KASPERSKY Anti-Virus Microsoft ISA 8.5 User Manual
Kaspersky Anti-Virus 8.5 for Microsoft ISA Server and
Forefront TMG
APPLICATION VERSION: 8.5
2
Dear User!
Thank you for choosing our product. We hope that this document will help you in your work and provide answers to the
majority of your questions.
Attention! This document is the property of Kaspersky Lab ZAO (herein also referred to as Kaspersky Lab): all rights to
this document are reserved by the copyright laws of the Russian Federation and by international treaties. Illegal
reproduction or distribution of this document or parts hereof will result in civil, administrative, or criminal liability under
applicable law.
Any type of reproduction or distribution of any materials, including translations, may be allowed only with written
permission from Kaspersky Lab.
This document and the graphic images it contains may be used exclusively for information, non-commercial or personal
purposes.
This document may be amended without additional notification. The latest version of this document can be found on the
Kaspersky Lab website at http://www.kaspersky.com/docs.
Kaspersky Lab assumes no liability for the content, quality, relevance, or accuracy of any third-party materials used
herein, or for any potential harm associated with the use of such materials.
Document revision date: 6/18/2012
© 2012 Kaspersky Lab ZAO. All Rights Reserved.
http://www.kaspersky.com
http://support.kaspersky.com
3
TABLE OF CONTENTS
ABOUT THIS GUIDE .............................................................................................................................................. 5
In this document ................................................................................................................................................ 5
Document conventions ...................................................................................................................................... 6
SOURCES OF INFORMATION ABOUT THE APPLICATION ................................................................................... 8
Sources of information for unassisted search ..................................................................................................... 8
Discussing Kaspersky Lab applications in the forum ........................................................................................... 9
Contacting the Sales Department....................................................................................................................... 9
Contacting the Technical Writing & Localization Unit .......................................................................................... 9
KASPERSKY ANTI-VIRUS 8.5 FOR MICROSOFT ISA SERVER AND FOREFRONT TMG .................................... 10
HARDWARE AND SOFTWARE REQUIREMENTS ............................................................................................... 11
APPLICATION ARCHITECTURE .......................................................................................................................... 13
Composition of Kaspersky Anti-Virus components and subsystems .................................................................. 13
Configuring Kaspersky Anti-Virus ..................................................................................................................... 14
Supported traffic scan scenarios ...................................................................................................................... 15
STANDARD APPLICATION DEPLOYMENT MODELS .......................................................................................... 16
Standalone server ........................................................................................................................................... 16
Standalone array ............................................................................................................................................. 17
Enterprise ................................................................ ....................................................................................... 19
APPLICATION DEPLOYMENT ............................................................................................................................. 22
Preparing for installation .................................................................................................................................. 22
Removing previous Kaspersky Anti-Virus versions and other anti-virus applications for
Microsoft ISA Server / Forefront TMG ......................................................................................................... 23
Installing additional software....................................................................................................................... 23
Configuring user rights ............................................................................................................................... 23
Preparing the SQL server ........................................................................................................................... 24
Installing the application .................................................................................................................................. 24
Complete installation .................................................................................................................................. 25
Step 1. Starting the installation .............................................................................................................. 25
Step 2. Accepting the License Agreement ............................................................................................. 25
Step 3. Selecting the installation type .................................................................................................... 26
Step 4. Selecting the installation folder .................................................................................................. 26
Step 5. Selecting the data storage folder ............................................................................................... 27
Step 6. Configuring the database connection ......................................................................................... 27
Step 7. Creating the remote management rule ....................................................................................... 29
Step 8. Starting the copying of files and registration of components........................................................ 29
Step 9. Copying files and registering components .................................................................................. 29
Step 10. Completing installation ................................................................ ............................................ 29
Initial configuration of the application .......................................................................................................... 30
Step 1. Activation of the application ....................................................................................................... 30
Step 2. Update settings configuration .................................................................................................... 30
Installing Management Console .................................................................................................................. 31
Step 1. Starting the installation .............................................................................................................. 31
Step 2. Accepting the License Agreement ............................................................................................. 32
I N S T A L L A T I O N G U I D E
4
Step 3. Selecting the installation type .................................................................................................... 32
Step 4. Selecting the installation folder .................................................................................................. 32
Step 5. Starting the copying of files and registration of components........................................................ 33
Step 6. Copying files and registering components .................................................................................. 33
Step 7. Completing installation .............................................................................................................. 33
Connecting Management Console to the configuration storage ......................................................................... 33
Steps before connecting Management Console .......................................................................................... 33
Connecting the configuration storage .......................................................................................................... 34
Activating the application ................................................................................................................................. 36
System changes caused by application installation ........................................................................................... 36
Relocating Forefront TMG servers with Kaspersky Anti-Virus ............................................................................ 37
Connecting a Forefront TMG EE server to a standalone array ..................................................................... 38
Connecting a Forefront TMG EE server to an existing array administered using EMS .................................. 39
Connecting a Forefront TMG EE server within a new array to an enterprise ................................................. 39
Connecting a Forefront TMG SE server to an enterprise ............................................................................. 41
Disconnecting a server from an array or enterprise ..................................................................................... 41
Repairing Kaspersky Anti-Virus configuration .............................................................................................. 41
Repairing the application ................................ ................................................................................................. 42
Removing the application ................................................................................................................................ 43
About Kaspersky Anti-Virus removal ........................................................................................................... 43
Removing the application from a server ...................................................................................................... 44
CONTACTING THE TECHNICAL SUPPORT SERVICE ........................................................................................ 45
Ways to receive technical support .................................................................................................................... 45
Technical support by phone ............................................................................................................................. 45
Obtaining technical support via My Kaspersky Account..................................................................................... 45
GLOSSARY ......................................................................................................................................................... 47
KASPERSKY LAB ................................................................................................................................................ 50
INFORMATION ON THIRD-PARTY CODE............................................................................................................ 51
TRADEMARK NOTICES ....................................................................................................................................... 52
INDEX .................................................................................................................................................................. 53
5
ABOUT THIS GUIDE
IN THIS SECTION
In this document .........................................................................................................................................................5
Document conventions ...............................................................................................................................................6
This document is the Deployment Guide to Kaspersky Anti-Virus 8.5 for Microsoft® ISA Server and Forefront® TMG
(herein also referred to as "Kaspersky Anti-Virus").
This Guide is intended for technical specialists in charge of installing and administering Kaspersky Anti-Virus for
Microsoft ISA Server and Forefront TMG, as well as supporting organizations that use Kaspersky Anti-Virus for Microsoft
ISA Server and Forefront TMG.
This Guide is intended for technical specialists who have an experience in managing Microsoft ISA Server / Forefront TMG.
The Guide serves the following purposes:
To provide descriptions of main principles of operation of Kaspersky Anti-Virus for Microsoft ISA Server and
Forefront TMG, system requirements, standard deployment models, and features of integration with third-party
applications.
To help plan the deployment of Kaspersky Anti-Virus for Microsoft ISA Server and Forefront TMG in an
enterprise network.
To describe preparation steps for the installation of Kaspersky Anti-Virus for Microsoft ISA Server and Forefront
TMG, as well as the application installation and activation.
References additional sources of information about the application and describes ways to receive technical
support.
IN THIS DOCUMENT
This Guide comprises the following sections.
Sources of information about the application (see page 8)
This section references sources of information about the application and lists websites where application usage can be
discussed.
Kaspersky Anti-Virus 8.5 for Microsoft ISA Server and Forefront TMG (see page 10)
This section describes the main features of the application.
Hardware and software requirements (see page 11)
This section contains information about the requirements to software and hardware used for installation of Kaspersky
Anti-Virus.
Application architecture (see page 13)
This section contains the descriptions of the Kaspersky Anti-Virus components and their interaction logic.
I N S T A L L A T I O N G U I D E
6
Standard application deployment models (see page 16)
TEXT SAMPLE
DESCRIPTION OF DOCUMENT CONVENT ION
Please note that...
Warnings are highlighted in red and enclosed in frames.
Warnings provide information about possible unwanted actions that may lead to
data loss or failures affecting hardware or the operating system.
It is recommended that you use...
Notes are enclosed in frames.
Notes may contain useful tips, advice, specific settings or important case studies
of program operation.
This section covers the standard models of application deployment on a corporate network and the particulars of
integration with third-party software.
Application deployment (see page 22)
This section describes the steps to be taken prior to Kaspersky Anti-Virus installation and use, as well as instructions for
installing, repairing, and removing Kaspersky Anti-Virus.
Contacting Technical Support (see page 45)
This section provides information on how to obtain technical support and the requirements for receiving help from
Technical Support.
Glossary (see page 47)
This section lists common application terms and provides their brief definitions.
Kaspersky Lab ZAO (see page 50)
This section contains information about Kaspersky Lab.
Information on third-party code (see page 51)
This section contains information about third-party software used in the application.
Trademark notices (see page 52)
This section lists third-party trademarks used in this document.
Index
The index offers a quick way to locate information in the document.
DOCUMENT CONVENTIONS
The text in this document is accompanied by semantic elements – warnings, tips and examples that you are advised to
read thoroughly.
Document conventions are used to highlight semantic elements. The following table shows document conventions and
examples of their use.
Table 1. Document conventions
A B O U T T H I S G U I D E
7
TEXT SAMPLE
DESCRIPTION OF DOCUMENT CONVENT ION
Example:
...
Examples are shown in blocks on yellow background titled "Example".
An update is...
The Databases are outdated event
occurs.
The following semantic elements are italicized in the text:
New terms
Names of application statuses and events
Press ENTER.
Press ALT+F4.
The names of keyboard keys appear in bold and are capitalized.
Names of keys that are connected by a + (plus) sign indicate the use of a key
combination. Such keys should be pressed simultaneously.
Click the Enable button.
The names of application interface elements, such as entry fields, menu items,
and buttons, are set off in bold.
To configure a task schedule:
Introductory phrases in procedures are italicized and accompanied with the
arrow character.
Type help in the command line
The following message appears:
Specify the date in mm:dd:yy format.
The following types of text content are set off with a special font:
Command line text
Text of onscreen messages
Data that the user is prompted to enter
<User name>
Variables are enclosed in angle brackets. You should replace the variable with
the corresponding value, omitting the angle brackets.
8
SOURCES OF INFORMATION ABOUT THE
IN THIS SECTION
Sources of information for unassisted search ...............................................................................................................8
Discussing Kaspersky Lab applications in the forum ....................................................................................................9
Contacting the Sales Department ................................................................................................................................9
Contacting the Technical Writing & Localization Unit ....................................................................................................9
APPLICATION
This section references sources of information about the application and lists websites where application usage can be
discussed.
You can choose the most suitable source of information with regard to the importance and urgency of your issue.
SOURCES OF INFORMATION FOR UNASSISTED SEARCH
You can use the following sources for unassisted search of information about the application:
Page on the Kaspersky Lab website
Page on the Technical Support Service website (Knowledge Base)
Help system
Documentation.
If you cannot find the solution to an issue on your own, we recommend that you contact Kaspersky Lab Technical
Support (see section "Technical support by phone" on page 45).
To use sources of information on the Kaspersky Lab website, you should have an Internet connection established.
Page on the Kaspersky Lab website
The Kaspersky Lab website provides a dedicated page for each application.
On this page (http://www.kaspersky.com/anti-virus-microsoft-isa-server-forefront-tmg) you can obtain general information
about the application, its features and functions.
Page http://www.kaspersky.com contains a link to eStore. There you can purchase the application or renew your license.
Page on the Technical Support Service website (Knowledge Base)
Knowledge Base is a section of the Technical Support Service website that contains recommendations on how to
manage Kaspersky Lab applications. Knowledge Base consists of reference articles grouped by topics.
S O U R C E S O F I N F O R M A T I O N A B O U T T H E A P P L I C A T I O N
9
On the page of the application in the Knowledge Base (http://support.kaspersky.com/tmg_8_ee) you will find articles
providing useful information, recommendations, and answers to the frequently asked questions on how to purchase,
install, and use the application.
The articles can provide answers to questions not only related to Kaspersky Anti-Virus, but to other Kaspersky Lab
applications, too; they can also contain news from the Technical Support Service.
Help system
The application Help system is provided as context help. The context help contains a list of settings for each of the
application windows with the corresponding descriptions.
Documentation
The distribution kit includes documents that help you to install and activate the application on the computers of a local
area network, configure its settings, and find information about the basic techniques for using the application.
DISCUSSING KASPERSKY LAB APPLICATIONS IN THE
FORUM
If your issue does not require an immediate solution, you can discuss it with Kaspersky Lab specialists and other users in
our Forum (http://forum.kaspersky.com).
There you can view existing topics, leave your comments, and create your own topics for discussion.
CONTACTING THE SALES DEPARTMENT
If you have any questions on how to choose, purchase, or renew the application, you can contact our specialists from the
Sales Department in one of the following ways:
By calling our central office in Moscow by phone (http://www.kaspersky.com/contacts).
By sending a message with your question to sales@kaspersky.com.
Service is provided in Russian and English.
CONTACTING THE TECHNICAL WRITING & LOCALIZATION UNIT
To contact the Technical Writing & Localization Unit, send an email to docfeedback@kaspersky.com. The subject line
should contain the following text: "Kaspersky Help Feedback: Kaspersky Anti-Virus 8.5 for Microsoft ISA Server and
Forefront TMG".
10
KASPERSKY ANTI-VIRUS 8.5 FOR MICROSOFT ISA SERVER AND FOREFRONT TMG
Kaspersky Anti-Virus 8.5 for Microsoft ISA Server and Forefront TMG scans HTTP, FTP, SMTP, and POP3 traffic for
viruses as it passes through the Microsoft ISA Server / Forefront TMG network interface. To perform an anti-virus scan,
Kaspersky Anti-Virus components are installed on LAN physical servers where the Microsoft ISA Server / Forefront TMG
firewall is deployed (hereinafter also "servers"). Depending on the Microsoft ISA Server / Forefront TMG deployment
scenario, servers can operate as standalone servers or be combined into an array or enterprise.
Kaspersky Anti-Virus operating together with Forefront TMG also scans HTTPS traffic. HTTPS traffic scanning requires
traffic inspection to be enabled in Forefront TMG Management Console.
Kaspersky Anti-Virus features:
Real-time scanning of HTTP, FTP, SMTP, and POP3 traffic for malware and probably infected objects.
Kaspersky Anti-Virus disinfects or blocks such objects depending on the active settings.
Management of protocol policy rules, anti-virus scan rules, and exclusion rules for different groups of network
objects.
Configurable application performance settings for each server, making it possible to distribute the workload
across server processors.
Possibility to configure common application settings for all servers in the array, such as update settings, Backup
settings, and log settings.
Scheduled or manual updates of Kaspersky Anti-Virus databases. Possible update sources include HTTP
update servers of Kaspersky Lab, user HTTP or FTP servers or a network folder storing a current update
package.
Possibility to configure application settings sensitive to traffic volume. Data rate can be configured to optimize
scan performance.
Storage of copies of objects detected by Kaspersky Anti-Virus in Backup.
Centralized database logging of information on objects in Backup.
Key management. Kaspersky Anti-Virus license covers the entire application, not just individual servers.
Real-time monitoring of application performance on servers.
Viewing consolidated statistics of application performance on servers in the array.
Management of application event logs.
Generation application performance reports.
11
HARDWARE AND SOFTWARE REQUIREMENTS
Kaspersky Anti-Virus can run simultaneously with the following products:
Microsoft ISA Server 2006 with Service Pack 1, Standard Edition release ("Microsoft ISA Server SE").
Microsoft ISA Server 2006, Enterprise Edition release ("Microsoft ISA Server EE").
Microsoft Forefront TMG 2010 with Service Pack 1, Standard Edition release ("Forefront TMG SE").
Microsoft Forefront TMG 2010, Enterprise Edition release ("Forefront TMG EE").
Requirements for Kaspersky Anti-Virus operation together with Microsoft ISA Server SE / EE
Hardware requirements:
1 GHz processor
1 GB RAM
2.5 GB of free disk space on the hard drive
One of the following operating systems is required to install Kaspersky Anti-Virus:
Microsoft Windows Server® 2003 32-bit with Service Pack 2, Standard Edition / Enterprise Edition / Datacenter
Edition releases
Microsoft Windows Server 2003 R2 32-bit, Standard Edition / Enterprise Edition / Datacenter Edition releases
One of the following operating systems is required to install Kaspersky Anti-Virus Management Console:
Microsoft Windows Server 2003 32-bit with Service Pack 2, Standard Edition / Enterprise Edition / Datacenter
Edition releases
Microsoft Windows Server 2003 R2 32-bit, Standard Edition / Enterprise Edition / Datacenter Edition releases
Microsoft Windows® XP 32-bit with Service Pack 3
Requirements for Kaspersky Anti-Virus operation together with Forefront TMG SE / EE server
Hardware requirements:
64-bit dual-core 2 GHz processor
2 GB / 1 GHz RAM
2.5 GB of free disk space on the hard drive
One of the following operating systems is required to install Kaspersky Anti-Virus:
Microsoft Windows Server 2008 64-bit with Service Pack 2, Standard Edition / Enterprise Edition / Datacenter
Edition releases
Microsoft Windows Server 2008 R2 64-bit, Standard Edition / Enterprise Edition / Datacenter Edition releases
I N S T A L L A T I O N G U I D E
12
One of the following operating systems is required to install Kaspersky Anti-Virus Management Console:
Microsoft Windows Server 2008 R2 64-bit, Standard Edition / Enterprise Edition / Datacenter Edition releases
Microsoft Windows Server 2008 64-bit with Service Pack 2, Standard Edition / Enterprise Edition / Datacenter
Edition releases
Microsoft Windows 7 64-bit, Professional Edition / Enterprise Edition / Ultimate Edition releases
Microsoft Windows Vista® 64-bit with Service Pack 2, Professional Edition / Business Edition / Enterprise
Edition / Ultimate Edition releases
Requirements for the SQL server hosting the Backup and Reporting database
One of the following DBMS must be installed on the server:
Microsoft SQL Server® 2008, Express Edition / Standard Edition / Enterprise Edition releases
Microsoft SQL Server 2008 R2, Express Edition / Standard Edition / Enterprise Edition releases
Microsoft SQL Server 2005, Standard Edition / Enterprise Edition releases
Microsoft SQL Server 2005, Express Edition (+ Advanced Services) release
13
APPLICATION ARCHITECTURE
IN THIS SECTION
Composition of Kaspersky Anti-Virus components and subsystems ............................................................................ 13
Configuring Kaspersky Anti-Virus ................................................................................................ .............................. 14
Supported traffic scan scenarios ............................................................................................................................... 15
This section contains the descriptions of the Kaspersky Anti-Virus components and their interaction logic.
COMPOSITION OF KASPERSKY ANTI-VIRUS COMPONENTS
AND SUBSYSTEMS
Kaspersky Anti-Virus comprises the following components:
Security Server – a component that ensures anti-virus functionality. During installation, the component
integrates with the Microsoft ISA Server / Forefront TMG server.
Management Console – a component designed as a snap-in for Microsoft Management Console ("MMC"). The
Console provides tools for managing and monitoring Kaspersky Anti-Virus.
Backup and Reporting database – an SQL server database that stores statistics of application performance
and information about dangerous objects detected by Kaspersky Anti-Virus and moved to Backup.
The Security Server and Management Console components are installed on the server where the Microsoft ISA Server /
Forefront TMG firewall is deployed. Management Console can also be installed on a client computer with access to the
server on which the Security Server component is installed. If several administrators are working jointly, the Management
Console can be installed on each administrator's computer.
The Microsoft ISA Server / Forefront TMG console must be installed on the computer before Kaspersky Anti-Virus
Management Console can be installed.
The Security Server component comprises the following subsystems:
Kaspersky Anti-Virus filters intercept HTTP, FTP, SMTP, and POP3 traffic, download objects requested by
client computers, and redirect downloaded objects to the scanning subsystem. After the scanning has been
completed, filters return requested objects to client computers or generate notifications about blocked objects.
The application comprises the following filters:
Kaspersky Anti-Virus Web filter intercepts traffic over HTTP protocol.
Kaspersky Anti-Virus operating together with Forefront TMG also scans HTTPS traffic. HTTPS traffic
scanning requires traffic inspection to be enabled in Forefront TMG Management Console.
Kaspersky Anti-Virus FTP filter intercepts traffic over FTP protocol.
Kaspersky Anti-Virus SMTP filter intercepts traffic over SMTP protocol.
Kaspersky Anti-Virus POP3 filter intercepts traffic over POP3 protocol.
Kaspersky Anti-Virus filters are embedded into the Microsoft ISA Server / Forefront TMG firewall when the
application is installed.
I N S T A L L A T I O N G U I D E
14
Scanning subsystem is designed for anti-virus scanning of objects. Scanning subsystem receives downloaded
objects from the Anti-Virus filters and checks them for the presence of threats. The subsystem uses a heuristic
analyzer that allows detecting unknown viruses. After scanning, the application assigns each object a status that
determines how the object will be handled further. Safe objects are passed without any changes, while others
are processed according to the anti-virus scan settings.
Updating subsystem updates Kaspersky Anti-Virus databases by downloading new data from Kaspersky Lab
update servers or other specified sources.
Backup subsystem stores backup copies of objects detected by Kaspersky Anti-Virus during anti-virus
scanning, and relays information about objects to the Backup and Reporting database. Backup objects can be
eventually deleted or saved to a local or network drive. Copies of objects are stored in Backup located on the
server where the objects have been detected. Information about objects moved to Backup is saved in the
Backup and Reporting database.
Configuration subsystem stores Kaspersky Anti-Virus settings.
Licensing subsystem lets you manage keys and determine the Kaspersky Anti-Virus license state. If any
violation of the License Agreement is detected, Kaspersky Anti-Virus functionality is limited.
Monitoring subsystem collects information about the status of Kaspersky Anti-Virus.
Statistics subsystem collects statistics of object scanned. Information is saved in the Backup and Reporting
database.
Diagnostics subsystem keeps logs of all application components. Information can be recorded in text files,
saved in the Microsoft Windows Log, and transferred to the notification subsystem of Microsoft ISA Server /
Forefront TMG.
Reports subsystem generates reports on Kaspersky Anti-Virus performance.
CONFIGURING KASPERSKY ANTI-VIRUS
Kaspersky Anti-Virus can run simultaneously with the Microsoft ISA / Forefront TMG firewall under the following
deployment scenarios:
Standalone Microsoft ISA Server SE / EE server or Forefront TMG SE / EE server.
Standalone Forefront TMG EE server array administered with an array manager.
Enterprise based on Microsoft ISA Server EE servers – one or several Microsoft ISA Server EE arrays
controlled by the Configuration Storage Server ("CSS").
Enterprise based on Forefront TMG EE servers – one or several Forefront TMG EE server arrays controlled by
the Enterprise Management Server ("EMS").
Forefront TMG SE server administered with EMS.
Configuration data of Kaspersky Anti-Virus is recorded in the configuration storage of Microsoft ISA Server / Forefront
TMG when the application is installed. The Kaspersky Anti-Virus configuration is divided into logical levels, repeating the
division of the Microsoft ISA Server / Forefront TMG configuration into logical levels.
When deploying Kaspersky Anti-Virus at an enterprise, the application settings are distributed by three configuration levels:
server level – settings applied to an individual server only
array level – settings applied to all servers in a single array on which Kaspersky Anti-Virus has been deployed.
enterprise level – settings applied to all servers of an enterprise on which Kaspersky Anti-Virus has been
deployed
When Kaspersky Anti-Virus is deployed on a server or in a standalone array, the application configuration consists of two
logical levels: server level and array level.
A P P L I C A T I O N AR C H I T E C T U R E
15
The server-level configuration consists of the Kaspersky Anti-Virus settings that depend on the hardware and software
parameters of the server hosting the Security Server component. The rest of the settings of Kaspersky Anti-Virus make
part of the array level and enterprise level configuration.
Kaspersky Anti-Virus settings are managed using the Management Console connected to the configuration storage of
Microsoft ISA Server / Forefront TMG.
Server-level settings of Kaspersky Anti-Virus can be configured only for an individual server because they depend on the
hardware and software parameters of the host computer. Other Kaspersky Anti-Virus settings are managed at the array
level and/or enterprise level. The array level settings of Kaspersky Anti-Virus are adjusted in centralized mode for all
servers within an array. The enterprise level settings of Kaspersky Anti-Virus are adjusted in centralized mode for all
servers at an enterprise.
When the application is installed on a standalone server, all settings are configured individually for this server.
SUPPORTED TRAFFIC SCAN SCENARIOS
This section covers the specifics of Kaspersky Anti-Virus operation under the following common traffic scenarios:
a client within the internal corporate network attempts to access external resources (outbound connection)
a client within the internal corporate network attempts to access the resources of a different network over a
secure channel (VPN)
a client outside the corporate network attempts to access resources located within the internal corporate
network and published by means of Microsoft ISA Server / Forefront TMG (inbound connection)
a client outside the corporate network attempts to access internal resources of the corporate network over a
secure channel (VPN)
When a client within the corporate network attempts to access external resources (outbound connection), traffic is
scanned as follows:
When monitoring HTTP, HTTPS, and FTP traffic, the application scans objects downloaded from external
servers, while skipping objects uploaded to external servers.
HTTPS traffic is scanned only if Kaspersky Anti-Virus operates together with the Forefront TMG server and the
scanning of inbound HTTPS traffic has been enabled.
All emails transferred over SMTP and POP3 protocols are scanned.
When a client within the corporate network attempts to access the resources of a different network over a secure channel
(VPN), the application scans traffic in the same way as it does when a client within the corporate network tries to access
external resources.
When a client outside the corporate network attempts to access published corporate resources (inbound connection),
traffic is scanned as follows:
The application scans HTTP, HTTPS, and FTP traffic passing from the corporate resources to the client, while
skipping traffic passing from the client to the corporate resources.
HTTPS traffic is scanned only if Kaspersky Anti-Virus operates together with the Forefront TMG server and the
scanning of outbound HTTPS traffic has been enabled.
All emails transferred over SMTP and POP3 protocols are scanned.
When a client outside the corporate network attempts to access corporate resources over a secure channel (VPN), the
application scans traffic in the same way as it does when a client outside the corporate network tries to access published
corporate resources (inbound connection).
The scanning of traffic over each type of protocol can be configured in Kaspersky Anti-Virus settings or disabled.
16
STANDARD APPLICATION DEPLOYMENT
IN THIS SECTION
Standalone server .................................................................................................................................................... 16
Standalone array ...................................................................................................................................................... 17
Enterprise................................................................................................................................................................. 19
MODELS
This section covers the standard models of application deployment on a corporate network and the particulars of
integration with third-party software.
The following deployment models are available for Kaspersky Anti-Virus:
Standalone server – Kaspersky Anti-Virus is integrated with a standalone Microsoft ISA Server / Forefront TMG
SE or EE server (see section "Standalone server" on page 16).
Standalone array – Kaspersky Anti-Virus is integrated with servers in a standalone array of Forefront TMG
servers (see section "Standalone array" on page 17).
Enterprise – Kaspersky Anti-Virus is integrated with Microsoft ISA Server / Forefront TMG servers in arrays that
are part of an enterprise administered using CSS or EMS (see section "Enterprise" on page 19).
Regardless of the Kaspersky Anti-Virus deployment model, the application is deployed on each server separately.
If Kaspersky Anti-Virus is deployed on a server array, it is recommended to install the application on each server in the
array to ensure anti-virus protection of the network.
STANDALONE SERVER
The Standalone server deployment model involves integrating Kaspersky Anti-Virus with a standalone Microsoft ISA /
Forefront TMG SE or EE server.
Kaspersky Anti-Virus settings are stored in the Microsoft ISA Server / Forefront TMG configuration storage located on
the server.
The configuration of Kaspersky Anti-Virus includes server-level and array-level settings (see section "Kaspersky AntiVirus configuration" on page 14). All settings are customizable for the server.
The Standalone server deployment model includes the following steps:
1. Installation preparation. Perform the following before deploying Kaspersky Anti-Virus:
Remove previous versions of Kaspersky Anti-Virus and other anti-virus applications for Microsoft ISA
Server / Forefront TMG from the server on which the application will be deployed (see section "Removing
previous Kaspersky Anti-Virus versions and other anti-virus applications for Microsoft ISA Server / Forefront
TMG" on page 23).
Install additional applications needed for the operation of Kaspersky Anti-Virus components on the server
(see section "Installing additional software" on page 23).
Loading...