F-secure ANTI-VIRUS FOR MICROSOFT EXCHANGE 7.10 ADMINISTRATOR GUIDE

F-Secure Anti-Virus for

Microsoft Exchange

Administrator ’s Guide

"F-Secure" and the triangle symbol are registered trademarks of F-Secure Corporation and F-Secure
product names and symbols/logos are either trademarks or registered trademarks of F-Secure
Corporation. All product names referenced herein are trademarks or registered trademarks of their
respective companies. F-Secure Corporation disclaims proprietary interest in the marks and names of
others. Although F-Secure Corporation makes every effort to ensure that this information is accurate,
F-Secure Corporation will not be liable for any errors or omission of facts contained herein. F-Secure
Corporation reserves the right to modify specifications cited in this document without prior notice.

Companies, names and data used in examples herein are fictitious unless otherwise noted. No part of
this document may be reproduced or transmitted in any form or by any means, electronic or
mechanical, for any purpose, without the express written permission of F-Secure Corporation.

Copyright © 1993-2007 F-Secure Corporation. All rights reserved.
Portions Copyright © 1991-2007 Kaspersky Lab.

This product includes software developed by the Apache Software Foundation (http://
www.apache.org/). Copyright © 2000-2007 The Apache Software Foundation. All rights reserved.

This product includes PHP, freely available from http://www .php.net/. Copyright © 1999-2007 The PHP
Group. All rights reserved.

This product includes code from SpamAssassin. The code in the files of the SpamAssassin distribution
are Copyright © 2000-2002 Justin Mason and others, unless specified otherwise in that particular file.
All files in the SpamAssassin distribution fall under the same terms as Perl itself, as described in the
“Artistic License”.

This product may be covered by one or more F-Secure patents, including the following:

GB2353372 GB2366691 GB2366692 GB2366693 GB2367933 GB2368233
GB2374260

12000040-7K27

Contents

About This Guide 9

How This Guide Is Organized ............................................................................................ 10

Conventions Used in F-Secure Guides.............................................................................. 12

Symbols .................................................................................................................... 12

Chapter 1 Introduction 14

1.1 Overview....................................................................................................................15

1.2 How F-Secure Anti-Virus for Microsoft Exchange Works........................... ... ... .... ... ...16

1.3 Key Features..............................................................................................................19

1.4 F-Secure Anti-Virus Mail Server and Gateway Products ...........................................21

Chapter 2 Deployment 23

2.1 Installation Modes......................................................................................................24

2.2 Network Requirements...............................................................................................25

2.3 Deployment Scenarios...............................................................................................26

2.3.1 Environment with a Single Exchange Server .................................................27

2.3.2 Environments with Exchange Roles Deployed on Multiple Servers...............28

2.3.3 Quarantine Management Considerations.......................................................31

Chapter 3 Installation 33

3.1 System Requirements................... ... ... ... .... ... ... ... .... ... ... ....................................... ... ...34

3.1.1 Operating System Requirements ...................................................... ... .... ... ...35

3.1.2 Microsoft Exchange Server Requirements.....................................................35

3.1.3 SQL Server Requirements ....................................................... ... ...................36

3

3.1.4 Web Browser Software Requirements ...........................................................38

3.2 Improving Reliability and Performance ......................................................................38

3.3 Centrally Administered or Stand-alone Installation? ..................................................39

3.4 Installation Overview..................................................................................................40

3.5 Installing F-Secure Anti-Virus for Microsoft Exchange.................. ... .... ... ... ... ... .... ... ...41

3.6 After the Installation ...................................................................................................53

3.6.1 Importing Product MIB files to F-Secure Policy Manager Console.................54

3.6.2 Configuring the Product..................................................................................55

3.7 Upgrading the Evaluation Version.................... ... .... ... ... .............................................56

3.8 Uninstalling F-Secure Anti-Virus for Microsoft Exchange ..........................................57

Chapter 4 Using F-Secure Anti-Virus for Microsoft Exchange 58

4.1 Administering F-Secure Anti-Virus for Microsoft Exchange .......................................59

4.2 Using Web Console ...................................................................................................60

4.2.1 Logging in for the First Time.................... .... ... ... .............................................60

4.2.2 Modifying Settings and Viewing Statistics with Web Console........................62

4.2.3 Checking the Product Status ......................... ... ... ... .... ... ... ... .... ... ... ... .............63

4.3 Using F-Secure Policy Manager Console ..................................................................63

4.3.1 Modifying Settings and Viewing Statistics in Centrally Administered Mode...63

4.4 Selecting Scanning Methods to Use ..........................................................................65

Chapter 5 Centrally Managed Administration 67

5.1 Overview....................................................................................................................68

5.2 F-Secure Anti-Virus for Microsoft Exchange Settings................................................68

5.2.1 Common Settings...........................................................................................68

5.2.2 Transport Protection.......................................................................................76

5.2.3 Storage Protection................ ... ....................................... ... ... .... ... ... ................88

5.3 F-Secure Anti-Virus for Microsoft Exchange Statistics.............................................116

5.3.1 Common.......................................................................................................117

5.3.2 Transport Protection.....................................................................................118

5.3.3 Storage Protection................ ... ... .... ...................................... .... ... ... ... ... .... ... .119

5.3.4 Quarantine....................................................................................................121

5.4 F-Secure Content Scanner Server Settings.............................................................121

5.4.1 Interface........................................................................................................122

4

5.4.2 Virus Scanning........................................................ .... ... ... ... .... ... ... ... ...........123

5.4.3 Virus Statistics............... .... ... ... ... .... ...................................... .... ... ... ..............125

5.4.4 Database Updates........................................................................................126

5.4.5 Spam Filtering..............................................................................................127

5.4.6 Threat Detection Engine.......... ... .... ... ... ... .... ... ...................................... .... ... .128

5.4.7 Proxy Configuration......................................................................................129

5.4.8 Advanced......................................................................................................130

5.5 F-Secure Content Scanner Server Statistics ...........................................................131

5.5.1 Server...........................................................................................................131

5.5.2 Scan Engines ...............................................................................................132

5.5.3 Common.......................................................................................................133

5.5.4 Spam Control................................................................................................133

5.5.5 Virus Statistics............... .... ... ... ... .... ...................................... .... ... ... ..............134

5.6 F-Secure Management Agent Settings....................................................................134

5.7 F-Secure Automatic Update Agent Settings ............................................................135

Chapter 6 Administration with Web Console 138

6.1 Overview..................................................................................................................139

6.2 Home........................................................................................................................139

6.3 Transport Protection.................................................................................................142

6.3.1 Attachment Filtering........................................ ...................................... .... ... .144

6.3.2 Virus Scanning........................................................ .... ... ... ... .... ... ... ... ...........147

6.3.3 Grayware Scanning......................................................................................151

6.3.4 Archive Processing............................................ ... ... .....................................154

6.3.5 Spam Control................................................................................................156

6.3.6 Security Options...........................................................................................157

6.4 Storage Protection .............................. ... .... ... ... ... .... ... ... ... ....................................... .159

6.4.1 Real-Time and Background Scanning..........................................................159

6.4.2 Manual Scanning .........................................................................................172

6.4.3 Scheduled Scanning ....................................................................................185

6.5 Quarantine ...............................................................................................................196

6.5.1 Options.........................................................................................................197

6.6 Automatic Updates........................... ....................................... ... ... ... .... ... ... ..............206

6.6.1 Communications...........................................................................................208

6.7 Content Scanner Server................ ... ... ... .... ...................................... .... ... ... ... ... .... ....212

5

6.7.1 Options.........................................................................................................214

6.8 General ....................................................................................................................223

6.8.1 Network Configuration .................................................................................224

6.8.2 Administration...............................................................................................226

6.8.3 Notifications..................................................................................................231

6.8.4 Lists and Templates ................................................ .... ... ... ... .... ... .................232

6.8.5 Sample Submission......................................................................................235

Chapter 7 Quarantine Management 237

7.1 Introduction ..............................................................................................................238

7.1.1 Quarantine Reasons.....................................................................................239

7.2 Configuring Quarantine Options...............................................................................239

7.3 Searching the Quarantined Content.........................................................................239

7.4 Query Results Page................................... ... ... ... .... ... ... ....................................... ... .244

7.5 Viewing Details of a Quarantined Message .............................................................246

7.6 Reprocessing the Quarantined Content...................................................................248

7.7 Releasing the Quarantined Content.........................................................................249

7.8 Removing the Quarantined Content.........................................................................250

7.9 Deleting Old Quarantined Content Automatically.....................................................250

7.10 Quarantine Logging..................................................................................................251

7.11 Quarantine Statistics................................................................................................251

7.12 Moving the Quarantine Storage ...............................................................................252

Chapter 8 Updating Virus and Spam Definition Databases 254

8.1 Overview..................................................................................................................255

8.2 Automatic Updates with F-Secure Automatic Update Agent....................................255

8.3 Configuring Automatic Updates ...............................................................................255

Chapter 9 Administering F-Secure Spam Control 257

9.1 Overview..................................................................................................................258

9.2 Spam Control Settings in Centrally Managed Environments ...................................259

9.3 Spam Control Settings in Web Console...................................................................263

9.4 Realtime Blackhole List Configuration .....................................................................266

6

9.4.1 Configuring Realtime Blackhole Lists...........................................................266

9.4.2 Optimizing F-Secure Spam Control Performance........................................268

AppendixA Variables in Warning Messages 270

List of Variables................................................................................................................ 271

AppendixB Services and Processes 273

B.1 List of Services and Processes.............. .... ... ... ... .... ... ... ... ... .... ... ... ... ....................... 274

AppendixC Deploying the Product on a Cluster 277

C.1 Installation Overview............................................................................................... 278

C.2 Creating Quarantine Storage ........................................ ... ........................................279

C.2.1 Creating the Quarantine Storage for a Single Copy Cluster Environment ...279
C.2.2 Creating the Quarantine Storage for a Continuous Cluster Replication Environ-

ment..............................................................................................................286

C.3 Administering the Cluster Installation with F-Secure Policy Manager......................290

C.4 Using the Quarantine in the Cluster Installation.......................................................290

C.5 Uninstallation............................................................................................................292

C.6 Troubleshooting .......................................................................................................292

AppendixD Sending E-mail Alerts And Reports 293

D.1 Overview ................................................................................................................. 294

D.2 Solution ....................................................................................................................294

D.2.1 Creating a Scoped Receive Connector....... ... ... ... ... ....... ... ... .... ... ... ... ... .... ... .295

D.2.2 Grant the Relay Permission on the New Scoped Connector....... ... ... ... .... ... .296

D.2.3 Specify SMTP Server for Alerts and Reports ...............................................296

Chapter E Troubleshooting 297

E.1 Overview..................................................................................................................298

E.2 Starting and Stopping...............................................................................................298

E.3 Viewing the Log File.................................................................................................299

E.4 Common Problems and Solutions............................................................................299

E.4.1 Installing Service Packs........................................... .... ... ... ... .... ... ... ... ... .... ....302

E.4.2 Securing the Quarantine....................................... ... .... ... ..............................303

E.4.3 Administration Issues ...................................................................................303

7

E.5 Frequently Asked Questions....................................................................................304

Technical Support 305

F-Secure Online Support Resources ............................................................................... 306

Web Club ....................... ... .... ...................................... .... ... ...................................... .... ....308

Virus Descriptions on the Web .........................................................................................308

8

ABOUT THIS GUIDE

How This Guide Is Organized.................................................... 10

Conventions Used in F-Secure Guides..................................... 13

9

10

How This Guide Is Organized

F-Secure Anti-Virus for Microsoft Exchange Administrator's Guid e is
divided into the following chapters:

Chapter 1. Introduction. General information about F-Secure Anti-V irus

for Microsoft Exchange and other F-Secure Anti-Virus Mail Server and
Gateway products.

Chapter 2. Deployment. Instructions and examples how to set up your

network environment before you can install F-Secure Anti-Virus for
Microsoft Exchange.

Chapter 3. Installation. Instructions how to install and set up F-Secure

Anti-Virus for Microsoft Exchange.

Chapter 4. Using F-Secure Anti-Virus for Microsoft Exchange.

Instructions how to use and administer F-Secure Anti-Virus for Microsoft
Exchange.

Chapter 5. Centrally Managed Administration. Instructions how to

remotely administer F-Secure Anti-Virus for Microsoft Exchange and
F-Secure Content Scanner Server when they have been installed in
centralized administration mode.

Chapter 6. Administration with Web Console. Instructions how to

administer F-Secure Anti-Virus for Microsoft Exchange with the Web
Console.

Chapter 7. Quarantine Manageme nt. Instructio ns how you can man age

and search quarantined mails with the F-Secure Anti-Virus for Microsoft
Exchange Web Console.

Chapter 8. Updating V irus and Sp am Definition Databases . Instructions

how to update your virus definition database.

Chapter 9. Administering F-Secure Spam Control. General information

about and instructions on how to configure F-Secure Spam Control.

Appendix A. Variables in Warning Messages. Lists variables that can

be included in virus warning messages.

About This Guide 11

Appendix B. Services and Processes. Describes services, devices and

processes of F-Secure Anti-Virus for Microsoft Exchange.

Appendix D. Sending E-mail Alerts And Reports. Instructions how to

configure the product to send alerts to the administrator by e-mail.

Chapter E. Troubleshooting. Solutions to some common problems.

Technical Support. Contains the contact information for assistance.
About F-Secure Corporation. Describes the company background and

products.
See the F-Secure Policy Manager Administrator's Guide for detailed

information about installing and using the F-Secure Policy Manager
components:

 F-Secure Policy Manager Console, the tool for remote

administration of F-Secure Anti-Virus for Microsoft Exchange.

 F-Secure Policy Manager Server, which enables communication

between F-Secure Policy Manager Console and the managed
systems.

12

Conventions Used in F-Secure Guides

This section describes the symbols, fonts, and terminology used in this
manual.

Symbols

WARNING: The warning symbol indicates a situation with a
risk of irreversible destruction to data.

IMPORTANT: An exclam ation mark provides important informa tion
that you need to consider.

REFERENCE - A book refers you to related information on the
topic available in another document.

NOTE - A note provides additional information that you should
consider.

l

Fonts

TIP - A tip provides information that can help you perf or m a task
more quickly or easily.

⇒ An arrow indicates a one-step procedure.

Arial bold (blue) is used to refer to menu names and commands, to

buttons and other items in a dialog box.

Arial Italics (blue) is used to refer to other chapters in the manual, book

titles, and titles of other manuals.
Arial Italics (black) is used for file and folder names, for figure and table

captions, and for directory tree names.
Courier New is used for messages on your compute r screen.

Courier New bold is used for information that you must type.

SMALL CAPS (BLACK) is used for a key or key combination on your

keyboard.

13

PDF Document

For More Information

Arial underlined (blue)

Arial italics is used for window and dialog box names.

This manual is provided in PDF (Portable Document Format). The PDF
document can be used for online viewing and printing using Adobe®
Acrobat® Reader. When pr inting the manual, please print the entire
manual, including the copyright and disclaimer statements.

Visit F-Secure at http://www.f-secure.com for documentation, training
courses, downloads, and service and supp o rt contacts.

In our constant attempts to improve our documentation, we would
welcome your feedback. If you have any questions, comments, or
suggestions about this or any other F-Secure document, please conta ct
us at documentation@f-secure.com

is used for user interface links.

.

1

INTRODUCTION

Overview..................................................................................... 15

How F-Secure Anti-Virus for Microsoft Exchange Works........... 16

Key Features.............................................................................. 19

F-Secure Anti-Virus Mail Server and Gateway Products............ 21

14

1.1 Overview

CHAPTER 1 15

Introduction

Malicious code, such as computer viruses, is one of the main threats for
companies today. In the past, malicious code spread mainly via disks and
the most common viruses were the ones that infected disk boot sectors.
When users began to use office applications with macro capabilities ­such as Microsoft Office - to write documen t s and distribu te them via mail
and groupware servers, macro viruses started spreading rapidly.

After the millennium, the most common spreading mechanism has been
the e-mail. Today about 90% of viruses arrive via e-mail. E-mails provide
a very fast and efficient way for viruses to spread themselves without any
user intervention and that is why e-mail worm outbreaks, like Sober,
Netsky and Bagle, have caused a lot of damage around the world.

F-Secure Anti-Virus Mail Server and Gateway products are designed to
protect your company's mail and groupware servers and to shield the
company network from any malicious code that travels in HTTP or SMTP
traffic. In addition, they protect your company network against spam. The
protection can be implemented on the gateway level to screen all
incoming and outgoing e-mail (SMTP), web surfing (HTTP and
FTP-over-HTTP) and file transfer (FTP) traffic. Furthermore, it can be
implemented on the mail server level so that it does not only protect
inbound and outbound traffic but also internal mail traffic and public
sources, such as public folders on Microsoft Exchange servers.

Providing the protection already on the gateway level has plenty of
advantages. The protection is easy and fast to set up and install,
compared to rolling out antivirus protection on hundreds or thousands of
workstations. The protection is also invisible to the end users which
ensures that the system cannot be by-passed and makes it easy to
maintain. Of course, protecting the gateway level alone is not enough to
provide a complete antivirus solution; file server and workstation level
protection is needed, also.

Why clean 1000 workstations when you can clean one attachment at the
gateway level?

16

1.2 How F-Secure Anti-Virus for Microsoft Exchange Works

F-Secure Anti-Virus for Microsoft Exchange is designed to detect and
disinfect viruses and other malicious code from e-mail transmissions
through Microsoft Exchange 2007 Server. Scanning is done in real time
as the mail passes through Microsoft Exchange Server. On-demand
scanning of user mailboxes and public folders is also available.

Scanning

Attachments and

Message Bodies

Flexible and Scalable

Anti-Virus Protection

Alerting F-Secure Anti-Virus for Microsoft Exchange has extensive alerting

Powerful and Always

Up-to-date

F-Secure Anti-Virus for Microsoft Exchange scans attachments and
message bodies for malicious code. It can also be instructed to remove
particular attachments according to the file name or the file extension.

If the intercepted mail contains malicious code, F-Secure Anti-Virus for
Microsoft Exchange can be configured to disinfect or drop the content.
Any malicious code found during the scan process can be placed in the
Quarantine, where it can be further examined. Stripped attachments can
also be placed in the Quarantine for further examination.

F-Secure Anti-Virus for Microsoft Exchange is installed on Microsoft
Exchange 2007 Server and it intercepts mail traveling to and from
mailboxes and public folders. The messages and documents are scanned
with the scanning component, F-Secure Content Scanner Server, which
also disinfects the infected messages.

functions, which means that the system administrator can specify a
recipient, such as the network administrator, to be notified about the
infection found in the data content.

F-Secure Anti-Virus for Microsoft Exchange uses the award-winning
F-Secure Anti-Virus techniques and scanning engines to ensure the
highest possible detection rate and disinfection capability. The F-Secure
Anti-Virus definition databases are upda ted typically multiple times a day
and they provide F-Secure Anti-Virus for Microsoft Exchange an always
up-to-date protection capability.

CHAPTER 1 17

Introduction

F-Secure Anti-Virus scanner consistently r anks at the top when compar ed
to competing products. Our team of dedicated virus resea rchers is on call
24-hours a day responding to new and emerging threats. In fact,
F-Secure is one of the only companies to release tested virus definition
updates continuously, to make sure our customers are receiving the
highest quality service and protection.

Virus and Spam

Outbreak Detection

Stand-alone and

Centralized

Administration Modes

Scalability and

Reliability

Easy to

Administer

Massive spam and virus outbreaks consist of millions of messages which
share at least one identifiable pattern that can be used to distinguish the
outbreak. Any message that contains one or more of these patterns can
be assumed to be a part of the same spam or virus outbreak.

F-Secure Anti-Virus for Microsoft Exchange can identify these patterns
from the message envelope, headers and body, in any language,
message format and encoding type. It can detect spam messages and
new viruses during the first minutes of the outbreak.

F-Secure Anti-Virus for Microsoft Exchange can be installed either in
stand-alone or centrally administered mode. Depending on how it has
been installed, F-Secure Anti-Virus for Microsoft Exchange is managed
either with the F-Secure Anti-Virus for Microsoft Exchange Web Console
or F-Secure Policy Manager.

F-Secure Policy Manager provides a scalable way to manage the security
of multiple applications on multiple operating systems, from one central
location. F-Secure Policy Manager is comprised of two components,
F-Secure Policy Manager Console and F-Secure Policy Manager Server,
which are used to administer applications. They are seamlessly
integrated with the F-Secure Management Agents that handle all
management functions on local hosts.

If F-Secure Anti-Virus for Microsoft Exchange is installed in stand-alone
mode it can be managed with the web-based user interface.

If F-Secure Anti-Virus for Microsoft Exchange has been installed in
centrally administered configuration, it is managed with F-Secure Policy
Manager. With its graphical user interface, F-Secure Policy Manager
Console provides a centralized view of the domains and hosts in your
network, lets you configure the security policies for all F-Secure

18

components and set up scheduled scans and run manual scanning
operations. F-Secure Policy Manager receives status information from
F-Secure Anti-Virus for Microsoft Exchange.

F-Secure Policy Manager Server is the server side component that
handles communication between F-Secure Anti-Virus for Microsoft
Exchange and F-Secure Policy Manager Console. It exchanges security
policies, software updates, status information, statistics, alerts, and other
information between F-Secure Policy Manager Console and all managed
systems.

Figure 1-1 (1) E-mail arrives from the Internet to F-Secure Anti-Virus for Microsoft
Exchange, which (2) filters malicious content from mails and attachments, and (3)
delivers cleaned files forward.

1.3 Key Features

F-Secure Anti-Virus for Microsoft Exchange provides the following
features and capabilities.

Superior Protection  Superior detection rate with multiple scanning engines.

 Automatic malicious code detection and disinfection.
 The grayware scan detects spyware, adware, dialers, joke

programs, remote access tools, and any other unwelcome files
and programs.

 Heuristic scanning detects also unknown Windows and macro

viruses.

 The sandbox scanning can detect new unknown viruses and

malware without damaging the system by running code in a safe
and isolated environment.

 Recursive scanning of ARJ, BZ2, CAB, GZ, JAR, LZH, MSI,

RAR, TAR, TGZ, Z and ZIP archive files.

 Automatic and consistent virus definition database updates.
 Suspicious and unsafe attachments can be stripped away from

e-mails.

 Password protected archives can be treated as unsafe.
 Intelligent file type recognition.

CHAPTER 1 19

Introduction

Virus Outbreak

Detection

 The virus outbreak detection is an additional active layer of

protection that automatically detects virus outbreaks and
quarantines suspicious messages.

 Virus outbreaks are transparen tly detected and infected

messages are quarantined before the outbreak becomes
widespread.

 Quarantined unsafe messages can be reprocessed

automatically.

20

Transparen cy and

Scalability

 Viruses are intercepted before they can enter the network and

spread out on workstations and servers.

 Real-time scanning of internal, inbound and outbound mail

messages and Public Folder notes.

 Automatic protection of new mailboxes and Public Folders.
 Total transparency to end-users. Users cannot bypass the

system, which means that messages and documents cannot be
exchanged without scanning.

Management  Controlling and monitoring the behavior of the products remotely.

 Starting predefined operations remotely.
 Monitoring statistics provided by the products remotely with

F-Secure Policy Manager or F-Secure Anti-Virus for Microsoft
Exchange Web Console.

 Possibility to configure and manage stand-alone installations with

the convenient F-Secure Anti-Virus for Microsoft Exchange Web
Console.

 You can manage and search quarantined content with the

F-Secure Anti-Virus for Microsoft Exchange Web Console.

Protection against

Spam

 Possible spam messages are transparently detected before they

become widespread.

 Efficient spam detection based on different analyses on the

e-mail content.

 Multiple filtering mechanisms guarantee the high accuracy of

spam detection.

 Spam m essages can be separated from legitimate messages and

processed using the Spam Confidence Levels.

 Spam detection works in every language and message format.

1.4 F-Secure Anti-Virus Mail Server and Gateway Products

The F-Secure Anti-Virus product line consists of workstation, file server,
mail server, gateway and mobile products.

 F-Secure Internet Gatekeeper™ is a high performance, totally

automated web (HTTP and FTP-over-HTTP) and e-mail (SMTP)
virus scanning solution for the gateway level. F-Secure Internet
Gatekeeper works independently of firewall and e-mail server
solutions, and does not affect their performance.

 F-Secure Anti-Virus for Microsoft Exchange™ protects your

Microsoft Exchange users from malicious code contained within
files they receive in mail messages and documents they open
from shared databases. Malicious code is also stopped in
outbound messages and in notes being posted on Public Folders.
The product operates transparently and scans files in the
Exchange Server Information Store in real-time. Manual and
scheduled scans of user mailboxes and public polders are also
supported.

 F-Secure Anti-Virus for MIMEsweeper™ provides a powerful

anti-virus scanning solution that tightly integrates with Clearswift
MIMEsweeper for SMTP and MIMEsweeper for Web products.
F-Secure provides top-class anti-virus software with fast and
simple integration to Clearswift MAILsweeper and WEBsweeper,
giving the corporation the powerful combination of complete
content security.

 F-Secure Internet Gatekeeper for Linux™ provides a

high-performance solution at the Internet gateway level, stopping
viruses and other malicious code before they spread to end u sers
desktops or corporate servers. The product scans SMTP, HTTP,
FTP and POP3 traffic for viruses, worms and trojans, and blocks
and filters out specified file types. ActiveX and Java code can
also be scanned or blocked. The product receives updates

CHAPTER 1 21

Introduction

22

automatically from F-Secure, keeping the virus protection always
up to date. A powerful and easy-to-use management console
simplifies the installation and configuration of the product.

 F-Secure Messaging Security Gateway™ delivers the

industry’s most complete and effective security for e-mail. It
combines a robust enterprise-class messaging platform with
perimeter security, antispam, antivirus, secure messaging and
outbound content security capabilities in an easy-to-deploy,
hardened appliance.

2

DEPLOYMENT

Installation Modes....................................................................... 24

Network Requirements............................................................... 25

Deployment Scenarios............................................................... 26

23

24

2.1 Installation Modes

F-Secure Anti-Virus for Microsoft Exchange can be installed either in
stand-alone or centrally administered mode. In stand-alone installation,
F-Secure Anti-Virus for Microsoft Exchange is managed with Web
Console. In centrally administered mode, it is managed centrally with
F-Secure Policy Manager components: F-Secure Policy Manager Server
and F-Secure Policy Manager Console.

To administer F-Secure Anti-Virus for Microsoft Exchange in the centrally
administered mode, you have to install the following components:

 F-Secure Policy Manager Server (on a dedicated machine)
 F-Secure Policy Manager Console (on the administ ra to r's

machine or on the same machine with F-Secure Policy Manager
Server).

For up-to-date information on supported platforms, see
F-Secure Policy Manager Release Notes.

2.2 Network Requirements

This network configuration is valid for all scenarios described in this
chapter. Make sure that the following network traffic can pass through:

Service Process Inbound ports Outbound ports

CHAPTER 2 25

Deployment

F-Secure Content Scanner
Server

F-Secure Anti-Virus for
Microsoft Exchange Web
Console

F-Secure
Update Agent

F-Secure Network Request
Broker

F-Secure Management
Agent

F-Secure Quarantine
Manager

Automatic

%ProgramFiles(x86)%\F-Secure\
Content Scanner
Server\fsavsd.exe

%ProgramFiles(x86)%\F-Secure\
Web User
Interface\bin\fswebuid.exe

%ProgramFiles(x86)%\F-Secure\
FSAUA\program\fsaua.exe

%ProgramFiles(x86)%\F-Secure\
Common\fnrb32.exe

%ProgramFiles(x86)%\F-Secure\
Common\fameh32.exe

%ProgramFiles(x86)%\F-Secure\
Quarantine Manager\fqm.exe

18971 (TCP) (on
localhost only)

25023 DNS (53, UDP and TCP),

- DNS (53, UDP and TCP),

- DNS (53, UDP/TCP),

- DNS (53, UDP/TCP),

- DNS (53, UDP/TCP),

DNS (53, UDP/TCP),
HTTP (80) or another
known port used for
HTTP proxy

1433 (TCP), only with the
dedicated SQL server

HTTP (80) and/or another
port used to connect to

F-Secure
Server

HTTP (80) or another port
used to connect to
F-Secure Policy Manager
Server

SMTP (25)

1433 (TCP), only with the
dedicated SQL server

Policy Manager

F-Secure World Map
Reporting Service

%ProgramFiles(x86)%\F-Secure\
Content Scanner
Server\fswmrsvc.exe

- DNS (53, UDP/TCP),
SMTP (25)

26

2.3 Deployment Scenarios

Depending on how the Microsoft Exchange 2007 server roles are
deployed in your environment, you might consider various scenarios of
deploying F-Secure Anti-Virus for Microsof t Exchange. There are various
ways to deploy F-Secure Anti-Virus for Microsoft Exchange that are
suitable to different environments:

 “Environment with a Single Exchange Server”, 27.
 “Environments with Exchange Roles Deployed on Multiple

Servers”, 28.

 If you want to use centralized quarantine management in a

network where the Exchange server roles have been deploye d
on multiple servers, see “Quarantine Management

Considerations”, 31.

2.3.1 Environment with a Single Exchange Server

Figure 2-1 Deployment in an environment with a single Exchange server

If the Exchange server roles have been deployed on a single server, you
should deploy F-Secure Anti-Virus for Microsoft Exchange as follows:

CHAPTER 2 27

Deployment

Installing F-Secure Anti-Virus for Microsoft Exchange

Install F-Secure Anti-Virus for Microsoft Exchange on the same server
where Exchange Hub and Mailbox Server roles are deployed.

Installing F-Secure Spam Control

If you have a license for F-Secure Spam Control, you should install it on
the same server with F-Secure Anti-Virus for Microsoft Exchange.

Administration Modes

You can install the product in st and -alone mo de and a dminister it with the
Web Console, or you can install it in centralized administration mode and
administer it with F-Secure Policy Manager Console.

28

2.3.2 Environments with Exchange Roles Deployed on Multiple Servers

Figure 2-2 Deployment in an environment with Edge, Hub and Mailbox Server
roles deployed on multiple servers

CHAPTER 2 29

Deployment

Figure 2-3 Deployment in an environment with Edge, Hub, Mailbox and Client
Access Server roles deployed on multiple servers

If the Exchange server roles have been deployed on multiple servers, you
should deploy F-Secure Anti-Virus for Microsoft Exchange as follows:

Installing F-Secure Anti-Virus for Microsoft Exchange

Install F-Secure Anti-Virus for Microsoft Exchange on all the servers
where Exchange Edge, Hub and Mailbox Server roles are deployed.

If the Exchange role is changed later, the product has to be
reinstalled.

Note that you cannot install the product on a server that has only Client
Access and/or Unifield Messaging Server roles deployed.

30

Installing F-Secure Spam Control

If you have a license for F-Secure Spam Control, you can install it on the
Edge server. If you do not have an Edge server, you can install F-Secure
Spam Control on the Hub server.

Administration Modes

It is recommended to install the product in centralized administration
mode:

 Install F-Secure Policy Manager Server on a dedicated server.

You can manage the product with F-Secure Policy Manager
Console.

 When installing the product, configure each instance of the

product to connect to the same F-Secure Policy Manager Server.

You can also install the product in stand-alone mode and administer it
with the Web Console. However, it does not provide an ea sy way to have
the same settings on all the servers.