APPENDIX A. GLOSSARY........................................................................................... 54
APPENDIX B. KASPERSKY LABS LTD. ....... ERROR! BOOKMARK NOT DEFINED.
B.1. Other Kaspersky Labs products..........................Error! Bookmark not defined.
B.2. Contact Information..............................................Error! Bookmark not defined.
APPENDIX C. LICENSE AGREEMENT ...................................................................... 61
Chapter 1. Kaspersky Anti-
Virus® for MS ISA Server
Kaspersky Anti-Virus® for Microsoft ISA Server (hereafter, also Kaspersky
Anti-Virus
using the HTTP and FTP protocols via the Microsoft Internet Security and
Acceleration Server. It ensures reliable protection of corporate networks from
penetration by malicious software.
Kaspersky Anti-Virus
transferred via the HTTP and FTP protocols, isolates controlled objects from this
data, analyzes them for the presence of viruses, and prevents infected files and
Web documents from penetrating into a corporate network.
The program includes data stream filters and the anti-virus kernel.
The filters are integrated into MS ISA Server as plug-ins, and the anti-virus kernel
is installed into the system as a service.
The anti-virus protection is managed through a special interface built into the ISA
administration snap-in for Microsoft Management Console (MMC) as an
extension.
The application performs the following functions:
In addition, Kaspersky Anti-Virus® for MS ISA Server allows the user to:
®
for ISA Servers) is a system of anti-virus control for files transferred
®
for MS ISA Server acts as a filter that intercepts packets
• Anti-virus protection and processing of data streams received from the
Internet.
• Generation of data streams from disinfected files and the delivery of these
streams to the client upon request.
• Scheduled and manual updating of the anti-virus database via the Internet, a local folder, or a shared folder.
• Logging of statistics about program performance and displaying the
results using standard Windows tools.
• Management of license keys.
• Set parameters for anti-virus protection and for notifications about dan-
gerous events.
• Create groups of users in accordance with the adopted network policy.
For example, you can use the existing administration division to define
5 Kaspersky Anti-Virus for MS ISA Server
anti-virus policy settings for each of the groups created. This can significantly speed up the scanning process.
• Create a list of trusted servers for one or several groups of users; the traffic from these servers will be excluded from scanning for viruses.
• Create a list of types of object excluded from anti-virus protection.
®
Kaspersky Anti-Virus
• HTTP 1.0 and 1.1 (RFC 2616);
• FTP (RFC 959, 2389, Extensions to FTP);
• FTP over HTTP.
supports the following data transfer protocols:
1.1. Hardware and software
requirements
Kaspersky Anti-Virus® for MS ISA Server operates in integration with Microsoft®
Internet Security and Acceleration Server 2000 with Service Pack 1 or higher
installed under the following platforms:
• Microsoft® Windows 2003 Server.
®
• Microsoft
• Microsoft
Windows 2000 Server (Service Pack 3 or higher).
®
Windows 2000 Advanced Server (Service Pack 3 or higher).
This version of the program cannot be installed on MS ISA Server computers operating as array members.
®
To use Kaspersky Anti-Virus
following minimum requirements:
• Pentium II processor of 300 MHz or higher.
• At least 256 Mb of free RAM.
• At least 20 Mb of free hard disk space for installation of the program.
• At least 200 Mb of free hard disk space for temporary storage of data cop-
ied from the Internet before scanning for viruses.
for MS ISA Server, your computer must meet the
Kaspersky Anti-Virus® for MS ISA Server 6
1.2. Distribution kit
You can purchase Kaspersky Anti-Virus® for MS ISA Server either from our
distributors (retail box) or online at one of our Internet shops (for example,
www.kaspersky.com
The retail box includes:
• a sealed envelope with an installation CD containing files for the software
product;
• administrator's guide;
• a license key written on the floppy disk;
• license agreement.
Before you unseal the envelope containing the CD, be sure to thoroughly review the license agreement.
If you buy Kaspersky Anti-Virus
installation file of the product from the Kaspersky Labs website. This installation
file includes this Administrator’s Guide and the license key. The license key can
also be sent to you by e-mail after receiving your payment.
The License Agreement is a legal agreement between you and the manufacturer
(Kaspersky Labs Ltd.) describing the terms on which you may employ the antivirus product which you have purchased.
– select the E store link).
®
for MS ISA Server online, you download the
Make sure you read the License Agreement!
If you do not agree to the terms of this LA, you can return the unused product to
your Kaspersky Anti-Virus
containing the CD is sealed.
If you unseal the envelope or install the program, you are considered to have
agreed to all the terms of the LA.
®
dealer for a full refund, making sure the envelope
1.3. Help Desk for registered users
Kaspersky Labs offers a large service package enabling its registered customers
to enjoy all the available features of Kaspersky Anti-Virus
If you register and purchase a subscription you will be provided with the following
services for the period of your subscription:
®
.
7 Kaspersky Anti-Virus for MS ISA Server
• new versions of this anti-virus software product provided free of charge;
• phone or e-mail advice on matters related to the installation, configuration,
and operation of this anti-virus product;
• information about new Kaspersky Labs products and about new computer
viruses (for those who subscribe to the Kaspersky Labs newsletter).
Kaspersky Labs does not provide information related to the operation
and use of your operating system or various other technologies.
1.4. Conventions
In this book we use various conventions to emphasize different meaningful parts
of the documentation. The Table below lists the conventions used in this User
Guide.
Convention Meaning
Bold font
Note.
Text of information messages and the command line
Attention!
To do this,
1. Step 1.
2. …
Menu titles, commands, window titles,
dialog elements, etc.
Additional information, notes
Critical information
Actions that must be taken
Text of configuration files, information
messages, and the command line.
Chapter 2. Typical Deployment
scenarios
A typical scenario for deploying ISA Server and most of its services is as follows:
the administrator installs the application on the ISA Server computer, and the ISA
administration tool on a remote computer (as a rule, an administrator’s
workstation).
In this deployment scenario, the Kaspersky Anti-Virus
installed on the ISA Server computer, and the Kaspersky Anti-Virus
administration console, on the administrator’s workstation. The computer that
runs the Kaspersky Anti-Virus
have the ISA Server administration tools installed.
You can install separate components of Kaspersky Anti-Virus® by
manually installing the application (see Chapter 3 on page 11).
During the installation procedure, the program will automatically detect the ISA
Server mode. Below, we consider possible ISA Server modes and any special
features of Kaspersky Anti-Virus
The documentation for ISA Server describes three possible modes:
• Firewall.
• Proxy (Cache).
• Integrated.
In Firewall mode, ISA Server protects internal network communications from
various types of Internet-borne threats by using various tools, such as IP packet
filters, Web filters, and application filters. In this mode, caching of transmitted
information is disabled.
In Proxy (Cache) mode, ISA Server acts as a cache server that routes requests
and plans data loading for efficient processing of subsequent clients’ requests. In
this mode, ISA Server does not function as a firewall.
In Integrated mode, all the features of the firewall and cache server are
available. In addition, in this mode, you can set ISA Server to operate separately
in the Proxy or Firewall modes.
During the installation of Kaspersky Anti-Virus
operates is determined automatically. Depending on the mode, various sets of
data stream filters are installed.
®
for ISA Server administration console must only
®
operation for each of these modes.
®
, the mode in which ISA Server
®
application must be
®
9 Kaspersky Anti-Virus for MS ISA Server
The following Kaspersky Anti-Virus® filters can optionally be added to the system:
• Kaspersky Anti-Virus FTP Application Filter.
• Kaspersky Anti-Virus Web Filter.
• Kaspersky Anti-Virus HTTP Application Filter.
Table 1 shows filter options for the three ISA Server modes.
Table 1
Filters Proxy Firewall Integrated
Kaspersky Anti-Virus FTP
No Yes Yes
Application Filter
Kaspersky Anti-Virus Web Filter
Kaspersky Anti-Virus HTTP
Yes Yes
No Yes No
1
Yes
Application Filter
After Kaspersky Anti-Virus® is installed, you will be able to manage the above
filters using the ISA Server Administration interface.
When the ISA Server is running in the Firewall mode Kaspersky Anti-Virus Web Filter is installed in disabled state, since it is presupposed that all the clients use
the ISA Server as a firewall without accessing the proxy server directly. If the
clients do access the proxy server directly (e.g. their browsers are set to work via
the proxy), please enable Kaspersky Anti-Virus Web Filter after the application
is installed to make sure the traffic passing via the proxy server is scanned for
viruses.
If you reinstall ISA Server to change the installed mode, you must also
reinstall Kaspersky Anti-Virus® and select only those filters that are
compatible with the selected mode.
Fig. 1 shows a scheme of processing the initial data streams that are common for
all possible Kaspersky Anti-Virus® deployment scenarios.
1
The filter is disabled by default
Typical Deployment scenarios 10
Figure 1. Processing of data streams by Kaspersky Anti-Virus for MS ISA Server
Chapter 3. How to install the
application
To correctly install the Kaspersky Anti-Virus® application, you should first properly
configure HTTP Redirector Filter and FTP Access Filter of the ISA Server and
then install the application on your computer.
3.1. Configuring ISA Server before
installing the application
The MS ISA Server console provides a number of standard filters for controlling
data packets received from the Internet. The HTTP protocols are controlled by
the HTTP Redirector Filter. The FTP protocols are controlled by the FTP Access Filter (not used in Proxy mode).
®
Kaspersky Anti-Virus
receive the initial data streams and subsequently process them.
Before installing Kaspersky Anti-Virus
the standard HTTP Redirector Filter and FTP Access Filter are enabled
and are forwarding data streams to pass through the anti-virus filter.
Otherwise, disabling these filters can lead to disabling the anti-virus
protection of your server!
Data stream filters are controlled from the standard console tree of ISA Management.
for MS ISA Server uses default settings of these filters to
®
for ISA Server, make sure that
To configure HTTP Redirector Filter and FTP Access Filter:
In the console tree of the ISA Management main window, select the Extensions node and click the Application Filters folder.
If one of these filters is disabled, you will see the
To enable a filter:
1. Select the required filter in the list and open the Properties dialog box.
icon in the list of filters.
How to install the application 12
2. For FTP Access Filter, click Enable this filter in the FTP Access Filter
Properties dialog box.
3. For HTTP Redirector Filter, click Enable this filter on the General tab
of the HTTP Redirector Filter Properties dialog box. Then, on the
Options tab, select Send to requested Web server, if MS ISA Server
is operating in Firewall mode. This will allow the data streams flowing
through the HTTP protocol to enter the corresponding Kaspersky AntiVirus® filters.
If you have selected Send to local Web Proxy server when
the ISA Server is running in the Firewall mode and have enabled Kaspersky Anti-Virus Web Filter, it is recommended
to disable Kaspersky Anti-Virus HTTP Application Filter in
order to avoid duplication checking of the traffic: when passing through the HTTP Redirector Filter and the local proxy
server.
Sometimes, third-party filters are used in conjunction with the standard MS ISA
Server filters. However, these additional filters can affect the performance of the
anti-virus application if their settings prevent the initial data from entering the
Kaspersky Anti-Virus
ISA Server might be completely disabled because of these filters.
®
filters. Moreover, in some cases, Kaspersky Anti-Virus® for
3.2. Installing Kaspersky Anti-Virus®
The installation procedure for Kaspersky Anti-Virus® for ISA Server is standard
for most Windows applications. You can select complete installation or custom
installation and restore an Anti-Virus configuration in the case of an incorrect
installation.
3.2.1. First installation
Step 1. Welcome and License Agreement dialog boxes
During the initial stages, the Kaspersky Anti-Virus® setup wizard presents the
Welcome and License Agreement dialog box that contains the License
Agreement. To proceed with the installation, read the agreement thoroughly and
accept its terms.
Step 2. User data and selecting installation options
At this stage, the program automatically detects user information by using data
from the operating system registry, and offers two installation options: complete
13 Kaspersky Anti-Virus for MS ISA Server
installation or custom installation (Fig. 2). If you are installing the entire
Kaspersky Anti-Virus
®
application (anti-virus kernel, administration tools, etc.) on
an MS ISA Server computer, select complete installation.
If you want to install a separate component of Kaspersky Anti-Virus
®
, select
custom installation. For example, if you want to remotely manage Kaspersky
Anti-Virus®, install only the administration console on the administrator’s
workstation.
If you want to install Kaspersky Anti-Virus
console on a computer, make sure that ISA administration tools are
installed on this computer!
®
for ISA Server administration
Figure 2. Setup Type
Step 3. Selecting the application components to be installed
In this stage, you select the Kaspersky Anti-Virus® components to be installed on
your computer (Fig. 3).
As a rule, these are administration tools for managing Kaspersky Anti-Virus® that
come together with the Microsoft Management Console.
You can also change the location of the administration console.
How to install the application 14
Figure 3. Custom Setup. Installing the administration console
Step 4. Anti-virus kernel settings
In this installation step, you must define the anti-virus protection settings that will
be used as default values (Fig. 4). The following settings can be adjusted:
• File system folder for storing the scan queue.
It is recommended that you locate this folder on a disk that has at least
200 Mb of available disk space.
• Number of queued objects.
• Folder for storing the anti-virus database that is used to detect and disin-
fect viruses.
• Folder for storing temporary files created by the program during its operation.
• Number of anti-virus kernels run simultaneously.
To speed up anti-virus scanning and handling objects, we recommend that you install four anti-virus kernels on one physical
processor. Thus, for example, the recommended number of
anti-virus kernels running on two physical processors is eight.
Each of the above parameters has a default value. To change the current default
values, click the corresponding buttons or enter data into the corresponding
fields.
15 Kaspersky Anti-Virus for MS ISA Server
Figure 4. Default settings for the program
Immediately after this stage is completed, the program will start copying files to
your computer.
Step 5. Completing the setup
The last step of Kaspersky Anti-Virus® installation is restarting MS ISA Server.
The server must be restarted in order to load the anti-virus filters included in the
package. You can restart the server from either the MS ISA Server console or the
setup wizard window if you check the corresponding checkbox (Fig. 5).
Note that anti-virus protection of your ISA server will be activated only
after you restart MS ISA Server services.
After the application is installed, it is recommended that you restart the server to
finish registration of all the necessary Kaspersky Anti-Virus
®
services.
How to install the application 16
Figure 5. Complete the setup
3.2.2. Reinstalling
Kaspersky Anti-Virus for ISA Server must be reinstalled if the first installation of
the application was incorrect or if you want to install a component of Kaspersky
Anti-Virus®.
To correctly install the anti-virus application, select Repair in the dialog
box that appears on your screen (Fig. 6).
In this case, the setup wizard will repeat the previous installation procedure.
Thus, if the previous installation was a custom type, after you select Repair, the
reinstallation procedure will also be performed in custom mode.
17 Kaspersky Anti-Virus for MS ISA Server
Figure 6. Selecting the reinstallation mode
To install an individual component of the anti-virus application on your
computer, select Modify.
After this, the custom installation dialog box will appear (Fig. 3). To continue with setup, follow the steps described for the first installation.
3.2.3. Troubleshooting installation
problems
During installation of Kaspersky Anti-Virus®, you might face a number of software
problems. Each of these problems results in termination of the Kaspersky AntiVirus® installation.
Let us consider the most typical errors and the most common reasons for them.
How to install the application 18
This error occurs when the
program fails to register
performance counters during
the installation of Kaspersky
Anti-Virus®. These
performance counters are used
in the Windows 2000 operating
system to view the statistics of
application performance.
Figure 7. Counter registration error
This error occurs when the ISA
Server computer on which you
install the anti-virus application
is an array member. The
application cannot be installed
on such a server because
Kaspersky Anti-Virus® for ISA
Server does not support this
ISA Server mode.
Figure 8. Error installing the anti-virus application on
an ISA Server that is an array member
If you see this notification on
your screen, make sure that
the server satisfies the
software requirements for
installing Kaspersky Anti-
®
Virus
.
Figure 9. Required Software not Found error
The above-listed errors are just a few that can occur during the installation of
Kaspersky Anti-Virus
installation procedure. To avoid errors, before installing Kaspersky Anti-Virus
®
. Any critical error usually leads to termination of the
®
take a moment to review the hardware and software requirements listed in
section 1.1, on page 5.
,
Chapter 4. Using Kaspersky
Anti-Virus® for ISA Server
The installation package installs Kaspersky Anti-Virus® according to the current
mode of your ISA Server. After the application is installed, you can immediately
start scanning data streams because all the parameters necessary for the scan
have been already set by default.
The installed application automatically creates the user default, the
group default, and the policy default because Kaspersky Anti-Virus
work only when at least one group and one policy have been created.
Remember that you cannot delete the default user, group, or policy!
4.1. Default values of scan settings
You can configure scan settings on the tabs of the Properties of Kaspersky
Anti-Virus for ISA Server dialog box. The following are the default scan
settings:
• The HTTP tab displays settings that regulate the application performance
(see section 4.2.1.2 on page 25 for more detail) and messages sent to the
client (see section 4.4 on page 40):
• Maximum scan time for the first chunk of data, sec – 300 sec-
onds.
• Maximum time span between chunks of data sent to the client,
sec – 60 seconds.
• Data not sent to the client before scan completes, % – 10 %.
• Enable partial content download – enabled.
• Error messages sent to the client.
<html>
<head>
<title>Kaspersky Anti-Virus for Microsoft ISA
Server</title>
</head>
<body>
<h1>Kaspersky Anti-Virus for Microsoft ISA
Server</h1>
<p>Internal Scanner Error "%ERR_TEXT%"
®
can
Using Kaspersky Anti-Virus® for ISA Server 20
(%ERR%)</p>
</body>
</html>
• Message sent to the client about detection of a malicious object:
<html>
<head>
<title>Kaspersky Anti-Virus for Microsoft ISA
Server</title>
</head>
<body>
<h1>Kaspersky Anti-Virus for Microsoft ISA
Server</h1>
<p>The requested URL "%URL%" is infected with
%VIRUSNAME% virus</p>
</body>
</html>
• The FTP tab (see section 4.2.1.3 on page 26 for more detail) contains
information about data received by the server before the first chunk of data is sent to the client, Kb – 8 Kb.
• The Anti-Virus tab (see section 4.2.1.1 on page 23) lists a set of folders
for storing Kaspersky Anti-Virus
®
for ISA Server working data:
• Folder for storing anti-virus databases:
C:/Program Files/Kaspersky Lab/KAV for ISA/bases
• Folder for scan queue:
C:/Program Files/Kaspersky Lab/KAV for ISA/TaskQueue
• Folder for temporary files:
C:/Program Files/Kaspersky Lab/KAV for ISA/Temp
• Number of anti-virus kernels run simultaneously – 4 kernels.
• Scan queue size – 1024 objects.
• Scanning settings:
o Disinfect objects if possible
o Scan archives
o Scan compressed executable files
• The Licensing tab (see section 4.7 on page 48) displays the number of
days the administrator will be notified about the license expiry. The number of days is set in the Notify about license expiration field and it is seven
days by default. The administrator is notified by messages displayed in
Loading...
+ 46 hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.