KASPERSKY Anti-Virus for Proxy Server 5.5 User Manual

Kaspersky Anti-Virus 5.5 for

ADMINISTRATOR

GUIDE

A P P L I C A TIO N V E R S I O N : 5. 5 P L A N N E D UPDA T E 2

Proxy Server

2

Dear User!

Thank you for choosing our product. We hope that this documentation will help you in your work and will provide
answers.

Any type of reproduction or distribution of any materials, including in translated form, is allowed only with the written
permission of Kaspersky Lab.

This document and graphic images related to it may be used exclusively for informational, non-commercial, and personal
purposes.

This document may be amended without additional notification. For the latest version of this document, refer to the
Kaspersky Lab website at http://www.kaspersky.com/docs.

Kaspersky Lab assumes no liability for the content, quality, relevance, or accuracy of any materials used in this document
for which the rights are held by third parties, or for any potential damages associated with the use of such documents.

The document contains registered trademarks and service marks belonging to their respective owners.

Revision date: 09.03.2010

© 1997-2010 Kaspersky Lab ZAO. All Rights Reserved.

http://www.kaspersky.com

http://support.kaspersky.com

3

CONTENTS

INTRODUCTION ........................................................................................................................................................... 5

What's new .............................................................................................................................................................. 5

Hardware and software system requirements .......................................................................................................... 6

Obtaining Information about Anti-Virus .................................................................................................................... 7

Sources of information to research on your own ................................................................................................ 7

Contacting the Sales Department ...................................................................................................................... 8

Contacting the Technical Support service .......................................................................................................... 8

Discussing Kaspersky Lab applications on the web forum ................................................................................. 9

OPERATION ALGORITHM AND TYPICAL SCHEMES OF PROGRAM DEPLOYMENT ........................................... 10

How the Kaspersky Anti-Virus works ..................................................................................................................... 10

ICAP requests processing algorithm ...................................................................................................................... 12

Typical deployment scenarios ................................................................................................................................ 13

Installation on the same server with the proxy ................................................................................................. 13

Installation on a dedicated server ..................................................................................................................... 14

INSTALLATION OF THE APPLICATION .................................................................................................................... 16

Installation on a server running Linux .................................................................................................................... 16

Installation on a server running FreeBSD ................................................................................................ .............. 16

Installation procedure............................................................................................................................................. 17

Post-install configuration ........................................................................................................................................ 17

Locations of Kaspersky Anti-Virus files .................................................................................................................. 19

USING KASPERSKY ANTI-VIRUS ............................................................................................................................. 21

Updating databases ............................................................................................................................................... 21

Automatic database updates ............................................................................................................................ 22

Manual updating of the databases ................................................................................................................... 22

Creating a shared directory for storing and sharing database updates ............................................................ 23

Licenses management ........................................................................................................................................... 23

Viewing license information .............................................................................................................................. 24

License renewal ............................................................................................................................................... 26

Removing a license key ................................................................................................................................... 26

Using a control script ............................................................................................................................................. 27

Ensuring anti-virus protection of HTTP traffic ........................................................................................................ 27

Configuring anti-virus scan parameters for user groups ........................................................................................ 29

DETAILED SETTINGS FOR KASPERSKY ANTI-VIRUS ............................................................................................ 32

Creating groups ..................................................................................................................................................... 32

Anti-virus scan settings .......................................................................................................................................... 33

Choosing actions for scanned objects ................................................................................................................... 34

Administrator notifications ...................................................................................................................................... 35

Operation modes ................................................................................................................................................... 37

Modes of interaction with proxy via ICAP ............................................................................................................... 37

Logging application statistics ................................................................................................................................. 38

Application reporting parameters ........................................................................................................................... 39

Creating a memory dump to detect errors ............................................................................................................. 40

Work with Internet broadcasting stations ............................................................................................................... 41

Optimizing Kaspersky Anti-Virus ............................................................................................................................ 41

A D M I N I S T R A T O R G U I D E

4

Reducing traffic ................................................................................................................................................ 41

Setting up exclusions ....................................................................................................................................... 41

UNINSTALLING THE APPLICATION .......................................................................................................................... 42

VALIDATING KASPERSKY ANTI-VIRUS SETTINGS ................................................................................................ 43

Test "virus" EICAR and its modifications ............................................................................................................... 43

Testing the anti-virus scanning settings for HTTP traffic ........................................................................................ 44

KASPERSKY ANTI-VIRUS CONFIGURATION FILE .................................................................................................. 46

MACROS ..................................................................................................................................................................... 51

KAVICAPSERVER RETURN CODES......................................................................................................................... 52

COMMAND LINE OPTIONS FOR LICENSEMANAGER ............................................................................................. 53

LICENSEMANAGER RETURN CODES ..................................................................................................................... 54

COMMAND LINE FOR KEEPUP2DATE ..................................................................................................................... 55

KEEPUP2DATE RETURN CODES ............................................................................................................................. 56

KASPERSKY LAB ....................................................................................................................................................... 57

USING THIRD-PARTY CODE ..................................................................................................................................... 58

Boost 1.34.1 Library ............................................................................................................................................... 58

EXPAT 1.95.8 Library ............................................................................................................................................ 58

LIBSTDC++ 3.3.2 Library ....................................................................................................................................... 59

Agava-C program library ........................................................................................................................................ 59

5

INTRODUCTION

IN THIS SECTION

What's new ........................................................................................................................................................................ 5

Hardware and software system requirements ................................................................................................................... 6

Obtaining Information about Anti-Virus .............................................................................................................................. 7

Kaspersky Anti-Virus 5.5 for Proxy Server provides anti-virus protection for network traffic routed through proxy servers
which support the Internet Content Adaptation Protocol (ICAP).

The program allows:

Perform anti-virus scans on objects transferred through the proxy server.

Kaspersky Anti-Virus does not scan the data transferred via HTTPS.

Cure infected objects, or block access to infected objects if disinfection fails.

Use group settings to define filtration parameters that are applied depending on the address of the user

requesting an object, and the object's address (URL).

Log activity statistics, including information about anti-virus scanning and its results, and application errors and

warnings.

Notify administrators about detection of malicious software.

Update the anti-virus databases. By default the application uses Kaspersky Lab’s update servers as the source

of updates. But it can be configured to update the databases from a local directory.

The anti-virus databases are used in the detection and disinfection of infected objects. The application uses
database records to analyze every object, checking it for virus presence: its content is compared with code
typical for specific viruses.

Please be aware that new viruses appear every day, and therefore you are advised to maintain the anti-virus
databases in an up-to-date state. New updates are available hourly on Kaspersky Lab’s update servers.

WHAT'S NEW

The current version of Kaspersky Anti-Virus has the following improvements:

Support for 64-bit operating systems added.

Support for Squid 3.0 or higher has been added.

Support for Cisco Content Engine and Blue Coat ProxySG (see. page 15).

New configuration options are available for user groups. In particular, groups support now the parameters (see

page 33) for selection of maximum scan duration and the set of Kaspersky Anti-Virus databases to use.

A D M I N I S T R A T O R G U I D E

6

Support for the ICAP preview feature has been added (see page 41), which reduces traffic and filtration time.

Using preview decreases the volume of data transferred through the network, and accelerates the sorting of
scanned objects.

Option of viewing detailed information on the license by traffic is added (see page 24).

Kaspersky Anti-Virus performance has been improved.

HARDWARE AND SOFTWARE SYSTEM REQUIREMENTS

In order for Kaspersky Anti-Virus to operate, the system must meet the following hardware and software requirements:

Minimum hardware requirements:

Intel Pentium® 133 MHz processor or higher.

64 MB RAM.

50 MB of disk space for Kaspersky Anti-Virus setup.

200 MB of available disk space for temporary files.

The configuration is intended to service at least 10 clients sending at least 20 requests per minute, with an
average request size of 15 Kb.

Hardware requirements:

for a proxy server servicing requests from 50 clients, with an average load of 900 requests per minute and

daily traffic of 250 MB:

Intel Pentium® II 300 MHz processor.

128 MB RAM.

512 MB of available disk space for temporary files.

for a proxy server servicing requests from 250 clients, with an average load of 1300 requests per minute

and daily traffic of 1 MB:

Intel Pentium® II 300 MHz processor.

512 MB RAM.

1 MB of available disk space for temporary files.

Software requirements:

for 32-bit platforms, one of the following operating systems:

Red Hat Enterprise Linux 5.4 server;

Fedora 12;

SUSE Linux Enterprise Server 10 SP3;

SUSE Linux Enterprise Server 11;

openSUSE Linux 11.2;

I N T R O D U C T I O N

7

Debian GNU/Linux 5.0.3;

Mandriva Enterprise Server 5;

Ubuntu 8.04.3 Server Edition;

Ubuntu 9.10 Server Edition;

FreeBSD 6.4, 7.2.

for 64-bit platforms, one of the following operating systems:

Red Hat Enterprise Linux 5.4 server;

Fedora 12;

SUSE Linux Enterprise Server 10 SP3;

SUSE Linux Enterprise Server 11;

openSUSE Linux 11.2;

Ubuntu 8.04.3 Server Edition;

Ubuntu 9.10 Server Edition;

FreeBSD 6.4, 7.2.

Squid 3.0 proxy server or higher with ICAP support.

Glibc 2.2.x or higher (for Linux distributions).

A Perl interpreter (version 5.0 or higher, see www.perl.org).

Installed packages for program compilation (gcc, binutils, glibc-devel, make, ld), as well as the operating

system kernel source code, for compilation of application modules.

OBTAINING INFORMATION ABOUT ANTI-VIRUS

Kaspersky Lab provides various information sources about Anti-Virus. Select the source that suits you best depending on
the importance and urgency of your question.

You can refer to the sources to research on your own or contact the Sales Department. If you already purchased the
Kaspersky Anti-Virus, contact the Technical Support service. If the question does not require an urgent answer, you can
discuss it with Kaspersky Lab's specialists and other Kaspersky software users in our web forum.

SOURCES OF INFORMATION TO RESEARCH ON YOUR OWN

You have the following sources of information on Kaspersky Anti-Virus at your disposal:

Documentation.

Manual pages.

Documentation

Administrator Guide contains the following information:

A D M I N I S T R A T O R G U I D E

8

on the purpose of Kaspersky Anti-Virus;

on the hardware and software requirements for Kaspersky Anti-Virus installation and operation;

on the installation of Kaspersky Anti-Virus;

on managing Anti-Virus from the command line.

This document in PDF format is included into the Kaspersky Anti-Virus distribution kit. Alternatively you can
download file from the Kaspersky Anti-Virus page of the Kaspersky Lab website.

Manual pages

To view information about Kaspersky Anti-Virus, you can refer to its manual pages, available after product
installation in the /opt/kaspersky/kav4proxy/share/man/ directory.

CONTACTING THE SALES DEPARTMENT

If you have any questions regarding selecting or purchasing Kaspersky Anti-Virus or extending the period of its use, you
can discuss them with Sales Department specialists in our Central Office in Moscow at:

+7 (495) 797-87-00, +7 (495) 645-79-39, +7 (495) 956-70-00

The service is provided in Russian or English.

You can also send your questions to the Sales Department specialists by e-mail at sales@kaspersky.com.

CONTACTING THE TECHNICAL SUPPORT SERVICE

If you already purchased the Kaspersky Anti-Virus, you can obtain information about it from the Technical Support
service by phone or via Internet.

Before contacting the Technical Support service please read the Support rules for Kaspersky Lab’s products
(http://support.kaspersky.com/support/rules).

Technical Support by e-mail

You can ask your question to the Technical Support Service specialists by filling out a Helpdesk web form at

http://support.kaspersky.com/helpdesk.html.

You can ask your question in Russian, English, German, French or Spanish.

In order to send an e-mail message with your question, you must indicate the client number obtained from the
Technical Support website during registration along with your password.

If you are not yet a registered user of Kaspersky Lab applications, you can fill out a registration form
(https://support.kaspersky.com/ru/personalcabinet/Registration/Form/?LANG=en). Specify the key filename during
the registration.

The Technical Support service will respond to your request in your Personal Cabinet
(https://support.kaspersky.com/en/PersonalCabinet) and to the e-mail address you specified in your request.

Describe the problem you have encountered in the request web form providing as much detail as possible. Specify
the following information in the mandatory fields:

Request type. Select the topic which is the closest to the problem encountered, for example, "Product

Installation/Removal Problem" or "Anti-Virus scan/virus removal problem".

I N T R O D U C T I O N

9

Kaspersky Anti-Virus name and version number.

Request text. Describe the problem encountered in detail.

Client number and password. Enter the client number and the password you have received during the

registration at the Technical Support service website.

E-mail address. The Technical Support service will send their answer to this e-mail address.

Technical support by phone

If you have a problem which requires urgent help, you can call your nearest Technical Support office. When you apply to
Russian-speaking (http://support.kaspersky.ru/support/support_local) or international
(http://support.kaspersky.ru/support/international) Technical Support specialists, please do not forget to provide
Kaspersky Anti-Virus information (http://support.kaspersky.ru/support/details), it will facilitate timely assistance.

DISCUSSING KASPERSKY LAB APPLICATIONS ON THE WEB FORUM

If your question does not require an urgent answer, you can discuss it with Kaspersky Lab's specialists and other users of
Kaspersky Lab's anti-virus applications in our forum located at http://forum.kaspersky.com.

In this forum you can view existing topics, leave your comments, create new topics and use the search engine.

10

OPERATION ALGORITHM AND TYPICAL

IN THIS SECTION

How the Kaspersky Anti-Virus works ............................................................................................................................... 10

ICAP requests processing algorithm ............................................................................................................................... 12

Typical deployment scenarios ......................................................................................................................................... 13

SCHEMES OF PROGRAM DEPLOYMENT

This chapter explains the application’s functionality, its configuration and integration with an existing network structure.

HOW THE KASPERSKY ANTI-VIRUS WORKS

Kaspersky Anti-Virus does not scan the data transferred via HTTPS.

Kaspersky Anti-Virus performs anti-virus scanning of HTTP traffic using two modes of proxy operation: REQMOD and
RESPMOD.

In the RESPMOD mode, the application checks objects requested by users via a proxy server. In the REQMOD mode it
scans objects transmitted by users through the proxy: for instance, for a web-based mail server interface. Kaspersky Anti­Virus scans message attachments transferred by users to mail servers.

In the RESPMOD mode, the application uses this algorithm to scan internet traffic (see fig. 1):

1. The user requests an object through a proxy via HTTP.

2. If the requested object is available within the proxy cache, it will be returned to the user. If the object is not found
in the cache, the proxy accesses a remote server and downloads the requested object from it.

3. The proxy uses ICAP to transfer the retrieved object to Kaspersky Anti-Virus for an anti-virus check.

4. Kaspersky Anti-Virus looks for a correspondence between the request parameters (user IP address, URL of the
requested object) and its groups (see page 32). If it finds a correspondence, it scans and processes the object in
accordance with the rules specified for that group. If a request does not match any of the existing groups, the
application uses the default group rules for anti-virus scanning and processing.

5. The application assigns a specific status to a scanned object on the basis of the anti-virus scan results. Access
to objects with a specific status is granted or blocked according to the processing group parameters (see page

32).

O P E R A T I O N A L G O R I T H M A N D T Y P I C A L S C H E M E S O F P R O G R A M D E P L O Y M E N T

11

6. If access to an object has been granted, Kaspersky Anti-Virus allows the proxy to cache the object and transmit
it to users. If access to an object is blocked, Kaspersky Anti-Virus prevents the proxy from caching the object or
delivering it to users. Instead of receiving the requested object, the user will be notified that access to the object
has been blocked.

Figure1. Anti-virus scanning of traffic in the RESPMOD mode

In the REQMOD mode, the application uses this algorithm to scan internet traffic (see fig. 2):

1. The user sends an object using HTTP via a proxy.

2. The proxy uses ICAP to transfer the received object to Kaspersky Anti-Virus for an anti-virus scan.

3. Kaspersky Anti-Virus looks for a correspondence between the requests parameters (user IP address, URL of
the requested object) and its groups (see page 32). If it finds a correspondence, it scans and processes the
object in accordance with the rules specified for that group. If a request does not match any of the existing
groups, the application uses the default group rules for anti-virus scanning and processing.

4. After anti-virus check the product assigns a certain status to the scanned object; transfer of that object will be
allowed or prohibited in accordance with the status. Access to objects with a specific status is granted or
blocked according to the processing group parameters (see page 32).

5. If transfer is allowed, the proxy transmits the object sent by the user. If transfer is prohibited, the proxy does not
transmit the object and instead notifies the user that the transfer has been blocked.

A D M I N I S T R A T O R G U I D E

12

Figure 2. Anti-virus scanning of traffic in the REQMOD mode

ICAP REQUESTS PROCESSING ALGORITHM

During interaction with the proxy server, Kaspersky Anti-Virus acts as an ICAP server. The main ICAP server process
controls child processes, which perform the following functions:

receive and process requests from ICAP client (proxy server);

interact with the anti-virus kernel: send requests for scanning and receive scan results;

collect statistical information about scanning;

transfer data from the anti-virus kernel to ICAP client.

Each child process starts several anti-virus kernels running as separate processes. Maximum number of anti-virus
kernels that a single child process may use is defined by the MaxEnginesPerChild setting.

When the program starts, the main ICAP server process starts one child process. After start and until a request is
intercepted, the child process remains in standby mode.

O P E R A T I O N A L G O R I T H M A N D T Y P I C A L S C H E M E S O F P R O G R A M D E P L O Y M E N T

13

When ICAP client reports a connection, the child process intercepts that connection and switches to active mode. After
that all requests arriving within that connection will be processed by that child process. When the child process completes
processing of all requests, it switches back to standby mode.

If all child processes are active and their number does not exceed the MaxChildren value, the main ICAP server process
spawns one more child process.

A child process handles requests until the number of processed requests reaches the MaxReqsPerChild value. After
that the process stops receiving new connections from ICAP client, completes processing of all current requests and
closes.

Forced child termination by the main process is another variant of its closing. That happens if the number of child process
in standby state exceeds the IdleChildren setting value. Processes that have handled the maximum number of requests
complete their work first in such case.

TYPICAL DEPLOYMENT SCENARIOS

This section contains descriptions of two main schemes used to deploy Kaspersky Anti-Virus:

installation on the same server with the proxy;

installation on a dedicated server.

General guidelines provided in the examples will help you configure Kaspersky Anti-Virus as your network structure may
require.

INSTALLATION ON THE SAME SERVER WITH THE PROXY

Further in this document the operation and configuration of Kaspersky Anti-Virus will be described specifically for that
scenario – on the same server with a proxy!

Installation on the same server with proxy helps achieve better processing performance because data between the proxy
and Kaspersky Anti-Virus travel locally only involving no network transfers. This deployment scheme is efficient when the
proxy server load is not too high. If a proxy is used to serve multiple user requests, installing the product on a dedicated
server is recommended (see page 14) because anti-virus scanning and processing are quite resource-intensive
procedures and thus they can negatively affect overall proxy performance.

The following configuration steps are performed automatically during product installation:

1. The installer configures Kaspersky Anti-Virus to start automatically at the OS startup and expect requests from
the proxy on port 1344 via all network interfaces of the server.

2. The following lines will be added to the ICAP OPTIONS section of the proxy configuration file specified during
program installation:

icap_enable on

icap_send_client_ip on

icap_service is_kav_resp respmod_precache 0 \

icap://localhost:1344/av/respmod

icap_service is_kav_req reqmod_precache 0 \

icap://localhost:1344/av/reqmod

icap_class ic_kav is_kav_req is_kav_resp

A D M I N I S T R A T O R G U I D E

14

icap_access ic_kav allow all

- these settings make the proxy transfer all the requested objects to Kaspersky Anti-Virus via port 1344 of the
local interface.

INSTALLATION ON A DEDICATED SERVER

Installing the program on a dedicated server is recommended when the proxy server is heavily loaded, and also when
Kaspersky Anti-Virus is used to process the traffic from several proxy servers.

Since automatic configuration of the Anti-Virus and proxy is impossible in this deployment scenario, you will have to
configure them manually.

CONFIGURING INTEGRATION WITH A SQUID PROXY

The following procedure is used to integrate Kaspersky Anti-Virus with a dedicated Squid proxy server:

1. Once Kaspersky Anti-Virus is installed, use the ListenAddress parameter in the [icapserver.network]
section of the kav4proxy.conf configuration file to specify the IP address of the network interface and the port
that Kaspersky Anti-Virus will use to expect proxy requests for anti-virus scanning of accessed objects. By
default, Kaspersky Anti-Virus expects requests at localhost:1344.

Before changing the value of ListenAddress parameter, stop Kaspersky Anti-Virus Service using the following
command:

for Linux:

# /etc/init.d/kav4proxy stop

for FreeBSD:
# /usr/local/etc/rc.d/kav4proxy stop

To start Kaspersky Anti-Virus Service, use the following command:

for Linux:

# /etc/init.d/kav4proxy start

for FreeBSD:
# /usr/local/etc/rc.d/kav4proxy start

2. Make the following changes in the proxy server configuration file:

for Squid 3.0:

a. Add the following line to the ACCESS CONTROLS section:

acl acl_kav_GET method GET

b. Add the following lines to the ICAP OPTIONS section:

icap_enable on

icap_send_client_ip on

icap_service is_kav_resp respmod_precache 0 \

icap://<ip_address>:<port>/av/respmod

icap_service is_kav_req reqmod_precache 0 \

O P E R A T I O N A L G O R I T H M A N D T Y P I C A L S C H E M E S O F P R O G R A M D E P L O Y M E N T

15

icap://<ip_address>:<port>/av/reqmod

icap_class ic_kav_resp is_kav_resp

icap_class ic_kav_req is_kav_req

icap_access ic_kav_req allow all !acl_kav_GET

icap_access ic_kav_resp allow all

for Squid 3.1:

icap_enable on

icap_send_client_ip on

icap_service is_kav_resp respmod_precache 0 \

icap://<ip_address>:<port>/av/respmod

icap_service is_kav_req reqmod_precache 0 \

icap://<ip_address>:<port>/av/reqmod

adaptation_access is_kav_req allow all

adaptation_access is_kav_resp allow all

<ip_address> stands here for the IP address of the server where Kaspersky Anti-Virus is installed; <port> is

the port on which Kaspersky Anti-Virus expects the proxy requests for anti-virus scanning.

3. Restart the proxy.

CONFIGURING INTEGRATION WITH OTHER PROXY SERVERS

Detailed information about Blue Coat ProxySG configuration for work with Kaspersky Anti-Virus is available in the ICAP
section of Blue Coat ProxySG Configuration and Management Guide.

Detailed information about Cisco Content Engine configuration for work with Kaspersky Anti-Virus can be found in the
ICAP section of Cisco ACNS Software Command Reference, Release 5.3 Chapter 2: Cisco ACNS Software Commands.
The documentation is available at:

http://www.cisco.com/en/US/docs/app_ntwk_services/waas/acns/v53/command/reference/6812ref.html.

16

INSTALLATION OF THE APPLICATION

IN THIS SECTION

Installation on a server running Linux .............................................................................................................................. 16

Installation on a server running FreeBSD ........................................................................................................................ 16

Installation procedure ................................................................................................................................ ...................... 17

Post-installation configuration .......................................................................................................................................... 17

Locations of Kaspersky Anti-Virus files ............................................................................................................................ 19

Before installing Kaspersky Anti-Virus, you are advised to:

1. Make sure that your system meets the hardware and software requirements (see page 6).

2. Log on to the system as root.

INSTALLATION ON A SERVER RUNNING LINUX

Kaspersky Anti-Virus for servers running the Linux operating system is distributed in two different installation packages:

.rpm – for systems that support RPM Package Manager;

.deb – for the distributions supporting a control system by packages dpkg.

To initiate installation of Kaspersky Anti-Virus from the rpm package, enter the following at the command line:

# rpm –i kav4proxy-<distribution package version>.i386.rpm

To initiate installation of Kaspersky Anti-Virus from the deb package, enter the following at the command line:

# dpkg –i kav4proxy-<distribution package version>.deb

To install Kaspersky Anti-Virus on a 64-bit operating system from the deb-package, execute the following command:

# dpkg –i --force-architecture kav4proxy-<distribution package version>.deb

During the setup process you will have to specify additional information (see page 17) regarding connection to the
Internet, downloading of the anti-virus databases and settings for interaction with the proxy server.

INSTALLATION ON A SERVER RUNNING FREEBSD

The distribution file for installation of Kaspersky Anti-Virus on servers running the FreeBSD operating system is supplied
as a .tgz package.

To initiate installation of Kaspersky Anti-Virus from the tgz-package, enter the following at the command line:

# pkg_add kav4proxy-<distribution package version>.tgz

I N S T A L L A T I O N O F T H E A P P L I C A T I O N

17

During the setup process you will have to specify additional information (see page 17) regarding connection to the
Internet, downloading of the anti-virus databases and settings for interaction with the proxy server.

INSTALLATION PROCEDURE

Algorithms described in this section and in section require that the target server already has Squid 3.0 or higher support
installed.

Kaspersky Anti-Virus must be installed in two stages. The first stage will be performed automatically after execution of the
commands described in Installation on a server running Linux (see page 16) and Installation on a server running
FreeBSD (see on page 16), and comprises the following steps:

1. The klusers group and the kluser account are created with the necessary privileges that Kaspersky Anti-Virus
will use to start and operate.

2. Copying of the files from distribution package to computer.

3. Registration of the services necessary for Kaspersky Anti-Virus to function.

POST-INSTALL CONFIGURATION

Post-install configuration is the second part of Kaspersky Anti-Virus installation including configuration of the program and
the proxy server which it uses. To initiate the configuration procedure, run the postinstall.pl script located in the
/opt/kaspersky/kav4proxy/lib/bin/setup/ directory. Once the script is started, you will be offered to perform the following
steps:

1. Specify the path to the license key file.

2. Configure the Internet proxy server using the following format:

http://<proxy server IP address>:<port>

or

http://<user_name>:<password>@<proxy server IP address>:<port>

depending on whether the proxy requires authentication. The updater component (keepup2date) will use the
setting to connect to Kaspersky Lab servers and download database updates.

Set the option to no if you are not using a proxy server for connection to the Internet.

3. Download database updates from the servers of Kaspersky Lab. Enter yes or no depending on your intention to
run the update procedure immediately. Once the updates are downloaded, you will see an offer to configure
automatic updating. Automatic updates will be performed every hour by default.

4. Configure the product integration with Webmin.

5. Integrate Kaspersky Anti-Virus with proxy server. Specify one of the following values:

1) No integration. No integration will be performed then.

2) Configure to work with remote proxy. In that case you will be offered to enter the address of a remote
proxy in the <domain name|IP address>:<port> format or cancel to cancel integration. The address
suggested by default is 0.0.0.0:1344 (which means that the product will receive and send data using port
1344 of all network adapters).

3) Configure Squid manually. In that case you will be offered to perform the configuration procedure
manually. Specify full path to the Squid configuration file, then the path to the Squid executable file. Then

A D M I N I S T R A T O R G U I D E

18

enter yes to confirm that the product should be integrated with the specified proxy server. To cancel
integration, enter no.

4) Squid (<path to the squid.conf configuration file>). Then the post-install configuration script of
Kaspersky Anti-Virus will perform the integration procedure automatically.

If you cancel proxy integration during this stage, you can run the
/opt/kaspersky/kav4proxy/lib/bin/setup/proxy_setup.pl automatic integration script later.

Once the initial configuration procedure on a Linux server is complete, the installer starts the service of Kaspersky Anti­Virus. After that the service will be launched automatically when the operating system starts up.

A FreeBSD server requires starting the service of Kaspersky Anti-Virus and configuring its automatic launch manually.

To start the service of Kaspersky Anti-Virus and enable its automatic launch in FreeBSD, perform the following

steps:

1. Add to the /etc/rc.conf configuration file the string kav4proxy_enable="YES".

2. Execute the following command:

/usr/local/etc/rc.d/kav4proxy.sh start