Documentation. Administration Manual. iq.suite For Microsoft Exchange. Document Version 1.0

(1)

Administration Manual

iQ.Suite 12.1

For Microsoft Exchange

(2)



EDITOR´S NOTE

Editor´s Note

No part of this publication may be reproduced without written permission from GROUP Business Software AG. All hardware and software names used are registered names and/or trademarks of their respective manufactu-rer/proprietor.

(3)





TABLEOF CONTENTS

4.1.1 iQ.Suite Administration Console...23

4.1.2 The iQ.Suite Server...25

4.1.2.1 iQ.Suite Grabber...25

4.1.2.2 iQ.Suite Services ...26

4.1.2.3 iQ.Suite Quarantine ...28

4.1.2.4 Active Directory / LDIF...30

4.1.2.5 Compressed Files and Archives: iQ.Suite Unpacker...30

4.1.2.6 Network Service...31

4.1.2.7 Email Processing Sequence...32

4.1.3 iQ.Suite Configuration ...33

4.2 User Interface ...35

4.2.1 Toolbar Icons...36

4.2.2 Navigation Icons...36

4.3 iQ.Suite Basics ...39

4.3.1 iQ.Suite Jobs (Policy Configuration)...39

4.3.1.1 Mail Transport Jobs and Sample Jobs ...39

4.3.1.2 Information Store Jobs...40

4.3.1.3 Processing Order of iQ.Suite Jobs ...41

4.3.1.4 Address Conditions and Address Lists ...42

4.3.1.5 Conditions...42 4.3.1.6 Actions ...43 4.3.2 Basic Configuration ... 44 4.3.2.1 Templates ...44 4.3.2.2 Quarantine Configuration...46 4.3.2.3 Utility Settings ...46 4.3.3 iQ.Suite Monitor...50

4.4 Standard Tabs of Mail Transport Jobs ...51

4.4.1 General Tab ...51

4.4.2 Addresses Tab ...55

4.4.2.1 Example I: Virus Scanning...57

4.4.2.2 Example II: Blocking Attachments ...57

4.4.2.3 Example III: Adding a Disclaimer...59

4.4.3 Conditions Tab ... 60 4.4.4 ‚Actions‘ Tab...63 4.4.5 Server Tab... 67 4.4.6 Details Tab ...67 4.5 Job Types ...68 5 General Configuration ...71 5.1 Configuration Reports ...71

(5)

5.2.1 Packed Files and iQ.Suite Monitor... 72

5.2.2 Collective Notification... 74

5.2.3 Central Whitelists ... 75

5.2.4 Definition of Email Addresses and Internal Domains... 76

5.2.5 Special Users... 77

5.3 Settings for an Individual iQ.Suite Server ... 79

5.3.1 General Server Settings... 79

5.3.2 Individual Email Addresses for an iQ.Suite Server ... 80

5.3.3 Using a Proxy Server ... 81

5.3.4 User Access to Quarantine ... 81

5.3.4.1 Allow Users to Request Quarantined Items by Email... 83

5.3.4.2 Allow Users to Request Quarantined Items via HTTP... 83

5.3.5 Quarantine Maintenance... 83

5.3.6 Setting Bridge Options ... 85

5.3.7 View a List of All Jobs ... 87

5.4 Proxy Servers ... 88

5.5 Address Lists ... 89

5.5.1 iQ.Suite Address Lists... 89

5.5.2 Creating, Editing and Deleting Custom Address Lists ... 89

5.5.3 Using and Handling Addresses within a Job... 92

5.6 Creating Notification Templates... 94

5.6.1 List of Notification Variables... 95

5.7 Creating a Database Connection to an SQL Server... 106

5.7.1 Overview ... 106

5.7.1.1 Connection to SQL Servers... 106

5.7.1.2 Using SQL Servers... 106

5.7.2 Configuration of the Database Connection ... 107

5.7.2.1 SQL Server and iQ.Suite Server ... 107

5.7.3 Setting up Central Blacklists/Whitelists... 110

5.7.4 Setting up a Local Quarantine Database ... 111

5.7.5 Troubleshooting SQL Servers... 113

5.8 Folder Settings ... 114

5.8.1 Quarantine Configuration... 114

5.8.2 Defining Quarantine Summary Notifications ... 118

5.8.2.1 Template Configuration ... 119

5.8.2.2 Quarantine Configuration ... 119

5.8.3 Configuring a Globale Quarantine Summary Notification ... 124

5.8.4 Whitelist Notification / Blacklist Notification... 125

6 iQ.Suite Monitor ... 127

(6)



6.1.1 General Tab ...128

6.1.2 Test Tab ... 129

6.1.3 Information Store Scan Tab ...130

6.2 Quarantines ...131

6.2.1 General...131

6.2.2 Filter Options ... 132

6.2.3 Example – Quarantined Email in Default Quarantine... 133

6.2.4 Example – Quarantined Email in Information Store Quarantine ... 136

6.2.5 Sending From Quarantine ... 138

6.2.6 Adding Senders to an Address List ...139

6.2.7 Badmails... 140 6.3 Bridge Quarantines ...140 6.4 CORE Classifiers ...140 6.5 iQ.Suite Reports...141 7 iQ.Suite Crypt ...143 7.1 Overview ...143 7.1.1 Job Types...144

7.1.2 PGP/GnuPG – Getting Started... 145

7.1.3 S/MIME2 – Getting Started ...145

7.1.4 Global Mappings ...146

7.2 PGP/GnuPG – General Information ...148

7.2.1 Encryption/Decryption with PGP or GnuPG ...148

7.2.2 PGP/MIME ...149

7.2.3 Preliminaries for PGP or GnuPG...149

7.2.4 Configuration of the PGP or GnuPG Crypt Engine ...150

7.3 Automatic Key Import with PGP/GnuPG ...155

7.3.1 Sample Job: PGP or GnuPG Key Import ...155

7.4 Encryption with PGP/GnuPG ...158

7.4.1 Sample Job: Encrypting Emails with PGP/GnuPG...158

7.5 Decryption with PGP/GnuPG ...165

7.5.1 Sample Job: Decrypting Emails with PGP/GnuPG ...165

7.6 S/MIME – General Information ...168

7.6.1 Using S/MIME in iQ.Suite...168

7.6.2 Configuration of the S/MIME2 Engine ...169

7.6.3 Using the Windows Certificate Store...171

7.6.3.1 Advantages...171

7.6.3.2 Configuration Description ...173

7.7 Automatic Certificate Import with S/MIME...175

(7)

7.8.1 Sample Job: Encrypting Emails with S/MIME ... 177

7.9 Decryption with S/MIME ... 183

7.9.1 Sample Job: Decrypting Emails with S/MIME... 183

7.10 Signing with S/MIME ... 187

7.10.1 Sample Job: Signing Emails with S/MIME ... 188

7.11 Verifying S/MIME Signatures ... 189

7.11.1 Sample Job: Verifying Email Signatures with S/MIME... 189

7.12 Using iQ.Suite KeyManager ... 190

7.12.1 Using S/MIME Certificates ... 190

7.12.1.1 KeyManager Connection Configuration ... 191

7.12.1.2 Engine Configuration: S/MIME2 Engine... 195

7.12.1.3 Sample Job: Configuring a KeyManager Job (S/MIME)... 196

7.12.1.4 Using the Windows Certificate Store ... 197

7.12.2 Using PGP Keys ... 200

7.12.2.1 Engine Configuration: PGP synchronized with KeyManager ... 200

7.12.2.2 KeyManager Connection Configuration ... 204

7.12.2.3 Sample Job: KeyManager Job Configuration (PGP)... 204

7.13 Encryption with WebCrypt Pro ... 205

7.13.1 Encryption Procedure with WebCrypt Pro ... 205

7.13.2 WebCrypt Pro Server Connection Configuration ... 206

7.13.3 Sample Job: Encrypting Emails with WebCrypt Pro ... 210

7.14 Using the Outdated S/MIME Solution ... 212

7.14.1 Description of Operational Sequence ... 212

7.14.2 Configuration of the S/MIME Engine... 213

7.14.3 Migration to the New S/MIME2 Engine ... 217

8 iQ.Suite Watchdog ... 221

8.1 Overview on iQ.Suite Watchdog... 221

8.2 Virus Scanning... 222

8.2.1 Virus Scanning on the Mail Server... 222

8.2.2 Virus Scanning in the Information Store ... 223

8.2.3 Virus Scanners... 224

8.2.3.1 Notes on Virus Scanners... 224

8.2.3.2 Enabling Virus Scanners ... 224

8.2.3.3 Standard Tabs – Virus Scanners ... 225

8.2.3.4 Specialties of Avira Scan Engine ... 230

8.2.3.5 Specialties of McAfee Scan Engine ... 230

8.2.3.6 Specialties of Sophos Scan Engine ... 231

8.2.3.7 Specialties of Norman External Scan Engine... 231

8.2.4 Sample Job: Checking Emails for Viruses ... 232

(8)



8.2.4.2 Defining Actions...234

8.2.5 Sample Job: Virus Scan in the Information Store... 236

8.2.5.1 Create EWS User (as of Exchange Server 2013) ...236

8.2.5.2 Configure the Information Store Job...237

8.2.6 Sample Job: Checking Password-Protected Archives for Viruses ...245

8.3 File Restrictions for Attachments ...246

8.3.1 Notes on File Restrictions ...246

8.3.2 Fingerprints ...248

8.3.2.1 Configure Fingerprint Categories...248

8.3.2.2 Defining New Fingerprints ...248

8.3.2.3 Creating Fingerprints with Name Patterns...249

8.3.2.4 Creating Binary Patterns for Fingerprints ...251

8.3.3 Sample Job: Denying File Attachments by Type... 254

8.3.3.1 Selecting Fingerprints ...254

8.3.4 Sample Job: Limiting Email Size ... 257

8.3.4.1 Specifying Email Size ...257

8.3.5 Sample Job: Denying Attachment Types and Sizes ... 259

8.3.5.1 Specifying Fingerprint and Size ...259

9 iQ.Suite Wall...263

9.1 Spam Protection Overview ...264

9.1.1 Address Filtering (Blacklists and Whitelists)...264

9.1.2 Spam Filtering Job ...264

9.1.3 Spam Analyzer ...265

9.1.4 Text Analysis ...265

9.2 Address Filtering ...266

9.2.1 Blocking Email Addresses...266

9.2.1.1 Sample Job: Blocking Certain Sender Addresses ...266

9.2.2 Replacing Text with Regular Expressions...267

9.2.2.1 Sample Job: Replacing Domains...268

9.2.2.2 Sample Job: Modifying Email Header Line...270

9.2.2.3 Sample Job: Modifying Email Body ...271

9.2.3 Limiting the Number of Recipients ...272

9.2.3.1 Sample Job: Limiting the Number of Recipients...273

9.3 Spam Filtering with the Spam Filtering Job ...275

9.3.1 Job Functionality ...275

9.3.2 Sample Job: Advanced Spam Filtering ... 278

(9)

9.3.3 Practical Tips on False Positives ... 283

9.3.4 Tables: Definite Criteria ... 284

9.3.4.1 Definite ‘No-Spam’ Criteria ... 284

9.3.4.2 Definite ‘Spam’ Criteria... 285

9.3.5 Spam Filtering for Experts: Using Combined Criteria ... 287

9.3.6 Tables: Combined Criteria ... 289

9.3.6.1 Combined ‘No Spam’ Criterion... 289

9.3.6.2 Combined Classification Criteria ... 289

9.3.6.3 Combined Header Criteria... 290

9.3.6.4 Combined Subject Criteria ... 291

9.3.6.5 Combined Message Body Criteria... 291

9.4 Spam Filtering with Spam Analyzers ... 293

9.4.1 Using SASI for Spam Filtering ... 293

9.4.1.1 SASI Engine Configuration... 293

9.4.1.2 Advanced Spam Filtering Job Configuration ... 297

9.4.2 Text Analysis with Dictionaries ... 298

9.4.3 Setting up Dictionaries ... 300

9.4.4 Searching for Text in Dictionaries ... 302

9.4.5 Sample Job: Checking and Denying Text Contents ... 303

9.5 Text Analysis for Credit Card Numbers ... 305

9.5.1 Sample Job: Text Analysis for Credit Card Numbers ... 305

9.6 CORE Classification ... 309

9.6.1 Using CORE for Spam Filtering ... 310

9.6.1.1 Using the preset CORE Classifier ... 310

9.6.1.2 Creating a new CORE Classifier ... 310

9.6.2 Using CORE for Content Classification ... 312

9.6.2.1 Classifier Configuration ... 312

9.6.2.2 Sample Job: New CORE Classification Job ... 313

9.7 Text Analysis with Regular Expressions (Advanced Actions) ... 317

9.7.1 Sample Job: Regular Expressions in File Attachments ... 317

9.7.2 Sample Job: Transfer Matches to External Application ... 320

10 iQ.Suite Convert ... 325

10.1 Overview... 325

10.2 Sample Job: Compress Attachments as ZIP ... 326

10.2.1 Selection ... 326

10.2.2 Compression Options ... 328

10.3 Sample Job: Converting Attachments to PDF ... 330

10.3.1 Selecting Attachments ... 331

10.3.2 Conversion Options ... 332

(10)



10.4 Sample Job: Converting TNEF-Mail to MIME ...335

10.5 Sample Job: Conversion via Command Line ...337

10.5.1 Selecting Attachments...338

10.5.2 Conversion Options...339

10.5.3 Configuring Your Own Application ...340

11 iQ.Suite Trailer ...343

11.1 Overview ...343

11.1.1 Procedure for Trailer Configuration ...343

11.2 Configuring Trailer Elements (optional)...344

11.2.1 Conventional and Personalized Trailer Images...344

11.2.1.1 Creating Trailer Image Categories...345

11.2.1.2 Importing Conventional Trailer Images...346

11.2.1.3 Configuring Personalized Trailer Images...347

11.2.2 Trailer Attachments ...350

11.2.2.1 Creating a Trailer Attachment Category ...351

11.2.2.2 Creating Conventional Trailer Attachments ...352

11.2.2.3 Creating Binary Trailer Attachments...354

11.2.3 Trailer Search Pattern ... 356

11.3 Configuring Trailer Documents ...358

11.3.1 Creating a Trailer Document ...358

11.3.2 Assigning Trailer Images to a Trailer Document ...362

11.3.2.1 Inserting Images in the HTML Format ...362

11.3.2.2 Inserting Images as HTTP Link ...364

11.3.3 Assigning a Trailer Attachment to a Trailer Document...365

11.3.3.1 Inserting a QR Code Image ...365

11.4 Configuring a Trailer Job ...367

11.4.1 General Job Configuration ...367

11.4.1.1 Selecting the Trailer...367

11.4.1.2 The ‚Trailer‘ tab...367

11.4.1.3 The ‚Attachments‘ tab ...369

11.4.1.4 The ‚Position‘ tab ...371

11.4.2 Scenario: Attaching a Legal Disclaimer... 373

11.4.3 Scenario: Attaching Customized Signatures ... 375

11.4.4 Szenario: Attaching Customized Signatures with Personalized Image.... 378

11.4.5 Scenario: Adding a Company Logo to the Trailer ... 379

11.4.6 Scenario: Adding vCard Data to the Trailer...379

12 iQ.Suite Connect...381

12.1 Overview ...381

(11)

12.3 Sample Job: Storing File Attachments in SharePoint ... 382

12.3.1 Configuring a SharePoint Engine... 382

12.3.2 Sample Job: Storing File Attachments in SharePoint ... 386

13 iQ.Suite Bridge... 389

13.1 Overview... 389

Glossary ... 391

(12)

(13)



1 Preface



Log files

GROUP Business Software AG, hereafter referred to as GBS, is the owner of the full commercial copyright of this documentation protected by law. All rights not explicitly granted remain the property of GBS.

(14)



PREFACE - WARRANTY

1.3 Warranty

Sophos SASI

(16)



PREFACE - DETAILSONTHE MANUALS

1.7 Details on the Manuals

Personal Designations

Our Manuals are addressed equally to both genders. Therefore, we make every effort to use gender-neutral language. Since it is not entirely possible to avoid personal designations, we use the word forms he/she, his/hers or him/her in these cases.

Symbols

Freely accessible documentation is available on our website under

www.gbs.com.

If you have any suggestions on how we can make further improvements, we would be happy to get your feedback. Send an email to: [email protected]



Warning.

Refers to critical situations. Please carefully read these messages to minimize the risk of data loss, damage to your system, etc.



Information.

Refers to important but uncritical situations.



Tip.

Provides assistance for a specific issue or describes special workarounds and features.

(17)



2 Quickstart

2.1 Installation on an Exchange Server

Make sure that all required programs have been installed and system require-ments are met. Refer to “System Requirements” on page 9.

Be sure to install (double-click) the correct installation package for your operating environment.

Follow the Installation instructions. Unless you specify a different installation directory, iQ.Suite is installed in the default directory, i.e.:



On a 32-bit system:

C:\Programme or Program Files\GBS\iQ.Suite



On a 64-bit system:

C:\Programme (x86) or Program Files (x86)\GBS\iQ.Suite\

For further Information on installing the software, please refer to “Installation” on page 9.

2.2 Installation on Several Exchange Servers

For further Information, please refer to “Installation of iQ.Suite in Multi-Server Environments” on page 17.



Disable any real-time or on-access scan functions of your scan engines for the ...\iQ.Suite\GrpData directory.

(18)



QUICKSTART - STARTINGTHEIQ.SUITE ADMINISTRATION CONSOLE

2.3 Starting the iQ.Suite Administration Console

iQ.Suite is a server product that is configured through iQ.Suite administration console. For iQ.Suite to work, the iQ.Suite service must be running1. To start the console select PROGRAMS -> GROUP BUSINESS SOFTWARE -> IQ.SUITE -> IQ.SUITE MANAGEMENT CONSOLE.

Before the iQ.Suite administration console exits, you are prompted to save any changes.

2.4 Configuration in the iQ.Suite Administration Console

Following the installation, use the iQ.Suite administration console to perform the following settings.

2.4.1 Required Basic Configuration Steps

The Basic Configuration is used to define the valid servers, email addresses, shared templates and utility settings.

1. Under BASIC CONFIGURATION -> GENERAL SETTINGS -> EMAIL ADDRESSESTAB, check the entries for the iQ.Suite administrators and the internal domains. Refer to “iQ.Suite Server Settings” on page 72.

2. To use the iQ.Suite Watchdog virus scanner functions, enable the virus scan-ners installed on your server under UTILITY SETTINGS -> VIRUSSCANNERS. Refer to “Enabling Virus Scanners” on page 224.

1. For further Informationen on the iQ.Suite service, please refer to “iQ.Suite Services” on page 26.



Pending changes are indicated by an asterisk (*) at the top node. To save your configuration, click on the button. The configuration is saved in the

(19)

2.4.2 Required Policy Configuration Steps

Use the Policy Configuration feature to define and enable selected jobs accor-ding to the company’s policies.

1. Under Sample jobs, locate the template you wish to use.

2. To create a new job, select the template and drag it to the MAIL TRANSPORT

JOBS folder. Give the job a name and edit its properties. Then, under Proper-ties, activate the job.

3. Make sure that the jobs are performed in the correct order. Refer to “Proces-sing Order of iQ.Suite Jobs” on page 41.

4. Save your changes. Also refer to “Starting the iQ.Suite Administration Con-sole” on page 6.

For further Information on setting up jobs and company policies, please refer to

“iQ.Suite Jobs (Policy Configuration)” on page 39.

2.4.3 Recommended Basic Configuration Steps

In the Basic Configuration, it is recommended to define individual settings for address lists, templates, etc. However, these settings are not necessary for sim-ply testing the system.

1. Under General Settings, proceed as follows:

a) When required, define the proxy servers settings. Refer to “Proxy Ser-vers” on page 88.

b) Configure the Address lists (for selections in job rules) and Trailers (for iQ.Suite Trailer).

c) When required, change the texts of the standard templates.

2. Under Utility Settings, configure any additional components required, e.g.

CORE classifiers, dictionaries, fingerprints and virus scanners (for

iQ.Suite Watchdog) and the Crypt Engines (for iQ.Suite Crypt).

For further Information on Basic Configuration, please refer to “Basic Configura-tion” on page 44. Module-specific settings are described in the corresponding sections.

(20)



QUICKSTART - OBSERVING DATAINIQ.SUITE MONITOR

For Information on further customizing options, please refer to “General Configu-ration” on page 71.

2.4.4 Virus Scanning in Exchange Databases

In the Policy Configuration under Information Store Jobs, you can enter appropriate settings for each iQ.Suite server separately. It is not possible to create your own Information Store jobs. A new Information Store Job is automati-cally provided whenever a new server is specified. If the server is removed, the Information Store Job will also be deleted.

For further Information on Information Store Jobs, please refer to “Virus Scanning in the Information Store” on page 223.

2.5 Observing Data in iQ.Suite Monitor

After having saved your settings, use the iQ.Suite Monitor to monitor the opera-tion of iQ.Suite. With iQ.Suite Monitor, you can view current data in real-time and manage, for instance, the Quarantines of the configured iQ.Suite servers. For further Information, please refer to “iQ.Suite Monitor” on page 127.

(21)



3 Installation

3.1 System Requirements

To install the iQ.Suite, your system must meet the following requirements:





Exchange Server 2007 from SP 1 with the roles:  Hub Transport Server

 Mailbox Server



The following system requirements apply to iQ.Suite for Exchange 12.1. If instal-ling an iQ.Suite Version > 12.1, requirements may be different. Please read the product changes described in the Readme.html file. By default, the Readme.html file is displayed on screen after the installation.

(22)



INSTALLATION - INSTALLATIONOF VIRUS SCANNERS  Edge Transport Server

As a minimum, "Update Rollup 4 for Exchange 2007 SP1" installed.



Exchange Server 2010 (64-bit) on Windows Server 2008 R2 with the

roles:

 Hub Transport Server  Mailbox Server  Edge Transport Server



Exchange Server 2013 (64-bit) on Windows Server 2012  iQ.Suite is installed on the ‚Mailbox Server‘ role.



Supported languages: German, English



Further system requirements apply if using the SASI Engine2_.

3.2 Installation of Virus Scanners

Optionally, during iQ.Suite installation the virus scanners of our business partners

Avira, Sophos and McAfee can be installed as integrated scanners. The Avira

Scan Engine is fully preconfigured and ready for immediate use3. For using the McAfee4_{or Sophos}5_{virus scanner additional configurations are required.}

iQ.Suite allows to use virus scanners from other third-party manufacturers as well. However, these virus scanners are not supplied with iQ.Suite and must be installed on the server before. Refer to “Enabling Virus Scanners” on page 224.

2. For further Information, please refer to the separate SASI document. Download under

www.gbs.com.



3. For further Informationen on Avira virus scanner, please refer to the separate document for SAVAPI engine. Download under www.gbs.com.

4. For further Informationen, please refer to the separate document for the McAfee virus scanner. Download under www.gbs.com.

5. For further Informationen, please refer to the separate document for the Sophos virus scanner. Download under www.gbs.com.

(23)

3.3 Setup

3.3.1 Installation of iQ.Suite on a Exchange Server

1. Select the required installation package. The following iQ.Suite installation packages are available:



Installation on 32-bit operating systems (Windows Server 2003/2008):  Exchange 2003



Installation on 64-bit operating systems (Windows Server 2003/2008/2008 R2):

 Exchange 2007 SP1 (from Update Rollup 4)  Exchange 2010

iQ.Suite for Exchange 12.1 supports the Exchange 2007/2010 Server

roles Mailbox, Hub Transport and Edge Transport through the optional setup components ‚iQ.Suite Transport Grabber‘, ‚Information Store Scan‘ and ‚LDIF support‘. The highlighted setup components are preselected for different server role scenarios.



Server role / Setup component

Single Server (Mailbox + Hub Transport)

Mailbox Hub Trans-port

Edge

Transport Grabber Yes No Yes Yes Information Store

Scan

Yes Yes No No

(24)



INSTALLATION - SETUP



Installation on 64-bit operating systems (Windows Server 2012):  Exchange 2010

 Exchange 2013: iQ.Suite is installed on the ‚Mailbox Server‘ role. 2. Start the installation package by a double click. To be able to install the

iQ.Suite, a number of Microsoft software components must have been installed. If these components are missing on your system, they will be installed by the installation package. Without these components, the iQ.Suite installation cannot be started. Confirm the corresponding instal-lation message when prompted to do so. During instalinstal-lation a system restart might be required.

3. Select the desired language. The selected language applies to the iQ.Suite administration console and configuration elements such as the notifications sent to the users. The latter are included in the standard con-figuration:



Exchange 2007 Mailbox Cluster / Exchange 2010 Database Availibility Groups (DAG): This iQ.Suite version can be operated on a Windows failover cluster with clustered Exchange 2007 Mailbox Server role or Exchange 2010 DAG. As manual configurations are required during installation, we only support installati-ons performed by our Cinstallati-onsulting.



Windows Server 2008: Due to changed standard permissions under Windows Server 2008 (UAC), we recommend to use administrator rights for the administ-ration tasks as well the configuadminist-ration of iQ.Suite, in order to ensure access to the iQ.Suite installation folder.

(25)

4. Accept the License Agreement and click NEXT to continue.

5. Depending on the installed Microsoft Exchange Server version different iQ.Suite features are available. Select the features to be installed.

(26)



When Microsoft Exchange Server < 2013 is installed, iQ.Suite uses VSAPI

interface to scan the Information Store. In case another application is using the VSAPI to scan the Information Store, the iQ.Suite feature is disabled. To use iQ.Suite‘s Information Store scan, the other application has to be unins-talled.

6. Click on NEXT. In case you have defined two or more virtual servers, you will now be prompted for the active virtual server on which iQ.Suite is to be regis-tered:

7. If you are not running iQ.Suite on multiple servers and wish to use a central configuration file for administration purposes, confirm the default setting and click on NEXT6:



When using EWS for the Information Store scan, other applications using EWS do not have to be uninstalled.

(27)

8. In the next dialog, specify the administrator’s email address:

9. If you are using a proxy server, select ‘Enable Proxy Server’ and enter the proxy settings (IP address, port, user, password). All of the proxy server set-tings can later be changed under the Basic Configuration7_.

(28)



10. Click on NEXT. The screen displays a summary of your settings. Check your configuration settings and make sure that the on-access scanner for the ...\GrpData directory is disabled.

(29)

11. The configuration settings are added as default entries to the configuration of the iQ.Suite server8.Confirm the summary by clicking on INSTALL. The iQ.Suite is then installed to the following directory: \<Program direc-tory>\GBS\iQ.Suite\.

12. Click on FINISH in the final dialog to complete the iQ.Suite installation.

3.3.2 Installation of iQ.Suite in Multi-Server Environments

If installing iQ.Suite on multiple Exchange servers, you can control both the admi-nistration and configuration centrally. The iQ.Suite distinguishes between three areas:



iQ.Suite administration console9

The iQ.Suite is administrated with the iQ.Suite administration console, which is used for basic configuration settings and the configuration of the iQ.Suite policies as well as for monitoring server functions and quarantines. The iQ.Suite administration console can be installed on the iQ.Suite servers or separately, for instance on separate administrator workstations10. The gra-phical user interface corresponds to a Microsoft Management Console (MMC).



Server components

The server components and the iQ.Suite Windows service are installed on the Exchange server. As central elements of the iQ.Suite, the server compo-nents require permanent access to the iQ.Suite configuration.



Configuration

8. For further information, please refer to “iQ.Suite Server Settings” on page 72.



For special reporting and statistics features, an additional package can be post-installed manually when required. The installation only takes a few minutes and does not require a separate license. Afterwards, the features are available under

IQ.SUITE MONITOR -> SERVERS -> <SERVERNAME> -> IQ.SUITE REPORTS.

9. Start -> Programs -> GROUP Business Software -> iQ.Suite -> iQ.Suite Management Console. 10. Also refer to Installation of the iQ.Suite Administration Console on a Workstation.

(30)



The iQ.Suite configuration is saved as XML file (ConfigData.xml). Created and updated using the iQ.Suite administration console, the configuration file is read by one or several iQ.Suite server components.

Typically, a common configuration is used for a central administration of multiple iQ.Suite servers.

3.3.2.1 Configuration Access

For configurations in multi-server environments it may be useful to setup a share directory accessed by the iQ.Suite servers. This allows to reduce the administra-tion work (e.g. for job synchronizaadministra-tion) as the iQ.Suite servers share the configu-ration settings. To be able to use a common configuconfigu-ration, it has to be stored in a network share that can be freely accessed by all servers11. Please note that each server requires Read access to this network path. In case the network is tempora-rily inaccessible, the iQ.Suite server will use the last available configuration for processing. Any configuration changes performed in the meantime will not take effect until the network share is accessible again12.

3.3.2.2 Administration

iQ.Suite administration can be performed either from any iQ.Suite server with an iQ.Suite administration console installed or from a separate administration work-station. To avoid a loss of configuration data through mutual overwriting, make sure that the configuration is never edited in more than one iQ.Suite administra-tion console at any one time.

3.3.2.3 Running the Multi-Server Installation

Please observe the following when installing the first server:

1. At least install the iQ.Suite server component on the first server. A configura-tion file will be created, unless it already exists.

11. Refer to Running the Multi-Server Installation.

(31)

If the first server is to be used for administration, install the entire iQ.Suite, including a local administration console. If you wish to administrate iQ.Suite for all servers from a workstation, only install the server component locally. 2. During setup, define how to proceed with configuration data:



‘Create local configuration‘: A new configuration will be created. Use this option for the first server. iQ.Suite administration will be performed from this first server.



‘Use existing configuration‘: If a configuration already exists the configu-ration settings will remain. Use this option when updating the iQ.Suite.



‘Specify path to configuration manually‘: The configuration is stored

cen-trally. The path can be configured manually. Use this option for all other servers.

3. Enable sharing of the selected directory (local or manual path) for network access and make sure that the other servers have sufficient rights to access the network path (read/write).

4. Observe the following when installing further servers:



Install the server component locally.

(32)





Under the settings for the configuration file, select ‘Specify path to confi-guration manually‘ and specify the directory previously enabled for sha-ring – not the filename. The network path has to be specified as UNC

path. Mappings to network drives are not permitted.

3.3.3 Installation of the iQ.Suite Administration Console on a

Workstation

The iQ.Suite administration console on the workstation can also be operated under Windows XP, Windows 7 or Windows 8. In the product selection dialog, select iQ.Suite for Exchange.

Install the ‘iQ.Suite Management Console’ (iQ.Suite administration console) only, by deactivating all other features:

Under the settings for the configuration file, select ‘Specify path to configuration manually’ and proceed as described under Step 4.

3.3.4 Installation in Cluster

For a current description of how to install iQ.Suite in a Windows cluster, please refer to the iQ.Suite Installation Manual. Download under www.gbs.com.

(33)

3.4 Update to iQ.Suite 12.1 for Exchange

The update to iQ.Suite 12.1 for Exchange retains your previous configuration set-tings and quarantine data.

The installation sequence is largely the same as for a new installation (refer to

“Setup” on page 11). However, after having selected the setup language with the installation file extracted, the following message appears:

Confirm with YES and follow the setup instructions. iQ.Suite is updated to the new version.

Then confirm the following message to keep the existing configuration settings:



After having update to a major version, you need a new license file.



In a multi-server environment sharing a common configuration file, you need to perform the update on all iQ.Suite servers and on the administrator workstation (if applicable).



For special reporting and statistics features, an additional package can be post-installed manually when required. The installation only takes a few minutes and does not require a separate license. Afterwards, the features are available under

(34)



INSTALLATION - UNINSTALLATIONOFIQ.SUITE 12.1 FOR EXCHANGE

The additional package is located in the same directory as the regular iQ.Suite installation package.

3.5 Uninstallation of iQ.Suite 12.1 for Exchange

Run the uninstall program:

1. Click on SETTINGS -> CONTROL PANEL -> SOFTWARE.

2. Select ‚iQ.Suite 12.1‘ and click on CHANGE. When the ‚Execute as‘ dialog is displayed, make sure that the option ‚Execute program with restricted rights‘ is disabled. Then, the setup routine is called.

3. In the dialog click on WELCOME -> NEXT -> REMOVEPROGRAM. 4. Click on NEXT and confirm with REMOVE. The setup then uninstalls the

iQ.Suite without removing your configuration or the quarantine data. 5. Decide whether to keep or to delete your configuration and the quarantine

data:

a) If you wish to delete all iQ.Suite components, enable the ’Delete all user and Registry data’ option.

b) Conversely, if you wish to keep your configuration and quarantine data, simply click on FINISH. In this case, you can use the existing data for a new iQ.Suite installation (same or higher version).

(35)



4 Getting Started

4.1 Technical Description

1. Local administration

In this mode, the iQ.Suite administration console is run directly on the Exchange server where all iQ.Suite components are installed. This mode is suited for smaller systems and for managing the server locally.

2. Remote administration

In this case, the iQ.Suite administration console is not installed on the Exchange server, but on a client.

As of Microsoft Exchange server 2013, the iQ.Suite is installed on the ‚Mail-box‘ role, usually. However, installation on the ‚Client Access‘ role is not pos-sible.

The iQ.Suite server consists of several elements described in the following sec-tions.

4.1.2.1 iQ.Suite Grabber

‘iQ.Suite Grabber’ is a component that ensures that all emails, schedule queries, etc. sent, received or routed by the Exchange server are intercepted (grabbed) and processed.

Transport Grabber

‘Transport Grabber’ monitors the Windows SMTP transport flow. It grabs emails while they are being transported and provides them to iQ.Suite for processing. The SMTP protocol is used in Microsoft Exchange 2003 for transport purposes. One element of this protocol is the SMTP Advanced Queue, which is used to channel the entire email traffic, regardless of whether emails are internal (bet-ween mailboxes on the same server or mailbox store), incoming or outgoing. In all cases, the emails must go through the Advanced Queue. The Transport Grab-ber is “latched in” to this SMTP Advanced Queue.

(38)



As a registered event sink, the Transport Grabber monitors the email traffic. Rele-vant emails are intercepted and forwarded to the so-called iQ.Suite Service. The email is detained until processing by the iQ.Suite Service and the server has been successfully completed. Once processed, the emails are returned to the transport flow.

Microsoft Exchange Server 2007 is supplied with its own Windows SMTP trans-port protocol, with the role of the Transtrans-port Grabber played by the so-called Transport Agent. This agent provides the same functionality and processing fea-tures as the Transport Grabber.

VSAPI-Grabber/EWS

Up to and including Microsoft Exchange Server 2010 iQ.Suite uses the so-called VSAPI grabber for virus scannings in the Information Store. The VSAPI grabber grabs components such as emails or schedule requests from the public or private Information Stores through the VSAPI interface and provides them to the iQ.Suite for virus scanning. This allows to determine and eliminate virus-infec-ted files, for instance, that have found their way into the Information Store through other channels than email and have therefore been stored unchecked.

Since VSAPI is no longer supported by Microsoft as of Microsoft Exchange

Ser-ver 2013, the iQ.Suite uses the EWS interface to check the public and private Information Stores for viruses. Please note that the scanning method with EWS might differ from the method with VSAPI. Refer to “Virus Scanning in the Informa-tion Store” on page 223.

4.1.2.2 iQ.Suite Services

The ‘iQ.Suite Services’ refer to the combination of the Windows services ,iQ.Suite Information Store Scan Service‘ (for Information Store scanning), ‘iQ.Suite Ser-vice’ (working service) and ‘iQ.Suite Control SerSer-vice’.



Exchange-internal information, for instance replication emails, is recognized as such by the Transport Grabber and left in the Exchange system unchanged.

(39)

iQ.Suite Service

The iQ.Suite Service is a working service started on a permanent basis that takes care of and executes all processing requests of the iQ.Suite grabbers.

The iQ.Suite Service has access to all information required:



the configured iQ.Suite jobs



the installed iQ.Suite license



the Active Directory



iQ.Suite Quarantine

Using this information, the service scans emails for viruses and spam, quaranti-nes them or adds legal disclaimers. When processing is complete, the iQ.Suite Service returns the emails to the transport flow.

iQ.Suite Information Store Scan Service

The iQ.Suite Information Store Scan Service is a Windows service that is used for virus checks in the Information Stores. Before starting this service, please make sure the iQ.Suite Service is already running.

iQ.Suite Control Service

The ‘iQ.Suite Control Service’ is responsible for starting the iQ.Suite Service and the iQ.Suite Information Store Scan Service and then controls and monitors its performance. If the iQ.Suite Service or the iQ.Suite Information Store Scan Ser-vice is temporarily stopped (not disabled), it is automatically restarted by the iQ.Suite Control Service after a few seconds.

Please note that the behavior depends on which service is stopped:



If the iQ.Suite Control Service is manually stopped, the both other services arestopped as well, i.e. iQ.Suite is disabled.



Before stopping and/or disabling the iQ.Suite Service, please stop the iQ.Suite Information Store Scan Service, first.



In a Windows cluster, the iQ.Suite Control Service is not used at all. Instead, monitoring is performed by the cluster service.

(40)



If the iQ.Suite Service is manually stopped and disabled, it is not automati-cally restarted by the iQ.Suite Control Service. The working service needs to be restarted manually. All emails arriving on the mail server during that time are detained (InQ) until the working service has been restarted.



If the iQ.Suite Information Store Scan Service is manually stopped and disab-led, it is not automatically restarted by the iQ.Suite Control Service. The Infor-mation Stores are not checked for viruses until the service is started manually.

4.1.2.3 iQ.Suite Quarantine

The iQ.Suite Quarantine is a separate iQ.Suite area used to store unwanted emails. Virus-infected emails, spam or other unsolicited emails are intercepted on the server and moved to the iQ.Suite Quarantine, in order to prevent them from being delivered to the recipients.

Once installed, each iQ.Suite server provides a number of quarantines. Further quarantines can be created by the administrator.

The iQ.Suite Quarantine consists of the following:



Quarantine directory in the file system:

...\GrpData\Quarantine\Default-Quarantine.



Emails copied to the quarantine



Quarantine database (index database: LocIdxDB.mdb)

Email size

(41)



Exception: In a privacy quarantine you can configure that information like the sub-ject line, the names of the attachments and/or the sender addresses or recipient addresses are not displayed in the quarantine view.

(42)



The computer name can be resolved and accessed through TCP/IP.



The user has the required Windows user rights for the access.acl file.

4.1.2.4 Active Directory / LDIF

The iQ.Suite does not make any changes or additions to the Active Directory (AD). However, iQ.Suite does read various information from the Active Directory.

When started, the iQ.Suite Service determines the available Global Catalog ser-ver, which is used, for instance, for resolving addresses in distribution lists during email processing.

The iQ.Suite administration console uses the Active Directory to select sen-der/recipient conditions.

With iQ.Suite Trailer, sender information can be incorporated in outgoing emails, with iQ.Suite looking for the required details in the Active Directory.

If no Active Directory is available, for instance because the corresponding ports are not open, an LDIF file can be used. Using the LDIF file can be enabled during the installation (‘LDIF Support’ mode). This file can be created, for instance, be created an LDAP export from an Active Directory, a Exchange user directory or a Notes Address Book (NAB).

4.1.2.5 Compressed Files and Archives: iQ.Suite Unpacker

Files are often compressed (zipped) before being sent by email. To allow com-pressed files to be scanned for viruses, iQ.Suite unpacks the files before running the scan. An unpacker is automatically installed with the iQ.Suite.

The unpacker supports the following archive formats:

ACE ACE SFX ARJ BINHEX (Mac)

BZIP2 CAB GZIP Java Archive (.jar) LZH (LH ARC) MacBinary MSCOMPRESS RAR

RPM Self-extracting ARJ Self-extracting CAB Self-extracting LZH/LHA

(43)

4.1.2.6 Network Service

Write

Self-extracting RAR

Self-extracting ZIP TAR TGZ (Tape Archiv)

UUE (Executable compressed ASCII archive)

ZIP ZOO 7-Zip



Archives can themselves contain further archives. By default, such recursively compressed files are extracted to a recursion depth of ‘5’. All archives excee-ding this recursion depth are moved to the Badmail quarantine (refer to “Bad-mails” on page 140). The standard upper limit for an email including unpacked files is 500 MB. Such a limit is particularly important to handle so-called "ZIP of Death" attacks. The recursion depth and the space restriction can be changed under IQ.SUITE SERVERS -> PROPERTIES -> GENERALTAB.

(44)



(45)

1. An incoming or outgoing email follows the transport flow and arrives on the mail server.

2. iQ.Suite monitors the transport flow (SMTP Transport) at position x and tem-porarily removes the email from the delivery process. The designations of SMTP Transport and Transport Grabber depend on the system used:

3. The iQ.Suite Service fetches the email and checks the iQ.Suite configuration to determine whether or not the email needs to be processed by iQ.Suite. 4. The emails to be checked are processed according to their job priority set in

the iQ.Suite configuration. When processing is complete, the iQ.Suite Service releases the email and performs any configured changes to the email, as required.

5. The email is returned to the transport flow.

6. The email transport is resumed and the email is delivered to the recipient.

4.1.3 iQ.Suite Configuration

All information required to run iQ.Suite is saved in the iQ.Suite configuration file, as ConfigData.xml.

The structure of the ConfigData.xml file is similar to that of a database: various entries exist for each configuration area. Since all configuration settings are stored in a single file, the configuration can be easily distributed and backed up. If you have a problem with the configuration, you can simply send the

Config-Data.xml file to the GBS Support Team for assistance.

The configuration settings are needed by both the iQ.Suite server and the iQ.Suite administration console. The iQ.Suite server needs them, for instance, to be informed of the iQ.Suite jobs to be carried out. To make changes to the confi-guration with the iQ.Suite administration console, the console must be able to

Designation MS Exchange 2003 / SMTP Gateway

MS Exchange 2007/2010/2013

SMTP Transport SMTP Advanced Queue MS Exchange Transport Service Transport Grabber Transport Grabber Transport Agent

(46)



access the ConfigData.xml file. The configuration file can be placed either in a local directory or a network share. The iQ.Suite configuration used by the iQ.Suite administration console and the iQ.Suite server is specified through an entry in the Windows Registry. The path to the configuration file can be entered in the format

C:\...\ConfigData.xml or as UNC path (\\Servername\Share\ConfigData.xml). If

the iQ.Suite configuration file specified is not available, iQ.Suite uses the "last known good" configuration, which is logged in the Windows Event Log.

The last known good configuration is saved locally for each server and is updated whenever the iQ.Suite configuration is changed and access from the iQ.Suite configuration file to the last known good configuration is possible.



To open a non-standard configuration with the administration console, you must specify the file with a special parameter. Run the iQ.Suite.msc file with the para-meter config and the desired configuration file, e.g.:

“C:\Program Files\GBS\iQ.Suite\iQ.Suite.msc“ config "C:\OtherDirectory\Sub-directory\ConfigData.xml"

(47)

4.2 User Interface

The iQ.Suite administration console is divided into three areas:

Menu and toolbar

Configuration area for global, cross-module functions such as saving, updating, etc. Navigation area

(48)



GETTING STARTED - USER INTERFACE

The context-sensitive Online Help is available in each dialog/window by clicking the icon or selecting OPERATION -> SHOW HELP FILE from the menu.

4.2.1 Toolbar Icons

4.2.2 Navigation Icons

Display area

Displays the iQ.Suite contents.

Previous Move up one position

Next Move down one position

Up one level Save

Delete object Activate job Properties of the selected item Deactivate job

Update view New item

Export list Enable filter in quarantine/Badmail Help Disable filter in quarantine/Badmail

Logo Folder element for Trailer modules. Parent node. The Basic Configuration

contains the fundamental configuration elements for all iQ.Suite modules.

Folder element for Trailer configuration doc-uments.

Folder element for general iQ.Suite set-tings.

Folder element for Trailer search patterns. Folder element for proxy server settings. Folder element for Trailer search patterns,

that can be extended with regular expressi-ons.

(49)

Individual iQ.Suite address list. This address list is included in the iQ.Suite standard configuration and cannot be changed.

Folder element for image categories.

Folder element for notification templates. The folder contains the individual tem-plates for each job type and recipient.

Image element.

Folder element for Trailer attachment cate-gories.

Element of a Trailer attachment category. Individual notification template. Element of a Trailer file attachment. Individual notification template. a) Parent node Policy Configuration. This

includes all configurations for iQ.Suite jobs. b) Information Store Scan jobs

c) Mail Transport Jobs

Folder element for database connections. Folder element for Information Store jobs. Folder element for die configurations of

individual iQ.Suite servers. Servers can be added, removed and configured. The com-mon properties of all servers are set under BASIC CONFIGURATION -> IQ.SUITE SER

-VERS. This includes default email addresses and the internal domain(s).

Folder element for Mail Transport jobs.

Folder element for folder settings. Includes the configuration documents for quaran-tines and iQ.Suite Bridge.

Folder element for sample jobs of individual job types.

Folder element and configuration docu-ment of the privacy quarantine.

Parent node. iQ.Suite Monitor includes views for all quarantine folders on each available server. The quarantine folders con-tain copies of the original emails, including attachments.

Folder element of the quarantine structure. Includes all quarantine folders.

iQ.Suite job for the iQ.Suite Wall module. Dif-ferent job types are available.

(50)



GETTING STARTED - USER INTERFACE

Folder element for utility elements. Folder element for Crypt engines and config-uration document for PGP and GnuPG engines.

Individual CORE classifier. Configuration document for S/MIME engines.

Folder element for fingerprints. Individual configuration document for a Web-Crypt Pro server connection.

Individual configuration document of a fin-gerprint.

Configuration document of a PDFCrypt engine.

Configuration document of an individual fingerprint.

Folder element and configuration document for a global mapping element.

Folder element for dictionaries. Includes all dictionaries available for content checking.

Folder element and configuration document for a KeyManager connection.

Folder element for virus scanners. Includes all configuration documents needed to enable a virus scanner.

Individual quarantine object.

Folder element of the Bridge quarantine structure. Includes all quarantine folders of iQ.Suite Bridge.

Invalid quarantine object.

Folder element for archive connectors. Object resent from the quarantine. Folder element for anti spam engines. Quarantine object in the Information Store.

(51)

4.3 iQ.Suite Basics

4.3.1 iQ.Suite Jobs (Policy Configuration)

The iQ.Suite jobs are the primary instrument used to configure the iQ.Suite. Each iQ.Suite job performs a module-specific action such as scanning an email for viru-ses (iQ.Suite Watchdog), scanning for spam (iQ.Suite Wall), encrypting (iQ.Suite Crypt), etc.

Typically, companies use corporate policies to set how emails are to be handled. These policies can be implemented through iQ.Suite jobs. All configured iQ.Suite jobs are grouped in the iQ.Suite administration console under Policy

Configura-tion.

Corporate Policy Example

The company-x wants to prevent spam from being delivered to the recipients. In addition, the recipients are to be informed that an email addressed to them has been classified as spam, so that they can decide for themselves whether this email is to be deleted or delivered.

To implement this company policy, use a Wall Spam Filtering job. The job ensu-res that an email classified as spam is moved to the iQ.Suite Quarantine area and not delivered to the recipient. The quarantine settings make sure that the recipi-ent is informed of his/her quarantined email through a summary notification.

4.3.1.1 Mail Transport Jobs and Sample Jobs

Use a separate Mail Transport Job for each application scenario that you wish to implement in the email process, e.g. decryption with PGP, check for viruses, check for spam, sign with S/MIME, etc. To make the configuration of Mail Trans-port Jobs as easy as possible, sample jobs are provided for a wide range of applications. These examples are templates that you can drag and drop to the MAIL TRANSPORT JOBS area and then modify the copies to suit your requirements. If no appropriate sample job is available for a specific scenario, you can also cre-ate Mail Transport Jobs manually: RIGHT-CLICK -> NEW.

(52)



GETTING STARTED - IQ.SUITE BASICS

The iQ.Suite takes into account all active jobs (no X in icon) located under MAIL

TRANSPORT JOBS and processes them in the specified job order. Refer to “Proces-sing Order of iQ.Suite Jobs” on page 41.

Using a number of different conditions (to be defined in the job), you can set which criteria an email has to meet in order to be processed by the job.

4.3.1.2 Information Store Jobs

Information Store Jobs are used for virus scanning (and cleaning) in public or pri-vate folders. Like Mail Transport Jobs, the Information Store Jobs perform diffe-rent actions whenever a virus is detected.

The definition of a new iQ.Suite server (BASIC CONFIGURATION) automatically results in the creation of an Information Store Job14.



Inactive jobs are not taken into account for processing emails. Thus, configured jobs do not have to be removed from the configuration if they are to be tempora-rily disabled.

14. Related topics: “Virus Scanning in the Information Store” on page 223 and “Sample Job: Virus Scan in the Information Store” on page 236.



The Information Store scan is a sever setting. Therefore, you can configure one Information Store Job per server. Manually creating an Information Store Job is not possible. When the server is removed, the associated Information Store Job is deleted as well.



Information Store Jobs can only be used in combination with the iQ.Suite Watch-dog module.

Documentation. Administration Manual. iq.suite For Microsoft Exchange. Document Version 1.0

Administration Manual

iQ.Suite 12.1

For Microsoft Exchange



Editor´s Note



Table of Contents











1

Preface

1.1

Hotline



























1.2

Copyright



1.3

Warranty

1.4

Microsoft Certification

1.5

License Terms

1.6

Third-Party Copyright Notes









1.7

Details on the Manuals









2

Quickstart

2.1

Installation on an Exchange Server





2.2

Installation on Several Exchange Servers





2.3

Starting the iQ.Suite Administration Console

2.4

Configuration in the iQ.Suite Administration Console

2.4.1 Required Basic Configuration Steps



2.4.2 Required Policy Configuration Steps

2.4.3 Recommended Basic Configuration Steps



2.4.4 Virus Scanning in Exchange Databases

2.5

Observing Data in iQ.Suite Monitor



3

Installation

3.1

System Requirements



