KASPERSKY Anti-Virus for ISA Server 5.6 User Manual
KASPERSKY LAB
Kaspersky Anti-Virus for Microsoft
ISA Server 2004/2006 Enterprise
Edition
ADMINISTRATOR'S
GUIDE
KASPERSKY A NTI-VIR U S F O R M I C ROSOF T ISA SER VER
200 4 / 2 006 EN TERP R I S E EDITI O N
Administrator's Guide
Kaspersky Lab
http://www.kaspersky.com
Revision date: March, 2009
Contents
CHAPTER 1. KASPERSKY ANTI-VIRUS® FOR MICROSOFT ISA SERVER
2004/2006 ENTERPRISE EDITION ........................................................................... 5
1.1. Hardware and software requirements ............................................................... 6
1.2. Distribution kit ................................................................................................... 7
1.3. License Agreement ........................................................................................... 8
1.4. Services provided for registered users .............................................................. 8
CHAPTER 2. TYPICAL DEPLOYMENT SCENARIOS ............................................... 9
CHAPTER 3. INSTALLING THE APPLICATION ...................................................... 11
3.1. Configuring Microsoft ISA Server before installing the application ................... 11
3.2. Installing Kaspersky Anti-Virus® ...................................................................... 12
3.2.1. First installation ........................................................................................ 13
3.2.2. Reinstalling............................................................................................... 19
3.3. Upgrading ....................................................................................................... 20
CHAPTER 4. USING KASPERSKY ANTI-VIRUS® FOR ISA SERVER.................... 22
4.1. Connecting to a Server Array .......................................................................... 22
4.2. Default scan settings....................................................................................... 24
4.3. Managing scans ............................................................................................. 26
4.3.1. Configuring general settings of anti-virus scans ........................................ 28
4.3.2. Configuring Anti-Virus settings for individual servers ................................ 37
4.3.3. Managing client groups ............................................................................ 42
4.3.4. Specifying policies for anti-virus scanning................................................. 46
4.4. Updating the anti-virus database..................................................................... 53
4.4.1. Scheduled updating of the anti-virus database ......................................... 56
4.4.2. On-demand updating ............................................................................... 57
4.4.3. Updating on individual servers.................................................................. 57
4.5. Configuring user notifications .......................................................................... 58
4.6. Testing Kaspersky Anti-Virus® operation......................................................... 59
4.7. Application statistics and diagnostics .............................................................. 59
4.7.1. Recording and viewing statistics ............................................................... 60
4 Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Enterprise Edition
4.7.2. Notifying the administrator using ISA Server Alerts ................................... 62
4.7.3. Configuring diagnostics options for the application ................................... 63
4.8. Restrictions that apply to using Kaspersky Anti-Virus ...................................... 65
4.9. Using the application without connecting to the configuration server ............... 66
4.10. Managing license keys ................................................................................. 67
4.10.1. Installing a new license key .................................................................... 67
4.10.2. Renewing your license ........................................................................... 69
4.10.3. Removing a license key ......................................................................... 70
CHAPTER 5. FREQUENTLY ASKED QUESTIONS ................................................ 71
APPENDIX A. GLOSSARY ...................................................................................... 78
APPENDIX B. KASPERSKY LAB ............................................................................. 79
APPENDIX C. LICENSE AGREEMENT ................................................................... 82
Note:
The interface for managing Kaspersky Anti-Virus for Microsoft ISA Server can be
installed on a workstation for remote administration of the product.
CHAPTER 1. KASPERSKY ANTI-
VIRUS® FOR MICROSOFT
ISA SERVER 2004/2006
ENTERPRISE EDITION
Kaspersky Anti-Virus® for Microsoft ISA Server 2004/2006 Enterprise Edition (hereafter, also Kaspersky Anti-Virus®) is a system of anti-virus protection
of files transferred using the HTTP and FTP protocols via the Microsoft Internet
Security and Acceleration Server. It ensures reliable protection of corporate networks from penetration of malicious software.
Kaspersky Anti-Virus® for Microsoft ISA Server acts as a filter that intercepts
packets transferred via the HTTP and FTP protocols, isolates controlled objects
from this data, analyzes them for the presence of viruses, and prevents infected
files and Web documents from penetrating a corporate network.
The program includes data stream filters and the anti-virus kernel.
The filters are integrated into Microsoft ISA Server as plug-ins, and the anti-virus
kernel is installed into the system as a service.
The anti-virus protection settings are managed through a special interface, which
is a snap-in for Microsoft Management Console (hereafter referred to as MMC).
The application performs the following functions:
Anti-virus protection and processing of data streams received from the
Internet.
Generation of data streams from disinfected files and the delivery of
these streams to the client upon request.
Blocking the download of data streams if disinfection fails.
Scheduled and manual updating of the anti-virus database via the Inter-
net.
6 Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Enterprise Edition
Note:
Kaspersky Anti-Virus does not protect data transferred via other protocols and
VPN connections.
Note:
The application does not work with Microsoft ISA Server Standard Edition.
Logging of statistics about program performance and displaying the re-
sults using standard Microsoft Windows tools.
Management of license keys.
In addition, Kaspersky Anti-Virus® for Microsoft ISA Server allows the administrator to:
Set parameters for anti-virus protection and for user notifications about
dangerous events.
Create groups of clients based on their network addresses. For exam-
ple, you can use the existing administration division to define anti-virus
policy settings for each of the groups created. This can significantly
speed up the scanning process.
Create a list of trusted servers for one or several groups of users; the
traffic from these servers will be excluded from anti-virus scanning.
Create a list of object types excluded from anti-virus protection.
Kaspersky Anti-Virus® supports the following data transfer protocols:
HTTP 1.0 and 1.1 (RFC 2616);
FTP (RFC 775, 959, 2389, Extensions to FTP);
FTP over HTTP.
1.1. Hardware and software
requirements
Software requirements for Kaspersky Anti-Virus:
Kaspersky Anti-Virus for Microsoft ISA Server operates in integration with Micro-
soft Internet Security and Acceleration (ISA) Server 2004 Enterprise Edition or
Microsoft Internet Security and Acceleration (ISA) Server 2006 Enterprise Edition
installed under the Microsoft Windows Server 2003 operating system.
Kaspersky Anti-Virus ® for Microsoft ISA Server 7
Note:
The amount of free disk space required to temporarily store data downloaded
from the Internet before an anti-virus scan starts depends on the density of traffic
processed by Microsoft ISA Server. As a rule, 200 MB is enough but if traffic is
heavy and files downloaded are too large, more space can be required.
Note:
Before you unseal the envelope containing the CD, be sure to thoroughly review
the license agreement.
To use Kaspersky Anti-Virus® for Microsoft ISA Server, your computer must meet
the following minimum requirements:
Pentium III processor running at 733 MHz or higher.
512 MB RAM.
At least 50 MB hard disk space for installation of the program.
At least 200 MB hard disk space for temporary storage of the queue of
objects copied from the Internet before scanning for viruses.
1.2. Distribution kit
You can purchase Kaspersky Anti-Virus® for Microsoft ISA Server either from our
distributors (retail box) or online at one of our Internet shops (for example,
www.kaspersky.com – select the E-store link).
The retail box includes:
a sealed envelope with an installation CD containing files for the soft-
ware product;
administrator's guide;
a license key written on a floppy disk or included into the distribution
package;
license agreement.
If you buy Kaspersky Anti-Virus® for Microsoft ISA Server online, you download
the installation file of the product from the Kaspersky Lab web site. This installa-
tion file includes this Administrator’s Guide and the license key. The license key
can also be sent to you by e-mail after receiving your payment.
8 Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Enterprise Edition
Warning!
Make sure you read the License Agreement!
Note:
Support on issues related to the performance and the use of operating systems
or other technologies is not provided.
1.3. License Agreement
The License Agreement is a legal agreement between you and the manufacturer
(Kaspersky Lab) describing the terms on which you may employ the anti-virus
product which you have purchased.
If you do not agree to the terms of this LA, you can return the unused product to
your Kaspersky Anti-Virus® dealer for a full refund, making sure the envelope
containing the CD is sealed.
If you unseal the envelope or install the program, you are considered to have
agreed to all the terms of the LA.
1.4. Services provided for registered
users
Kaspersky Lab Ltd. offers to all legally registered users an extensive service
package enabling them to use Kaspersky Anti-Virus more efficiently.
After purchasing a subscription, you become a registered user and, during the
period of your subscription, you will be provided with the following services:
you will be receiving new versions of the purchased software product;
support on issues related to the installation, configuration and use of the
purchased software product. Services will be provided by phone or via
email;
information about new Kaspersky Lab products and about new viruses
appearing worldwide (this service is provided to users who subscribe to
the Kaspersky Lab's newsletter).
Note:
You can install separate components of Kaspersky Anti-Virus® by manually installing the application (see Chapter 3 on page 11).
CHAPTER 2. TYPICAL
DEPLOYMENT SCENARIOS
A typical scenario for management of server applications implies remote administration from a computer with an installed administration console (the remote
management component).
The scenario requires that all the components of Kaspersky Anti-Virus application must be installed on the Microsoft ISA Server computer, and the Kaspersky
Anti-Virus administration console has to be deployed on the administrator’s
workstation. The computer that runs the administration console of Kaspersky
Anti-Virus® for ISA Server must only have the Microsoft ISA Server administration tools installed.
The following Kaspersky Anti-Virus® filters can be integrated into the Microsoft
ISA Server system:
Kaspersky Anti-Virus FTP Filter.
Kaspersky Anti-Virus Web Filter.
After Kaspersky Anti-Virus® is installed, you will be able to manage the above
filters through the Microsoft ISA Server Administration interface.
Figure 1 shows the scheme used for processing the initial data streams that are
common for all possible Kaspersky Anti-Virus® deployment scenarios.
10 Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Enterprise Edition
Figure 1. Processing of data streams by Kaspersky Anti-Virus
Warning!
To avoid disabling anti-virus protection of servers, make sure that the FTP
Access Filter is activated.
CHAPTER 3. INSTALLING THE
APPLICATION
To install the Kaspersky Anti-Virus® correctly, you should first configure properly
FTP Access Filer, a standard filter for Microsoft ISA Server.
If you also use Microsoft ISA Server 2004 Service Pack 2, you need to enable
the support for decompressing HTTP objects.
3.1. Configuring Microsoft ISA
Server before installing the
application
Microsoft ISA Server provides a standard filter for controlling data packets received via the FTP protocol: FTP Access Filter. The status of this filter affects the
performance of Kaspersky Anti-Virus for Microsoft ISA Server.
Data stream filters are controlled from the standard console tree of ISA Server
Management.
To configure FTP Access Filter:
In the console tree of the ISA Management main window, select the
Microsoft Security and Acceleration Server 2004/2006\<Server
name>\Configuration\Add-Ins node and click the Application Filters
tab.
If the filter is disabled, you will see the icon in the list.
Sometimes, third-party filters are used in conjunction with standard Microsoft ISA
Server filters. However, these additional filters can affect the performance of the
anti-virus application if their settings prevent the initial data from entering the
Kaspersky Anti-Virus® filters.
If you want to use the remote administration feature of Kaspersky Anti-Virus, you
must additionally enable a TCP connection between the remote administration
12 Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Enterprise Edition
Warning!
To remotely manage Kaspersky Anti-Virus, the remote machine should have the
right to administrate Microsoft ISA Server. This is regulated by a built-in system
policy of the Microsoft ISA Server Remote Management\Microsoft Management
Console (MMC).
Note:
Before installing Kaspersky Anti-Virus, we recommend that you uninstall antivirus applications for Microsoft ISA Server of other vendors because mutual operation of miscellaneous anti-virus applications might cause compatibility issues.
application console and the computer where the Microsoft ISA Server is installed.
For this, the application installer automatically creates the rule Allows Kas-
persky Anti-Virus for Microsoft ISA Server Remote Management. By default,
this rule is inactive after installation.
By default, the rule remains disabled during installation and so the administrator
can analyze it in the console of Microsoft ISA Server before activating it.
In addition, to ensure correct interaction between Kaspersky Anti-Virus and Microsoft ISA Server 2004 Service Pack 2, you should enable in ISA Server settings the option that allows decompression of traffic before its submission for
processing by the Web filters (support for compressed content).
In order to enable the support,
In the console tree of the ISA Management main window, select the Microsoft
Security and Acceleration Server 2004\<Server
name>\Configuration\General node and then click the Define HTTP Compression Preferences link in the right window part. In the HTTP Compression
window that opens after that go to the Content Inspection tab and enable the
Decompress incoming packets to allow ISA Server Web filters to inspect
the content checkbox.
3.2. Installing Kaspersky Anti-Virus
The installation procedure for Kaspersky Anti-Virus® for Microsoft ISA Server is
standard for most Microsoft Windows applications.
The installation application can be run locally on Microsoft ISA Server or remotely, by establishing a terminal session. You can select complete installation or
custom installation and restore an Anti-Virus configuration in the case of an incorrect installation.
®
Installing the application 13
Warning!
Kaspersky Anti-Virus installation requires a connection with a configuration server!
Moreover, to install Kaspersky Anti-Virus the account used for product setup
must have server administrator privileges on the target computer being also able
to administrate the configuration of Microsoft ISA Server.
Note:
If errors occur during installation, please contact the Technical Support service
(http://www.kaspersky.com/support).
Warning!
If you want to install the administration console of Kaspersky Anti-Virus® for Microsoft ISA Server on a computer, make sure that Microsoft Windows 2000 (with
Service Pack 4 and higher) and Microsoft ISA Server administration tools are
installed on this computer!
During installation of Kaspersky Anti-Virus, certain errors might occur preventing
correct product setup. To avoid such errors, make sure before installation that
your server meets all hardware and software requirements (see section 1.1 on
page 6).
3.2.1. First installation
Step 1. Welcome and License Agreement dialog boxes
The Kaspersky Anti-Virus® setup wizard starts with the Welcome and License
Agreement dialog boxes. The License Agreement dialog box contains the text
of the License Agreement. To proceed with the installation, read the agreement
thoroughly and accept its terms.
Step 2. Selecting installation options
At this stage, the program offers two installation options: complete installation or
custom installation (Fig. 2). If you are installing the entire Kaspersky Anti-Virus®
application (anti-virus kernel, administration tools, etc.) on a Microsoft ISA Server
computer, select complete installation.
If you want to install a separate component of Kaspersky Anti-Virus®, select cus-
tom installation. For example, if you want to remotely manage Kaspersky AntiVirus®, install only the administration console on the administrator’s workstation.
14 Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Enterprise Edition
Figure 2. Selecting the Setup Type
Step 3. Selecting the application components to be installed
In this stage, you select the Kaspersky Anti-Virus® components to be installed on
your computer (see Fig. 3).
Installing the application 15
Note:
To speed up anti-virus scanning and handling objects, we recommend that you
specify four anti-virus engines per one physical processor. Thus, for example,
the recommended number of anti-virus kernels running on two physical processors is eight.
Figure 3. Selecting the administration console to install
You can also click the Change… button to specify a different destination folder
for the selected components.
Step 4. Configuring the anti-virus protection settings
In this installation step, you must define the anti-virus protection settings that will
be used as default values (Fig. 4). The following settings can be adjusted:
File system folder for storing the scan queue. This folder should meet
the minimum requirements for free disk space for temporarily storing
data copied from the Internet before anti-virus scanning (see section 1.1
on page 6).
Folder for storing the anti-virus database that is used to detect and dis-
infect viruses.
Folder for storing temporary files created by the program during its op-
eration.
Number of anti-virus kernel instances running simultaneously.
16 Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Enterprise Edition
Number of queued objects.
Each of the above parameters has a default value. To change the default values,
click the corresponding buttons or enter data into the corresponding fields.
Figure 4. Default settings for the application
Immediately after this stage is completed, the program will start copying files to
your computer. Microsoft ISA Server services will be automatically restarted1.
Step 5. Completing the setup
In this step, the wizard informs you that Kaspersky Anti-Virus has been successfully installed.
You can also run a wizard for automatic installation of application license keys by
selecting the corresponding box (see Figure 5). If this check box is selected, after
the installation completes, a dialog box opens (see Figure 6) in which you can
add/install a license key file.
1
Microsoft ISA Server services will not start if they have been stopped before Kaspersky
Anti-Virus installation.
Installing the application 17
Warning!
Without an installed license key, Kaspersky Anti-Virus will not scan traffic and the
anti-virus database will not be updated.
It is possible to install license keys after the application is installed (see section 4.9 on page 66).
Figure 5. Completing the setup procedure
18 Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Enterprise Edition
Warning!
Please keep in mind that the anti-virus protection of Microsoft ISA Server will
remain disabled until synchronization with the configuration server is complete
and the Microsoft ISA Server services are restarted.
Warning!
After Kaspersky Anti-Virus installation to a single server, you should synchronize
Microsoft ISA Server with its configuration server and replicate data between all
configuration servers (if there are several of them). Only then you will be able to
proceed with the installation of Kaspersky Anti-Virus to the next server in the
array. Otherwise the application may be deployed incorrectly.
Figure 6. Selecting the license key
After setup completion the installer will display a window containing information
about synchronization of the local copy of Microsoft ISA Server configuration with
the configuration server of the array. If the process does not complete successfully the administrator has to wait until synchronization is complete and restart
the Firewall service of Microsoft ISA Server manually.
After setup you can start the administration console of Kaspersky Anti-Virus using the main Microsoft Windows menu (Start Programs Kaspersky Anti-
Virus 5.6 for Microsoft ISA Server 2004/2006 Enterprise Edition).
Installing the application 19
Warning!
After Kaspersky Anti-Virus installation to a single server, you should synchronize
Microsoft ISA Server with its configuration server and replicate data between all
configuration servers (if there are several of them). Only then you will be able to
proceed with the installation of Kaspersky Anti-Virus to the next server in the
array. Otherwise the application may be deployed incorrectly.
Warning!
If you are deploying the application on a server array, all the servers in it must
have identical versions (Kaspersky Anti-Virus 5.6 for Microsoft ISA Server
2004/2006 Enterprise Edition) installed. The administration console cannot control servers with other installed versions of Kaspersky Anti-Virus.
Note:
All the configuration parameters of Kaspersky Anti-Virus 5.6 for Microsoft ISA
Server 2004/2006 Enterprise Edition (including license keys) are preserved and
replicated between the servers of a Microsoft ISA Server array using internal
mechanisms of Microsoft ISA Server 2004 Enterprise Edition and Microsoft ISA
Server 2006 Enterprise Edition. Please see the documentation for Microsoft ISA
Server 2004 Enterprise Edition and Microsoft ISA Server 2006 Enterprise Edition
for details on configuration management.
3.2.2. Reinstalling
Kaspersky Anti-Virus for ISA Server must be reinstalled if the first installation of
the application was incorrect or if you want to install a component of Kaspersky
Anti-Virus®.
To correctly install the anti-virus application, select Repair in the dialog box that
appears on your screen (Fig. 7).
In this case, the setup wizard will repeat the previous installation procedure.
Thus, if the previous installation was a custom type, after you select Repair, the
reinstallation procedure will also be performed in custom mode.
20 Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Enterprise Edition
Figure 7. Selecting the reinstallation mode
3.3. Upgrading
If your server has Kaspersky Anti-Virus 5.5 installed, you can upgrade it to version 5.6.
If your server has application version 5.5 installed:
Run the installer to upgrade it to version 5.6 (please see section 3.2 on
page 12 for details). The installer will detect the earlier version and up-
grade it preserving the application settings and setup type (complete or
custom).
If you are upgrading Microsoft ISA Server 2004 Enterprise Edition to Microsoft
ISA Server 2006 Enterprise Edition, Kaspersky Anti-Virus stops functioning. This
behaviour is caused by the fact that the upgrade procedure of Microsoft ISA
Server does not preserve the registration of third-party filters.
If your server has application version 5.5 installed, then after Microsoft ISA Server upgrade:
Run the installer (please see section 3.2 on page 12 for details). The in-
staller will detect the earlier version and upgrade it preserving the appli-
cation settings and setup type (complete or custom).
Installing the application 21
If your server has application version 5.6 installed, then after Microsoft ISA Server upgrade:
Select in Microsoft Windows Control Panel the Add or Remove Pro-
grams → Kaspersky Anti-Virus 5.6 for Microsoft ISA Server
2004/2006 and click the Repair button in its properties.
CHAPTER 4. USING KASPERSKY
ANTI-VIRUS® FOR ISA
SERVER
After the application is installed and the Microsoft ISA Server services are restarted, Kaspersky Anti-Virus is ready for work as all the required parameters
have been already set.
Kaspersky Anti-Virus can be managed locally or remotely.
Please note that remote management requires enabled access to the server via
the following protocols:
Protocols listed in the standard system policy of Microsoft ISA Server
that Allows remote MMC management from selected computers.
Access via those protocols is allowed by adding a remote computer to
that system policy.
Remote administration protocol of Kaspersky Anti-Virus for Micro-
soft ISA Server. Access via the protocol is enabled by a special firewall
rule created by Kaspersky Anti-Virus installer.
4.1. Connecting to a Server Array
When the administration console starts, you see a window for connecting to a
configuration server (Fig. 8). Specify the following:
Computer on which the configuration server is installed:
Local computer
Another computer. Enter the computer name or click Browse… to
specify a computer on your network.
Account:
Use credential of currently logged-in user.
Use different credentials. If you select that option, you will have to
specify the information of the account that will be used to
access the configuration server (user name, domain, and password).
Using Kaspersky Anti-Virus® for ISA Server 23
Note:
f the configuration server is unavailable, anti-virus protection is not disabled (see
section 4.9 on page 66 for details).
Figure 8. The Connection window
In the next window (see Fig. 9), select the array of servers, which will be
managed.
Figure 9. Selecting a server array
24 Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Enterprise Edition
The connection settings are automatically saved after the connection to a server
array is established for the first time. Next time, you need to enter only the password for the specified user account.
After connection is established, the application tree displays a list of all available
Microsoft ISA Server arrays. To connect to another array, expand the application
node in the console (see Fig. 10), select Connect in the results pane and specify
required settings. You can also use the same option on the Action menu or on
the shortcut menu of the Kaspersky Anti-Virus for Microsoft ISA Server
2004/2006 Enterprise Edition node.
Figure 10. Connecting to a server array
4.2. Default scan settings
You can configure scan settings on the tabs of the Properties of Kaspersky
Anti-Virus for Microsoft ISA Server 2004/2006 Enterprise Edition dialog box.
The following are the default scan settings:
The HTTP tab defines settings that regulate the application perfor-
mance (see section 4.3.1.2 on page 32 for more detail) and messages
sent to the client (see section 4.5 on page 57). The following are the de-
fault scan settings:
Disinfect HTTP traffic – enabled
Maximum scanning duration before sending data to client, sec – 30
seconds.
Using Kaspersky Anti-Virus® for ISA Server 25
Maximum time span between chunks of data sent to the client, sec
– 10 seconds.
Data not sent to the client before scan completes, % – 10 %.
Enable partial content download – enabled.
Error messages sent to the client.
<html>
<head>
<title>Kaspersky Anti-Virus for Microsoft ISA
Server</title>
</head>
<body>
<h1>Kaspersky Anti-Virus for Microsoft ISA
Server</h1>
<p>Internal Scanner Error "%ERR_TEXT%"
(%ERR%)</p>
</body>
</html>
Message sent to the client about detection of a malicious object:
<html>
<head>
<title>Kaspersky Anti-Virus for Microsoft ISA
Server</title>
</head>
<body>
<h1>Kaspersky Anti-Virus for Microsoft ISA
Server</h1>
<p>The requested URL "%URL%" is infected with
%VIRUSNAME% virus</p>
</body>
</html>
The FTP tab (see section 4.3.1.3 on page 36 for more detail) contains
information about data received by the server before the first chunk of
data is sent to the client, KB – 128 KB.
The Anti-Virus tab (see section 4.3.1.1 on page 29) displays scan set-
tings:
Scan archives
Scan compressed executable files
On this tab, you can also define the type of the anti-virus database used by
the application.
The Licensing tab (see section 4.9 on page 66) displays the number of
days the administrator will be notified about the license expiry. The
26 Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Enterprise Edition
number of days is set in the Notify about license expiration field and it is
seven days by default. The administrator is notified by messages dis-
played in the system log on the computer running Kaspersky Anti-Virus®
for ISA Server.
The Updating tab (see section 4.4 on page 53) defines the source of
updates for the anti-virus database, the settings and frequency of its
updating. By default, updating is performed every three hours. The up-
date server is randomly selected from the list.
The Antivirus tab (see section 4.3.2 on page 37 for details) in the server
properties dialog box lists a set of folders for Kaspersky Anti-Virus® for ISA
Server working data:
Folder for storing anti-virus databases:
…/Program Files/Kaspersky Lab/Kaspersky Anti-Virus for ISA
Server/bases
Folder for scan queue:
…/Program Files/Kaspersky Lab/Kaspersky Anti-Virus for ISA
Server/TaskQueue
Folder for temporary files:
…/Program Files/Kaspersky Lab/Kaspersky Anti-Virus for ISA
Server/Temp
Number of queue items cached in memory – 128 objects.
Cached item buffer size – 128 KB.
Number of anti-virus engines running simultaneously – 4.
Number of engines reserved for scanning "fast" items – 1.
Scan queue size – 1024 objects.
Maximum scan time – 1800 seconds.
4.3. Managing scans
The scanning process is managed using the Kaspersky Anti-Virus® for ISA Servers main window shown in Fig. 11.
In the console tree, each node corresponding to a server consists of the following
branches: Servers, Groups and Policies.
The view of branches on the right side of the main window can be customized.
By default, all application branches and possible manipulations with them are
displayed as Taskpad view. You can change the view to Advanced by selecting
Using Kaspersky Anti-Virus® for ISA Server 27
the corresponding item from the shortcut menu. To open the shortcut menu,
right-click the corresponding node in the Kaspersky Anti-Virus application
node2 (Fig. 12).
Figure 11. The main window of Kaspersky Anti-Virus for Microsoft ISA Server
2
Below, the description of the elements of the scan management dialog box refers to
their Taskpad view.
Loading...