Table of Contents
Advertisement
McAfee® Network Security Platform 6.0
VirusScan avoids blocking outbound SMTP connections from legitimate mail clients, such
as Outlook and Eudora, by including the processes used by these products in an exclusion
list. In other words, VirusScan ships with a list of processes it will allow to create outbound
TCP port 25 connections; all other processes are denied that access.
The Manager takes advantage of the JavaMail API to send SMTP notifications. If you
enable SMTP notification and also run VirusScan 8.0i or above, you must therefore add
java.exe to the list of excluded processes. If you do not explicitly create the exclusion
within VirusScan, you will see a
to each time the Manager attempts to connect to its configured mail server.
To add the exclusion, follow these steps:
1
2
3
4
5
6
User interface responsiveness
The responsiveness of the user interface, the Threat Analyzer in particular, has a lasting
effect on your overall product satisfaction.
In this section we suggest some easy but essential steps, to ensure that Network Security
Platform responsiveness is optimal:
Launch the
VirusScan Console
Right-click the task called
Access Protection
menu.
Highlight the rule called
Prevent mass mailing worms from sending mail
Click
.
Edit
Append java.exe to the list of
Click
to save the changes.
OK
During Manager software installation, use the recommended values for memory and
connection allocation.
You will experience better performance in your configuration and data forensic tasks
by connecting to the Manager from a browser on a client machine. Performance may
be slow if you connect to the Manager using a browser on the server machine itself.
Perform monthly or semi-monthly database purging and tuning. The greater the
quantity of alert records stored in the database, the longer it will take the user
interface to parse through those records for display in the Threat Analyzer. The
default Network Security Platform settings err on the side of caution and leave alerts
(and their packet logs) in the database until the user explicitly decides to remove
them. However, most users can safely remove alerts after 30 days.
It is imperative that you tune the MySQL database after each purge
Caution:
operation. Otherwise, the purge process will fragment the database, which can
lead to significant performance degradation.
Defragment the disks on the Manager on a routine basis, with the exception of the
MySQL directory. The more often you run your defragmenter, the quicker the process
will be. Consider defragmenting the disks at least once a month.
Do NOT attempt to defragment the MySQL directory using an O/S
Warning:
defrag utility. To defragment MySQL tables, use a MySQL-specific utility,
myisamchk available in the <mysqlinstallation>\bin directory.
Limit the quantity of alerts to view when launching the Threat Analyzer. This will
reduce the total quantity of records the user interface must parse and therefore
potentially result in a faster initial response on startup.
Preparing for the Manager installation
Mailer Unreachable
error in the Manager Operational Status
.
and choose
Processes to Exclude
.
15
Properties
from the right-click
.
Advertisement
Table of Contents
