1. Manuals
  2. Brands
  3. KAPERSKY Manuals
  4. Software
  5. ANTI-VIRUS 4.5 - FOR MICROSOFT EXCHANGE...
  6. User manual

KAPERSKY ANTI-VIRUS 4.5 - FOR MICROSOFT EXCHANGE SERVER User Manual

Hide thumbs Also See for ANTI-VIRUS 4.5 - FOR MICROSOFT EXCHANGE SERVER:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Manual
K A S P E R S K Y L A B S
Kaspersky Anti-Virus
4.5
®
for Microsoft Exchange Server
USER'S GUIDE

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the ANTI-VIRUS 4.5 - FOR MICROSOFT EXCHANGE SERVER and is the answer not in the manual?

Questions and answers

Related Manuals for KAPERSKY ANTI-VIRUS 4.5 - FOR MICROSOFT EXCHANGE SERVER

Summary of Contents for KAPERSKY ANTI-VIRUS 4.5 - FOR MICROSOFT EXCHANGE SERVER

  • Page 1 K A S P E R S K Y L A B S Kaspersky Anti-Virus ® for Microsoft Exchange Server USER’S GUIDE...
  • Page 2 ® K A S P E R S K Y A N T I - V I R U S 4 . 5 F O R M I C R O S O F T E X C H A N G E S E R V E R User’s Guide ...

  • Page 3: Table Of Contents

    Contents ® CHAPTER 1. KASPERSKY ANTI-VIRUS 4.5 FOR MS EXCHANGE SERVER..7 1.1. What is new in version 4.5 ..................9 1.2. Hardware and software requirements ..............9 1.2.1. Protected server is MS Exchange Server 5.5 ..........9 1.2.2. Protected server is MS Exchange Server 2000/2003........9 1.2.3.
  • Page 4 Kaspersky Anti-Virus 4.5 for MS Exchange Server 3.4.1. Categories: General and Settings............... 42 3.4.2. Basic Settings for Anti-Virus Protection ............43 3.4.2.1. Check Mode................... 43 3.4.2.2. Advanced Scanning Modes ..............44 3.4.2.3. Objects to be scanned................45 3.4.2.4. Scanning Methods................. 46 3.4.3.
  • Page 5 Contents 4.3.1. Task Window ....................98 4.3.2. Schedule Window for Kaspersky AV Updater Task........99 4.3.2.1. Launching on Event................100 4.3.2.2. Launching by Condition ............... 101 4.3.2.3. Launching Hourly................. 102 4.3.2.4. Launching Daily ................... 102 4.3.2.5. Launching Weekly ................103 4.3.2.6.
  • Page 6 Kaspersky Anti-Virus 4.5 for MS Exchange Server APPENDIX B. KASPERSKY LABS LTD..............134 B.1. Other Kaspersky Labs Products............... 135 B.2. Contact Information................... 138 APPENDIX C. INDEX ....................139 APPENDIX D. LICENSE AGREEMENT ..............140...

  • Page 7: Chapter 1. Kaspersky Anti-Virus ® 4.5 For Ms Exchange Server

    CHAPTER 1. KASPERSKY ANTI- VIRUS 4.5 FOR MS ® EXCHANGE SERVER ® Kaspersky Anti-Virus 4.5 for MS Exchange Server (hereinafter referred to as ® Kaspersky Anti-Virus ) software package is designed to protect mailboxes and public folders from viruses on MS Exchange Server 5.5/2000/2003 (hereinafter referred to as MS Exchange Server).
  • Page 8 Kaspersky Anti-Virus 4.5 for MS Exchange Server Self-descriptive reporting. The program sends virus alerts to administrator, recipient or sender of the infected messages and places corresponding entries in the Application Log and program log file. Such thorough supervision of the program’s performance helps to quickly prevent infection of the server and other computers in your office.

  • Page 9: What Is New In Version 4.5

    ® Kaspersky Anti-Virus 4.5 for MS Exchange Server 1.1. What is new in version 4.5 MS Exchange Server 2003 assistance is provided with version 4.5. For version 4.5, purchase of a special license for protecting public folders is not required. The license is issued only for MS Exchange Server mailboxes.

  • Page 10: Requirements For The Computer From Which Anti-Virus Engine Will Be Controlled

    Kaspersky Anti-Virus 4.5 for MS Exchange Server Microsoft Windows Server 2000 with Service Pack 2; MS Exchange Server 2000 with Service Pack 2. Requirements for the protected MS Exchange Server 2003 on which Anti-Virus Engine is installed: MS Windows Server 2000 with Service Pack 3 or MS Windows Server 2003;...

  • Page 11: Help Desk For Registered Users

    ® Kaspersky Anti-Virus 4.5 for MS Exchange Server A sealed envelope with the installation CD containing files for the software product. User’s Guide. A license key written on the installation CD. License agreement. Before you unseal the envelope containing the CD, be sure to thoroughly review the license agreement.

  • Page 12: Conventions

    Kaspersky Anti-Virus 4.5 for MS Exchange Server 1.5. Conventions In this book we use various conventions to emphasize different meaningful parts of the documentation. The Table below lists the conventions used in this User Guide. Convention Meaning Bold font Menu titles, commands, window titles, dialog elements, etc.

  • Page 13: Chapter 2. Installation

    CHAPTER 2. INSTALLATION 2.1. Installing and uninstalling Kaspersky Anti-Virus for MS ® Exchange Server You can launch the installation program: on MS Exchange Server 5.5 SP4 / 2000 SP2/2003. In this case you may install all package components on the server. on the computer from which the settings of server anti-virus protection will ®...
  • Page 14 Kaspersky Anti-Virus 4.5 for MS Exchange Server Step 2. Read the license agreement The License Agreement dialog box (Figure 2) contains the Agreement text. Read it and click Yes if you accept the license agreement terms. Otherwise, click No to abort the setup. Figure 2.
  • Page 15 Installation Step 4. Enter customer information Enter customer information in the Customer Information dialog box (see Figure 4). Enter the appropriate data in the User Name field and the Company Name field. By default the information for these fields is taken from the Windows registry.
  • Page 16 Kaspersky Anti-Virus 4.5 for MS Exchange Server Step 6. program group name Start\Programs menu Define the folder name in the Select Program Folder dialog box (see Figure 6) to display the ® Kaspersky Anti-Virus 4.5 icon in standard Program menu. Click Next.
  • Page 17 Installation ® If you install Kaspersky Anti-Virus 4.5 on a server under Microsoft Windows NT 4.0 in which MMC and/or ADSI are absent, you will see appropriate notifications with actions you can choose (see Figure You can interrupt the process, install applications needed, and repeat the ®...
  • Page 18 Kaspersky Anti-Virus 4.5 for MS Exchange Server ® Step 8. Choose Kaspersky Anti-Virus components to be installed In the Select Components dialog box (see Figure 8) check the components to install. If you select Custom setup, you will have choose required components from...
  • Page 19 Installation Step 10. Choose the report storage directory In the Report Viewer Settings dialog box (see Figure 11), you should specify the folder in which to save the reports generated by Anti-Virus Updater and ® Kaspersky Anti-Virus Control Centre. Reports generated by Anti-Virus Engine are saved to the folder specified from MMC.
  • Page 20 Kaspersky Anti-Virus 4.5 for MS Exchange Server Step 12. Remote administration password In the Administration Password dialog box (see Figure 13), enter the remote ® administration password that will be used by Kaspersky Network Control Centre to connect to the protected server. Step 13.

  • Page 21: Enabling Protection Of Mail Bodies Under Ms Exchange Server 5.5

    Installation functionality table for various components; validity term of this license. Step 14. To complete the setup ® Upon completion of Kaspersky Anti-Virus 4.5 for MS Exchange Server package installation, the Setup Wizard Complete dialog box will appear on the screen (see Figure 15a).
  • Page 22 Kaspersky Anti-Virus 4.5 for MS Exchange Server If you want the program to protect message bodies, run the MAPI service on your server. You can find the MAPI service in the list of ® installed services under the name "Kaspersky Anti-Virus MAPI Interceptor for MS Exchange Server."...
  • Page 23 Installation Figure 17. The Properties dialog box On the General tab press the Client Permissions button. The Client Permissions dialog box will appear on the screen (see Figure 19). In the Client Permissions dialog box press the Add button (see Figure 18).

  • Page 24: Updating Version 4.2 To 4.5

    Kaspersky Anti-Virus 4.5 for MS Exchange Server choose the one that is placed on the protecting server. Then press the OK button. In the Client Permissions dialog box in the string-table, choose the ® Kaspersky Anti-Virus for MS Exchange Server string. Make sure that the Owner value is selected in the Roles drop-down list.

  • Page 25: Uninstalling

    Installation subchapter 2.1 on page 6). This subchapter explains how to install and upgrade ® Kaspersky Anti-Virus for MS Exchange Server from version 4.2 to 4.5. After you run setup.exe, a dialog box with a message that the program is about ®...
  • Page 26 Kaspersky Anti-Virus 4.5 for MS Exchange Server Both mailboxes and public folders on both versions of MS Exchange Server can be protected. Thus, you do not have to purchase a license for protecting public folders under MS Exchange Server. If you have many licenses, the program can protect all storages located on the protected server.
  • Page 27 Installation While working with MS Exchange Server 5.5, the program scans bodies of incoming messages only in protected storages and does not scan bodies of outgoing messages because of certain limitations of the AVAPI and MAPI technologies. Attached files are scanned in all storages: incoming messages are scanned without any limitations and outgoing messages are scanned only when an MS Exchange- compatible client and the MAPI protocol are used.

  • Page 28: Anti-Virus Features To Support Clustering Facilities

    Kaspersky Anti-Virus 4.5 for MS Exchange Server A message created by user in an unprotected mailbox with the help of Outlook Web Access (OWA) and forwarded to the protected user's mailbox is not checked if those two mailboxes are physically located in the same database.

  • Page 29: Chapter 3. Protection Of Ms Exchange Server Messages

    CHAPTER 3. PROTECTION OF MS EXCHANGE SERVER MESSAGES 3.1. Operating principles of the program. Message queue for anti-virus scan Anti-Virus Engine checks and disinfects (if possible) all incoming and outgoing mail messages, as well as those stored on the server. The program checks the message body and attachments, searching for viruses in archives, self-extracting executable modules, mail databases, plain mail files, and OLE objects.
  • Page 30 Kaspersky Anti-Virus 4.5 for MS Exchange Server scanned by the program in background mode. Under MS Exchange Server 2000/2003 there can be two more segments in the queue if you enable the proactive scanning mode. Both at the beginning of the new messages queue and at the beginning of the old messages queue there will appear the queues requested for review by users.

  • Page 31: Working Procedure

    Protection of MS Exchange Server Messages If you set the appropriate mode, the program will rename the infected, suspicious, or cured objects and save them to the quarantine directory (see subchapter 3.4.5 on page 58). The program sends virus alerts to the administrator, recipient, or sender of the infected messages and places corresponding entries in the Application Log and the program log file (see subchapter 3.4.4 on page 50).

  • Page 32: Anti-Virus Engine Control By Means Of Kaspersky Av Mmc Snap-In

    Kaspersky Anti-Virus 4.5 for MS Exchange Server Support of the created server anti-virus protection in actual operation takes the following form: getting and processing virus-detection messages. regular checks of the reports on receiving and sending updates. quarantine directory management and cleaning. If many files are stored in the quarantine folder (more than 30000), this will noticeably slow the operation of Anti-Virus Engine.
  • Page 33 Protection of MS Exchange Server Messages Figure 22. The MS Management Console main window If MS Exchange Server is running under Microsoft Windows 2000 and ® higher, you can run the program for Kaspersky Anti-Virus control by following these steps: In Control Panel, choose the Administrative Tools folder and then Computer Management icon.

  • Page 34: Kaspersky Av Mmc Snap-In Interface

    Kaspersky Anti-Virus 4.5 for MS Exchange Server 3.3.2. Kaspersky AV MMC Snap-In Interface ® The Kaspersky Anti-Virus for MS Exchange Server container includes a list of servers. Each server included in the container has right-click menus. Using the container’s right-click menu, you can add new servers subject to protection (if you work with local and remote servers).

  • Page 35: Adding/Deleting Server For Control

    Protection of MS Exchange Server Messages Figure 24. A control for changing anti-virus server protection settings 3.3.3. Adding/deleting server for control To add a server to the list of controlled servers: Launch MMC (see subchapter 3.3.1 on page 32). Use the Structure tab in the left pane to choose Kaspersky Anti- ®...
  • Page 36 Kaspersky Anti-Virus 4.5 for MS Exchange Server In the Add Server dialog box (see Figure 25), select one of the following buttons: Local computer – if you wish to add the server you are currently working with. Computer – if you wish to add a new server from LAN. Enter the server address in the text field below or click Browse and choose the server from the list of all Exchange servers (see Figure 26).

  • Page 37: Setting/Removing Anti-Virus Protection. Disconnecting/Connecting To

    Protection of MS Exchange Server Messages After this, the server name will be displayed in the list of protected servers with icon and the Not Connected mark. Right after you click the server name, the program will try to connect to server. If the program connects to the server, the icon will change to and the Not Connected mark will be removed.
  • Page 38 Kaspersky Anti-Virus 4.5 for MS Exchange Server The right-click menu has the following items: Enable protection Enable protection on a server. This operation can take up to 2 minutes. This option is availabsle only when connected to the server. You can also click the toolbar button.
  • Page 39 Protection of MS Exchange Server Messages Figure 29. Information about the license and program version Server anti-virus protection settings are stored in its registry. Two or more administrators cannot edit them simultaneously. One of the administrators is allowed to edit settings, whereas other administrators are allowed to work with them in read-only mode.

  • Page 40: Changing Settings Using Kaspersky Av Mmc Snap-In

    Kaspersky Anti-Virus 4.5 for MS Exchange Server 3.3.5. Changing settings using Kaspersky AV MMC Snap-In You can customize server anti-virus protection settings using Kaspersky AV MMC Snap-In (see Figure 31). Each server has two categories of setting: General and Settings. You can edit the protection settings for each server by switching between the tree nodes and working with the tree elements in the right pane (see Figure 31).

  • Page 41: Table Of Controlled Servers. Customizing Warning Modes

    Protection of MS Exchange Server Messages 3.3.6. Table of controlled servers. Customizing warning modes To open a table of controlled servers: ® Click the Kaspersky Anti-Virus for MS Exchange Server node on the Tree tab. In the right pane, you will see the table of controlled servers (see Figure 32): Name –...

  • Page 42: Customizing Anti-Virus Engine Settings

    Kaspersky Anti-Virus 4.5 for MS Exchange Server You can enable/disable warning messages by checking the appropriate boxes: Display warning when connecting to servers with ® older version of Kaspersky Anti-Virus for MS Exchange Server installed. Display warning when connecting to MS Exchange Server 5.5.

  • Page 43: Basic Settings For Anti-Virus Protection

    Protection of MS Exchange Server Messages In each category, the settings are introduced as a hierarchical settings tree (see Chapter 7 on page 122). Below, the name of each setting appears together with an appropriate icon and the relevant category, e.g.: Settings ! Cure type –...

  • Page 44: Advanced Scanning Modes

    Kaspersky Anti-Virus 4.5 for MS Exchange Server Figure 34. Basic settings for anti-virus protection. The Settings object 3.4.2.2. Advanced Scanning Modes Settings ! Scanning modes- advanced scanning modes (see Figure 34). Use heuristic code analyzer — check mail for viruses using Code Analyzer.

  • Page 45: Objects To Be Scanned

    Protection of MS Exchange Server Messages 3.4.2.3. Objects to be scanned Settings ! Objects to scan – set the objects to be scanned (see Figure 35). Attachments – check attached files. All types – check all types of attached files. By mask –...

  • Page 46: Scanning Methods

    Kaspersky Anti-Virus 4.5 for MS Exchange Server 3.4.2.4. Scanning Methods ® Settings !Scanning methods – Kaspersky Anti-Virus operation methods (see Figure 34). These methods influence the message check order and delays in delivering messages to protected mailboxes. The modes are enabled and disabled after a two-minute delay.
  • Page 47 Protection of MS Exchange Server Messages Cured – cured objects; Suspicious – suspicious objects; Unknown – an error occurred when scanning these objects, or their format is unknown; Failed – a failure occurred while trying to open these objects. You can set your scanning and reporting settings for each type of object described above (see Figure 37).
  • Page 48 Kaspersky Anti-Virus 4.5 for MS Exchange Server the blocked message – under MS Exchange Server 2000 for mail clients using POP3, IMAP4 (MS Outlook Express) protocols. If the protection is disabled, blocking fails. Figure 39. Blocking a message under MS Exchange Server 2000 In MS Exchange Server terminology, this action (blocking) is called ®...
  • Page 49 Protection of MS Exchange Server Messages Figure 40. Replacement of an infected object Figure 41. Message generated according to the Instead message template Change name and pass – skip a message after modifying the names of infected attachments. The extensions of the infected messages are also changed to "Checked by Kaspersky AV".

  • Page 50: Virus Messages And Reports

    Kaspersky Anti-Virus 4.5 for MS Exchange Server 3.4.4. Virus Messages and Reports 3.4.4.1. Report Types Detection of infected or suspicious objects. The program can send a report on scanned objects of each type – Infected, Cured, Suspicious, Unknown, or Failed – to the administrator or save the report to the log file.

  • Page 51: Sending Report To Administrator

    Protection of MS Exchange Server Messages System events. The program can generate system events notifications: start, shutdown, program restart, databases reload, and system errors. These modes can be selected from the System events tree of the General category, General!System events Send report to event log –...
  • Page 52 Kaspersky Anti-Virus 4.5 for MS Exchange Server names are displayed in the Name column. Their SMTP addresses, which the program uses for sending reports, are located in the SMTP address column. Figure 44. Address selection The template Templates ! Admin message template is used for notification.

  • Page 53: Sending Report To Recipient And Sender

    Protection of MS Exchange Server Messages 3.4.4.3. Sending Report to Recipient and Sender When the program operates under MS Exchange Server 2000/2003, it can send reports on infected or suspicious objects to both the sender and the recipient of an infected message. Settings !OBJECT_TYPE !Send...

  • Page 54: Report File

    Kaspersky Anti-Virus 4.5 for MS Exchange Server Figure 46. Sending report to the infected message sender The template Templates ! Recipient report template is used for recipient notification. The following information is contained in the message generated according to the default template: Figure 47.

  • Page 55: Application Log

    Protection of MS Exchange Server Messages Settings ! Scanned object rules ! OBJECT_TYPE ! Send report to log file – save messages on detected OBJECT_TYPE objects to log file. Figure 48. Log file settings You can use various reports for system event messages and for messages about objects of different types.
  • Page 56 Kaspersky Anti-Virus 4.5 for MS Exchange Server Figure 49. Program messages in the Application Log You can set the mode of adding messages to the Application Log as follows: General ! System events ! Send report to event log – save system event report to Application Log.
  • Page 57 Protection of MS Exchange Server Messages Open the Servers branch in the hierarchical tree located in the left pane and choose the server name. Select Properties from the right-click menu. A dialog box with the chosen server properties will open. Select the Diagnostic Logging tab and open MSExchangeIS in the left pane with the hierarchical tree.

  • Page 58: Quarantine

    Kaspersky Anti-Virus 4.5 for MS Exchange Server Figure 51. Message generated by MS Exchange Server 3.4.5. Quarantine The program can save infected, suspicious and other objects to the quarantine, which is a special directory on your hard disk. Settings!Scanned object rules!OBJECT_TYPE ! Copy to quarantine You can use various quarantine folders for different type objects.
  • Page 59 Protection of MS Exchange Server Messages The program will not be able to save files to the quarantine folder if the limit for the number of files in this quarantine folder is exceeded (only if the file system has limitations for the number of files stored in the same ®...
  • Page 60 Kaspersky Anti-Virus 4.5 for MS Exchange Server quarantine.rpt – log file with the report on all objects. Figure 54. Quarantine folder Figure 55. Log file with the report on all objects moved to the quarantine directory...

  • Page 61: Advanced: Parameters Of Anti-Virus Engine And Ms Exchange Server Joint Operation

    Protection of MS Exchange Server Messages 3.4.6. Advanced: parameters of Anti-Virus Engine and MS Exchange Server joint operation The program allows the user to set some joint operation parameters for Anti- Virus Engine and MS Exchange Server. Settings ! Scan timeout, s – the time MS Exchange Server waits for completion of a message scan.

  • Page 62: Advanced: Template Editing

    Kaspersky Anti-Virus 4.5 for MS Exchange Server %INSTALL_FOLDER%\TEMP directory by default. The editing process does require deleting value from beginning "%INSTALL_FOLDER%" string. Figure 56. Service Parameters program will create \Temp folder ("%INSTALL_FOLDER%\TEMP") directory if the folder path is specified improperly. If this folder is impossible to create, the program will run in the %TEMP%\TEMP folder.

  • Page 63: Template Editor

    Protection of MS Exchange Server Messages Sender report template is a template for a message sent to the sender of an infected or suspicious object. Recipient report template is a template for a message sent to the recipient of an infected or suspicious object. Log file template is a template for a message moved to the log file in case of detection by the program of any infected or suspicious object.
  • Page 64 Kaspersky Anti-Virus 4.5 for MS Exchange Server Figure 58. The Template Editor main window You will find the following items in the Template Editor main window: menu; toolbar; macros and conditional clauses bar; template text; status bar; At the top of the main window you can see a menu bar. Some menu options can also be enabled by means of key combinations or toolbar buttons.
  • Page 65 Protection of MS Exchange Server Messages Menu option Toolbar button Function Combination File!Save <C >+<S> Save template. File ! Save copy — — Save template disk. File ! Exit — <A >+<F4> Quit the program. <C >+<Z> Edit!Undo Undo the latest text entry.

  • Page 66: Macros And Conditional Clauses

    Kaspersky Anti-Virus 4.5 for MS Exchange Server be edited manually, as well as by means of menu, keyboard and toolbar buttons. You can also copy, paste, and delete text from the clipboard, add macros and conditionals to it from the corresponding bar, and save and open the template from disk.
  • Page 67 Protection of MS Exchange Server Messages One should pay attention to syntax when using macros. For instance, if the end symbol % is omitted when using macro %FROM%, the user will An infected message arrived see %FROM instead of the user’s name: from user %FROM.
  • Page 68 Kaspersky Anti-Virus 4.5 for MS Exchange Server Macro name Macro and its meaning %FOLDER_NAME% Folder Name of the folder in which the message was located during checkup. %MESSAGE_URL_NAME% URL name URL name of the detected message. %MAILBOX_NAME% Mailbox Name of the mailbox in which the message was detected.
  • Page 69 Protection of MS Exchange Server Messages Macro name Macro and its meaning %VIRUSNAME% Virus – name Name of the virus detected. %VIRUS_INFO% Virus – information Virus information. %FULLCHECKEDTIME% Check time Scanning object disinfection time milliseconds. This value does not include the time spent for further object treatment: report removal, replacement, generating or delivery.
  • Page 70 Kaspersky Anti-Virus 4.5 for MS Exchange Server Macro name Macro and its meaning %SCANNER_VERSION% Scanner – name Anti-virus Interceptor name. %MESSAGE_TYPE% Report type Report type. Takes the following values: Start/Stop service Critical errors Config updates Anti-Virus Databases reload Virus info %EVENT_TYPE% Event type Type of event for which the report was...
  • Page 71 Protection of MS Exchange Server Messages You should keep to the following syntax when inserting conditionals into the templates: <CONDITIONAL_CLAUSE>Text that will be included into message when meeting the set condition</CONDITIONAL CLAUSE> In their syntax conditional clauses are similar to HTML tags. However, you must not use another conditional in the conditional clause text.

  • Page 72: Testing The Program

    Kaspersky Anti-Virus 4.5 for MS Exchange Server 3.5. Testing the program ® After installing and adjusting Kaspersky Anti-Virus , we recommend that you test the correctness of its settings and operation of the program using a test "virus" or its modifications. The test virus was specially designed by the organization (The European Institute for Computer Antivirus Research) for testing anti-virus...

  • Page 73: System Performance Chart. System Monitor

    Protection of MS Exchange Server Messages Prefix Object Status CORP– Unknown. SUSP– Suspicious (unknown viral code). WARN– Suspicious (modified code of a known virus). ERRO– Error when scanning the object. CURE– Disinfected. The object is disinfected by Anti-Virus engine; the text of the "virus" body is changed to CURED. DELE–...
  • Page 74 Kaspersky Anti-Virus 4.5 for MS Exchange Server To run the System Monitor utility: Click on Programs in the Start menu. Choose Administrative Tools from the submenu, and then System Monitor. After this, the Performance dialog box (see Figure 59) will be displayed. Click the button located on the right of the toolbar.
  • Page 75 Protection of MS Exchange Server Messages Figure 59. The Performance dialog box. Adding counters The values of the selected counters will be displayed in the right pane of the Performance dialog box. You can view them in one of the three modes by clicking the corresponding buttons: —...
  • Page 76 Kaspersky Anti-Virus 4.5 for MS Exchange Server Figure 61. The Performance dialog box. Viewing counter values as a bar chart Figure 62. The Performance dialog box. Viewing counter values as a table...

  • Page 77: Operating In Demo Mode. Extending Your License. Editing A List Of Unprotected Objects

    Protection of MS Exchange Server Messages 3.7. Operating in demo mode. Extending your license. Editing a list of unprotected objects The program starts operating in demo mode if the number of protected mailboxes exceeds the number specified in the license for the protected server. To start working in full-featured mode, edit the list of unprotected mailboxes (see subchapter 2.2 on page 25).

  • Page 78: Chapter 4. Kaspersky Anti-Virus ® Control Centre

    CHAPTER 4. KASPERSKY ANTI- VIRUS CONTROL CENTRE ® ® Kaspersky Anti-Virus Control Centre (Kaspersky AV Control Centre) operates as a management shell. You can use it to install and update the package components, define and schedule tasks to be started at appropriate times and review the task performance results.
  • Page 79 ® Kaspersky Anti-Virus Control Centre When Kaspersky AV Control Centre is successfully launched, in the taskbar you will see the icon. Place your mouse cursor on it, right-click, and you will see the user menu (see Figure 63), which includes following commands: Figure 63.

  • Page 80: Kaspersky Av Control Centre Interface

    Kaspersky Anti-Virus 4.5 for MS Exchange Server Figure 64. About Kaspersky AV Control Centre Select Exit from the menu in the taskbar to exit Kaspersky AV Control Centre. Here we would like to explain some special features of the program. Kaspersky AV Control Centre is divided into the following two sub-programs: a service sub- program that is started as a system service even before the logon procedure, and an interface sub-program that provides the program’s graphic interface and...

  • Page 81: Tasks Tab

    ® Kaspersky Anti-Virus Control Centre A description of the first three tabs is given below. The Quarantine tab ® is not used by Kaspersky Anti-Virus 4.5 for MS Exchange Server components, so it is not described here. To perform various actions you can use the right-click menu or the control panel. At the bottom of the window you can see the following buttons: OK, Cancel, Apply, and .
  • Page 82 Kaspersky Anti-Virus 4.5 for MS Exchange Server The tab contains three frames: in the left upper frame you can see each task listed with its corresponding status. in the right upper frame you can see the current task performance statistics in the lower frame you can see a list of events (errors, warnings, notifications).
  • Page 83 ® Kaspersky Anti-Virus Control Centre The list has a right-click menu (see Figure 66). The right-click menu items are used for the following actions: Figure 66. Right-click menu in the event list Delete – deletes the selected event (with confirmation). Delete all –...
  • Page 84 Kaspersky Anti-Virus 4.5 for MS Exchange Server Reload databases – reload the anti-virus databases. This command is used when you wish to load the updated anti-virus databases into memory-resident tasks without restarting them. Reset statistics – clear the selected task performance statistics (only for memory-resident tasks).
  • Page 85 ® Kaspersky Anti-Virus Control Centre Task management, as we have mentioned above, can also be accomplished using tool bar buttons. The following buttons correspond to the right-click menu commands: Table 8. Tasks tab toolbar Button Right-click menu command Start Stop Pause Reload databases Reset statistics...

  • Page 86: Properties Window

    Kaspersky Anti-Virus 4.5 for MS Exchange Server For example, if there is a task called Automated update in the list, and you press the key on the keyboard, the list pointer will move to this task. Properties 4.2.1.1. window This window appears when you press the button or select Properties from the right-click menu.

  • Page 87: Components Tab

    ® Kaspersky Anti-Virus Control Centre Components 4.2.2. ® The Components tab (see Figure 69) contains a list of Kaspersky Anti-Virus package components . The toolbar is located on the right of the tab. When you right-click it, the right-click menu appears (see Figure 70). Figure 69.

  • Page 88: Settings Tab

    Kaspersky Anti-Virus 4.5 for MS Exchange Server Table 9. Components tab toolbar Button Context menu Description option New task Creates a new task based on the selected component. If you click on this button or select this menu entry, the New task window will open (see subchapter 4.3 on page 97 for details) Launches a task based on the selected...
  • Page 89 ® Kaspersky Anti-Virus Control Centre Figure 71. The Settings tab Icon Function This category contains parameters responsible for ensuring system safety and limiting access to Kaspersky AV Control Centre components. Security This category contains parameters responsible for processing the alerts on critical events in Kaspersky AV Control Centre task performance.

  • Page 90: Security Category

    Kaspersky Anti-Virus 4.5 for MS Exchange Server Security 4.2.3.1. Category This category (see Figure 72) is used to set up the system safety features. It is responsible for password setup and access, and denial of some task types. Figure 72. The Settings tab. The Security category. Kaspersky AV Control Centre allows you to protect some running actions with a password.
  • Page 91 ® Kaspersky Anti-Virus Control Centre This box (see Figure 74) allows you to define and change the password. Enter your password in the New password text field and confirm it in the Confirm password text field. Figure 74. The Change password dialog box Protect resident task stopping –...

  • Page 92: Alerts Category

    Kaspersky Anti-Virus 4.5 for MS Exchange Server Alerts 4.2.3.2. Category The Alerts category (see Figure 76) allows you to remotely process alerts generated by tasks currently running. Figure 76. The Settings tab. The Alerts category The tree chart contains the following options for alerts processing: Skip all alerts –...
  • Page 93 ® Kaspersky Anti-Virus Control Centre If the Process alerts by Kaspersky AV Control Centre option is selected, you should customize the settings for sending alerts. To enable the program to send alerts via e-mail check the Send E-mail messages box. Then define the following settings: Figure 77.
  • Page 94 Kaspersky Anti-Virus 4.5 for MS Exchange Server Contact your network system administrator for more information on SMTP and MAPI. To send alerts using SMTP, select the Send mail using SMTP option (see Figure 78) and then select the following parameters: Figure 78.

  • Page 95: Customize Category

    ® Kaspersky Anti-Virus Control Centre To do this, define the following settings (see Figure 79). Figure 79. Settings for sending critical event SMS messages The e-mail gate address, as well as the access code to the cellular network provider, can vary depending on the region. 4.2.3.3.

  • Page 96: Color Setup

    Kaspersky Anti-Virus 4.5 for MS Exchange Server 4.2.3.3.1. Sound Setup Kaspersky AV Control Centre allows you to assign sound effects to specified events. This gives your program some additional service features. sound setup, mentioned above, carried out on the Sound branch (see Figure 81).

  • Page 97: New Task Wizard

    ® Kaspersky Anti-Virus Control Centre To make it easy for a user to set up the colors, the application provides a selection of standard color schemes. To choose a color scheme, go to the Scheme list. Each scheme is characterized by the following settings: Main window background The application main window background color...

  • Page 98: Task Window

    Kaspersky Anti-Virus 4.5 for MS Exchange Server Creation of a new task in Kaspersky AV Control Centre is designed as a Windows Wizard with a sequence of windows (steps), in each of which it is required to execute a specified action. Click Next (one step forward) and Back (one step backward) to switch between the windows.

  • Page 99: Schedule Window For Kaspersky Av Updater Task

    ® Kaspersky Anti-Virus Control Centre Schedule 4.3.2. Window for Kaspersky AV Updater Task ® When creating a Kaspersky Anti-Virus task in the Schedule window, you should set the conditions and frequency of the launch (see Figure 85). Figure 85. Schedule window for Kaspersky AV Updater task The following launch options exist: On event The task launches on an event or by user command...

  • Page 100: Launching On Event

    Kaspersky Anti-Virus 4.5 for MS Exchange Server Monthly The task launches on scheduled days and times (see subchapter 4.3.2.6 on page 104). Select the required start option in the left pane of the window, then set up the schedule according to details described in the subchapters below. 4.3.2.1.

  • Page 101: Launching By Condition

    ® Kaspersky Anti-Virus Control Centre 4.3.2.2. Launching by Condition Kaspersky AV Control Centre allows you to set the task launch on the occurrence of specified conditions related to the operation results of some package components. In this product version, this is implemented in the following way: the user can ®...

  • Page 102: Launching Hourly

    Kaspersky Anti-Virus 4.5 for MS Exchange Server 4.3.2.3. Launching Hourly To launch a created task on an hourly schedule, select the Hourly option in the left part of the Schedule window (see Figure 88), then specify the launch time in the right part of the window.

  • Page 103: Launching Weekly

    ® Kaspersky Anti-Virus Control Centre Table 10. The Schedule window toolbar Button Context menu Function option Create… Creates a new launch time record. When you select this option and the Time window is activated, you should type in the task launch time. You can display this window by double clicking with your mouse in any white place within the Time list or by pressing the Ins key.

  • Page 104: Launching Monthly

    Kaspersky Anti-Virus 4.5 for MS Exchange Server To specify the dates and hours for the task launch, checkmark the days of the week, then type in the time in the Time window. See subchapter 4.3.2.3 on page 102 for more details on how to specify the time. Figure 90 shows the setup of a task launch on Monday (3:40 a.m.

  • Page 105: Alerts Window

    ® Kaspersky Anti-Virus Control Centre 4.3.3. Alerts Window In the Alerts window (see Figure 92) check the alert types to be created by the task. As mentioned above, alerts are messages generated by tasks. To select an alert, check the appropriate boxes.

  • Page 106: Task Setting

    Kaspersky Anti-Virus 4.5 for MS Exchange Server You can use the following accounts: Local system Windows account account Currently logged The current user account on user account Other account Account of the user whose settings are specified in the Username, Password and Confirm password fields If a task is to be started under an account that is different from the current one, the messages it generates will be screened only if you check the Allow task to...

  • Page 107: Chapter 5. Kaspersky Anti-Virus ® Updater

    CHAPTER 5. KASPERSKY ANTI- VIRUS UPDATER ® ® Kaspersky Anti-Virus Updater (Kaspersky AV Updater) is a part of Kaspersky ® Anti-Virus package and is used for automated updating of anti-virus databases with virus descriptions and methods of repairing infected files, as well as for updating of the package components.

  • Page 108: Kaspersky Av Updater Interface

    Kaspersky Anti-Virus 4.5 for MS Exchange Server 5.2. Kaspersky AV Updater interface The design of the Kaspersky AV Updater interface is similar to a Windows Wizard and consists of a sequence of boxes (steps), which can be navigated with the Back and Forward buttons. To finish updating, click Finish; to close the program at any stage, click Cancel.

  • Page 109: Step 2. Connection Dialog Box

    ® Kaspersky Anti-Virus Updater Connection 5.2.2. Step 2. dialog box If you decide to change the default settings, you can do this in the Connection dialog box (see Figure 95). Figure 95. The Connection box The Connection box allows you to define the updating mode and the object to be updated.

  • Page 110: Setting Kaspersky Anti-Virus ® Update From The Internet

    Kaspersky Anti-Virus 4.5 for MS Exchange Server Restart computer if needed – check this box to restart the computer if required after the package executable modules are updated. When you have defined settings in this box, press the Next button to proceed. 5.2.2.1.
  • Page 111 ® Kaspersky Anti-Virus Updater Figure 98. Defining updating server address When beginning to update, the program uses the first URL in the list by default. Other servers will be used one by one if the updater fails to download updates from the first URL.
  • Page 112 Kaspersky Anti-Virus 4.5 for MS Exchange Server Figure 99. Edit URL list dialog box 5.2.2.1.2. Defining the IP connection Depending on the method you choose to connect to the updating server, you should define the following IP connection settings (see Figure 100): Figure 100.
  • Page 113 ® Kaspersky Anti-Virus Updater Automatically connect on start – dial up automatically to your IP immediately after starting the updating process. Automatically disconnect on exit – disconnect automatically (switch off the modem) when the updating process is completed. If you have chosen the automated connection feature to set up a remote access to your IP, the program will enable the standard...
  • Page 114 Kaspersky Anti-Virus 4.5 for MS Exchange Server When you have connected to the Internet, a special symbol will appear on the taskbar. To view the connection settings double-click on the relevant icon on the taskbar (see Figure 106). Figure 106. The Connected to Internet box. Connection settings If you use a local network for your IP connection you can choose the settings from Control Panel, or configure the connection manually (see Figure 107).

  • Page 115: Updating From Local Folder

    ® Kaspersky Anti-Virus Updater User name – use this field to define the user name allowing access to the proxy (or the Firewall). Password – use this field to define the password allowing access to the proxy (or the Firewall). HTTP proxy with FTP support –...

  • Page 116: Choosing Objects To Be Updated

    Kaspersky Anti-Virus 4.5 for MS Exchange Server 5.2.2.3. Choosing objects to be updated The following two check boxes appear at the bottom of the tree chart (see Figure 111): Figure 111. Choosing objects to be updated Update Anti-Virus Databases – check this box to copy and install anti-virus databases from the updating server.

  • Page 117: Step 4. Retrieving Updates Window

    ® Kaspersky Anti-Virus Updater Limit size of report file (in Kb) – check this box to define the maximum file size in the numerical field below. The file will be overwritten when the limit is exceeded. Advanced – use this branch to configure the user interface. Show progress window –...

  • Page 118: Step 5. Finishing Wizard Box

    Kaspersky Anti-Virus 4.5 for MS Exchange Server Installing files… — files are installed onto the computer (the name of the installed file is displayed on top, the progress of the updating process is shown below). Disconnecting… — connection session is over. The level of completion is shown by the icon located to the left of the above messages (the icon is displayed only when the corresponding part is being updated).

  • Page 119: Chapter 6. Kaspersky Anti-Virus ® Report Viewer

    CHAPTER 6. KASPERSKY ANTI- VIRUS REPORT VIEWER ® ® Kaspersky Report Viewer is a program allowing you to display and manage ® the reports generated by Kaspersky Anti-Virus package components. ® Kaspersky Report Viewer is displayed when a file with an .rpt extension is launched and the Show Report button is selected in the Finish dialog box of Kaspersky AV Updater.
  • Page 120 Kaspersky Anti-Virus 4.5 for MS Exchange Server Figure 115. Report window The main menu is located at the top of the window. Under the menu you can see the toolbar, which contains a set of buttons for operation execution. The buttons have pop-up prompts.
  • Page 121 ® Kaspersky Anti-Virus Report Viewer Edit!Find Allows you to search for a user- defined string or its part in the report. Edit!Find next Moves to the next string (or part of it). View!View statistics Displays only statistics. only View!Comments Displays comments. Help Display the Help topics window.

  • Page 122: Chapter 7. Tree Chart

    CHAPTER 7. TREE CHART ® The Kaspersky Anti-Virus interface frequently uses the so-called tree chart, which presents data in the form of a tree and conventional controls such as nodes (buttons, drop-down lists, check boxes, etc.). This technology provides a clear picture of interrelations between various settings, and makes it easy to master the program.

  • Page 123: Controls

    Tree Chart Method (By using…) hide branch key on your keyboard. (the node looks like command of the right-click menu. The "-" key on your keypad (all branches of the node disappear from your screen). 7.2. Controls To change settings you will have to use several types of control: 7.2.1.

  • Page 124: Option Button

    Kaspersky Anti-Virus 4.5 for MS Exchange Server 7.2.2. Option Button The Option button is a member of a group. A set of radio buttons may consist of two or more buttons. You should use this group to select one of the options. The radio button may be: —...

  • Page 125: Path Field

    Tree Chart After you finish editing the text field value, press the Enter key on your keyboard or click outside this text field. You can cancel the changes in this text field and return to the previous value by pressing the Esc key on your keyboard. 7.2.4.

  • Page 126: Drop-Down List

    Kaspersky Anti-Virus 4.5 for MS Exchange Server 7.2.6. Drop-Down List The drop-down list allows you to select one of the items from the list (see Figure 117). To browse the list you must use the keys on your keyboard. To automatically scroll down/up the list you should use the <C >...

  • Page 127: Appendix A. Registry Settings

    APPENDIX A. REGISTRY SETTINGS If necessary, you can change the operational characteristics of Kaspersky Anti- ® Virus 4.5 for MS Exchange Server by editing the corresponding keys in the Windows registry. Only advanced users should edit the entries of the Windows registry. Improper changes in the entries can have irreversible consequences for both Anti-Virus Engine performance and the operating system on your computer.
  • Page 128 Kaspersky Anti-Virus 4.5 for MS Exchange Server MailFrom — a line parameter setting the return address for the reports sent by the program. SendSysMessageToEventLog — a DWORD parameter. Takes value 1 if the program has to place system event accounts in the Application Log. Otherwise, it takes the 0 value.
  • Page 129 Appendix A LDAPCheckingTimeOut – a DWORD parameter setting the period of updating information about the version of an LDAP object that identifies a list of unprotected mailboxes. Folder HKLM\SOFTWARE\KasperskyLabs\Components\125\3.0\MAIN_KAG Figure 119. Registry folder HKLM\SOFTWARE\KasperskyLabs\Components\125\3.0\ MAIN_KAG AdminMessageTemplate — a line parameter setting the template for a message sent to the administrator if the program detects an infected or suspicious object.
  • Page 130 Kaspersky Anti-Virus 4.5 for MS Exchange Server QuarantineDescriptionTemplate — a line parameter setting the template for the *.txt file that is quarantined together with the infected file. RecipientMessageTemplate — a line parameter setting the template for a message sent to the recipient of an infected or suspicious object. SenderMessageTemplate —...
  • Page 131 Appendix A Folder HKLM\SOFTWARE\KasperskyLabs\Components\125\3.0\MAIN_KAG\ OBJECT_TYPE Figure 120. Registry folder HKLM\SOFTWARE\KasperskyLabs\Components\125\3.0\ MAIN_KAG\CURED Here you can find the registry files relating to the object of the selected type OBJECT_TYPE. AdminMBAddress — a line parameter setting the administrator’s mailbox address. AdminMBAddress — a line parameter setting the administrator’s mailbox address.
  • Page 132 Kaspersky Anti-Virus 4.5 for MS Exchange Server QuarantineLogFileSize — a DWORD parameter setting the maximum size for the report file (value 0 means that the limits are not set). SendReportToAdmin — a DWORD parameter. Value 1 sets the mode of sending reports to the administrator, value 0 disables this mode.
  • Page 133 Appendix A completed. When program operates under MS Exchange Server 2000/2003 only. Changes to the VirusScan folder parameters take effect only after Anti- Virus Interceptor is restarted. To unload Anti-Virus Interceptor from memory you should enter 0 for Enabled and then enter 1 for the ReloadNow option. Anti-Virus Interceptor will be unloaded in 1-2 minutes.

  • Page 134: Appendix B. Kaspersky Labs Ltd

    APPENDIX B. KASPERSKY LABS LTD. Founded in 1997, Kaspersky Labs has become a recognized leader in information security technologies. It produces a wide range of data security software and delivers high-performance, comprehensive solutions to protect computers and networks against all types of malicious programs, unsolicited and unwanted e-mail messages, and hacker attacks.

  • Page 135: Other Kaspersky Labs Products

    Appendix B customer with 24-hour technical support service, which is availabsle in several languages to accommodate its international clientele. B.1. Other Kaspersky Labs Products ® Kaspersky Anti-Virus Lite This is an optimal choice for even an unskilled user who wants to protect his/her home computer against viruses.
  • Page 136 Kaspersky Anti-Virus 4.5 for MS Exchange Server includes an easy-to-use application for automatic retrieval of daily updates to the anti-virus database and the program modules. A second-generation heuristic ® analyzer efficiently detects even unknown viruses. Kaspersky Anti-Virus Personal includes many interface enhancements, making it easier than ever to use the program.
  • Page 137 Appendix B ® handheld (PDA) from unauthorized Kaspersky Security for PDA protects your intrusion by memory encrypting both access to the device and data stored on cards ® Kaspersky Anti-Virus Business Optimal This package provides a configurable security solution for small- and medium- sized corporate networks.

  • Page 138: Contact Information

    Kaspersky Anti-Virus 4.5 for MS Exchange Server E-mail systems, including Microsoft Exchange Server 5.5/2000/2003, Lotus Notes/Domino, Sendmail, Postfix, Exim and Qmail; Data streams transmitted via firewalls; Handheld computers (PDAs). ® ® Kaspersky Corporate Suite distribution includes Kaspersky Administration Kit, a unique tool for automated deployment and administration. You are free to choose from any of these anti-virus programs, according to the operating systems and applications you use.

  • Page 139: Appendix C. Index

    APPENDIX C. INDEX ® Anti-Virus Engine, 8, 42 Kaspersky Anti-Virus MMC Snap- Anti-Virus Interceptor, 8 In, 8, 32 ® Application Log, 55 Kaspersky Anti-Virus Report Background scanning, 46 Viewer, 119 ® Conditional Clauses, 70 Kaspersky Anti-Virus Updater, 8, Contents, 3 Date of revision, 2 Kaspersky AV for MS Exchange Distribution kit...

  • Page 140: Appendix D. License Agreement

    APPENDIX D. LICENSE AGREEMENT Standard End User Licence Agreement NOTICE TO ALL USERS: CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT ("AGREEMENT"), FOR THE LICENCE OF SPECIFIED SOFTWARE ("SOFTWARE") PRODUCED BY KASPERSKY LABS. ("KASPERSKY LABS"). IF YOU HAVE PURCHASED THIS SOFTWARE VIA THE INTERNET BY CLICKING THE ACCEPT BUTTON, YOU (EITHER AN INDIVIDUAL OR A SINGLE ENTITY) CONSENT TO BE BOUND BY AND BECOME A PARTY TO THIS AGREEMENT.
  • Page 141 Appendix D usage terms specified on the applicable price list or product packaging that apply to any of such Software products individually. 1.1 Use. The Software is licensed as a single product; it may not be used on more than one Client Device or by more than one user at a time, except as set forth in this Section.
  • Page 142 Kaspersky Anti-Virus 4.5 for MS Exchange Server If the number of Client Devices or seats that can connect to the Software can exceed the number of licences you have obtained, then you must have a reasonable mechanism in place to ensure that your use of the Software does not exceed the use limits specified for the licence you have obtained.
  • Page 143 Appendix D (a) Daily updates of anti-virus databases; (b) Free software updates, including version upgrades; (c) Extended technical support via E-mail and hot phone-line provided by Vendor and/or Reseller; (d) Virus detection and curing updates in 24-hours period. 4. Ownership Rights. The Software is protected by copyright laws. Kaspersky Labs and its suppliers own and retain all right, title and interest in and to the Software, including all copyrights, patents, trademarks and other intellectual property rights therein.
  • Page 144 Kaspersky Anti-Virus 4.5 for MS Exchange Server Software in a manner for which it was not intended or (c) use the Software other than as permitted under this Agreement; (vi) The warranties and conditions stated in this Agreement are in lieu of all other conditions, warranties or other terms concerning the supply or purported supply of, failure to supply or delay in supplying the Software or the Documentation which might but for this paragraph (v) have effect between the Kaspersky Labs...
  • Page 145 Appendix D 8. The construction and interpretation of this Agreement shall be governed in accordance with the laws of England and Wales. The parties hereby submit to the jurisdiction of the courts of England and Wales save that Kaspersky Labs as claimant shall be entitled to initiate proceedings in any court of competent jurisdiction.

Table of Contents