To proceed with the installation, press the Install button in the Setup Wizard window. It will initiate copying of the
application files to the computer, registration of the components in the system, creation of the corresponding database on the SQL server and restarting some services of Microsoft Exchange Server.
AP P L I C A T I O N S E T U P
23
G ETTING STARTED . A PPLICATION CONFIGURATION WIZARD
Once the files are copied and the components are registered in the system, the Setup Wizard will display a notification informing about completion of the application setup. Clicking the Next button in the Setup Wizard will start the Application Configuration Wizard. Application Configuration Wizard will assist you in configuring the update settings, installing the license, and testing the application functionality. To start product configuration in the Application Configuration Wizard, click Next.
IN THIS SECTION
Configuring updates ... 23 Installing a license key ... 23 License-related notifications ... 24 Testing the application functionality ... 24
C ONFIGURING UPDATES
You can use the Update settings window of the Application Configuration Wizard to configure the updating settings of Kaspersky Security.
To define the update settings, perform the following steps:
1. Leave the box Enable automatic update checked, if you wish the application to update automatically according to the specified schedule.
2. To connect to an update server of Kaspersky Lab through a proxy server, enable the option to Use proxy server and specify the corporate proxy address in the Proxy server address line.
3. Define the proxy server port in the entry field. By default, port 8080 is used.
4. To enable authentication with the proxy server, check the box Use authentication and enter in the Account and Password fields relevant information about the user account selected for that purpose.
5. If you wish to download updates from a local corporate server directly, check the box Bypass proxy server for local addresses.
I NSTALLING A LICENSE KEY
In the Licenses window you can install a license for Kaspersky Security.
To install a license, perform the following steps:
1. Press the Add button.
2. In the displayed File name dialog specify the file containing the license key (file with the *.key extension) and click Open.
A license will be installed that allows you to use Kaspersky Security with unlimited functionality for one year.
Over the entire period when the license is active, you can download Antivirus and Anti-spam database updates and contact Kaspersky Lab on all the issues related to the use of the application.
AD M I N I S T R A T O R'S GU I D E
24 Removing a license key
To remove a license, click the Delete button.
L ICENSE - RELATED NOTIFICATIONS
The Notification Settings window allows you to configure the notifications sent by email. Using notifications, you will always know in time of all the Kaspersky Security events.
To define the notification settings, perform the following steps:
1. In the Web-service address field specify the address of the web service that will be used to mail messages via Microsoft Exchange Server.
2. Specify in the Account field any account registered on the Microsoft Exchange Server.
To do that, click Browse or enter the account name manually.
3. Type in the Password field the password for the selected account.
4. In the E-mail address field specify the mail recipient's address.
5. Click the Test button to send a test message.
If the test message arrives in the specified mailbox, it means that delivery of notifications is configured properly.
6. Click Next to finish setting up the application options.
7. Click the Finish button in the final window of Application Setup Wizard to quit the wizard..
If the Start Administration Console when the Wizard quits flag is left checked, the Administration Console will start automatically.
T ESTING THE APPLICATION FUNCTIONALITY
After Kaspersky Security is installed and configured, you are advised to verify its settings and operation using a test
"virus" and its modification.
The test "virus" was specifically designed by EICAR (The European Institute for Computer Antivirus Research) to test anti-virus products. The test "virus" is not a malicious program and it contains no code that can harm your computer.
However, most anti-virus products identify it as a virus.
You can download the test "virus" from the official web site of EICAR at: http://www.eicar.org/anti_virus_test_file.htm.
Testing the Anti-Virus functionality
To send a message with the test "virus", perform the following steps:
1. Create an email message with an attached EICAR test "virus".
2. Send the message via Microsoft Exchange Server with installed Kaspersky Security and connected Security Server.
After virus detection the mailbox that you have specified in the Notification Settings (see section "Configuring notifications" on page 24) window of the Initial Configuration Wizard should receive a notification about the intercepted virus.
AP P L I C A T I O N S E T U P
25
To view the application report about the detected virus, perform the following steps:
1. Launch Kaspersky Security using the menu Start Programs Kaspersky Security 8.0 for Microsoft Exchange Servers Administration Console.
2. In the console tree to the left, select and open the node corresponding to the server which was supposed to process the message containing the "virus".
3. Select the Reports node.
4. In the details pane to the right, click the Generate report button in the Quick reports and / or Anti-Virus report section.
5. View the created report in the Ready reports section. To do that, double-click the necessary report to open it.
If the report contains information about EICAR infection, the application is properly configured.
To receive the reports to an email address, perform the following steps:
1. In the details pane , use the Quick reports and / or Anti-Virus report sections to check the box Administrator to enable sending notifications to the address, which you have specified in the Notification Settings (see section
"Configuring notifications" on page 24) window of the Application Configuration Wizard.
If you have not specified the e-mail address in the Initial Configuration Wizard, click the link E-mail sending settings to set up notifications (see section "Configuring notifications" on page 24).
2. To make sure that reports arrive in the specified mailbox, click the Test button to send a test message.
By default, the application saves a copy of an infected object in Backup.
To check, whether a copy of an infected object has been saved in Backup, perform the following steps:
1. In the console tree, select the node Backup.
2. Check to make sure that the infected object (message with attached "virus") appears in the details pane.
Testing the Anti-Spam functionality
To test normal functioning of the Anti-Spamcomponent, perform the following steps:
1. Launch Kaspersky Security using the menu Start Programs Kaspersky Security 8.0 for Microsoft Exchange Servers Administration Console.
2. In the console tree to the left, select and open the node corresponding to the server which will be used to transfer the test message.
3. Select the Server protection node.
4. Select the Anti-Spam protection tab in the details pane.
5. Open the White and black list settings section.
6. Check the box Add sender's address to black list.
7. Type the sender's e-mail address in the entry line.
8. Click the addition button to the right of the field.
9. Open the Scan settings section.
10. In the Blacklisted field, select Allow.
AD M I N I S T R A T O R'S GU I D E
26 11. In the same field check the box Add label.
12. Send a message to the administrator's address through the protected mail server.
If the message arrives with the [Blacklisted] label in the header, the Anti-Spam component functions correctly.
AP P L I C A T I O N S E T U P
27
R ESTORING THE APPLICATION
If the application encounters a failure while running (for example, if its binary modules get damaged), you can use the restoration functionality provided in the installer. During restoration the installer will preserve the selected settings and user configuration including notifications, paths to the application databases, Quarantine, etc.
To restore Kaspersky Security, perform the following steps:
1. Start the setup_en.exe file.
2. Click the link Kaspersky Security 8.0 for Microsoft Exchange Servers.
3. Click the Next button in the welcome screen of the Initial Configuration Wizard.
4. In the Change, Repair or Remove the application window click the Restore button.
5. In the Restoring window, click the Repair button.
Restoration of the application will be impossible, if its configuration files are damaged. Removing and reinstalling the application is recommended then.
AD M I N I S T R A T O R'S GU I D E
28
R EMOVING THE APPLICATION
To remove Kaspersky Security from a computer, perform the following steps:
1. Start the setup_en.exe file.
2. Click the link Kaspersky Security 8.0 for Microsoft Exchange Servers to start the Setup Wizard and click Next.
3. In the Change, Repair or Remove the application window click the Remove button.
4. In the Remove window click the Remove button.
You can also uninstall the application using the standard software management tools in Microsoft Windows.
During Kaspersky Security removal some services of Microsoft Exchange Server will need a restart.
29
MANAGING KASPERSKY SECURITY LICENSES
When you purchase Kaspersky Security, you enter into a license agreement with Kaspersky Lab. This agreement grants you the right to use the software you purchased to protect the specified number of mailboxes, and to have access to the attendant services, for a defined period. The anti-virus protection covers both mailboxes and public folders. Therefore, no additional license is needed to protect public folders when working in the Microsoft Exchange environment. When using the application on a cluster of servers, the license is valid for the whole cluster.
The following features will be available to you during the license period:
use the anti-virus functionality of the application;
anti-spam functionality of the application;
regular updates for the anti-virus and anti-spam databases;
application updates;
support on issues related to the installation, configuration and the use of the purchased software product, provided 24 hours a day, by phone or email.
The application verifies the validity of the license agreement through the Kaspersky Security license key file, which is an integral part of any Kaspersky Lab product.
Kaspersky Security will not work without a license key!
Active license
The application can use only one active license key. This license key contains restrictions imposed on the use of
Kaspersky Security, which the application verifies using its internal algorithms. If a violation of the terms and conditions of the license agreement is detected:
the application functionality will be restricted;
a record of the detected violation will be entered into the event logs;
if the notification settings are configured, a notification about the violation will be issued and sent by email.
You can manage the number of protected mailboxes excluding from the scan scope certain storages (see section
"Creating a list of protected mailboxes and storages" on page 32) containing e-mail accounts that the application will not scan. You are advised to purchase a license able to protect all your mailboxes, as any unprotected storage areas increase the possibility of penetration and propagation of viruses via the email system. Once a commercial license expires, the application functionality will remain available, i. e. the application will continue anti-virus and anti-spam traffic scanning; however, database updates and application upgrades will no longer be provided as well as the opportunity to contact the Technical Support service for assistance. The application will continue anti-virus scanning of email traffic, and background scanning of storage areas, but will use outdated database versions. In this case, it is difficult to guarantee comprehensive protection against new viruses and spam, which may appear after the license expires.
By default, a notification is sent when the application is running, two weeks prior to the license expiration date. This message indicates when the currently installed license key will expire, and gives information about renewing a license.
The date of the notification and its e-mail destination address can be changed (see section "Notification about license expiry" on page 31).
AD M I N I S T R A T O R'S GU I D E
30 Additional license
Once you have installed a commercial license, you can purchase an additional license for the product (see section
"Distribution Kit" on page 12) including Kaspersky Security and install it. After the current license expires, the additional license becomes active and the application continues to function without changes. Thus you can ensure uninterrupted protection of your corporate mail servers. Kaspersky Security supports only one additional license.
Trial license
You may use a trial license to evaluate the benefits of Kaspersky Security. If a trial license key has been used, upon its expiration the anti-virus functionality of the application will also be disabled in addition to the above limitations. Note that the validity period of a trial key starts from the moment when the first trial key is added. The validity period of all the subsequent trial keys will be adjusted in accordance with the validity period of the first key.
License restrictions
In some cases (for example, if the sales contract was terminated or if the license agreement restrictions were changed), Kaspersky Lab terminates the license agreement with the user. In this case, the serial number of the license key will be added to the list of cancelled licenses, the so-called black list. If your active license is found in the black list, the reserve license will not be activated and the application will be disabled except for the management and anti-virus database updating services. If your license has been accidentally blacklisted, you are advised to update your databases and, if the error persists, contact the Technical Support Service.
IN THIS SECTION
Viewing information about installed licenses ... 30 Installing a license key ... 31 Removing a license key ... 31 Notification about license expiry ... 31 Creating the list of protected mailboxes and storages ... 32
V IEWING INFORMATION ABOUT INSTALLED LICENSES
To view information on installed licenses, perform the following steps:
1. Start the Administration Console of the application.
2. In the Administration Console tree select the necessary server node and then the Licensing node.
The details pane will display information about installed licenses. The following information is displayed:
Type - Describes the license key type.
Owner. Identifies the license owner.
Restrictions. Defines the number of user accounts (mailboxes) supported in the license.
Expiration date. Indicates the date of license expiry.
License key serial number. Displays the license serial number.
Status. Displays the status of the current license.
MA N A G I N G KA S P E R S K Y SE C U R I T Y L I C E N S E S
31
I NSTALLING A LICENSE KEY
To install a license for Kaspersky Security, perform the following steps:
1. In the Management Console, select the node Licensing.
2. Click the Add button in the details pane.
3. In the displayed File name dialog specify file name containing the license key (file with the *.key extension) and click Open.
Once you have installed a commercial license, you can install an additional license.
To install a reserve license, perform the following steps:
1. In the Administration Console, select the node Licensing.
2. In the details pane, click the Add button in the Additional license section.
3. In the displayed File name dialog specify file name containing the license key (file with the *.key extension) and click Open.
R EMOVING A LICENSE KEY
To remove a license for Kaspersky Security, perform the following steps:
1. Select the Licensing node in the Administration Console.
2. In the details pane, click the Delete button in the Active license or Additional license section.
N OTIFICATION ABOUT LICENSE EXPIRY
The application verifies compliance with the license agreement after every database update. The check may return one the following results:
the active key expires within the next few days;
the license has expired;
the active license was found in the black list;
In these cases the application logs an appropriate record and, provided that notifications are configured (see section
"Configuring notification settings" on page 68), e-mails the information to the address specified in the settings. By default, a notification will be issued 15 days prior to the expiration of your license period. You can set up an earlier or a later notification date.
To configure notifications about expiry of the license to use Kaspersky Security, perform the following steps:
1. Select the Licensing node in the Administration Console.
2. In the details pane, specify in the field Notify about license expiry in the number of days remaining until a license expires when you should be notified about the forthcoming expiry.
3. Click the Save button.
AD M I N I S T R A T O R'S GU I D E
32
C REATING THE LIST OF PROTECTED MAILBOXES AND STORAGES
The application will protect the number of mail boxes specified in the active license. If this number is not sufficient, you must decide which mailboxes should be left unprotected and moved into storage areas not covered by anti-virus protection. By default, the application protects all public folders created on the protected mail server. You can remove protection from public folders if you think that their scan would be redundant.
To remove protection from the mailbox storage or public folders storage:
1. In the Management Console, select the node Server protection.
2. On the Anti-Virus protection tab, open the Protection for mailboxes configuration section.
3. In the Protected mailbox storages section check the boxes corresponding to the mailbox storages, which you wish to protect.
4. In the Protected public folder storages section check the boxes corresponding to the public folder storages, which you wish to protect.
5. To apply the changes, click the Save button.
The list includes all mailbox storage areas created on the protected Microsoft Exchange server. By default, the application protects the storages that already existed when the application was installed and all new storage areas.
33
APPLICATION INTERFACE
The user interface of the application is provided by the Microsoft Management Console (MMC) component. The Management Console is a dedicated isolated facility integrated into MMC.
IN THIS SECTION
Main window ... 33 Context menu ... 35
M AIN WINDOW
Main window of the Administration Console contains (see figure below):
Toolbar. It is displayed in the upper part of the main window. The buttons on the toolbar allow direct access to some frequently accessed features of the application.
Menu. It is displayed right above the toolbar. The menu provides management functions for files and windows, as well as access to the help system.
Console tree. It is located in the left part of the main window. The console tree displays connected Security Servers and the settings of Kaspersky Security. Connected servers and the settings of Kaspersky Security are listed as nodes. You can open parent nodes by clicking the corresponding plus sign. An open node is displayed with the minus sign next to it.
Details window. It is located in the right part of the main window. The window displays the contents of the node selected in the tree.
AD M I N I S T R A T O R'S GU I D E
34
Figure 1: Main application window
The topmost node of the console tree is Kaspersky Security 8.0 for Microsoft Exchange Servers. Double-clicking it in the console tree with the mouse opens the list of connected servers running installed Kaspersky Security. The details window also displays connected servers and the Add server button. Left-clicking the connected server node with the mouse displays in the results window general information about protection components installed on the selected server, license type and the application installation folder. Clicking the plus sign next to a connected server opens in the console tree the list of configurable Kaspersky Security settings for that server. You can view and configure the following settings of Kaspersky Security:
Server protection – used for viewing and editing the settings for anti-virus and anti-spam protection.
Updates – used for viewing and editing the settings for anti-virus and anti-spam database update.
Updates – used for viewing and editing the settings for anti-virus and anti-spam database update.