KASPERSKY Security Microsoft Exchange Server Admin 8.0 User Manual

Kaspersky Security 8.0 for Micr osoft Exchange
Servers

Administrator’s Guide

APPLICATION VERSION: 8.0 MAINTENANCE RELEASE 2 CRITICAL FIX 1

2

Dear User!

Thank you for choosing our product. We hope that this document will help you in your work and provide answers to the
majority of your questions.

Warning! This document is the property of Kaspersky Lab ZAO (herein also referred to as Kaspersky Lab): all rights to
this document are reserved by the copyright laws of the Russian Federation and by international treaties. Illegal
reproduction and distribution of this document or parts thereof will result in civil, administrative or criminal liability in
accordance with applicable law.

Any type of reproduction or distribution of any materials, including in translated form, is allowed only with the written
permission of Kaspersky Lab.

This document and the graphic images it contains may be used exclusively for informational, non-commercial or personal
purposes.

This document may be amended without prior notification. For the latest version, please refer to Kaspersky Lab’s web

site at http://www.kaspersky.com/docs.

Kaspersky Lab assumes no liability for the content, quality, relevance or accuracy of any materials used in this document
the rights to which are held by third parties, or for potential damages associated with using such materials.

Document revision date: 11/9/2013

© 2013 Kaspersky Lab ZAO. All Rights Reserved.

http://www.kaspersky.com

http://support.kaspersky.com

3

TABLE OF CONTENTS

ABOUT THIS GUIDE .....................................................................................................................................................7

In this document .......................................................................................................................................................7

Document conventions .............................................................................................................................................9

SOURCES OF INFORMATION ABOUT THE APPLICATION......................................................................................11

Data sources for independent searching ................................................................................................................11

Discussing Kaspersky Lab applications on the forum .............................................................................................12

Contacting the Sales Department ...........................................................................................................................12

Contacting the Technical Writing and Localization Unit ..........................................................................................12

KASPERSKY SECURITY 8.0 FOR MICROSOFT EXCHANGE SERVERS ................................................................13

Distribution kit .........................................................................................................................................................14

Hardware and software requirements .....................................................................................................................14

APPLICATION ARCHITECTURE.................................................................................................................................17

APPLICATION INTERFACE ........................................................................................................................................18

Main window of the Administration Console ...........................................................................................................18

Console tree ...........................................................................................................................................................19

Details pane ............................................................................................................................................................20

Quick access pane .................................................................................................................................................20

Context menu .........................................................................................................................................................20

APPLICATION LICENSING .........................................................................................................................................22

About the License Agreement.................................................................................................................................22

About the license ....................................................................................................................................................22

Licensing options ....................................................................................................................................................23

About the key file ....................................................................................................................................................23

About data submission ...........................................................................................................................................24

Installing a key ........................................................................................................................................................25

Viewing key details .................................................................................................................................................26

Replacing a key ......................................................................................................................................................26

Removing a key ......................................................................................................................................................27

Configuring the license expiry notification ...............................................................................................................28

Licensing specifics for Security Servers within a profile..........................................................................................28

STARTING AND STOPPING THE APPLICATION ......................................................................................................30

SERVER PROTECTION STATUS ...............................................................................................................................31

Default Microsoft Exchange Server protection ........................................................................................................31

Viewing Microsoft Exchange Server protection status details .................................................................................32

Viewing profile protection status details ..................................................................................................................37

GETTING STARTED....................................................................................................................................................40

Starting the Administration Console........................................................................................................................40

Connecting the Administration Console to a Security Server .................................................................................40

MANAGING PROFILES ...............................................................................................................................................42

About profiles ................................................................................................ ..........................................................42

Creating a profile ....................................................................................................................................................43

Configuring Security Servers in a profile .................................................................................................................43

A D M I N I S T R A T O R ' S G U I D E

4

Specifics of managing profiles in a Microsoft Exchange database availability group ..............................................44

Adding Security Servers to a profile........................................................................................................................45

Removing a Security Server from a profile .............................................................................................................46

Removing a profile ..................................................................................................................................................46

UPDATING DATABASES ............................................................................................................................................48

About database updates .........................................................................................................................................48

About update centers..............................................................................................................................................49

About database updates in configurations with a cluster or DAG of servers ..........................................................49

Updating databases manually.................................................................................................................................49

Configuring scheduled databases updates .............................................................................................................50

Selecting an update source ....................................................................................................................................51

Configuring the connection to the update source....................................................................................................52

Configuring proxy server settings ...........................................................................................................................53

Designating a server as an update center and configuring its settings ...................................................................54

ANTI-VIRUS PROTECTION.........................................................................................................................................56

About Anti-Virus protection .....................................................................................................................................56

About participation in Kaspersky Security Network.................................................................................................58

About ZETA Shield technology ...............................................................................................................................58

Enabling and disabling anti-virus server protection.................................................................................................58

Enabling and disabling KSN in Anti-Virus ................................ ...............................................................................59

Enabling and disabling ZETA Shield technology ....................................................................................................60

Configuring Anti-Virus processing of objects ..........................................................................................................60

Configuring mailbox and public folder protection settings .......................................................................................61

Configuring anti-virus scan exclusions....................................................................................................................62

About trusted recipients ....................................................................................................................................63

Configuring exclusions by recipient's address...................................................................................................64

Configuring exclusions by file name mask ........................................................................................................65

Configuring scanning of attached containers and archives ...............................................................................66

Configuring background scan settings ....................................................................................................................66

PROTECTION AGAINST SPAM AND PHISHING .......................................................................................................68

About Anti-Spam protection ....................................................................................................................................68

About additional services, features, and anti-spam technologies ...........................................................................70

About anti-phishing scans .......................................................................................................................................71

Enabling and disabling Anti-Spam protection of the server ....................................................................................72

Enabling and disabling message scanning for phishing .........................................................................................72

Configuring spam and phishing scan settings.........................................................................................................73

Configuring the white and black lists of senders .....................................................................................................75

Configuring the white list of recipients ....................................................................................................................76

Configuring an increase in the spam rating of messages .......................................................................................78

Using external anti-spam message scanning services ...........................................................................................79

Configuring additional settings of spam and phishing scans ..................................................................................80

BACKUP ......................................................................................................................................................................83

About Backup .........................................................................................................................................................83

Viewing the Backup contents ..................................................................................................................................84

Viewing properties of objects in Backup .................................................................................................................85

Configuring the Backup filters .................................................................................................................................86

Saving objects from Backup to disk ........................................................................................................................87

A B O U T T H I S GU ID E

5

Sending an objects from Backup to recipients ........................................................................................................88

Deleting objects from Backup .................................................................................................................................88

Configuring Backup settings ...................................................................................................................................89

Selecting Backup database for viewing its contents from the profile ......................................................................89

NOTIFICATIONS..........................................................................................................................................................91

About notifications ..................................................................................................................................................91

Configuring notification settings ..............................................................................................................................91

Configuring notification delivery settings .................................................................................................................92

REPORTS ....................................................................................................................................................................94

About application reports ........................................................................................................................................94

Creating Quick reports ............................................................................................................................................95

Creating a report generation task ...........................................................................................................................96

Editing the settings of a report generation task .......................................................................................................97

Starting a report generation task.............................................................................................................................97

Deleting a report generation task ............................................................................................................................98

Viewing report generation tasks..............................................................................................................................98

View the Ready reports ..........................................................................................................................................99

Saving a report .....................................................................................................................................................101

Deleting a report ...................................................................................................................................................101

APPLICATION LOGS.................................................................................................................................................103

About application logs...........................................................................................................................................103

Configuring log settings ........................................................................................................................................104

Configuring the diagnostics level ..........................................................................................................................104

MANAGING CONFIGURATION .................................................................................................................................106

Exporting settings .................................................................................................................................................106

Importing settings .................................................................................................................................................107

TESTING THE APPLICATION OPERATION .............................................................................................................108

About the EICAR test file ......................................................................................................................................108

About the types of the EICAR test file...................................................................................................................108

Testing application performance using the EICAR test file ...................................................................................110

CONTACTING THE TECHNICAL SUPPORT SERVICE ...........................................................................................112

Ways to receive technical support ........................................................................................................................112

Technical support by phone ................................................................................................................................ ..112

Obtaining technical support via Kaspersky CompanyAccount ..............................................................................113

Using a trace file and AVZ script...........................................................................................................................114

APPENDIX. SCRIPT FOR SENDING SPAM FOR ANALYSIS ..................................................................................115

About the script for sending spam for analysis .....................................................................................................115

Script operation modes .........................................................................................................................................116

Script execution parameters .................................................................................................................................117

Configuring parameters of the script configuration file ..........................................................................................117

Script operation log ...............................................................................................................................................119

A D M I N I S T R A T O R ' S G U I D E

6

GLOSSARY ...............................................................................................................................................................120

KASPERSKY LAB ZAO .............................................................................................................................................124

INFORMATION ABOUT THIRD-PARTY CODE.........................................................................................................125

TRADEMARK NOTICE ..............................................................................................................................................126

INDEX ........................................................................................................................................................................127

7

ABOUT THIS GUIDE

IN THIS SECTION

In this document ................................................................................................................................................................ 7

Document conventions ...................................................................................................................................................... 9

This document is the Administrator's Guide to Kaspersky Security 8.0 for Microsoft® Exchange Servers (hereinafter
"Kaspersky Security" or "applications").

It is meant for technical specialists tasked with installing and administering Kaspersky Security and supporting
companies that use Kaspersky Security.

The Guide serves the following purposes:

 Helps to configure and use the application.

 Serves as a quick source of information to answer questions relating to the operation of Kaspersky Security.

 References additional sources of information about the application and describes ways to get technical support.

IN THIS DOCUMENT

This document includes the following sections:

Sources of information about the application (see page 11)

This section describes sources of information about the application and lists websites that you can use to discuss the
application's operation.

Kaspersky Security 8.0 for Microsoft Exchange Servers (see page 13).

This section describes the features of the application and provides brief information about application functions and
components. You will learn what items are included in the distribution kit and what services are available for registered
users of the application. This section provides information about the software and hardware requirements that a
computer must meet to allow installation.

Application architecture (see page 17)

This section describes Kaspersky Security components and the logic of their interaction.

Application interface (see page 18)

This section describes the basic elements of the graphical user interface of the application: the Administration Console
main window, the Administration Console tree, the details pane, the quick access pane, and the context menu.

A D M I N I S T R A T O R ' S G U I D E

8

Application licensing (see page 22)

This section contains information about the basic concepts of application activation. This section describes the purpose
of the End User License Agreement, the ways to activate the application and renew the license.

Starting and stopping the application (see page 30)

This section contains information on starting and shutting down the application.

Server protection status (see page 31)

This section covers the default settings of Kaspersky Security. This section describes how you can use the
Administration Console to view license info, the status of application modules and databases, as well as statistics on the
number of messages processed and instances of threats and spam detected.

Getting started (see page 40)

This section explains how to begin using Kaspersky Security, launch Administration Console, and create a list of
protected servers.

Managing profiles (see page 42)

This section describes how you can create, manage, and configure profiles.

Updating databases (see page 48)

This section explains how to update application databases and configure database updates.

Anti-Virus protection (see page 56)

This section contains information about Anti-Virus protection of a Microsoft Exchange server, background scanning of
storages, and ways to configure protect and scan settings.

Anti-Spam and Anti-Phishing protection (see page 68)

This section contains information about Anti-Spam and Anti-Phishing filtering of email traffic and instructions on
configuring it.

Backup (see page 83)

This section contains information about Backup and how to use it.

Notifications (see page 91)

This section covers notifications and ways to configure them.

Reports (see page 94)

This section covers application reports and ways to configure them.

Application logs (see page 103)

This section covers the application logs and ways to configure them.

A B O U T T H I S GU ID E

9

SAMPLE TEXT

DOCUMENT CO NVENTIONS DESCRIPTION

Please note that...

Warnings are highlighted in red and enclosed in frames.
Warnings contain information about potential threats that may cause loss of data,

hardware or operating system malfunctions.

Configuration management (see page 106)

This section explains how you can export the application configuration to file and import it from file.

Application testing (see page 108)

This section explains how to test the application in order to make sure that it detects viruses and their modifications and
takes action on them.

Contacting Technical Support (see page 112)

This section explains how to contact Kaspersky Lab Technical Support.

Appendix. Script for sending spam for analysis (see page 115)

This section describes a script for sending spam for analysis to Kaspersky Lab analysts and how to configure it.

Glossary (see page 120)

This section contains a list of terms mentioned in the document and their respective definitions.

Kaspersky Lab ZAO (see page 124)

This section contains information about Kaspersky Lab ZAO.

Information about third-party code (see page 125)

This section provides information about third-party code used in the application.

Trademark notices (see page 126)

This section lists third-party trademarks used in this document.

Index

This section allows you to quickly find required information within the document.

DOCUMENT CONVENTIONS

The text in this document is accompanied by semantic elements - warnings, tips and examples that you are advised to
read thoroughly.

These elements are intentionally highlighted using graphics and typeface. Document conventions and examples of their
use are described in the table below.

Table 1. Document conventions

A D M I N I S T R A T O R ' S G U I D E

10

SAMPLE TEXT

DOCUMENT CO NVENTIONS DESCRIPTION

It is recommended that you use...

Notes are enclosed in frames.
Notes may contain helpful hints, recommendations, specific values for settings,

or noteworthy particular use cases.

Example:

...

Examples are given in blocks against a yellow background under the heading
"Example".

An update is...
The Databases are outdated event

occurs.

the following items are highlighted using italics:

 new terms;
 status variations and application events.

Press ENTER.
Use the ALT+F4 keyboard shortcut.

Names of keyboard keys appear in bold and are capitalized.
Names of keys linked with a + (plus) sign indicate key combinations. Such keys

should be pressed simultaneously.

Click the Enable button.

UI elements, for example, names of entry fields, menu items, buttons are in bold.

To configure a task schedule,

perform the following steps:

Introductory phrases of instructions are printed in italics and marked with an
arrow sign.

Enter help in the command line
The following message will appear:
Specify the date in DD:MM:YY format.

The following types of text content are set off with a special font:

 command line text;
 text of program messages output on the screen;
 data that the user has to enter.

<User name>

Variables are enclosed in angle brackets. You should replace the variable with
the corresponding value in each case, omitting the angle brackets.

11

SOURCES OF INFORMATION ABOUT THE

IN THIS SECTION

Data sources for independent searching ......................................................................................................................... 11

Discussing Kaspersky Lab applications on the forum ..................................................................................................... 12

Contacting the Sales Department.................................................................................................................................... 12

Contacting the Technical Writing and Localization Unit................................................................................................... 12

APPLICATION

This section describes sources of information about the application and lists websites that you can use to discuss the
application's operation.

You can select the most convenient source, depending on the urgency or importance of your question.

DATA SOURCES FOR INDEPENDENT SEARCHING

You can use the following sources to find information about the application:

 Application page on the Kaspersky Lab website

 Application page on the Technical Support website (Knowledge Base)

 Online help

 Documentation

If you cannot find a solution for your issue, we recommend that you contact Kaspersky Lab Technical Support (see
section "Technical support by phone" on page 112).

An Internet connection is required to use information sources on the Kaspersky Lab website.

The application page on Kaspersky Lab's web site

The Kaspersky Lab website features a separate page dedicated to each application.

Visit http://www.kaspersky.com/security-microsoft-exchange-servers to view general information about the application, its
features and functions.

A link to eStore is available on the http://www.kaspersky.com website. There you can purchase the application or renew
your license.

The application page on the Technical Support web site (in the Knowledge Base)

Knowledge Base is a section on the Technical Support website that provides advice on using Kaspersky Lab
applications. Knowledge Base comprises reference articles grouped by topics.

A D M I N I S T R A T O R ' S G U I D E

12

On the application page in Knowledge Base (http://support.kaspersky.com/exchange/security8.0) you will find articles
providing useful tips, advice, and answers to the frequently asked questions about purchasing, installing, and using the
application.

Articles may provide answers to questions relating not just to Kaspersky Security, but also to other Kaspersky Lab
applications. They also may contain news from Technical Support.

Online help

The online help of the application comprises help files.

Online help contains information about each window of the application: the list of settings, their descriptions and links to
the tasks using these settings.

Full help provides information about managing computer protection, configuring the application and solving typical user
tasks.

Documentation

On this page of the Kaspersky Lab website (http://www.kaspersky.com/product-updates/microsoft-exchange-server-

antivirus), you can download documents that will help you to install the application on computers on the corporate

network, configure application settings, and find information about the basic techniques for using the application.

DISCUSSING KASPERSKY LAB APPLICATIONS ON THE

FORUM

If your issue does not require an immediate solution, you can discuss it with Kaspersky Lab specialists and other users
on our Forum (http://forum.kaspersky.com).

On this forum you can browse existing threads, leave comments, and create new threads.

CONTACTING THE SALES DEPARTMENT

If you have any questions on how to select, purchase, or renew the application, you can contact our Sales Department
specialists in one of the following ways:

 By calling our Headquarters in Moscow (http://www.kaspersky.com/contacts).

 By sending a message with your question to sales@kaspersky.com.

Service is available in Russian and English.

CONTACTING THE TECHNICAL WRITING AND
LOCALIZATION UNIT

To contact the Technical Writing and Localization Unit, send an email to docfeedback@kaspersky.com. Please use
"Kaspersky Help Feedback: Kaspersky Security 8.0 for Microsoft Exchange Servers" as the subject line in your
message.

13

KASPERSKY SECURITY 8.0 FOR

IN THIS SECTION

Distribution kit .................................................................................................................................................................. 14

Hardware and software requirements ............................................................................................................................. 14

MICROSOFT EXCHANGE SERVERS

Kaspersky Security 8.0 for Microsoft Exchange Servers is an application designed for protection of mail servers based on
Microsoft Exchange Server against viruses, Trojan software and other types of threats that may be transmitted via e­mail, as well as spam and phishing.

Kaspersky Security provides anti-spam protection on the level of your corporate mail server, saving your employees the
trouble of deleting unwanted mail manually.

Kaspersky Security protects mailboxes, public folders, and relayed mail traffic on a Microsoft Exchange Server against
malware, spam, and phishing. The application scans all e-mail traffic passing through the protected Microsoft Exchange
Server.

Kaspersky Security can perform the following operations:

 Scan mail traffic, incoming and outgoing mail, as well as the messages stored on a Microsoft Exchange Server

(including public folders) for malware. While scanning, the application processes the whole message and all its
attached objects. Depending upon the selected settings, the application disinfects and removes detected
harmful objects and provides users with complete information about them.

 Filter unsolicited mail (spam) from mail traffic. The Anti-Spam component scans mail traffic for spam content. In

addition, Anti-Spam allows creation of black and white lists of sender addresses and supports flexible
configuration of anti-spam analysis intensity.

 Scan mail traffic for phishing and malicious URLs.

 Save backup copies of objects (an object consists of message body and its attachments) and spam messages

prior to their disinfection or deletion to enable subsequent restoration, if required, thus preventing the risk of
data losses. Configurable filters allow the user to easily locate specific stored objects.

 Notify the sender, the recipient and the system administrator about messages that contain malicious objects.

 Manage identical settings centrally in the group of Security Servers by means of profiles.

 Maintain event logs, collect statistics and create regular reports on application activity. The application can

create reports automatically according to a schedule or by request.

 Configure the application settings to match the volume and type of relayed mail traffic, in particular, define the

maximum connection wait time to optimize scanning.

 Update the Kaspersky Security databases automatically or in manual mode. Updates can be downloaded from

the FTP and HTTP servers of Kaspersky Lab, from a local / network folder that contains the latest set of
updates, or from user-defined FTP and HTTP servers.

 Re-scan messages for the presence of new viruses according to a schedule. This task is performed as a

background scan and has little effect on the mail server’s performance.

 Perform anti-virus protection on storage level based on the list of protected storages.

A D M I N I S T R A T O R ' S G U I D E

14

DISTRIBUTION KIT

Kaspersky Security is available from online stores of Kaspersky Lab (for example, http://www.kaspersky.com, in the
eStore section) and from partner companies.

Kaspersky Security is supplied as part of Kaspersky Security for Mail Servers and Kaspersky Total Security.

After buying a license for Kaspersky Security, you will receive an email with a link for downloading the application from
the eStore website along with an application key file, or a CD with the distribution kit containing the application files and
manuals.

Before breaking the seal on the envelope with the installation disk, carefully read through the EULA.

For more information about ways to purchase the application and about the distribution kit, contact the Sales Department
at sales@kaspersky.com.

HARDWARE AND SOFTWARE REQUIREMENTS

For Kaspersky Security to work properly, the computer should meet the hardware and software requirements listed
below.

Hardware requirements

The hardware requirements for installing the Security Server are identical to the hardware requirements for a protected
Microsoft Exchange server. Depending upon the application settings and mode of operation, considerable disk space
may be required for Backup and other service folders (when using default settings,the Backup folder can occupy up to
5120 MB). The Administration Console is installed together with the Security Server.

The Administration Console can be also installed separately from the Security Server. Hardware requirements for
separate installation of the Administration Console:

 Intel® Pentium® 400 MHz or faster processor (1000 MHz recommended);

 256 MB free RAM;

 500 MB disk space for the application files.

Software requirements

The Security Server can be installed under one of the following operating systems:

 Microsoft Windows Server® 2012 R2;

 Microsoft Windows Server 2012;

 Microsoft Small Business Server 2011;

 Microsoft Windows Server 2008 R2 Enterprise Edition Service Pack 1;

 Microsoft Windows Server 2008 R2 Standard Edition Service Pack 1;

 Microsoft Windows Server 2008 x64 Enterprise Edition Service Pack 2;

 Microsoft Windows Server 2008 x64 Standard Edition Service Pack 2;

 Microsoft Small Business Server 2008 Standard x64;

K A S P E R S K Y S E C U R I T Y 8 . 0 F O R M I C R O S O F T E X C H A N G E S E R V E R S

15

 Microsoft Small Business Server 2008 Premium x64;

 Microsoft Essential Business Server 2008 Standard x64;

 Microsoft Essential Business Server 2008 Premium x64;

 Microsoft Windows Server 2003 x64 R2 Enterprise Edition Service Pack 2;

 Microsoft Windows Server 2003 x64 R2 Standard Edition Service Pack 2;

 Microsoft Windows Server 2003 x64 Enterprise Edition Service Pack 2;

 Microsoft Windows Server 2003 x64 Standard Edition Service Pack 2.

The following software is required to install the Security Server:

 One of the following mail servers:

 Microsoft Exchange Server 2007 x64 Service Pack 3 or Microsoft Exchange Server 2010 Service Pack 1

deployed in at least one of the following roles: Hub Transport, Mailbox, or Edge Transport;

 Microsoft Exchange Server 2013 deployed in the Mailbox role.

 Microsoft .NET Framework 3.5 Service Pack 1.

 One of the following database management systems:

 Microsoft SQL Server® 2012;

 Microsoft SQL Server 2012 Express;

 Microsoft SQL Server 2008 R2 Enterprise Edition;

 Microsoft SQL Server 2008 R2 Standard Edition;

 Microsoft SQL Server 2008 R2 Express Edition;

 Microsoft SQL Server 2008 Enterprise Edition;

 Microsoft SQL Server 2008 Standard Edition;

 Microsoft SQL Server 2008 Express Edition;

 Microsoft SQL Server 2005 Enterprise Edition;

 Microsoft SQL Server 2005 Standard Edition;

 Microsoft SQL Server 2005 Express Edition.

Administration Console can be installed under one of the following operating systems:

 Microsoft Windows® 8.1;

 Microsoft Windows Server 2012 R2;

 Microsoft Windows Server 2012;

 Microsoft Windows 8;

A D M I N I S T R A T O R ' S G U I D E

16

 Microsoft Windows 8 x64;

 Microsoft Small Business Server 2011;

 Microsoft Windows 7 Professional;

 Microsoft Windows 7 Professional x64;

 Microsoft Windows 7 Enterprise;

 Microsoft Windows 7 Enterprise x64;

 Microsoft Windows 7 Ultimate;

 Microsoft Windows 7 Ultimate x64;

 Microsoft Windows Server 2008 R2 Enterprise Edition Service Pack 1;

 Microsoft Windows Server 2008 R2 Standard Edition Service Pack 1;

 Microsoft Small Business Server 2008 Standard;

 Microsoft Small Business Server 2008 Premium;

 Microsoft Essential Business Server 2008 Standard;

 Microsoft Essential Business Server 2008 Premium;

 Microsoft Windows Server 2008 x64 Enterprise Edition Service Pack 2;

 Microsoft Windows Server 2008 x64 Standard Edition Service Pack 2;

 Microsoft Windows Server 2008 Enterprise Edition Service Pack 2;

 Microsoft Windows Server 2008 Standard Edition Service Pack 2;

 Microsoft Windows Vista®;

 Microsoft Windows Vista х64;

 Microsoft Windows Server 2003 x64 R2 Standard Edition;

 Microsoft Windows Server 2003 x64 R2 Enterprise Edition;

 Microsoft Windows Server 2003 R2 Standard Edition;

 Microsoft Windows Server 2003 R2 Enterprise Edition;

 Microsoft Windows Server 2003 x64 Service Pack 2;

 Microsoft Windows Server 2003 Service Pack 2;

 Microsoft Windows XP Service Pack 3;

 Microsoft Windows XP x64 Service Pack 2.

Installation of the Administration Console requires the following software:

 Microsoft Management Console 3.0;

 Microsoft .NET Framework 3.5 Service Pack 1.

17

APPLICATION ARCHITECTURE

Kaspersky Security consists of two basic components:

 The Security Server is installed on the Microsoft Exchange server and performs anti-spam filtering of mail

traffic and provides anti-virus protection. The Security Server intercepts messages arriving on the Microsoft
Exchange Server and uses its internal Anti-Virus and Anti-Spam modules to perform anti-virus scanning and
anti-spam filtering of such messages. If infection or spam is detected in the incoming message, the application
processes it according to the Anti-Virus and Anti-Spam settings.

The Security Server includes the following modules: E-mail Interceptor, Anti-Virus (see page 56), Anti-Spam
(see page 68), and Internal Application Management and Integrity Control Module.

 The Administration Console is a dedicated isolated snap-in integrated into MMC 3.0. You can use the

Administration Console to create and edit the list of protected Microsoft Exchange servers and manage Security
Servers. The Administration Console can be installed both on a Microsoft Exchange server with the Security
Server and on a remote computer.

The application also requires a special database running on Microsoft SQL Server, the so-called Backup and Reporting
database (hereinafter also "database"). The application uses this database to store Backup data and statistics of

operation of the application.
For details on the application architecture, see the Kaspersky Security 8.0 for Microsoft Exchange Servers Installation

Guide.

18

APPLICATION INTERFACE

IN THIS SECTION

Main window of the Administration Console .................................................................................................................... 18

Administration Console tree ............................................................................................................................................ 19

Details pane .................................................................................................................................................................... 20

Quick access pane .......................................................................................................................................................... 20

Context menu .................................................................................................................................................................. 20

The user interface of the application is provided by the Administration Console component. The Administration Console
is a dedicated isolated snap-in integrated into MMC.

MAIN WINDOW OF THE ADMINISTRATION CONSOLE

The main window of the Administration Console (see figure below) contains the following elements:

 Menu. Displayed immediately above the toolbar. The menu lets you manage files and windows and access the

help system.

 Toolbar. Displayed in the upper part of the main window. The buttons on the toolbar allow direct access to

some frequently accessed features of the application.

 Administration Console tree. Located in the left part of the main window. The Administration Console tree

displays profiles, connected Security Servers, and Kaspersky Security settings. Profiles, connected Security
Servers, and Kaspersky Security settings are displayed as nodes.

 Details pane. Located in the right part of the main window. The details pane shows the contents of the node

selected in the Administration Console tree.

A P P L I C A T I O N I N T E R F A C E

19

 Quick access pane. Located on the right of the details pane. The quick access pane lets you manage the

selected node.

Figure 1. Main application window

CONSOLE TREE

The Administration Console tree shows the structure of profiles, Microsoft Exchange servers, and subnodes for
managing application functions.

The Administration Console appears in the ММC tree with the Kaspersky Security 8.0 for Microsoft Exchange
Servers root node. It contains the Profiles and <Server name> subnodes.

The Profiles node contains nodes with the names of all profiles created in the application. Such profiles appear as
<Profile name> nodes. Each <Profile name> node contains the Servers node that shows subnodes with the names of
Microsoft Exchange servers.

The <Server name> node is displayed for each protected Microsoft Exchange server to which the Administration
Console is connected. As a result, the Administration Console tree can contain several nodes with Microsoft Exchange
server names.

For every <Profile name> node, every <Server name> node, and every <Server name> subnode in the Servers node,
the Administration Console tree shows the following subnodes designed for managing application functions:

 Server protection: manage e-mail traffic protection against malware and spam.

 Updates: manage database updates for the application.

 Notifications: configure settings pertaining to the application event notifications sent to the administrator and

other persons concerned.

A D M I N I S T R A T O R ' S G U I D E

20

 Backup: configure Backup settings and manage objects stored there.

NODE

LINK

LINK PURPOSE

Kaspersky Security 8.0 for
Microsoft Exchange Servers

Connect to server

The Connect to server window opens.

Enable snap-in diagnostics

Starts keeping the Administration Console
log.

Profiles

Add profile

Opens the Create new profile window.

<profile name>

Add server

Opens a wizard for adding the Security
Server to the profile.

Rename

Opens the Rename profile window.

Delete

Removes the profile.

Servers

Add server

Opens a wizard for adding the Security
Server to the profile.

Profiles → <Security Server
name>

Remove from profile

Removes the Security Server from the profile.

Kaspersky Security 8.0 for
Microsoft Exchange Servers →
<Security Server name>

Remove server

Removes a Security Server from the
Administration Console tree.

Update
Update Anti-Virus databases

Updates Anti-Virus databases.

Update Anti-Spam databases

Updates Anti-Spam databases.

Notifications

Notification delivery settings

Opens the Notification delivery settings
window.

 Reports: configure application report settings (not shown for <Server name> subnodes in the Servers node).

 Settings: configure basic application settings.

 Licensing: view details of keys installed, install and remove keys.

DETAILS PANE

The details pane shows information about the current Microsoft Exchange servers protection status, Kaspersky Security
and application settings.

The appearance of the details pane depends on the node selected in the Administration Console tree.

QUICK ACCESS PANE

Specific links displayed in the quick access pane depend on the node selected in the Administration Console tree.
Besides the standard links of the MMC console, the quick access pane contains links for managing the selected node
(see table below).

Table 2. Quick access pane links

CONTEXT MENU

Each category of nodes in the Administration Console tree has its own context menu, which you can open by right­clicking.

A P P L I C A T I O N I N T E R F A C E

21

NODE

MENU ITEM

PURPOSE OF THE MENU ITE M

Kaspersky Security 8.0 for
Microsoft Exchange Servers

Connect to server

The Connect to server window opens.

Enable snap-in diagnostics

Starts keeping the Administration Console
log.

Profiles

Add profile

Opens the Create new profile window.

<profile name>

Add server

Opens a wizard for adding the Security
Server to the profile.

Rename

Opens the Rename profile window.

Delete

Removes the profile.

Servers

Add server

Opens a wizard for adding the Security
Server to the profile.

Profile → <Security Server name>

Remove from profile

Removes the Security Server from the profile.

Kaspersky Security 8.0 for
Microsoft Exchange Servers →
<Security Server name>

Remove server

Removes a Security Server from the
Administration Console tree.

Update
Update Anti-Virus databases

Updates Anti-Virus databases.

Update Anti-Spam databases

Updates Anti-Spam databases.

Notifications

Notification delivery settings

Opens the Notification delivery settings
window.

Besides the standard items of the MMC context menu, it contains menu items for managing the selected node (see table
below).

Table 3. Context menu items of the Administration Console nodes

22

APPLICATION LICENSING

IN THIS SECTION

About the License Agreement ......................................................................................................................................... 22

About the license ................................................................ ............................................................................................. 22

Licensing models............................................................................................................................................................. 23

About the key file ................................................................ ............................................................................................. 23

About data submission ................................................................................................................................ .................... 24

Installing a key................................................................................................................................................................. 25

Viewing key details .......................................................................................................................................................... 26

Replacing a key ............................................................................................................................................................... 26

Removing a key............................................................................................................................................................... 27

Configuring the license expiry notification ....................................................................................................................... 28

Licensing specifics for Security Servers within a profile .................................................................................................. 28

This section contains information about the basic concepts of application activation. This section describes the purpose
of the End User License Agreement, the ways to activate the application and renew the license.

This section also provides instructions on managing keys, configuring license expiry notifications, and creating a list of
protected mailboxes and storages.

ABOUT THE LICENSE AGREEMENT

The License Agreement is a binding agreement between you and Kaspersky Lab, setting out the terms on which you
may use the software you have purchased.

Carefully review the terms of the License Agreement before using the application.

You are deemed to agree to be bound by the terms of the License Agreement if you confirm your acceptance of the
License Agreement text upon application installation. If you disagree with the terms of the License Agreement, you must
abort the installation or refrain from using the application.

ABOUT THE LICENSE

A license is a time-limited right to use the application, granted under the End User License Agreement.

A license entitles you to the following kinds of services:

 Using the application to protect a certain number of mailboxes.

 Contacting Kaspersky Lab Technical Support for assistance.

A P P L I C A T I O N L IC E N S I N G

23

 Other services available from Kaspersky Lab or its partners during the license period.

The scope of services and application usage term depend on the type of license.

The following license types exist:

 Trial – a free license intended for trying out the application.

A trial license is usually short in duration. When the trial license expires, all Kaspersky Security features become
disabled. To continue using the application, you need to buy a commercial license.

 Commercial – a pay-for license that is provided when you buy the application.

When the commercial license expires, the application continues to work in limited functionality mode. You can
still use all application components but only with databases that were installed before the license expired. To
continue using Kaspersky Security in fully functional mode, you have to renew your commercial license.

We recommend renewing the license before its expiry to ensure that your computer stays fully protected against
all computer security threats and spam.

LICENSING OPTIONS

Depending on the application deployment scenario, keys should be installed according to the following licensing models:

 If the application is used on standalone Microsoft Exchange Servers, a separate key must be installed for each

server.

 If the application is used on a cluster of Microsoft Exchange Servers, it suffices to install a single key that covers

the entire cluster.

 If the application is used on Microsoft Exchange Servers that are part of a DAG, it suffices to install a single key

that covers the entire DAG.

 If you use profiles to manage several Security Servers, you have to add a single key for a profile that applies to

all Security Servers within this profile (see section "Licensing specifics for Security Servers within a profile" on
page 28).

ABOUT THE KEY FILE

A key file is a file with the .key extension. The application can only be used provided an appropriate key file is available.

A key file contains the following details:

 Key – a unique alphanumeric sequence. A key serves a number of purposes, such as receiving technical

support from Kaspersky Lab.

 Key file creation date.

 License term is the period specified in the License Certificate during which you may use the application.

The license expires no later than the validity period of the key file that was used to add the active key.

 Key file validity period – a specific period that counts down from the time of key file creation. The key file validity

period may be several years. You can use the application with the relevant key only until the expiry of this
period.

A D M I N I S T R A T O R ' S G U I D E

24

ABOUT DATA SUBMISSION

In you agree to participate in the Kaspersky Security Network (see section "Participating in the Kaspersky Security
Network (KSN)" on page 58), the following information collected during the operation of Kaspersky Security on the
computer is automatically forwarded to Kaspersky Lab:

 Application name

 Application type

 Application version

 Application installation ID

 Operating system version

 Operating system service pack version

 Operating system language

 IP address of the Microsoft Exchange server hosting Kaspersky Security

 IP address of the sender of the probably infected message

 Checksums (MD5) of email addresses for the sender of the probably infected message

 Web addresses contained in the probably infected message with removed passwords

 URL or IP address (IPv4 and IPv6 versions supported) of the phishing link

 Checksums (MD5) of graphic objects included in the message

 Checksums (MD5) of the names of files attached to the message

 Anti-Virus database release date and time

 Information from the Anti-Virus module on the status of message scanning

 Information from the Anti-Spam module on the status of message scanning, including the trust level, weight, and

status

 Target of the phishing attack (brief name of the organization, website address)

 Status of scanning by the Anti-Spam module

 Triggered categories of the content filtering database of the Anti-Spam module (theme category of text

determined by the application)

 Technical information having to do with the method by which the application detected a probably infected

message

 Technical information having to do with the method by which the application detected probable spam

 Brief text signatures from the message text that are checked against known spam mailings, and the

application's decisions on such messages

Kaspersky Lab protects any information received in this way as prescribed by law. Kaspersky Lab uses any collected
information as general statistics only. General statistics are automatically generated using original collected information
and do not contain any private data or other confidential information. Original collected information is stored in encrypted
form and destroyed as it is accumulated (twice per year). General statistics are stored indefinitely.

A P P L I C A T I O N L IC E N S I N G

25

Participation in Kaspersky Security Network is voluntary. You can opt out of participating in the Kaspersky Security
Network at any time (see section "Configuring spam and phishing scan settings" on page 73). No personal data of the
user is collected, processed, or stored. You can also read the KSN Statement to find out about the types of data that the
application relays to Kaspersky Security Network (see section "Configuring spam and phishing scan settings" on
page 73).

INSTALLING A KEY

You can add a separate key for a Security Server or add a single key for a profile, thus applying it to all Security Servers
within this profile (see section "Licensing specifics for Security Servers within a profile" on page 28).

If Kaspersky Security runs within a configuration with a server cluster or with DAG, it suffices to add one key for the
entire cluster or DAG. You can add the key by connecting the Administration Console to any server within this cluster
DAG.

To add a key for a Security Server:

1. In the Administration Console tree, expand the node of a Security Server.

2. Select the Licensing node.

3. In the details pane, do one of the following:

 To add the active key, click the Add button in the Active key section.

 To add an additional key, click the Add button in the Additional key section.

An additional key may be added only if the active key is available.

Only a commercial license key can be installed as the additional key. A trial license key cannot be installed
as the additional key.

4. In the File name window that opens, specify the path to the key file (a file with the key extension) and click the
Open button.

The key is added, and its details appear in the relevant section.

To add a key for a profile:

1. In the Administration Console tree, expand the Profiles node.

2. Expand the node of the profile for which you want to add the key.

3. Select the Licensing node.

4. In the details pane, do one of the following:

 To add the active key, click the Add button in the Active key section.

 To add an additional key, click the Add button in the Additional key section.

An additional key may be added only if the active key is available.

Only a commercial license key can be installed as the additional key. A trial license key cannot be installed
as the additional key.

A D M I N I S T R A T O R ' S G U I D E

26

5. In the File name window that opens, specify the path to the key file (a file with the key extension) and click the
Open button.

The key is added, and its details appear in the relevant section.

VIEWING KEY DETAILS

To view the details of keys added for a Security Server or profile:

1. Perform the following steps in the Administration Console tree:

 To view the details of keys added for a Security Server, maximize the node of the Security Server the

details of whose keys you want to view;

 To view the details of keys added for a profile, maximize the Profiles node and inside it maximize the node

of the profile the details of whose keys you want to view.

2. Select the Licensing node.

The details pane shows the following key details:

 Status. Possible values:

 Current license. The license has not expired, and application functionality is not limited.

 Trial license validity period has expired. The functionality of the Anti-Virus and Anti-Spam modules is

unavailable. Updates are not allowed.

 License expired. The license has expired, updates are unavailable, and access to KSN is blocked (see

section "About additional services, features, and anti-spam technologies" on page 70).

 Databases are corrupted. Anti-Virus or Anti-Spam databases are corrupted or missing.

 Key is missing. The functionality of the Anti-Virus and Anti-Spam modules is unavailable. Updates are not

allowed.

 Key blocked. Only database updates are available. The functionality of the Anti-Virus and Anti-Spam

modules is unavailable.

 Key blacklist corrupted or missing. Only database updates are available. The functionality of the Anti-Virus

and Anti-Spam modules is unavailable.

 Key. Unique alphanumeric sequence.

 License type. License type (trial, commercial).

 Representative. Contact person of the organization that signed the End User License Agreement.

 Number of users. The maximum number of application users whose mailboxes can be protected by the

application with this key.

 Expiration date. License expiration date.

REPLACING A KEY

To replace a key added for a Security Server:

1. In the Administration Console tree, expand the node of a Security Server.

A P P L I C A T I O N L IC E N S I N G

27

2. Select the Licensing node.

3. In the details pane, do one of the following:

 To replace the active key, click the Replace button in the Active key section.

 To replace an additional key, click the Replace button in the Additional key section.

4. In the File name window that opens, specify the path to the key file (a file with the key extension) and click the
Open button.

The key is added, and its details appear in the relevant section.

To replace a key added for a profile:

1. In the Administration Console tree, expand the Profiles node.

2. Expand the node of the profile whose key you want to replace.

3. Select the Licensing node.

4. In the details pane, do one of the following:

 To replace the active key, click the Replace button in the Active key section.

 To replace an additional key, click the Replace button in the Additional key section.

5. In the File name window that opens, specify the path to the key file (a file with the key extension) and click the
Open button.

The key is added, and its details appear in the relevant section.

REMOVING A KEY

To remove a key added for a Security Server:

1. In the Administration Console tree, expand the node of a Security Server.

2. Select the Licensing node.

3. In the details pane, do one of the following:

 To remove the active key, click the Delete button in the Active key section.

 To remove an additional key, click the Delete button in the Additional key section.

The application deletes the selected key. When the active key is deleted, the additional key (if installed) becomes
active.

To delete a key added for a profile:

1. In the Administration Console tree, expand the Profiles node.

2. Expand the node of the profile whose key you want to remove.

3. Select the Licensing node.

4. In the details pane, do one of the following:

 To remove the active key, click the Delete button in the Active key section.

A D M I N I S T R A T O R ' S G U I D E

28

 To remove an additional key, click the Delete button in the Additional key section.

The application deletes the selected key. When the active key is deleted, the additional key (if installed) becomes
active.

Automatic substitution of the active key with the additional key at the expiry of the license term that elapses from the date
when the active key was added is performed on each Security Server within a profile according to the time of the
physical server on which the Security Server is deployed.

CONFIGURING THE LICENSE EXPIRY NOTIFICATION

The application checks the active license after each update. On detecting that the license is about to expire, the
application makes a relevant entry in the application log and starts sending notifications to the email addresses specified
in the notification settings (see section "Configuring notification settings" on page 91). By default, the application starts
sending notifications 15 days before license expiry. You can change the time when this notification should be sent.

To configure Security Server license expiry notifications:

1. In the Administration Console tree, expand the node of a Security Server.

2. Select the Licensing node.

3. In the lower part of the details pane, in the spin box of the Notify about license expiry in setting, specify in
how many days before license expiry you want to receive a notification about license expiry.

4. Click the Save button.

To configure profile license expiry notifications:

1. In the Administration Console tree, expand the Profiles node.

2. Expand the node of the profile for whose Security Servers you want to configure license expiry notifications.

3. Select the Licensing node.

4. In the lower part of the details pane, in the spin box of the Notify about license expiry in setting, specify in
how many days before license expiry you want to receive a notification about license expiry.

5. Click the Save button.

LICENSING SPECIFICS FOR SECURITY SERVERS WITHIN A

PROFILE

When using profiles, consider the following licensing specifics for Security Servers added to the profile:

 Automatic substitution of the active key with the additional key at the expiry of the license term that elapses from

the date when the active key was added is performed on each Security Server within a profile according to the
time of the physical server on which the Security Server is deployed. This is important when, for example, the
Security Servers of a profile are located in different time zones.

 In the Administration Console, in the details pane of the Profiles → <profile name> → Licensing node, the

keys and license expiry dates are shown for each of the added keys according to the time of the Administration
Console. For example, if a license defined by an active key has expired according to the time of the
Administration Console and an additional key has been added, the details pane shows only the additional key
and its properties.

A P P L I C A T I O N L IC E N S I N G

29

 You cannot add, modify, or remove a key for a separate Security Server added to a profile. You can add,

modify, or remove a key for the entire profile only, and the relevant license will apply to all Security Servers
within the profile.

 After a Security Server has been added to a profile, the license is applied to it at the profile level even if this

Security Server had a different active license before it was added to this profile. In this case, the active key of
the Security Server is replaced with the active key of the profile.

 After a Security Server has been removed from a profile, it continues to be subject to the license at the level of

the profile from which it has been removed. In this case, the details pane of the Licensing node still shows the
active key of the profile for this Security Server.

30

STARTING AND STOPPING THE
APPLICATION

Kaspersky Security is started automatically when the Microsoft Exchange Server starts, at Microsoft Windows startup on
the server hosting the Security Server, when the first message passes via the Microsoft Exchange Server, and when the
Administration Console connects to the Security Server installed on the Microsoft Exchange Server. If the Microsoft
Exchange server protection is enabled during installation, anti-spam and anti-virus scanning of e-mail traffic is started or
stopped together with the Microsoft Exchange server.

You can separately enable or disable anti-virus protection of the Microsoft Exchange Server for the Mailbox and Hub
Transport roles and anti-spam protection of the Microsoft Exchange Server.

To stop the application:

1. In the Administration Console, disable anti-virus protection (see section "Enabling and disabling anti-virus
protection of the server" on page 58) and anti-spam protection (see section "Enabling and disabling anti-spam
protection of the server" on page 72).

2. On the computer hosting the Security Server, use the Windows tools to stop the Kaspersky Security 8.0 for
Microsoft Exchange Servers service and change its launch type to Disabled.

To launch the application after it has been stopped:

1. Start the Kaspersky Security 8.0 for Microsoft Exchange Servers service using Windows tools.

2. Make sure that the launch type for the Kaspersky Security 8.0 for Microsoft Exchange Servers service is set
to Enabled in the Windows settings on the computer hosting the Security Server.

3. In the Administration Console, enable anti-virus protection (see section "Enabling and disabling anti-virus
protection of the server" on page 58) and anti-spam protection (see section "Enabling and disabling anti-spam
protection of the server" on page 72).