Kaspersky Lab KASPERSKY CORPORATE SUITE-ANTI-VIRUS SOLUTION User Manual
KASPERSKY LAB
Kaspersky™ Corporate Suite
ANTI-VIRUS
SOLUTION
KASPERSKY CORPORATE SUITE
Anti-Virus
Solution
KASPERSKY LAB LTD
Visit our WEB site: http://www.kaspersky.com/
Contents
KASPERSKY™ CORPORATE SUITE.................................................5
1.
1.1. MAIN FUNCTION OF THE SOFTWARE PACKAGE ........................................5
1.2. MAIN FEATURES OF THE KASPERSKY™ CORPORATE SUITE PACKAGE.......6
1.3. COMPONENTS....................................................................................... 8
2. PROTECTING WORKSTATIONS.......................................................9
2.1. KASPERSKY™ ANTI-VIRUS FOR WORKSTATIONS RUNNING WINDOWS 95/98/ME
AND
WINDOWS 2000/NT/XP (WINTEL). MAIN FEATURES................................9
2.1.1. Real-time pro ectiont
2.1.2. Filtering viruses out of email
2.1.3. Comprehensive control over e-mail messages
2.1.4. Protecting against macro-viruses
2.1.5. Monitoring data-integrity
2.1.6. Protecting data storage locations
2.1.7. Intercepting script-viruses
2.1.8. Centralized deployment and management
2.1.9. Automated updating
2.1.10. Universal boot system
2.2. KASPERSKY™ ANTI-VIRUS FOR OS/2. MAIN FEATURES .....................12
2.2.1. Two-level anti-virus protection
2.2.2. Compliant with the most popular OS/2 versions
2.2.3. User-friendly
............................................................................12
................................................................9
..................................................9
..................10
.........................................10
.......................................................10
........................................10
....................................................11
.........................11
..............................................................11
...........................................................11
.............................................12
...............12
3. PROTECTING FILE SERVERS..........................................................13
3.1. KASPERSKY™ ANTI-VIRUS FOR WINDOWS 2000/NT SERVER. MAIN FEATURES
13
3.1.1. Real-time pro ection
3.1.2. Centralized deployment and management
3.1.3. Protecting data storage locations
3.1.4. Quarantine of dangerous and suspicious objects
3.1.5. Virus alerts broadcasting
3.1.6. Automated updating
t
..............................................................13
.........................13
........................................14
..............14
.......................................................14
..............................................................14
ii
3.2. KASPERSKY™ ANTI-VIRUS FOR NOVELL NETWARE. MAIN FEATURES
3.2.1. Full-scale anti-virus protection
3.2.2. Integration into Novell Directory Service
3.2.3. Centralized deployment and management
3.2.4. Real-time configuration update
.............................................15
............................15
.........................15
............................................16
3.2.5. Quarantine of dangerous and suspicious objects
3.2.6. Virus alerts broadcasting
.......................................................16
3.2.7. Automatic disconnection of infected workstations
3.2.8. Adjusting of CPU utilization
3.2.9. Automated retrieve of updates via the Internet
3.2.10. Multithreaded virus scanning
4. PROTECTING MAIL SYSTEMS........................................................ 18
4.1. KASPERSKY™ ANTI-VIRUS FOR MICROSOFT EXCHANGE SERVER. MAIN FEATURES
18
4.1.1. E-mail anti-virus security
4.1.2. Protection of client worksta ionst
4.1.3. Comprehensive control over e-mail messages
..................................................16
................17
................................................17
.......................................................18
..........................................18
..................19
...15
..............16
............16
4.1.4. Flexible configuration for personal and public e-mail accounts
19
4.1.5. Reliable quarantine of dangerous objects and alert broadcasting
19
4.1.6. Real-time configuration update
4.1.7. Centralized management
4.1.8. Support for an unlimited number of e-mail accounts
4.1.9. User-friendly
4.2. KASPERSKY™ ANTI-VIRUS FOR LOTUS NOTES/DOMINO. MAIN FEATURES20
............................................................................20
4.2.1. Constant protection of e-mail-traffic
4.2.2. Comprehensive control over e-mail messages
4.2.3. Virus alerts broadcasting
4.2.4. Real-time virus neutralization
4.2.5. User-friendly
4.2.6. Automated updating
............................................................................21
..............................................................21
............................................19
......................................................20
.......20
...................................20
..................21
.......................................................21
...............................................21
5. PROTECTING LINUX/UNIX OPERATING SYSTEMS...............22
5.1. KASPERSKY™ ANTI-VIRUS FOR LINUX/UNIX OPERATING SYSTEMS. MAIN
FEATURES
.......................................................................................................22
5.1.1. Full-scale anti-virus protection
.............................................22
5.1.2. Compliancy with the most popular Linux and UNIX versions
3
23
5.1.3. Unique combination of the most advanced anti-virus tools for
Linux and UNIX
5.1.4. Centralized protection of your e-mail systems
5.1.5. Easy integration into third party applications-
5.1.6. Automated retrieve of updates via the Internet
5.1.7. Interactive management system
6. KASPERSKY™ CORPORATE SUITE: PROTECTING WEB SERVERS
25
6.1. KASPERSKY™ WEB INSPECTOR..........................................................25
6.1.1. Monitoring changes
6.1.2. Improved file analysis
6.1.3. Back up
6.1.4. Recovery of original content
6.1.5. Real-time configuration update
6.1.6. Immediate broadcast of warnings
6.1.7. User-friendly
7. PROTECTING DATA TRAFFIC PASSING THROUGH FIREWALLS
28
7.1. KASPERSKY™ ANTI-VIRUS FOR FIREWALL...........................................28
7.1.1. Anti-virus solution for the Internet
7.1.2. Compliancy with all the most popular firewalls
7.1.3. Advanced anti-virus technology
7.1.4. Transparency of data traffic
......................................................................................23
...................24
....................24
................24
.........................................24
................................................................25
............................................................26
....................................................................................26
.................................................26
............................................26
.......................................26
............................................................................27
......................................28
.................29
...........................................29
.................................................29
7.1.5. Reliable quarantine of dangerous objects and alert broadcasting
29
7.1.6. Centralized management
7.1.7. User-friendly
............................................................................30
......................................................30
8. MANAGEMENT OF ANTI-VIRUS PROTECTION......................... 31
8.1. KASPERSKY™ ADMINISTRATION KIT ...................................................31
8.1.1. Remote management of the anti-virus tools
8.1.2. Alerts broadcasting
8.1.3. Cumulative reporting
................................................................32
.............................................................33
8.1.4. Isolating infected and suspicious objects
APPENDIX. KASPERSKY LAB LTD.......................................................34
4
......................31
...........................33
Chapter
1
1. Kaspersky™ Corporate Suite
1.1. Main function of the software package
Kaspersky™ Corporate Suite is developed to provide the full-scale dataprotection for corporate networks. Main advantage of this package is that it
allows you to develop platform-independent and centrally-managed information security structure successfully protecting corporate networks of any size
and complexity (with possible application to the remote sub-networks located
overseas) against malicious code and hacker attacks.
Anti-virus software products in Kaspersky™ Corporate Suite provide the reliable control over all virus propagation sources in your system: they are used
on workstations (DOS, Windows 95/98/ME, Windows 2000/NT/XP Workstation, OS/2, Linux), file servers (Windows 2000/NT Server, Linux, Novell
NetWare, FreeBSD, OpenBSD, BSDi, Solaris) e-mail gateways (MS Exchange
Server, Lotus Notes, Sendmail, Qmail, Postfix), CVP compatible firewalls
(Check Point FireWall-1) and Web servers. Powerful and easy-to-use network
management tools allow for centralized deployment and administration of the
data-protection system on your computers and corporate networks.
At Kaspersky Lab, we strive for full and complete customer satisfaction. Kaspersky™ Corporate Suite allows you to create a dependable defense that is
fully appropriate and compatible for your network configurations.
5
KASPERSKY CORPORATE SUITE
1.2. Main features of the Kaspersky™ Corporate Suite package
1. Reliable protection
When developing a modern enterprise-wide data-security solution the main
task is to implement a system with all its components operating trouble-free
and in full co-operation. The time-tested reliable and effective Kaspersky™
Corporate Suite components successfully provide reliable anti-virus protection
for hundreds of corporations around the world. The highest quality and effectiveness of Kaspersky Lab products is confirmed by numerous certificates received from the world's leading independent research centers and test labs
that include: the certificate and the license from the State Technical Committee
under the President of Russian Federation; the Checkmark certificate for three
levels (Level 1, Level 2, and Trojan) from the West Coast Labs test center; the
International Computer Security Association (ISCA) certificate; and the Microsoft Certificate for compatibility with the Windows operating system.
2. Supporting various platforms
The infrastructure of a modern enterprise is a complex multi-component computing environment that consists of various operating systems and applications
operating simultaneously. Regarding this Kaspersky™ Corporate Suite was
provided with multi-platform components protecting workstations, file servers,
e-mail gateways, firewalls, and Web servers, and supports all the commonly
used operating systems.
3. Easy-to-integrate
Kaspersky Lab strives to completely satisfy demands and to pay attention
even to the most insignificant requests of its clients. Kaspersky™ Corporate
Suite is developed to operate especially within corporation networks of any
size and complexity. Due to application of the most up-to-date development
methods the software product can be seamlessly integrated into the existing
computing environment and customized to perform specific business tasks. As
a result, you receive a complete information security solution that meets your
system requirements and specific tasks of your business.
4. Comprehensive protection of a corporate network
Corporate network protection is successful only when it covers all nodes, datatransmission channels and storage locations. Kaspersky™ Corporate Suite
provides comprehensive protection of a corporate network by effectively pro-
6
KASPERSKY CORPORATE SUITE
tecting workstations, file and mail servers, Web servers, and controlling data
traffic passing via e-mail gateways and firewalls. Kaspersky™ Corporate Suite
is powered by a unique management tool for advanced administration of the
anti-virus system. Kaspersky™ Administration Kit allows for a centralized
product deployment and management across the corporate network.
5. State-of-the-art set of anti-virus tools
Kaspersky™ Corporate Suite includes all the advanced tools for fighting
against viruses: an anti-virus scanner that checks data storage locations ondemand; an anti-virus monitor that performs real-time virus-check of all files
being used; an integrity checker to monitor data integrity on your computers; a
unique script-virus background interceptor; a behavior blocker that provides
100% protection against micro-viruses. The combined use of these tools excludes the possibility of virus penetration, making your computing safe and
secure. Employment of the Kaspersky™ Corporate Suite-integrated system of
heuristic analysis allows you to prevent infection from even unknown viruses.
6. On-time detection of new viruses
Kaspersky Lab provides auto-installable updates for its anti-virus products on
the daily basis. The company anti-virus experts monitor the world virus situation twenty–four hours a day. In case a new virus appears, they immediately
develop the appropriate cure module and immediately deliver it to customers.
7. Extended services
Kaspersky™ Corporate Suite users may be provided with extended services
for the purpose of development of a customized comprehensive dataprotection system meeting all requirements of the corporate network. On your
request Kaspersky Lab can contribute to inspection and analysis of your corporate network for the purpose of identification of the vulnerable points, to
network testing and modification of the anti-virus software to meet the customer requirements, and to finishing of the customized anti-virus protection
project. The company experts provide services for installation and setting of
the software, and for training of the maintenance staff and users. Users of the
Kaspersky Lab products are also provided with round-the-clock technical support by either phone or e-mail in Russian or English.
7
KASPERSKY CORPORATE SUITE
1.3. Components
What components the Kaspersky™ Corporate Suite
package includes?
Kaspersky™ Corporate Suite includes the following components:
• Protection for workstations — Kaspersky™ Anti-Virus for Windows
95/98/Me, Windows 2000/NT/XP Workstation, OS/2 and Linux.
• Protection for file servers — Kaspersky™ Anti-Virus for Windows
2000/NT Server, Netware, UNIX (FreeBSD, OpenBSD, BSDi, Solaris)
and Linux.
• Protection for mail systems — Kaspersky™ Anti-Virus for Microsoft
Exchange, Lotus Notes, Sendmail, Postfix, Exim and Qmail.
• Protection for WEB servers — Kaspersky™ WEB Inspector.
• Protection of data passing through firewalls — Kaspersky™ Anti-Virus
for Firewall.
• Protection for pocket computers – Kaspersky™ Anti-Virus for Palm
OS.
• Centralized deployment and management of the package components - Kaspersky™ Administration Kit.
8
Chapter
2
2. Protecting Workstations
2.1. Kaspersky™ Anti-Virus for workstations
running Windows 95/98/Me and Windows
2000/NT/XP (Wintel). Main features
2.1.1. Real-time protection
The background virus-interceptor - Monitor permanently resides in your Wintel
workstation’s memory, checking for viruses in files (including the archived)
while they are started, created or copied, and also in the memory of started
programs. The program comprehensively controls all the file operations preventing virus attacks.
2.1.2. Filtering viruses out of email
Kaspersky™ Anti-Virus for Wintel workstations automatically and in real time
checks for viruses in all incoming and outgoing messages. Since the program
supports all the major e-mail database formats (MS Outlook, MS Outlook Ex-
9
KASPERSKY CORPORATE SUITE
press, MS Exchange, Eudora, MS Mail, Pegasus Mail, Netscape Mail, JSMail,
MIME, The BAT), it reliably protects against viruses in mail message storage
locations. The built-in Mail Checker efficiently deletes viruses from e-mail
messages, and completely recovers the original contents.
2.1.3. Comprehensive control over e-mail messages
Kaspersky™ Anti-Virus for Wintel workstations automatically checks for viruses in all elements of incoming and outgoing messages: the message body,
embedded OLE objects, attached files (including archived or compressed files)
and other messages of any nesting level.
2.1.4. Protecting against macro-viruses
Kaspersky™ Anti-Virus for Wintel contains special modules controlling macroinstructions that are executed. The unique macro control technology using the
concept of behavior blocker allows the program to prohibit macro-viruses from
being executed.
2.1.5. Monitoring data-integrity
Inspector, the Kaspersky™ Anti-Virus for Wintel workstations built-in integrity
checker traces all changes on the local computer in background: appearance
of new, deletion and modification of existing files and more. The program implements the control by calculating mathematical values known as checksums
or CRC values (for Cyclic Redundancy Code) for disk sectors and files, and
subsequently checking these against the existing copy of appropriate
file/sector. If a virus-incidental action (such as unauthorized changes in a file
or the system registry) is detected, the module allows removal of the malicious
code and recovery of the original disk contents.
2.1.6. Protecting data storage locations
The anti-virus Kaspersky™ AV Scanner allows for the comprehensive check of
local and network drive contents on-demand. You may run your scanner
10
Loading...