Symantec Protection for SharePoint Servers Implementation Guide

(1)

Symantec™ Protection for

SharePoint® Servers

(2)

2

Symantec™ Protection for

SharePoint® Servers

Implementation Guide

The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement.

Documentation version 5.1a

Legal Notice

Symantec, the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S and other countries. Other names may be trademarks of their respective owners.

This Symantec product may contain third party software for which Symantec is required to provide attribution to the third party (“Third Party Programs”). Some of the Third Party Programs are available under open source or free software licenses. The License

Agreement accompanying the Software does not alter any rights or obligations you may have under those open source or free software licenses. Please see the Third Party Legal Notice Appendix to this Documentation or TPIP ReadMe File accompanying this Symantec product for more information on the Third Party Programs.

The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any.

THE DOCUMENTATION IS PROVIDED “AS IS” AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS, AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH

DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.

(3)

3

(4)

4

Technical support

Symantec Technical Support maintains support centers globally. Technical Support’s primary role is to respond to specific queries about product features and functionality. The Technical Support group also creates content for our online Knowledge Base. The Technical Support group works collaboratively with the other functional areas within Symantec to answer your questions in a timely fashion. For example, the Technical Support group works with Product

Engineering and Symantec Secuirty Response to provide alerting services and virus definition updates.

Symantec’s maintenance offerings include the following:

■ A range of support options that give you the flexibility to select the right amount of service for any site organization

■ Telephone and Web-based support that provides rapid response and up-to-the-minute information

■ Upgrade assurance that delivers automatic software upgrade protection

■ Global support that is available 24 hours a day, 7 days a week

■ Advanced features, including Account Management Services

For information about Symantec’s Maintenance Programs, you can visit our Web site at the following URL:

www.symantec.com/techsupp/

Contacting Technical Support

Customers with a current maintenance agreement may access Technical Support information at the following URL:

Before contacting Technical Support, make sure that you have satisfied the system requirements that are listed in your product documentation. Also, you should be at the computer on which the problem occurred, in case it is necessary to replicate the problem.

When you contact Technical Support, please have the following information available:

■ Product release level

■ Hardware information

■ Available memory, disk space, and NIC information

■ Operating system

■ Version and patch level

■ Network topology

■ Router, gateway, and IP address information

(5)

5

■ Error messages and log files

■ Troubleshooting that was performed before contacting Symantec ■ Recent software configuration changes and network changes

Licensing and registration

If your Symantec product requires registration or a license key, access our technical support Web page at the following URL:

Customer Service

Customer service information is available at the following URL: www.symantec.com/techsupp/

Customer Service is available to assist with the following types of issues:

■ Questions regarding product licensing or serialization

■ Product registration updates such as address or name changes

■ General product information (features, language availability, local dealers)

■ Latest information about product updates and upgrades

■ Information about upgrade assurance and maintenance contracts

■ Information about the Symantec Buying Programs

■ Advice about Symantec’s technical support options

■ Nontechnical presales questions

■ Issues that are related to CD-ROMs or manuals

Maintenance agreement resources

If you want to contact Symantec regarding an existing maintenance agreement, please contact the maintenance agreement administration team for your region as follows:

■ Asia-Pacific and Japan: [email protected]

■ Europe, Middle-East, and Africa: [email protected]

■ North America and Latin America: [email protected]

Additional enterprise services

(6)

6

expertise, and global insight, which enable you to manage your business risks proactively.

Enterprise services that are available include the following:

To access more information about Enterprise services, please visit our Web site at the following URL:

www.symantec.com

Select your country or language from the site index.

Symantec Early Warning Solutions

These solutions provide early warning of cyber attacks, comprehensive threat analysis, and countermeasures to prevent attacks before they occur.

Managed Security Services

These services remove the burden of managing and monitoring security devices and events, ensuring rapid response to real threats.

Consulting services Symantec Consulting Services provide on-site technical expertise from Symantec and its trusted partners. Symantec Consulting Services offer a variety of prepackaged and customizable options that include assessment, design, implementation, monitoring and management capabilities. Each is focused on establishing and maintaining the integrity and availability of your IT resources.

(7)

Symantec Corporation Software License Agreement

SYMANTEC CORPORATION AND/OR ITS

SUBSIDIARIES ("SYMANTEC") IS WILLING TO LICENSE THE LICENSED SOFTWARE TO YOU AS THE INDIVIDUAL, THE COMPANY, OR THE LEGAL ENTITY THAT WILL BE UTILIZING THE LICENSED

SOFTWARE (REFERENCED BELOW AS "YOU" OR "YOUR") ONLY ON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS OF THIS LICENSE AGREEMENT. READ THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT CAREFULLY BEFORE USING THE LICENSED SOFTWARE. THIS IS A LEGAL AND ENFORCEABLE CONTRACT BETWEEN YOU AND SYMANTEC. BY OPENING THE LICENSED SOFTWARE PACKAGE, BREAKING THE LICENSED SOFTWARE SEAL, CLICKING THE "I AGREE" OR "YES" BUTTON OR OTHERWISE INDICATING ASSENT

ELECTRONICALLY, OR LOADING THE LICENSED SOFTWARE OR OTHERWISE USING THE LICENSED SOFTWARE, YOU AGREE TO THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT. IF YOU DO NOT AGREE TO THESE TERMS AND CONDITIONS, CLICK THE "I DO NOT AGREE" OR "NO" BUTTON OR OTHERWISE INDICATE REFUSAL AND MAKE NO FURTHER USE OF THE LICENSED SOFTWARE. UNLESS OTHERWISE DEFINED HEREIN,

CAPITALIZED TERMS WILL HAVE THE MEANING GIVEN IN THE “DEFINITIONS” SECTION OF THIS LICENSE AGREEMENT AND SUCH CAPITALIZED TERMS MAY BE USED IN THE SINGULAR OR IN THE PLURAL, AS THE CONTEXT REQUIRES.

1. Definitions:

“Content Updates” means content used by eertain Symantec products which is updated from time to time, including but not limited to: updated anti-spyware products; updated antispam rules for antispam products; updated virus definitions for antivirus and crimeware products; updated URL lists for content filtering and antiphishing products; updated firewall rules for firewall products; updated intrusion detection data for intrusion detection products; updated lists of authenticated web pages for website authentication products; updated policy compliance rules for policy compliance products; and updated vulnerability signatures for vulnerability assessment products.

“Documentation” means the user documentation Symantec provides with the Licensed Software. “License Instrument” means one or more of the following applicable documents which further defines Your license rights to the Licensed Software: a Symantec license certificate or a similar license

document issued by Symantec, or a written agreement between You and Symantec, that accompanies, precedes or follows this License Agreement. “Licensed Software” means the Symantec software product, in object code form, accompanying this License Agreement, including any Documentation included in, or provided for use with, such software or that accompanies this License Agreement.

“Support Certificate” means the certificate sent by Symantec confirming Your purchase of the applicable Symantec maintenance/support for the Licensed Software.

“Upgrade” means any version of the Licensed Software that has been released to the public and which replaces the prior version of the Licensed Software on

Symantec’s price list pursuant to Symantec’s then-current upgrade policies.

“Use Level” means the license use meter or model (which may include operating system, hardware system, application or machine tier limitations, if applicable) by which Symantec measures, prices and licenses the right to use the Licensed Software, in effect at the time an order is placed for such Licensed Software, as indicated in this License Agreement and the applicable License Instrument.

2. License Grant

Subject to Your compliance with the terms and conditions of this License Agreement, Symantec grants to You the following rights:

(i) a non-exclusive, non-transferable (except as stated otherwise in Section 16.1) license to use the Licensed Software solely in support of Your internal business operations in the quantities and at the Use Levels described in this License Agreement and the applicable License Instrument; and

(ii) the right to make a single uninstalled copy of the Licensed Software for archival purposes which You may use and install for disaster-recovery purposes (i.e. where the primary installation of the Licensed Software becomes unavailable for use).

2.1 Term

(8)

Software on a non-perpetual basis, such as, under a subscription or term-based license for the period of time indicated on the applicable License Instrument. If You have obtained the Licensed Software on a non-perpetual basis, Your rights to use such Licensed Software shall end on the applicable end date as indicated on the applicable License Instrument and You shall cease use of the Licensed Software as of such applicable end date.

3.License Restrictions

You may not, without Symantec’s prior written consent, conduct, cause or permit the:

(i) use, copying, modification, rental, lease, sublease, sublicense, or transfer of the Licensed Software except as expressly provided in this License Agreement; (ii) creation of any derivative works based on the Licensed Software;

(iii) reverse engineering, disassembly, or decompiling of the Licensed Software (except that You may decompile the Licensed Software for the purposes of interoperability only to the extent permitted by and subject to strict compliance under applicable law); (iv) use of the Licensed Software in connection with service bureau, facility management, timeshare, service provider or like activity whereby You operate or use the Licensed Software for the benefit of a third party;

(v) use of the Licensed Software by any party other than You;

(vi) use of a later version of the Licensed Software other than the version that accompanies this License Agreement unless You have separately acquired the right to use such later version through a License Instrument or Support Certificate; nor

(vii) use of the Licensed Software above the quantity and Use Level that have been licensed to You under this License Agreement or the applicable License Instrument.

4.Ownership/Title

The Licensed Software is the proprietary property of Symantec or its licensors and is protected by copyright law. Symantec and its licensors retain any and all rights, title and interest in and to the Licensed Software, including in all copies, improvements, enhancements, modifications and derivative works of the Licensed Software. Your rights to use the Licensed Software shall be limited to those expressly granted in this License Agreement. All rights not expressly granted to You are retained by Symantec and/or its licensors.

5.Content Updates

If You purchase a Symantec maintenance/support offering consisting of or including Content Updates, as

indicated on Your Support Certificate, You are granted the right to use, as part of the Licensed Software, such Content Updates as and when they are made generally available to Symantec’s end user customers who have purchased such maintenance/support offering and for such period of time as indicated on the face of the applicable Support Certificate. This License Agreement does not otherwise permit You to obtain and use Content Updates.

6.Upgrades/Cross-grades

Symantec reserves the right to require that any upgrades (if any) of the Licensed Software may only be obtained in a quantity equal to the number indicated on the applicable License Instrument. An upgrade to an existing license shall not be deemed to increase the number of licenses which You are authorized to use. Additionally, if You upgrade a Licensed Software license, or purchase a Licensed Software license listed on the applicable License Instrument to cross-grade an existing license (i.e. to increase its functionality, and/ or transfer it to a new operating system, hardware tier or licensing meter), then Symantec issues the applicable Licensed Instrument based on the understanding that You agree to cease using the original license. Any such license upgrade or cross-grade is provided under Symantec's policies in effect at the time of order. This License Agreement does not separately license You for additional licenses beyond those which You have purchased, and which have been authorized by Symantec as indicated on the applicable License Instrument.

7.Limited Warranty

7.1. Media Warranty

If Symantec provides the Licensed Software to You on tangible media, Symantec warrants that the magnetic media upon which the Licensed Software is recorded will not be defective under normal use, for a period of ninety (90) days from delivery. Symantec will replace any defective media returned to Symantec within the warranty period at no charge to You. The above warranty is inapplicable in the event the Licensed Software media becomes defective due to unauthorized use of the Licensed Software. THE FOREGOING IS YOUR SOLE AND EXCLUSIVE REMEDY FOR SYMANTEC’S BREACH OF THIS WARRANTY. 7.2. Performance Warranty

(9)

following, selected at Symantec’s reasonable discretion: either

(i) repair the Licensed Software,

(ii) replace the Licensed Software with software of substantially the same functionality, or

(iii) terminate this License Agreement and refund the relevant license fees paid for such non-compliant Licensed Software. The above warranty specifically excludes defects resulting from accident, abuse, unauthorized repair, modifications or enhancements, or misapplication. THE FOREGOING IS YOUR SOLE AND EXCLUSIVE REMEDY FOR SYMANTEC’S BREACH OF THIS WARRANTY.

8.Warranty Disclaimers

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE WARRANTIES SET FORTH IN SECTIONS 7.1 AND 7.2 ARE YOUR EXCLUSIVE WARRANTIES AND ARE IN LIEU OF ALL OTHER WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY,

SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS. SYMANTEC MAKES NO WARRANTIES OR REPRESENTATIONS THAT THE LICENSED SOFTWARE, CONTENT UPDATES OR UPGRADES WILL MEET YOUR REQUIREMENTS OR THAT OPERATION OR USE OF THE LICENSED SOFTWARE, CONTENT UPDATES, AND UPGRADES WILL BE UNINTERRUPTED OR ERROR-FREE. YOU MAY HAVE OTHER WARRANTY RIGHTS, WHICH MAY VARY FROM STATE TO STATE AND COUNTRY TO COUNTRY.

9.Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW AND REGARDLESS OF WHETHER ANY REMEDY SET FORTH HEREIN FAILS OF ITS ESSENTIAL PURPOSE, IN NO EVENT WILL SYMANTEC OR ITS LICENSORS, RESELLERS, SUPPLIERS OR AGENTS BE LIABLE TO YOU FOR (i) ANY COSTS OF PROCUREMENT OF SUBSTITUTE OR REPLACEMENT GOODS AND SERVICES, LOSS OF PROFITS, LOSS OF USE, LOSS OF OR CORRUPTION TO DATA, BUSINESS INTERRUPTION, LOSS OF PRODUCTION, LOSS OF REVENUES, LOSS OF CONTRACTS, LOSS OF GOODWILL, OR ANTICIPATED SAVINGS OR WASTED MANAGEMENT AND STAFF TIME; OR (ii) ANY SPECIAL, CONSEQUENTIAL, INCIDENTAL OR INDIRECT DAMAGES WHETHER ARISING DIRECTLY OR INDIRECTLY OUT OF THIS LICENSE AGREEMENT, EVEN IF SYMANTEC OR ITS LICENSORS, RESELLERS, SUPPLIERS OR AGENTS HAS BEEN ADVISED SUCH DAMAGES MIGHT OCCUR. IN NO CASE SHALL SYMANTEC’S LIABILITY EXCEED THE FEES YOU PAID FOR THE LICENSED SOFTWARE

GIVING RISE TO THE CLAIM. NOTHING IN THIS AGREEMENT SHALL OPERATE SO AS TO EXCLUDE OR LIMIT SYMANTEC’S LIABILITY TO YOU FOR DEATH OR PERSONAL INJURY ARISING OUT OF NEGLIGENCE OR FOR ANY OTHER LIABILITY WHICH CANNOT BE EXCLUDED OR LIMITED BY LAW. THE DISCLAIMERS AND LIMITATIONS SET FORTH ABOVE WILL APPLY REGARDLESS OF WHETHER OR NOT YOU ACCEPT THE LICENSED SOFTWARE, CONTENT UPDATES OR UPGRADES.

10.Maintenance/Support

Symantec has no obligation under this License Agreement to provide maintenance/support for the Licensed Software. Any maintenance/support purchased for the Licensed Software is subject to Symantec’s then-current maintenance/support policies.

11.Software Evaluation

If the Licensed Software is provided to You for evaluation purposes and You have an evaluation agreement with Symantec for the Licensed Software, Your rights to evaluate the Licensed Software will be pursuant to the terms of such evaluation agreement. If You do not have an evaluation agreement with Symantec for the Licensed Software and if You are provided the Licensed Software for evaluation purposes, the following terms and conditions shall apply. Symantec grants to You a nonexclusive, temporary, royalty-free, non-assignable license to use the Licensed Software solely for internal non-production evaluation. Such evaluation license shall terminate (i) on the end date of the pre-determined evaluation period, if an evaluation period is pre-determined in the Licensed Software or (ii) sixty (60) days from the date of Your initial installation of the Licensed Software, if no such evaluation period is pre-determined in the Licensed Software (“Evaluation Period”). The Licensed Software may not be

(10)

12.U.S. Government Restricted Rights

The Licensed Software is deemed to be commercial computer software as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19 "Commercial Computer Licensed Software - Restricted Rights" and DFARS 227.7202, “Rights in Commercial Computer Licensed Software or Commercial Computer Licensed Software Documentation”, as applicable, and any successor regulations. Any use, modification, reproduction release, performance, display or disclosure of the Licensed Software by the U.S. Government shall be solely in accordance with the terms of this License Agreement.

13.Export Regulation

You acknowledge that the Licensed Software and related technical data and services (collectively "Controlled Technology") are subject to the import and export laws of the United States, specifically the U.S. Export Administration Regulations (EAR), and the laws of any country where Controlled Technology is imported or re-exported. You agree to comply with all relevant laws and will not to export any Controlled Technology in contravention to U.S. law nor to any prohibited country, entity, or person for which an export license or other governmental approval is required. All Symantec products, including the Controlled Technology are prohibited for export or re-export to Cuba, North Korea, Iran, Syria and Sudan and to any country subject to relevant trade sanctions. You hereby agree that You will not export or sell any Controlled Technology for use in connection with chemical, biological, or nuclear weapons, or missiles, drones or space launch vehicles capable of delivering such weapons.

14.Termination

This License Agreement shall terminate upon Your breach of any term contained herein. Upon termination, You shall immediately stop using and destroy all copies of the Licensed Software.

15.Survival

The following provisions of this License Agreement survive termination of this License Agreement: Definitions, License Restrictions and any other restrictions on use of intellectual property,

Ownership/Title, Warranty Disclaimers, Limitation of Liability, U.S. Government Restricted Rights, Export Regulation, Survival, and General.

16. General

16.1. Assignment

You may not assign the rights granted hereunder or this License Agreement, in whole or in part and whether by operation of contract, law or otherwise, without Symantec’s prior express written consent. 16.2. Compliance with Applicable Law

You are solely responsible for Your compliance with, and You agree to comply with, all applicable laws, rules, and regulations in connection with Your use of the Licensed Software.

16.3. Audit

An auditor, selected by Symantec and reasonably acceptable to You, may, upon reasonable notice and during normal business hours, but not more often than once each year, inspect Your records and deployment in order to confirm that Your use of the Licensed Software complies with this License Agreement and the applicable License Instrument. Symantec shall bear the costs of any such audit, except where the audit demonstrates that the Manufacturer’s Suggested Reseller Price (MSRP) value of Your non-compliant usage exceeds five percent (5%) of the MSRP value of Your compliant deployments. In such case, in addition to purchasing appropriate licenses for any over-deployed Licensed Software, You shall reimburse Symantec for the auditor’s reasonable actual fees for such audit.

16.4. Governing Law; Severability; Waiver

If You are located in North America or Latin America, this License Agreement will be governed by the laws of the State of California, United States of America. If you are located in China, this License Agreement will be governed by the laws of the Peoples Republic of China. Otherwise, this License Agreement will be governed by the laws of England. Such governing laws are exclusive of any provisions of the United Nations Convention on Contracts for Sale of Goods, including any

amendments thereto, and without regard to principles of conflicts of law. If any provision of this License Agreement is found partly or wholly illegal or unenforceable, such provision shall be enforced to the maximum extent permissible, and remaining provisions of this License Agreement shall remain in full force and effect. A waiver of any breach or default under this License Agreement shall not constitute a waiver of any other subsequent breach or default. 16.5. Third Party Programs

(11)

in this License Agreement shall apply to such Third Party Programs.

16.6. Customer Service

Should You have any questions concerning this License Agreement, or if You desire to contact Symantec for any reason, please write to: (i) Symantec Enterprise Customer Care, 555 International Way, Springfield, Oregon 97477, U.S.A., (ii) Symantec Enterprise Customer Care Center, PO BOX 5689, Dublin 15, Ireland, or (iii) Symantec Enterprise Customer Care, 1 Julius Ave, North Ryde, NSW 2113, Australia. 16.7. Entire Agreement

This License Agreement and any related License Instrument are the complete and exclusive agreement between You and Symantec relating to the Licensed Software and supersede any previous or

contemporaneous oral or written communications, proposals, and representations with respect to its subject matter. This License Agreement prevails over any conflicting or additional terms of any purchase order, ordering document, acknowledgement or confirmation or other document issued by You, even if signed and returned. This License Agreement may only be modified by a License Instrument that accompanies or follows this License Agreement.

17. Additional Terms and Conditions

Your use of the Licensed Software is subject to the terms and conditions below in addition to those stated above.

17.1 Per-User License

You may use the Licensed Software for the number of licensed User(s) and at the Use Levels as have been licensed to You by Symantec herein and as indicated in the applicable License Instrument (“Per-User License”). Your License Instrument shall constitute proof of Your right to make and use such copies. For purposes of this License Agreement, “User(s)” means an individual person and/or device authorized by You to use and/or benefit from the use of the Licensed Software, or is the person and/or device that actually uses any portion of the Licensed Software.

17.2 Per-Server License

You may use the Licensed Software for the number of licensed Server(s) and at the Use Levels as have been licensed to You by Symantec herein and as indicated in the applicable License Instrument (“Per-Server License”). Your License Instrument shall constitute proof of Your right to make and use such copies. For purposes of this License Agreement, “Server(s)” means a standalone system or an individual computer acting as a service or resource provider to client computers by sharing the resources within the network

infrastructure. A Server(s) can run server software for other computers or devices.

17.3 If You use the Licensed Software exclusively for Your internal business operations, a Per-User License is required for each User that has access to a Microsoft SharePoint computing environment protected by the Licensed Software. If You permit external access to a Server on which a Microsoft SharePoint computing environment protected by the Licensed Software resides, a Per-Server License is required for each such Server. If You require use of the Licensed Software both on a Per-User basis and on an a Per-Server basis, You must purchase both types of licenses described above in Sections 17.1 and 17.2.

17.4 If the Licensed Software you have licensed is on a per-Server basis as described in Section 17.2, the following additional use(s) and restriction(s) apply: i) You may use the Licensed Software only with files that are received from third parties through a Microsoft SharePoint front-end server;

ii) You may use the Licensed Software only with files received from less than 10,000 unique third parties per month; and

(12)

(13)

Technical support

Chapter 1 Introducing Symantec™ Protection for SharePoint® Servers

About Symantec Protection for SharePoint Servers ... 18

What’s new ... 18

Components of Symantec Protection for SharePoint Servers ... 20

How Symantec Protection for SharePoint Servers works ... 20

About real-time scanning ... 21

About scheduled scanning and manual scanning ... 23

What happens when a file is scanned ... 25

About scanning policies in the Symantec Scan Engine ... 26

About logging and email notifications ... 27

About on-demand reports and scheduled reports ... 28

About deployment options ... 29

About handling large scanning volumes ... 31

How Symantec Scan Engine protects against viruses ... 32

Where to get more information ... 32

Chapter 2 Installing Symantec Protection for SharePoint Servers

Before you install ... 35

About protecting the servers that are running the Symantec Protection for SharePoint Servers components ... 36

About preventing conflicts with other products ... 36

About stopping IIS during installation ... 37

System requirements ... 37

System requirements for Symantec Protection for SharePoint Servers integrated installation ... 38

System requirements for Symantec Protection for SharePoint console only ... 39

(14)

14 Contents

About installing Symantec Protection for SharePoint Servers ... 43

About the installation options ... 45

About installing Symantec Protection for SharePoint Servers (integrated installation) ... 46

Installing only Symantec Scan Engine using the installation wizard ... 50

Installing Symantec Scan Engine on a 64-bit computer ... 52

About installing only the Symantec Protection for SharePoint console ... 53

About repairing or modifying Symantec Protection for SharePoint Servers or its components ... 56

Post-installation tasks ... 58

Uninstalling Symantec Protection for SharePoint Servers ... 59

Uninstalling the Symantec Protection for SharePoint console ... 59

Uninstalling Symantec Scan Engine ... 61

Chapter 3 Using the Symantec Protection for SharePoint console

About the Symantec Protection for SharePoint console ... 63

Accessing the console ... 64

Changing the service logon account information ... 67

About the console home page ... 68

Navigation links ... 68

Feature links ... 69

Status pane ... 70

Chapter 4 Configuring Symantec Protection for SharePoint Servers

About configuring Symantec Protection for SharePoint Servers ... 71

Configuring a password for the console ... 72

Configuring real-time scanning ... 73

About manual scans and scheduled scans ... 75

About configuring global manual and scheduled scanning options ... 76

Scheduling scans ... 83

Performing manual scans ... 85

Registering Symantec Scan Engine with Symantec Protection for SharePoint Servers ... 85

Specifying the scanning mode for load balancing ... 89

(15)

15 Contents

Chapter 5 Configuring Symantec Scan Engine

Accessing the Symantec Scan Engine console ... 95

About communication protocol settings ... 96

Configuring ICAP-specific settings ... 96

Ways to control which file types are scanned ... 98

About licensing Symantec Scan Engine ... 99

About license activation ... 99

If you do not have a serial number ...100

Obtaining a license file ...100

Installing the license file ...101

About keeping your product and protection up-to-date ...102

About product updates ...102

About definition updates ...103

About LiveUpdate ...103

Configuring LiveUpdate to occur automatically ...103

Performing LiveUpdate on demand ...104

About enabling security risk detection ...104

Chapter 6 Monitoring Symantec Protection for SharePoint

Servers activity

Ways to monitor Symantec Protection for SharePoint Servers activity ...108

About the status pane ...109

About SMTP logging ...110

Configuring SMTP logging ...114

Customizing SMTP messages ...117

About monitoring scanning activity ...126

Configuring the log file folder location ...127

Setting the logging level for each event source ...127

Setting the maximum storage time for log files ...128

Generating an on-demand report ...129

(16)

16 Contents

Chapter 7 Troubleshooting Symantec Protection for

SharePoint Servers

About troubleshooting common issues ... 135

Symantec Protection for SharePoint Servers link is missing from the SharePoint Central Administration site ... 136

Unable to access the Symantec Scan Engine console ... 137

Symantec Scan Engine registration fails ... 138

Slow server response or high server load ... 138

No reports are generated ... 139

Failure sending mail error message ... 139

The connection to the Symantec SharePoint Security Service cannot be established. Code 8000 ... 140

Virus Found: There is no Symantec Scan Engine available. The file was not saved. Code: 8002 ... 141

Unable to remember the console password ... 143

Error 1722 when installing Symantec Scan Engine ... 143

Appendix A

Error codes

About error codes and messages ... 145

(17)

Chapter

1

Introducing Symantec™

Protection for SharePoint®

Servers

■ About Symantec Protection for SharePoint Servers

■ What’s new

■ Components of Symantec Protection for SharePoint Servers

■ How Symantec Protection for SharePoint Servers works

■ How Symantec Scan Engine protects against viruses

(18)

18 Introducing Symantec™ Protection for SharePoint® Servers About Symantec Protection for SharePoint Servers

About Symantec Protection for SharePoint Servers

Symantec™ Protection for SharePoint® Servers, replaces the former version Symantec AntiVirus™ 4.3 for Microsoft® SharePoint®, and provides virus scanning and repair services for the following SharePoint products:

■ Windows® SharePoint® Services 2.0 (WSS 2.0)

■ Windows SharePoint Services 3.0 (WSS 3.0)

■ SharePoint Portal Server 2003 (SPS 2003)

■ Microsoft Office SharePoint® Server 2007 (MOSS 2007) (32-bit and 64-bit) In addition to virus scanning and repair services, Symantec Protection for SharePoint Servers provides logging, monitoring, and reporting of infected documents on the SharePoint server.

What’s new

Table 1-1 describes the new features in Symantec Protection for SharePoint Servers.

Table 1-1 New features

Feature Description

Support for all SharePoint server versions

Symantec Protection for SharePoint Servers currently supports the following SharePoint server versions:

■ Windows SharePoint Services 2.0

■ Windows SharePoint Services 3.0

■ SharePoint Portal Server 2003

■ Microsoft Office SharePoint Server 2007 Support for 64-bit operating

systems

You can install Symantec Protection for SharePoint Servers, or any of its components on both 32-bit and 64-bit operating systems.

See“System requirements” on page 37. Support for Windows Server®

2008

Of the two components of Symantec Protection for SharePoint Servers, you can install the Symantec Protection for SharePoint console on a Windows Server 2008 platform (32-bit) also.

See“System requirements for Symantec Protection for SharePoint console only” on page 39.

(19)

19 Introducing Symantec™ Protection for SharePoint® Servers

What’s new

Support for Microsoft® Search Server 2008 Express (32-bit)

Symantec Protection for SharePoint Servers provides antivirus protection for Microsoft Search Server 2008 Express (32-bit) as well.

Remote installation You can remotely install the Symantec Protection for SharePoint console and Symantec Scan Engine, together or separately using either Microsoft Systems Management Server 2003 or Systems Center Configuration Manager 2007.

See“About installing Symantec Protection for SharePoint Servers using remote installation” on page 49.

Integration with the SharePoint Central Administration page

The Symantec Protection for SharePoint console is integrated into the SharePoint Central Administration page so that regular SharePoint users find it easier to use.

Enhanced security with password protection

The Symantec Protection for SharePoint console has password protection to prevent unauthenticated users from accessing the console.

See“Configuring a password for the console” on page 72.

Multi-threaded scanning Multi-threaded scanning enables Symantec Protection for SharePoint Servers to scan several documents simultaneously. This process improves performance. Byte-by-byte scanning When you upload a file, Symantec Protection for

SharePoint Servers sends a file byte-by-byte to Symantec Scan Engine for scanning. This feature ensures real-time protection.

Table 1-1 New features

(20)

20 Introducing Symantec™ Protection for SharePoint® Servers Components of Symantec Protection for SharePoint Servers

Components of Symantec Protection for SharePoint

Servers

Symantec Protection for SharePoint Servers includes the following components, which you can install and configure separately:

How Symantec Protection for SharePoint Servers

works

Symantec Protection for SharePoint Servers provides the following types of scanning:

■ Real-time scanning of files as they are uploaded and downloaded from the SharePoint server

See“About real-time scanning” on page 21.

Symantec™ Scan Engine Provides virus scanning and repair services You can install Symantec Scan Engine on the SharePoint server. You can also install Symantec Scan Engine on a separate server that is not running SharePoint. This lets you move antivirus processing off-box, thereby reducing the CPU load on the SharePoint server. The latest version of Symantec Scan Engine 5.1 is included on the distribution CD.

Symantec Protection for SharePoint console

Provides a means for users to configure how Symantec Scan Engine and the SharePoint server should communicate with each other, handle infected files, and monitor scanning activity.

The Symantec Protection for SharePoint console refers to the administrative console of Symantec Protection for SharePoint Servers. You can configure how Symantec Protection for SharePoint Servers handles the communication between the Symantec Scan Engine and the SharePoint server through this console. Symantec Protection for SharePoint Servers also interprets the results that are returned from the scan engine after scanning.

See“About deploying Symantec Protection for SharePoint Servers in a stand-alone SharePoint environment” on page 29.

(21)

How Symantec Protection for SharePoint Servers works

■ Scheduled scans and manual scans of files that are stored on the SharePoint server

See“About scheduled scanning and manual scanning” on page 23. In addition to scanning, Symantec Protection for SharePoint Servers does the following:

■ Monitors scanning activity by its logging and email notification feature See“About logging and email notifications” on page 27.

■ Generates on-demand reports and schedules distribution of reports by mail See“About on-demand reports and scheduled reports” on page 28.

About real-time scanning

Files are scanned in real time as they are uploaded and downloaded from the SharePoint server. You can configure whether files are scanned on upload, download, or both. All files that are uploaded or downloaded are submitted for scanning, regardless of file type.

Note: If scanning fails for any reason during a real-time scan (for example, if the Symantec Scan Engine goes offline or reaches its scanning threshold), the scan is terminated. The scan request is not re-submitted until a user tries to upload or download the file.

You can configure the following options for real-time scanning:

■ Scan documents on upload.

■ Scan documents on download.

■ Allow users to download infected documents.

■ Attempt to clean infected documents.

(22)

22 Introducing Symantec™ Protection for SharePoint® Servers How Symantec Protection for SharePoint Servers works

If you enable the option “Allow users to download infected documents”, only administrators can download infected files. Users only get a virus found message.

Warning: Enabling the option “Allow users to download infected documents” can put your organization at risk. Unrepairable files might contain viruses that can infect your computer. SharePoint security ensures that only administrators can download the unrepairable files if you enable this option. However, use this option only when you want to resolve a virus issue.

See“Configuring real-time scanning” on page 73.

How caching works on the SharePoint server

The SharePoint server caches the scanning results for each stored file. The cached information includes the date and revision number of the virus definitions that were used to perform the scan. The cached information also includes the status of the file (whether the file is clean or infected).

In real-time scanning, all files that are uploaded or downloaded are submitted for scanning. On download, the SharePoint server evaluates the status of the file and the virus definition that were used to determine whether the file must be scanned. If another user requests access to that same file and the virus definitions have not changed, a redundant scan is avoided. Individual cache entries are updated whenever a stored file is changed.

What happens when a file is uploaded

When a user tries to upload a file to the SharePoint server, the file is submitted first to Symantec Scan Engine for scanning. If the file contains a virus that cannot be repaired, the file is not stored on the SharePoint server. The user receives a notification that the file is infected and cannot be uploaded. If you configure the SharePoint server to repair infected files and the infected file can be repaired, the repaired file is uploaded to the SharePoint server.

What happens when a file is downloaded

When a user tries to download a stored file, Microsoft SharePoint verifies the following information about the file:

■ If the file was scanned on upload

■ The status of the file (for example, if the file is clean)

(23)

If the file is infected, or if the virus definitions are not the most current, the file is submitted to Symantec Scan Engine for scanning. Based on the scan results, the file is handled according to the settings that you specify.

See“Configuring real-time scanning” on page 73.

If the file is clean and was scanned with the latest definitions, the file is not rescanned. It is automatically downloaded to the user.

The SharePoint server passes clean files to the user. If you configure the SharePoint server to attempt to clean infected files and the infected file can be repaired, the repaired file is passed to the user. The infected file that is stored on the SharePoint server is replaced with the clean file.

If the file contains a virus that cannot be repaired, the file is not downloaded to the user. The user receives a notification that the file is infected and cannot be downloaded. (You can configure Symantec Protection for SharePoint Servers to permit users to download infected files. However, the most secure configuration is to disable this option. Files that contain viruses pose a risk to your

organization. Users are denied access to infected files by default.)

Note: Infected files that cannot be repaired are not automatically deleted from the SharePoint server. To remove infected files from the SharePoint server, activate a scheduled scan or perform a manual scan and select the option to delete unrepairable infected files from the SharePoint server.

About scheduled scanning and manual scanning

You can schedule periodic scans of the documents that are stored on the SharePoint server. Schedule periodic scans of the document library to ensure that all files have been scanned for viruses. These scans ensure that files that have not been previously scanned are scanned in a timely manner. Regular scans also ensure that scanning is kept up to date as virus definitions change. Scheduled scans occur at the time and frequency that you specify. Scheduled scanning occurs in the background and does not affect real-time scanning of uploaded and downloaded files.

You can force an immediate (manual) scan of the documents that are stored on the server. The options that you configure for scheduled scans also apply to manual scans.

See“About manual scans and scheduled scans” on page 75.

(24)

scanning. If a scan request fails because the scan engine is unavailable, the scan request is sent to the next available registered scan engine.

You can configure the following options for manual scans and scheduled scans:

■ Excluding files with specific extensions from being scanned

See“Excluding files with specific extensions from being scanned” on page 76.

■ Excluding folders from being scanned

See“Excluding folders from being scanned” on page 77.

■ Specifying the number of threads for scanning

See“Specifying the number of threads for scanning” on page 77.

■ Scanning all file versions in the document library

See“Scanning all file versions in the document library” on page 78.

■ Scanning only those files that were added or modified from the last scan See“Scanning those files that have been added or modified since the last completed scan” on page 78.

■ Specifying the location for quarantined documents

See“Specifying the location for quarantined documents” on page 79.

■ Specifying file handling rules

See“Specifying file handling rules” on page 80.

■ Reviewing scan statistics

See“Reviewing scan statistics” on page 82.

Preserving bandwidth and time during manual and scheduled

scans

You can designate which directories on the SharePoint server are scanned during scheduled scans and manual scans. You can scan all directories on the SharePoint server, or you can exclude certain directories from scanning. You can also control which file types are scanned during manual scans and scheduled scans by specifying which file types are passed to Symantec Scan Engine. Viruses are found only in file types that contain executable code. You can save bandwidth and time by excluding those files types that are not likely to contain viruses and can be excluded from scanning. Symantec Protection for SharePoint Servers makes an initial determination, based on file extension, about whether to pass a file to Symantec Scan Engine for scanning.

(25)

last scan. This feature lets you conserve scanning resources by omitting files from scanning that have not been modified or added since the last scan. When this feature is disabled, all files are scanned during manual scans and scheduled scans.

Quarantining infected files

Symantec Protection for SharePoint Servers can quarantine infected files that are found during a scheduled scan or manual scan. A copy of each infected item is forwarded to a quarantine directory. This feature lets you preserve a copy of all files, even infected ones, in the event that a file must be retrieved. The infected items can be accessed or deleted from the quarantine by the administrator. The default quarantine location is C:\Program Files\Symantec\SharePoint\Quarantine.

What happens when a file is scanned

After the Symantec Protection for SharePoint console and Symantec Scan Engine are installed and properly configured, files are passed to Symantec Scan Engine for analysis.

If Symantec Scan Engine does not find a virus in a file, Symantec Scan Engine indicates that the file is clean.

If a virus is detected, Symantec Scan Engine does one of the following actions:

Records a log entry that an infection was found

Separate logging and alerting features are available through the Symantec Protection for SharePoint console and Symantec Scan Engine. You can activate logging and alerting options in Symantec Scan Engine to supplement those logging and alerting options that are available through the Symantec Protection for SharePoint console. The Symantec Protection for SharePoint console sends an email notification and records a log entry when an infection is found.

Attempts to repair the infected file

If the file can be repaired, Symantec Scan Engine repairs it and passes a clean file back to Symantec Protection for SharePoint Servers. Configure the SharePoint antivirus settings to accept these repaired files so that infected files are replaced with repaired files on the SharePoint server.

(26)

About scanning policies in the Symantec Scan Engine

When Symantec Scan Engine scans a file for viruses, it applies the scanning policies that you configure in the Symantec Scan Engine console. For example, you can limit the resources that Symantec Scan Engine uses by only scanning certain types of files.

When an established threshold is met or exceeded during a scan, or a policy is violated, Symantec Scan Engine communicates this information to Symantec Protection for SharePoint Servers. Symantec Protection for SharePoint Servers treats the file as though an unrepairable infection was found. The policies that you configure for handling infected files (that is, blocking or deleting files) are applied.

Deletes unrepairable infected files from container files

When a container file or archive file is submitted for scanning, Symantec Scan Engine decomposes the container file and scans each embedded file individually. If the container file contains unrepairable files, Symantec Scan Engine deletes the unrepairable files from the container or archive file. The remaining clean contents are forwarded to the SharePoint server. This container file is handled by Symantec Protection for SharePoint Servers as a repaired file. (Configure the SharePoint antivirus settings to accept repaired files so that infected files can be replaced with repaired files.)

Note: When a top-level file (a file that is not embedded in a container file) is infected and cannot be repaired, Symantec Scan Engine indicates this to Symantec Protection for SharePoint Servers and the SharePoint server. The SharePoint server denies access to the infected file by default. The file is deleted from the SharePoint server if you have configured it to do so.

(27)

The following scanning policies are available through the Symantec Scan Engine console:

For more information, see the Symantec Scan Engine Implementation Guide.

About logging and email notifications

Symantec Protection for SharePoint Servers logs events for the Scan Process, Symantec Scan Engine and System report sources by default. You can specify the logging level for each of these report sources in Log File settings.

See“About monitoring scanning activity” on page 126. The default location of the log files is <installdir>:\Program Files\Symantec\SharePoint\Logfiles.

Symantec Protection for SharePoint Servers provides Simple Mail Transfer Protocol (SMTP) logging capabilities. When SMTP logging is configured, an email notification is sent to a specified recipient for chosen events.

You can restrict the amount of resources that are used to process large container files.

Symantec Scan Engine uses a decomposer to extract the embedded files from a container file, scan all of the files, and reassemble the container file once scanning is complete. For overly large container files, this process can require a significant amount of resources. You can use these settings to control the resources that Symantec Scan Engine uses to process large container files and to prevent these overly large container files from being stored on the SharePoint server. You can specify the maximum amount of time spent in decomposing a container file, the maximum file size for individual files in a container file, maximum number of nested levels to be decomposed, and the maximum number of bytes that are read when determining whether a file is MIME-encoded. You can establish a

mail policy to filter mail and mail attachments based on a number of attributes.

These mail policy settings are applied to all MIME-encoded messages. If MIME-encoded messages are posted for user access on the SharePoint server, you can use the mail policy settings in Symantec Scan Engine to filter email based on attachment file size or file name, message origin, total message size, or message subject line.

(28)

To configure SMTP logging, you must do the following:

■ Enable the email notification system.

■ Identify an SMTP server and port number for forwarding the log messages.

■ Provide the default origin and destination information for the SMTP messages.

■ Select the event categories for which SMTP messages should be generated. You can choose separate sender and recipient email addresses for each event category.

See“Configuring SMTP logging” on page 114.

You can also select the email notification level so that Symantec Protection for SharePoint Servers sends an email notification only for the events whose level you specify. You can provide separate recipient information for each type of message. Default message text is included, but you can customize individual messages.

See“Customizing SMTP messages” on page 117.

About on-demand reports and scheduled reports

You can manually generate and analyze reports for a specified date range. You must select a report source (Scan Engines, Scan Processes, or System) and define the log data you to display. You can generate a detailed report of all logs or pie-chart reports. Symantec Protection for SharePoint Servers displays a numerical statistical report beneath the pie-chart.

See“Generating an on-demand report” on page 129.

You can configure Symantec Protection for SharePoint Servers to generate reports and distribute them by mail to specified recipients at a scheduled time. Select an hourly, daily, weekly, monthly, one time, or any of the default schedules for scheduled reports.

Note: You must first configure email notifications before you try to schedule a report by email.

To schedule reports, you must do the following tasks:

■ Select a schedule.

Choose from the default schedules or create a new schedule.

■ Select a report data range.

(29)

■ Choose a report source (Scan Engines, Scan Processes, or System) and report definition.

These options determine the content of your scheduled report.

■ Select a report format.

■ Activate report generation by mail.

Specify the sender and recipient’s email address. See“Scheduling a report” on page 130.

About deployment options

Symantec Protection for SharePoint Servers includes the following components that can be installed separately or together:

■ Symantec Protection for SharePoint console

■ Symantec Scan Engine

See“Components of Symantec Protection for SharePoint Servers” on page 20. See“About the installation options” on page 45.

You must deploy Symantec Protection for SharePoint Servers and its

components in different ways based on the following SharePoint environments:

■ Stand-alone SharePoint environment

■ Farm environment

About deploying Symantec Protection for SharePoint Servers

in a stand-alone SharePoint environment

In a stand-alone SharePoint environment, you can choose to do a full install of both components of Symantec Protection for SharePoint Servers on the same computer. You can also choose to move antivirus processing off-box by

(30)

About deploying Symantec Protection for SharePoint Servers

in a farm environment

In a SharePoint farm environment, based on the SharePoint version used, deploy Symantec Protection for SharePoint Servers on the following servers:

About supported platforms

The Symantec Protection for SharePoint console can be installed on the following platforms:

■ Windows Server 2003 (32-bit or 64-bit)

■ Windows Server 2008 (32-bit)

See“About installing only the Symantec Protection for SharePoint console” on page 53.

Symantec Scan Engine runs on the following platforms:

■ Sun™ Solaris™

■ Red Hat Linux™

■ Microsoft® Windows® 2000 Server

■ Microsoft Windows Server 2003 (32-bit and 64-bit)

WSS 2.0/ SPS 2003 Install the Symantec Protection for SharePoint console on each front-end web server in the farm.

Symantec Scan Engine, the other component, can be installed on the same server as the Symantec Protection for SharePoint console or on a separate server.

WSS 3.0/ MOSS 2007 Install the Symantec Protection for SharePoint console on each front-end web server in the farm.

Note: It is important that each front-end web server must have the Central Administration service installed and started.

You can install the Symantec Protection for SharePoint console on the other Application servers in the farm to run on-demand or scheduled scans on these servers, if desired. However, you can run these scans from the front-end servers as well.

(31)

You can deploy Symantec Scan Engine in any environment that is running any combination of these platforms.

See“System requirements for Symantec Scan Engine” on page 40.

See“Installing only Symantec Scan Engine using the installation wizard” on page 50.

You can install both components together only on a 32-bit Windows Server 2003 platform. On a 64-bit computer, you must install the components separately. See“System requirements for Symantec Protection for SharePoint Servers integrated installation” on page 38.

See“About installing Symantec Protection for SharePoint Servers (integrated installation)” on page 46.

About handling large scanning volumes

In a simple Symantec Protection for SharePoint Servers configuration, a single Symantec Scan Engine handles the scanning and repair services for the SharePoint server. However, larger traffic volumes can require multiple scan engines to handle virus scanning. If you are processing large traffic volumes or have multiple clients making virus scanning requests, you can install and configure multiple scan engines to handle the scanning load.

If you install multiple scan engines to handle increased loads, you must register each Symantec Scan Engine with Symantec Protection for SharePoint Servers. Each Symantec Scan Engine must be installed on a separate computer on your network.

See“Registering Symantec Scan Engine with Symantec Protection for SharePoint Servers” on page 85.

When you use multiple scan engines, you can specify how you want the scanning load to be distributed by selecting a scanning mode.

The scanning modes are as follows:

If you enable both modes, the priority mode takes precedence.

Cyclic mode Scanning is distributed evenly across all registered Symantec Scan Engines using a continuous repeating sequence.

Priority mode Scanning is distributed to Symantec Scan Engines based on priority. When you register a Symantec Scan Engine, you specify the priority.

(32)

32 Introducing Symantec™ Protection for SharePoint® Servers How Symantec Scan Engine protects against viruses

If you do not activate automatic load distribution, cyclic mode becomes active. Files are submitted to the first registered Symantec Scan Engine unless it is unavailable. If the first scan engine is not available, the second scan engine is contacted, and so on.

See“Specifying the scanning mode for load balancing” on page 89.

How Symantec Scan Engine protects against viruses

Symantec Protection for SharePoint Servers sends files to Symantec Scan Engine for virus scanning and repair. Symantec Scan Engine detects viruses, worms, and Trojan horses in all major file types (for example, Windows files, DOS files, and Microsoft Word and Excel files). Symantec Scan Engine includes a decomposer that handles most compressed and archive file formats and nested levels of files.

Symantec Scan Engine provides protection against container files that can cause denial of service attacks (for example, container files that are overly large, that contain large numbers of embedded compressed files, partial container files, or that have been designed to use resources maliciously and degrade performance). Symantec Scan Engine detects security risks such as adware, dialers, hacktools, joke programs, remote access programs, spyware, and trackware.

The Symantec Scan Engine also detects mobile code such as Java™, ActiveX®, and stand-alone script-based threats. Symantec Scan Engine uses Symantec antivirus technologies, for heuristic detection of new or unknown viruses.

Where to get more information

In addition to this guide, Symantec Protection for SharePoint Servers includes Help topics that you can access through the Help table of contents and index. You can also search for keywords in the Help.

Context-sensitive help is available on each page.

You can visit the Symantec Web site for more information about your product. The following online resources for Symantec Protection for SharePoint Servers are available:

Provides access to the technical support Knowledge Base, news groups, contact information, downloads, and mailing list subscriptions

(33)

Where to get more information

Provides product news and updates http://www.symantec.com/business/ index.jsp

Provides access to the Virus Encyclopedia, which contains information about all known threats; information about hoaxes; and access to white papers about threats

(34)

(35)

Chapter

2

Installing Symantec

Protection for SharePoint

Servers

■ Before you install

■ System requirements

■ About installing Symantec Protection for SharePoint Servers

■ Post-installation tasks

■ Uninstalling Symantec Protection for SharePoint Servers

Before you install

Do the following tasks before you install Symantec Protection for SharePoint Servers or its components:

■ Provide antivirus protection for the servers on which the Symantec Protection for SharePoint Servers components run.

See“About protecting the servers that are running the Symantec Protection for SharePoint Servers components” on page 36.

■ Exclude certain directories from scanning by any other antivirus product that is running on the computers on which you install the components. See“About preventing conflicts with other products” on page 36.

■ Plan to install the Symantec Protection for SharePoint console at a time when Microsoft Internet Information Server (IIS) can be stopped temporarily.

(36)

36 Installing Symantec Protection for SharePoint Servers Before you install

■ Make sure that the computer on which you plan to install the console and Symantec Scan Engine meets the minimum system requirements. You can install both components together or on separate computers. See“System requirements” on page 37.

About protecting the servers that are running the Symantec

Protection for SharePoint Servers components

Before you install Symantec Scan Engine and the Symantec Protection for SharePoint console, consider installing additional antivirus protection such as Symantec AntiVirus™ Corporate Edition to protect the servers on which these components run.

By design, Symantec Scan Engine scans only files that are passed to it from Symantec Protection for SharePoint Servers. Symantec Protection for

SharePoint Servers does not protect the operating systems of the computers on which Symantec Scan Engine and SharePoint Server run. Because both of these servers potentially handle viruses, they are vulnerable without real-time virus protection.

To achieve comprehensive virus protection with Symantec Protection for SharePoint Servers, it is important to protect the Symantec Scan Engine server and the SharePoint server from virus attacks. To protect the host computers, install an antivirus program on these servers in addition to the Symantec Protection for SharePoint Servers components.

About preventing conflicts with other products

To prevent a conflict between the antivirus product that is running on the host computer and Symantec Protection for SharePoint Servers, configure any other antivirus product that is running on the host computer to exclude certain directories from scanning.

Table 2-1 lists the directories to exclude from scanning. Table 2-1 Directories to exclude from scanning

Directories Server

Windows:<Installdir>\temp Linux® and Solaris™: <Installdir>\temp

(37)

37 Installing Symantec Protection for SharePoint Servers

System requirements

About stopping IIS during installation

During the installation, the Microsoft Internet Information Server (IIS) must be stopped temporarily. During the time that it takes to complete the installation, no access to IIS services is available. You should plan to install the Symantec Protection for SharePoint console when Microsoft IIS can be stopped temporarily. Microsoft IIS restarts automatically after the installation is complete.

System requirements

You can choose to install both components of Symantec Protection for SharePoint Servers together on the same computer or on different computers. The Symantec Protection for SharePoint console and Symantec Scan Engine are supported on both 32-bit and 64-bit computers. However, you cannot do a full install of Symantec Protection for SharePoint Servers on a 64-bit computer. You must install the components separately on a 64-bit computer.

See“System requirements for Symantec Protection for SharePoint Servers integrated installation” on page 38.

See“System requirements for Symantec Scan Engine” on page 40.

<Installdir>\Program Files\Symantec\SharePoint\ Quarantine

The server on which Symantec Protection for SharePoint console runs.

This is the default quarantine directory that is used by Symantec Protection for SharePoint Servers.

Table 2-1 Directories to exclude from scanning

(38)

38 Installing Symantec Protection for SharePoint Servers System requirements

System requirements for Symantec Protection for SharePoint

Servers integrated installation

Table 2-2 describes the minimum system requirements to install the Symantec Protection for SharePoint console and Symantec Scan Engine on the same server:

Table 2-2 Minimum system requirements for Symantec Protection for SharePoint console and Symantec Scan Engine

Requirement Details

Hardware requirements ■ Processor: 2.5 GHz (recommended dual processors that are 3 GHz each or higher)

■ Memory: 1 GB of RAM or higher (recommended 2 GB)

■ Disk space: 515 MB

■ 1 network interface card (NIC) running TCP/IP with a static IP address

■ Internet connection to update definitions Operating System You can use any of the following editions of Windows

Server 2003:

■ Windows Server 2003 (32-bit) Standard Edition/ Windows Server 2003 R2 (32-bit) Standard Edition/ Windows Server 2003 (64-bit) Standard Edition

■ Windows Server 2003 (32-bit) Enterprise Edition/ Windows Server 2003 R2 (32-bit) Enterprise Edition/ Windows Server 2003 (64-bit) Enterprise Edition

■ Windows Server 2003 (32-bit) Datacenter Edition/ Windows Server 2003 R2 (32-bit) Datacenter Edition/ Windows Server 2003 (64-bit) Datacenter Edition Software requirements ■ Any of the following Microsoft SharePoint Server

editions:

■ Windows SharePoint Services 2.0 (WSS 2.0) with Service Pack 3 (SP 3)

■ SharePoint Portal Server 2003 (SPS 2003) with Service Pack 3 (SP 3)

■ Microsoft Office SharePoint Server 2007 (32-bit/ 64-bit)

(39)

39 Installing Symantec Protection for SharePoint Servers

System requirements

System requirements for Symantec Protection for SharePoint

console only

Table 2-3 describes the minimum system requirements to install the Symantec Protection for SharePoint console.

Table 2-3 Minimum system requirements for the Symantec Protection for SharePoint console

Requirement Details

Hardware requirements ■ Processor: 2.5 GHz (recommended dual processors that are 3 GHz each or higher)

■ Memory: 1 GB of RAM or higher (recommended 2 GB)

■ Disk space: 15 MB (may vary depending on how long you choose to maintain log files).

Operating System The Symantec Protection for SharePoint console runs on the following platforms:

■ Windows Server 2003 with Service Pack 2 or later

■ Windows Server 2008 (32-bit)

You can use any of the following editions of Windows Server 2003:

■ Windows Server 2003 (32-bit) Standard Edition/ Windows Server 2003 R2 (32-bit) Standard Edition/ Windows Server 2003 (64-bit) Standard Edition

■ Windows Server 2003 (32-bit) Enterprise Edition/ Windows Server 2003 R2 (32-bit) Enterprise Edition/ Windows Server 2003 (64-bit) Enterprise Edition

■ Windows Server 2003 (32-bit) Datacenter Edition/ Windows Server 2003 R2 (32-bit) Datacenter Edition/ Windows Server 2003 (64-bit) Datacenter Edition Software requirements ■ Any of the following Microsoft SharePoint Server

editions:

■ Windows SharePoint Services 2.0 (WSS 2.0) with Service Pack 3 (SP 3)

■ SharePoint Portal Server 2003 (SPS 2003) with Service Pack 3 (SP 3)

■ Microsoft Office SharePoint Server 2007 (32-bit/ 64-bit)