerequisite configuration outlined in Client install prerequisites on page 11. 2. On the client machine, log in with an account that has Administrator privileges. 3. Locate the shared folder containing the dq Client.msi file. 4. Ensure that Outlook is closed and click the dq Client.msi file to launch the install. Click Next through the remaining screens to finish the install. NOTE If using a Terminal Server, the client file must be installed manually. Copyright 1990-2011 Norman ASA 16

Getting Started Getting Started Using Direct Quarantine Initial login After Direct Quarantine is installed, users will be prompted to enter their email address and network login password to establish the connection for their email account. The system will auto-display the first email address detected, but if users have multiple email accounts on the local network, they can specify which account to use here. Quarantine client interface The Direct Quarantine application for Outlook enables users to manage their quarantined messages directly from Outlook. The Norman folder is a mailbox that connects to the Email Protection quarantine database. About quarantine mailbox The Direct Quarantine client creates a new mailbox PST file that communicates directly with the Email Protection quarantine database. The Norman root folder connects to a web page that contains the How-To Guide. The Direct Quarantine sub folder contains the list of quarantined messages. The message list is automatically synchronized and refreshed in the background. NOTE We recommend disabling Microsoft Outlook s native Junk email feature on the client machines to avoid conflicting filter behavior and potential confusion. Copyright 1990-2011 Norman ASA 17

Getting Started Viewing message content Message content can be viewed in the preview pane (if enabled) or by double-clicking the message to open it. Potentially dangerous content such as viruses, phishing, URL links, images and attachments are blocked from view. When a message contains attachments, the filenames can be seen by clicking on Click here to see attachment information.htm and then the Preview file button. NOTE Deleting messages Messages can be deleted using the <Delete> key on the keyboard, by using Outlook s Delete button in the toolbar or the context menu. Deleted messages are moved to the custom Deleted Items folder within the Norman mailbox. This folder is cleaned automatically during the synchronization process, at which point messages are permanently removed. Messages in Deleted Items cannot be undeleted or moved back into the Direct Quarantine folder. The entire (current) message list can be emptied manually by right-clicking the Direct Quarantine folder and selecting Empty Direct Quarantine (Outlook 2007) or Delete All (Outlook 2010). This function is not supported in Outlook 2003. Message types Messages inside the Direct Quarantine folder are categorized by the following list of types. The type value determines which messages can be released using the Outlook interface: Type Spam Phishing Virus Forbidden Attachment Blocked Sender Blocked by Rules Behavior User is able to release a Spam message. User is not able to release a Phishing message. The release option is disabled. User is not able to release a Virus message. The release option is disabled. User is not able to release Forbidden Attachment message. The release option is disabled. This is a black-listed email address. User is not able to release Blocked Sender message. The release option is disabled. This is a custom filter created by the administrator. User is not able to release Blocked by Rules message. The release option is disabled. Users with special permission to release Phishing or Forbidden Attachment types of messages must either use the Quarantine Report or the Go to WebQuarantine shield icon in the toolbar. Probability sort order Messages are visually divided into 2 groups based on the probability of spam content: Low and High. The High group contains typical spam content and is displayed using the default text color (usually black). The Low group, however, is highlighted by the use of blue text to draw users attention: this group may contain some false positives. Users can easily release messages from either group by using the release options in the toolbar or the context menu, depending on the type category outlined above. Copyright 1990-2011 Norman ASA 18

Getting Started Managing event logs Manage quarantine events The Direct Quarantine events are logged in text files. Logs are set to report trouble events generated by the client machines and the Email Protection server. The file types are categorized by: Server logs Client logs Audit logs Server logs The server log file name is composed of the following format: DQ<yyyymmdd>.log, where <yyyymmdd> represent the date when the log file is created. The DQ<yyyymmdd>.log is stored at the following directory: C:\Program Files\Norman\directQuarantine Server\log By default, the log files are configured with the following properties: The maximum size of the file is set at 40 MB. A new log file is created when limit is reached. A maximum of 10 logs are reported at one time. This limit is set to preserve disk space. The server log records the following events by default:. Type Server Database connection Client connection Client authentication Message action Action event Description Service start and stop Connection or synchronization issues with the Email Protection- Quarantine database Communication and connection issues with the client machines. Client authentication issues. Client message action issues. Client or server failed action request. Client logs The client log file is stored on each client machine, and records only the Direct Quarantine error events. The Vircom.dQ.Client.log is stored in the user s machine, at the following directory: C:\Documents and Settings\<Username>\Local Settings\Application Data\Vircom\ directquarantine\vircom.dq.client.log NOTE User directories are hidden by default in Windows Explorer. To reveal them disable the Hide extensions for known file types feature in Tools > Folder Options then click View and Select the Show hidden files and folders option. View audit logs Audit logs are recorded only if the auditing trail is set in the Email Protection server. Events of messages released by client requests are then recorded as an audit trail. See the Email Protection. Copyright 1990-2011 Norman ASA 19

Getting Started Troubleshooting Direct Quarantine Troubleshooting techniques The Direct Quarantine application is designed to log events initiated from the server, the client, the database and the network connections. These logs provide a tracking method to troubleshoot common problems. Set log level option Logs are set to record at Error level by default. For troubleshooting scenarios, you might want to track more events. You can do that by setting the log level to All or Debug to allow more details to be recorded. Follow the procedure below to temporarily set a different log level. 1. Go to C:\Program Files\Norman\directQuarantine Server. 2. Locate the log4net.config file and open it with Notepad or another text editor. 3. Locate the section marked Level, and change it from Error to either All or Debug, and save the change. 4. Stop and restart the MODUSDQ service after changing the level: open the Norman Email Protection Administration Console > System > Services. 5. All or Debug logging must be used only temporarily to investigate a specific issue. These settings will record all transactions on the server and client machines, and may cause performance issues while running. After resolving the issue, you must reset the log to Error level and stop/restart the MODUS- DQ service to register the change. Copyright 1990-2011 Norman ASA 20

Getting Started Disable the Direct Quarantine client As part of the troubleshooting process, the Direct Quarantine application can be disabled on a client machine. Follow the procedure to disable the Direct Quarantine application. 1. On a client machine, open Microsoft Outlook. 2. Do the following: For Outlook 2007, click Tools > Trust Centre > Add-ins. For Outlook 2010, click File> Options > Add-ins. For Outlook 2003, click Tools > Options > Other > Avanced Options > COM Add-ins 3. Make sure that COM Add-ins appears in Manage. Click Go... 4. Uncheck Direct Quarantine in the list under Add-Ins available:,and click OK. The Norman and Direct Quarantine folders will become hidden. 5. If prompted to do so, restart Outlook. Copyright 1990-2011 Norman ASA 21

Getting Started Uninstall the application The following procedure uninstalls the Direct Quarantine application from the client computers: 1. Log in to the Domain Controller Server. 2. Click Start > Programs > Administrative Tools > Group Policy Management. 3. Expand the domain name where the program was installed. 4. Right-click the Norman Addin Client and select Edit to open the Group Policy Object editor. 5. Expand User Configuration > Software Settings and select Software Installation. 6. Right-click Norman Addin Client and select All Tasks > Remove. 7. Click to select Immediately uninstall the software from users and computers and click OK. Contact Support If you require assistance with any issue, regarding Direct Quarantine, please contact Norman. www.norman.com/support Copyright 1990-2011 Norman ASA 22

NormanOffices www.norman.com Denmark Norman Data Defense Systems A/S Blangstedgårdsvej 1, DK-5220 Odense SØ Tel: +45 7025 3508 Fax: +45 6590 5102 Email: info@normandk.com Web: www.norman.com/dk Norman Data Defense Systems A/S Tuborg Boulevard 12, 3. sal DK-2900 Hellerup Tel: +45 7025 3508 Fax: +45 6590 5102 Email: info@normandk.com Web: www.norman.com/dk Germany Norman Data Defense Systems GmbH Zentrale, Gladbecker Str. 3, D-40472 Düsseldorf Tel: +49 0211 586 99-0 Fax: +49 0211 586 99-150 Email: info@norman.de Web: www.norman.com/de Norman Data Defense Systems GmbH Niederlassung München, Ludwigstr. 47 D-85399 Hallbergmoos Tel: +49 0811 541 84-0 Fax: +49 0811 541 84-15 Email: info@norman.de Web: www.norman.com/de Spain Norman Data Defense Systems Camino Cerro de los Gamos 1, Edif.1, 28224 Pozuelo de Alarcón MADRID Tel: +34 917 90 11 31 Fax: +34 917 90 11 12 Email: norman@normandata.es Web: www.norman.com/es France Norman France 8 Rue de Berri, F-75008 Paris Tel: +33 1 42 99 95 09 Fax: +33 1 42 99 95 01 Email: info@norman.fr Web: www.norman.com/fr Italy Norman Data Defense Systems Milano San Felice, Strada 2, Torre 1 20096 Pioltello (MI) Tel: +39 02 7030 5479 Fax: +39 02 7030 5480 Email: info@normanit.com Web: www.norman.com/it Netherlands Norman SHARK B.V. Postbus 159, 2130 AD Hoofddorp Tel: +31 23 78 90 222 Fax: +31 23 56 13 165 Email: support@norman.nl Web: www.norman.com/nl Norway Norman ASA Headquarter and sales Norway Hovedkontor og salg Norge Visit: Strandveien 37, Lysaker Mail: PO Box 43, N-1324 Lysaker Tel: +47 67 10 97 00 Fax: +47 67 58 99 40 Email: norman@norman.no Web: www.norman.com/no Sweden Norman Data Defense Systems AB Norrköping Science Park S-602 86 Norrköping Tel: +46 11 230 330 Fax: +46 11 230 349 Email: salj@norman.com Web: www.norman.com/se Switzerland Norman Data Defense Systems AG Münchensteinerstrasse 43 CH-4052 Basel Tel: +41 61 317 25 25 Fax: +41 61 317 25 26 Email: norman@norman.ch Web: www.norman.com/ch United Kingdom Norman Data Defense Systems (UK) Ltd CBXII, West Wing 382-390 Midsummer Boulevard Central Milton Keynes, MK9 2RG Tel2: +44 1908 847413 Fax: +44 870 1202901 Email: salesuk@norman.com Web: www.norman.com/en-uk United States Norman Data Defense Systems Inc. 9302 Lee Highway, Suite 950A, Fairfax, Virginia 22031 Tel: +1 703 267-6109 Fax: +1 703 934-6368 Email: norman@norman.com Web: www.norman.com/en-us Norman ASA is a world leading company within the field of data security, internet protection and analysis tools. Through its SandBox technology Norman offers a unique and pro active protection unlike any other competitor. While focusing on its proactive antivirus technology, the company has formed alliances which enable Norman to offer a complete range of data security services. Norman was established in 1984 and is headquartered in Norway with continental Europe, UK and US as its main markets. Copyright 1990-2011 Norman ASA