Preface ® This guide provides you with the information that you need to configure McAfee ® ® ™ VirusScan for NetApp software version 7.1.0 with ePolicy Orchestrator version 3.0 Service Pack 1. VirusScan for NetApp 7.1.0 installs on scanner-servers. We do not support deploying the product using ePolicy Orchestrator.
Preface Conventions This guide uses the following conventions: Bold All words from the user interface, including options, menus, buttons, and dialog box names. Example Type the of the desired account. User name Password The path of a folder or program; a web address ( );...
Associates offices in the United States and around the world. An Adobe Acrobat .PDF file on the product CD or the McAfee Security download site. A printed manual that accompanies the product CD. Note: Some language manuals may be available only as a .PDF file.
+1-888-VIRUS NO or +1-888-847-8766 Monday – Friday, 8 a.m. – 8 p.m., Central Time For additional information on contacting Network Associates and McAfee Security— including toll-free numbers for other geographic areas — see the Contact file that accompanies this product release.
Configuring VirusScan for NetApp 7.1.0 You can configure VirusScan for NetApp policies, create tasks, and schedule tasks from the ePolicy Orchestrator console. These topics are included in this section: Adding the VirusScan for NetApp .NAP file on page Accessing the VirusScan for NetApp policy pages on page Setting policies for the product on page Enforcing policies on page Creating and configuring tasks on page...
Configuring VirusScan for NetApp 7.1.0 Adding the VirusScan for NetApp .NAP file Before configuring VirusScan for NetApp, you must add the VirusScan for NetApp . file to the Repository Log on to the ePolicy Orchestrator server with administrator rights. Open the using one of these methods: Configuration Wizard In the console tree under...
Page 11
Adding the VirusScan for NetApp .NAP file dialog box appears. Software Repository Configuration Wizard Figure 1-2. Configure Software Repository Select , then click to open the Add new software to be managed Next Select a dialog box. Software Package Locate and select the 710.
Configuring VirusScan for NetApp 7.1.0 Accessing the VirusScan for NetApp policy pages To locate policies for VirusScan for NetApp: Log on to the ePolicy Orchestrator server with administrator rights. In the console tree under , select the site, group, ePolicy Orchestrator Directory single computer, or the entire Directory...
Setting policies for the product Setting policies for the product Configuring VirusScan for NetApp policies from the ePolicy Orchestrator console allows you to enforce, across groups of computers, the options that define how all tasks and permissions are configured. For information regarding policies and how they are enforced, see the ePolicy Orchestrator 3.0 product documentation.
Configuring VirusScan for NetApp 7.1.0 Setting general policies The options on the tabs apply to default, low-risk, and high-risk General Policies processes for on-access scanning. See the VirusScan for NetApp 7.1.0 Product Guide for more information about low-risk and high-risk processes. Policies can be configured on these tabs: General tab on page Messages tab on page...
Setting policies for the product General tab Specify the general policies. Select under in the upper details General Policies VirusScan for NetApp 7.1 pane. In the lower details pane, select the tab. General Figure 1-4. General Policies — General tab Deselect Inherit Configure these policy options:...
Configuring VirusScan for NetApp 7.1.0 Messages tab Specify the user message policies. In the lower details pane, select the tab. Messages Figure 1-5. General Policies — Messages tab Deselect Inherit Configure which messages are sent to local and network users: Under , choose whether to display the Messages for local users...
Setting policies for the product Reports tab Configure logging activity and specify what information to log. In the lower details pane, select the tab. Reports Figure 1-6. General Policies — Reports tab Deselect Inherit Configure the logging policies: Under , choose whether to log virus activity data to a log file, Log file whether to limit the size of the log file, and specify the location of the log file.
Configuring VirusScan for NetApp 7.1.0 Setting policies for default processes These are the default processes for on-access scanning which are defined as any processes that are not specified as low-risk or high-risk. See the VirusScan for NetApp 7.1.0 Product Guide for information about assigning risk to a process. Policies can be configured on these tabs: Processes tab on page Detection tab on page...
Setting policies for the product Processes tab Specify whether to configure the same policies for all processes or to configure different policies for default, low-risk, and high-risk processes. In the upper details pane under , select VirusScan for NetApp 7.1 Default Processes Policies In the lower details pane, select the...
Configuring VirusScan for NetApp 7.1.0 Detection tab Specify what is scanned and not scanned during an on-access scan. In the lower details pane, select the tab. Detection Figure 1-8. Default Processes Policies — Detection tab Deselect Inherit Configure the following options: Under , choose when to scan files and whether files on network Scan files...
Setting policies for the product Advanced tab Specify advanced scan options to be used during an on-access scan. In the lower details pane, select the tab. Advanced Figure 1-9. Default Processes Policies — Advanced tab Deselect Inherit Configure these policy options: Under , choose whether to scan for unknown program viruses Heuristics...
Configuring VirusScan for NetApp 7.1.0 Actions tab Define the primary and secondary actions to perform on infected files during an on-access scan. In the lower details pane, select the tab. Actions Figure 1-10. Default Processes Policies — Actions tab Deselect Inherit Use the drop-down lists to select the primary action for When a virus is found...
Setting policies for the product Setting policies for low-risk processes These policies apply to processes specified as having a lower risk of infection, and are used during an on-access scan. For information about assigning risk to a process, see the VirusScan for NetApp 7.1.0 Product Guide. The options on these tabs affect processes specified as low-risk on the Processes tab.
Configuring VirusScan for NetApp 7.1.0 Use different settings for low-risk processes Before you can define low-risk processes, you must specify that you want to use different settings for low-risk and high-risk processes: In the upper details pane under , select VirusScan for NetApp 7.1 Default Processes Policies...
Setting policies for the product Processes tab for low-risk processes Specify which processes have a low risk of spreading infection. In the upper details pane under , select VirusScan for NetApp 7.1 Low-Risk Processes Policies In the lower details pane, select the tab.
Configuring VirusScan for NetApp 7.1.0 Detection tab Specify what is scanned and not scanned during an on-access scan. In the lower details pane, select the tab. Detection Deselect Inherit Configure these policy options: Under , choose when to scan files and whether files on network Scan files drives are scanned.
Setting policies for the product Advanced tab Specify advanced scan options to be used during an on-access scan. In the lower details pane, select the tab. Advanced Deselect Inherit Configure these policy options: Under , choose whether to scan for unknown program viruses Heuristics and/or unknown macro viruses.
Configuring VirusScan for NetApp 7.1.0 Setting policies for high-risk processes Specify processes that you consider to have a higher risk of infection. For information about assigning risk to a process, see the VirusScan for NetApp 7.1.0 Product Guide. The options on these tabs affect processes specified as high-risk on the Processes tab.
Setting policies for the product Use different settings for high-risk processes Before you can define high-risk processes, you must specify that you want to use different settings for low-risk and high-risk processes: In the upper details pane under , select VirusScan for NetApp 7.1 Default Processes Policies...
Configuring VirusScan for NetApp 7.1.0 Processes tab for high-risk processes Specify which processes have a high risk of spreading infection. In the upper details pane under , select VirusScan for NetApp 7.1 High-Risk Processes Policies In the lower details pane, select the tab.
Setting policies for the product Detection tab Specify what is scanned and not scanned during an on-access scan. In the lower details pane, select the tab. Detection Deselect Inherit Configure these policy options: Under , choose when to scan files and whether files on network Scan files drives are scanned.
Configuring VirusScan for NetApp 7.1.0 Advanced tab Specify advanced scan options to be used during an on-access scan. In the lower details pane, select the tab. Advanced Deselect Inherit Configure these policy options: Under , choose whether to scan for unknown program viruses Heuristics and/or unknown macro viruses.
Setting policies for the product Setting user interface policies These policies apply to display and password options. Policies can be configured on these tabs: Display Options tab on page Password Options tab on page For complete information about these options, see the VirusScan for NetApp 7.1.0 Product Guide.
Configuring VirusScan for NetApp 7.1.0 Display Options tab Configure security-related display settings. In the upper details pane under , select VirusScan for NetApp 7.1 User Interface Policies Select the tab in the lower details pane. Display Options Figure 1-15. User Interface Policies — Display Options Deselect Inherit ®...
Page 35
Setting policies for the product Configure these policy options: Under , choose which, if any, menu options are available System tray icon to users from the system tray icon. You can choose all menu options, minimal menu options, or no options. Under choose from these console options: VirusScan console options...
Configuring VirusScan for NetApp 7.1.0 Password Options tab Define a password, and the policy pages and tabs that the password protects. Select the tab in the lower details pane. Password Options Figure 1-16. User Interface Policies — Password Options Deselect Inherit Under , select the desired level of password protection:...
Setting policies for the product Setting policies for Alert Manager Alerts These policies apply to the VirusScan for NetApp features that generate alerts and the destination for alerts. NOTE For complete information about configuring these options, see the Alert Manager Product Guide. Alert Manager Alerts tab Configure alert policies.
Configuring VirusScan for NetApp 7.1.0 Configure these policy options: Under , select the VirusScan for Which components will generate alerts NetApp components for which you want to generate alerts when infections are detected. Under , choose to enable or disable Alert Manager destination selection alerting.
Page 39
Setting policies for the product Add or remove NetApp filers from the list. Under , choose whether to use the locally-configured filer list or Filers overwrite it by adding filers here. Click to create a new list of filers which will be enforced on the scanner-servers.
Configuring VirusScan for NetApp 7.1.0 Enforcing policies To enforce the policies that you have configured: In the console tree under , select the desired site, group, single Directory computer, or the entire for which you want to enforce polices. Directory In the upper details pane on the tab, select Policies...
Creating and configuring tasks On-demand scan tasks Create and configure as many tasks as you require. These topics are included in this section: Creating a new on-demand scan task on page Configuring the on-demand scan task settings on page Creating a new on-demand scan task In the console tree under , right-click or the...
Configuring VirusScan for NetApp 7.1.0 Configuring the on-demand scan task settings On the tab in the upper details pane, right-click the task, then select Tasks Edit Task dialog box appears. ePolicy Orchestrator Scheduler Figure 1-21. ePolicy Orchestrator Scheduler Click to open the dialog box, then configure the Settings On-Demand Scan Task...
Creating and configuring tasks Where tab Specify where scanning takes place. Select the tab. Where Figure 1-22. On-Demand Scan Task — Where tab Deselect Inherit Use the , and buttons to define the locations to scan. Remove Edit Under , choose whether to include subfolders, and whether to Scan Options scan boot sectors.
Configuring VirusScan for NetApp 7.1.0 Detection tab Specify the file types to scan. Select the tab. Detection Figure 1-23. On-Demand Scan Task — Detection tab Deselect Inherit Configure these policy options: Under , select , or What to scan All files Default + additional types Specified (you can select only one of these options).
Creating and configuring tasks Under , use the button to define a list of specific What not to scan Exclusions file types, folders, and drives to exclude from scanning. Select to use only the exclusions that have been Overwrite client exclusions added to this policy.
Configuring VirusScan for NetApp 7.1.0 Configure these policy options: Under , choose whether to scan for unknown program viruses Heuristics and/or unknown macro viruses. Under , choose whether to scan for potentially unwanted Non-viruses programs, and whether to scan for joke programs. Under , choose the maximum percentage of CPU usage for CPU utilization...
Creating and configuring tasks Deselect Inherit Use the drop-down lists to select the primary action for When a virus is found and the secondary action If the above Action fails If you select , choose a destination folder. Move infected files to a folder Reports tab Configure logging activity and specify what information to log.
Configuring VirusScan for NetApp 7.1.0 Task tab Specify user account settings. Select the tab. Task Figure 1-27. On-Demand Scan Task — Task tab Deselect Inherit Under , type the user name, password, and domain name User account settings in the appropriate fields if you want the task to run under a specific account. If no account is entered, the task runs under the system account.
Creating and configuring tasks Update tasks Update tasks can be used to perform immediate or scheduled updates of the virus definition ( ) files, the scanning engine, or the file. EXTRA These topics are included in this section: Creating a new update task on page Configuring the update task settings on page NOTE For information about scheduling a task, see...
Configuring VirusScan for NetApp 7.1.0 Configuring the update task settings On the tab in the details pane, right-click the VirusScan for NetApp Tasks update task that you created, then select Edit Task dialog box appears. ePolicy Orchestrator Scheduler Click to display the dialog box.
Creating and configuring tasks Mirror tasks A mirror task replicates the contents of the to a site, group of Repository computers, a single computer, or to the entire Directory These topics are included in this section: Creating a new mirror task on page Configuring the mirror task settings on page NOTE For information about scheduling a task, see...
Configuring VirusScan for NetApp 7.1.0 Configuring the mirror task settings On the tab in the upper details pane, right-click the VirusScan for NetApp Tasks task that you created, then select Edit Task dialog box appears. ePolicy Orchestrator Scheduler Click to display the dialog box.
Scheduling tasks Task tab Enable the schedule for this task. On the tab in the upper details pane, right-click the task that you created, Tasks then select Edit Task dialog box appears. ePolicy Orchestrator Scheduler Select the tab. Task Figure 1-32. ePolicy Orchestrator Scheduler — Task tab Deselect Inherit Select...
Configuring VirusScan for NetApp 7.1.0 Schedule tab Specify when the task runs. Select the tab. Schedule Figure 1-33. ePolicy Orchestrator Scheduler — Schedule tab Deselect Inherit NOTE must be selected under on the Enable Schedule Settings Task tab to enable the options on the tab.