Chapter 11. Preventing Virus Outbreaks - KAPERSKY SECURITY 5.5 - FOR MICROSOFT EXCHANGE SERVER 2003 Administrator's Manual

CHAPTER 11. PREVENTING
VIRUS OUTBREAKS
Kaspersky Security 5.5 for Microsoft Exchange Server 2003 allows to detect
increases in the virus activities on the protected Exchange server and to notify
the administrator and other users about such events. This feature may be very
useful in the periods of virus outbreaks as it helps the administrator to timely
react to the emerging threats of virus attacks.
Virus activity level is determined based on the server anti-virus protection data
and allows registering events of the following types:
•
An infected object detected
•
A suspicious object detected
•
A corrupted object detected
•
One and the same virus detected several times
The administrator specifies the virus activity level threshold – a maximum
allowable number of events of the specified type within a certain limited time
interval. If the virus activity level is greater than the specified threshold, a
notification will be issued.
Notifications can be delivered using the following methods:
•
by e-mail messages;
•
by messages sent over the network using Net Send;
•
by registering the event in the Microsoft Windows system log on the
computer where the Security Server component is installed. In this case,
the information is accessible through the use of Events Viewer, a
standard Microsoft Windows logs viewing and management tool.
The virus activity level threshold, notification procedures, delivery method and the
text of messages sent are determined by the administrator in the virus outbreak
counter settings.
If the specified virus activity level threshold is exceeded, a notification about the
threat of a virus outbreak will be issued based on the settings of the virus
outbreak counter. Upon the expiration of a specified period, the counter's values
will be reset.