• No results found

Symantec Mail Security for Microsoft Exchange Getting Started Guide

N/A
N/A
Protected

Academic year: 2021

Share "Symantec Mail Security for Microsoft Exchange Getting Started Guide"

Copied!
20
0
0

Loading.... (view fulltext now)

Full text

(1)

Symantec™ Mail Security for Microsoft® Exchange

Getting Started Guide

The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement.

Documentation version 6.5 PN: 20973766

Legal Notice

Copyright © 2010 Symantec Corporation. All rights reserved.

Federal acquisitions: Commercial Software - Government Users Subject to Standard License Terms and Conditions.

Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any.

THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING,

PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.

The Licensed Software and Documentation are deemed to be "commercial computer software" and "commercial computer software documentation" as defined in FAR Sections 12.212 and DFARS Section 227.7202.

Symantec Corporation

(2)
(3)

Getting Started

... 5

Introducing Symantec™ Mail Security for Microsoft® Exchange ... 5

What's new in Mail Security ... 5

Components of Mail Security ... 8

Before you install ... 10

About security and access permissions ... 12

System requirements ... 13

Server system requirements ... 13

Console system requirements ... 15

Installation options ... 16

Migrating to version 6.5 ... 17

(4)
(5)

Getting Started

Introducing Symantec™

Mail Security for Microsoft® Exchange

Symantec™ Mail Security for Microsoft® Exchange (a member of the Symantec Information Foundation™ product family) is a complete, customizable, and scalable solution that scans email that passes through or resides on the Microsoft Exchange server.

Mail Security protects your Exchange server from the following:

■ Threats (such as viruses, Trojan horses, worms, and denial-of-service attacks)

■ Security risks (such as adware and spyware)

■ Unwanted file attachments

■ Unsolicited email messages (spam)

Mail Security also lets you manage the protection of one or more Exchange servers from a single console.

The Exchange environment is only one avenue by which a threat or security risk can penetrate a network. For complete protection, ensure that every computer and workstation is protected by an antivirus solution.

What's new in Mail Security

(6)

Table 1 New and enhanced features Description Feature

Mail Security supports Exchange Server 2010 on the following roles:

■ Edge Transport

■ Hub Transport

■ Mailbox Support for Exchange Server 2010

Global Group consists of all the servers that are managed through Mail Security console. When you configure and apply Global Group settings, the changes are propagated to all the servers in all the groups. Changes that are made at the Global Group level overwrites group settings of all individual and user-defined servers.

Addition of a Global Group for Exchange Server 2010

Manual scans run on-demand and scan public folders and mailboxes. Scheduled scans run unattended usually at off-peak periods. All policies apply to manual and to scheduled scans, except antispam. You can specify which file folders and mailboxes to scan during a manual or scheduled scan. You can also specify the content filtering rules that you want to enable for the manual or scheduled scan.

Support for Manual and Scheduled Scan in Exchange Server 2010

Mail Security provides comprehensive content filtering for messages and attachment content. It supports more than 300 attachment types. Mail Security lets you create content filtering rules that apply to SMTP inbound and outbound mails and the Exchange Information Store . Content filtering rules let you filter messages for attachment names, attachment content, specific words, phrases, subject lines, and senders or recipients. It provides pre-cooked match list and let you define your own match list. You can also set content filtering rules for attachment size.

Support for Filtering contents in Exchange Server 2010

Getting Started

(7)

Table 1 New and enhanced features (continued) Description Feature

Web links are provided in the product installer that assist and guide you to troubleshoot the failures that are

encountered during installation. These links provide more information about the failure or a similar failure and the resolution steps and recommendations.

Troubleshooting installation issues with common error dialog

■ Through Antispam processing Mail Security 6.5 has a provision to reduce the processing time that is required for AntiSpam processing . The Fastpass feature conserves resources by providing a temporary exemption from spam scanning for senders with a demonstrated history of sending no spam messages. Thus senders with the best local reputation are exempted from spam scanning. Mail Security automatically collects local sender reputation data to support Fastpass determinations and regularly re-evaluates the senders that are granted a pass.

■ By turning off performance counters for logging

Mail Security 6.5 lets you configure performance counters for logging. By default, this counter is enabled. However, to improve Mail Security's scanning performance, these performance counters for logging can be turned off by adding following registry key and setting its value to 1.

Registry key for 32-bit platform: HKEY_LOCAL_MACHINE\SOFTWARE\ Symantec\SMSMSE\6.5

\Server\TurnOffPerfCounters Registry key for 64-bit platform: HKEY_LOCAL_MACHINE\SOFTWARE \Wow6432Node\Symantec\SMSMSE\6.5\ Server\TurnOffPerfCounters

Restart Mail Security service after setting this registry key.

Performance improvements

(8)

Note:Mail Security 6.5 does not support Windows 2000 and Exchange Server

2000.

Components of Mail Security

Table 2lists the components of Mail Security. Table 2 Product components

Location on the product CD

Description Component

\SMSMSE\Install\ This software protects your

Exchange servers from threats (such as viruses and denial-of-service attacks) and security risks (such as adware and spyware). It also detects spam email messages and unwanted content. This software protects your Exchange servers from threats (such as viruses and denial-of-service attacks), security risks (such as adware and spyware). It also detects spam email messages and unwanted email attachments. Symantec Mail Security for

Microsoft Exchange Getting Started

(9)

Table 2 Product components (continued)

Location on the product CD

Description Component

\ADMTOOLS\LUA\ This utility lets you configure

one or more intranet FTP, HTTP, or LAN servers to act as internal LiveUpdate servers. LiveUpdate lets Symantec products download program and definition file updates directly from Symantec or from a LiveUpdate server. For more information, see the LiveUpdate

Administrator

documentation on the Mail Security product CD in the following location: \DOCS\LUA\ LiveUpdate™ Administration

Utility

\ADMTOOLS\DIS This utility lets Mail Security

forward infected messages and messages that contain certain types of violations from the local quarantine to the Central Quarantine, which acts as a central repository.

For more information, see the Symantec Central

Quarantine Administrator's Guide on the Mail Security

(10)

Table 2 Product components (continued)

Location on the product CD

Description Component

\ADMTOOLS\Mgmt_Pack This component lets you

integrate Symantec Mail Security for Microsoft Exchange events with Microsoft Operations Manager 2005 (MOM). If you use Microsoft Exchange 2003, this component also lets you integrate Mail Security events with Microsoft System Center Operations Manager 2007 (SCOM). Pre-configured Computer Groups, Rule Groups/Rules, and Providers are automatically created when you import the management pack. These rules monitor specific Symantec Mail Security for Microsoft Exchange events in the Windows Event Log and the Windows Performance Monitor. For more information, see the Symantec Mail Security

for Microsoft Exchange Management Pack.

Mail Security for Microsoft Exchange Management Pack

Before you install

Ensure that you meet all system requirements before you install Mail Security. Select the installation plan that best matches your organization's needs, and ensure that you have met the pre-installation requirements.

See“System requirements”on page 13. See“Installation options”on page 16.

Mail Security supports upgrades from Mail Security 4.6x and higher. If Mail Security detects an older version of the product on your computer, the installer Getting Started

(11)

automatically uninstalls the prior version. The installer then continues with the installation. If you want to uninstall the previous version manually, do so before installing the current version of Mail Security.

If you are installing Mail Security on an Exchange Server 2007 or Server 2010, install the product on all of the following server roles in your organization:

■ Edge Transport servers, if available

■ Hub Transport servers

■ Mailbox servers

You must uninstall and reinstall the product if you change the server role on which Mail Security is installed.

Mail Security automatically installs custom transport agents when you install the product on Hub Transport or Edge Transport servers. The Mail Security transport agents consist of an antispam transport agent and an antivirus transport agent. By default, the Mail Security transport agents are installed with a lower priority than the Exchange transport agents. If you modify your transport agent priorities, ensure that the Mail Security transport agents remain a lower priority than the Exchange transport agents.

Do the following before you install the product:

■ If you are running Symantec Brightmail™ AntiSpam on the same server on which you want to install Mail Security, you must uninstall Symantec Brightmail AntiSpam before you install Mail Security. It is recommended that you not run Mail Security on the same server as Symantec Brightmail AntiSpam.

■ If you are using the email tools feature of Symantec AntiVirus™ Corporate Edition, you must uninstall the feature before you install Mail Security. The email tools feature of Symantec AntiVirus™ is not compatible with Mail Security or Microsoft Exchange.

■ If you are running any antivirus software that is on the server on which you want to install Mail Security, you must disable it before you install Mail Security.

After installation but before you re-enable the antivirus protection, configure your other antivirus programs to exclude certain folders from scanning.

■ Log on as a Windows domain administrator to install Mail Security components correctly.

■ Modify your screen resolution to a minimum of 1024 x 768. Mail Security does not support a resolution less than 1024 x 768.

(12)

■ Configure the default receive connector for the Exchange Hub Transport server to permit connections from anonymous users.

Before you install Mail Security on Exchange 2010 mailbox role, you must specify a domain user account. The domain user account must fulfill the following criteria.

■ Mail Security uses the domain user account as a service account and this account must have a mailbox.

The user must be a member of Organization Management group under the Microsoft Exchange Security Groups Organizational Unit.

By default, Organization Management group is a member of the local

Administrators group on all the exchange servers in the organization. If not,

then add the user to the local Administrators group.

■ You may use different user account for installations of Mail Security on other Exchange 2010 mailbox servers within that domain for better performance.

■ When the user updates the password, the same password must be provided to the Mail Security Service on all Exchange 2010 mailbox role servers.

Note:While installing Mail Security on local Exchange 2010 Mailbox server, in the Logon Information screen, specify the domain user credentials in the User

name and Password fields. Mail Security provides this user account Application Impersonation and Logon as service rights.

Ensure that the following IIS Role Service components are installed when you install Mail Security on Windows Server 2008 for Exchange 2010 and 2007 servers. This installation is applicable for both remote installation and local installation.

■ Application Development - ASP.NET

■ Security - Windows Authentication

■ Management Tools - IIS management console , IIS 6 Scripting Tools

About security and access permissions

Mail Security automatically creates the following user groups and assigns them access when you install the product:

Getting Started

(13)

Permits read and write access to all Mail Security components and features. Users in this group can change settings for Mail Security through the console. The user who installs Mail Security is automatically added to the SMSMSE Admins group.

SMSMSE Admins

Permits read-only access to Mail Security components and features.

Users in this group cannot change settings for Mail Security. Users can view reports, event logs, and settings through console-only installations. SMSMSE Viewers

The user groups are domain-wide for Active Directory. You can use the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in to change membership in the groups.

Users must be designated in one of the SMSMSE user groups to access the product. For example, administrators who are not in one of the SMSMSE user groups are not granted access to Mail Security. Adding a user to the SMSMSE Admins group does not automatically grant the user Windows Local Administrator, Windows Domain Administrator, or Exchange administrator rights.

Security is also set for the Mail Security registry key and file folders during the security set-up process. You must have administrator access to the local servers and domain administrator rights for the security set-up to proceed.

System requirements

Ensure that you meet the appropriate system requirements for the type of installation that you are performing.

See“Installation options”on page 16.

Server system requirements

You must have domain administrator-level privileges to install Mail Security. The server system requirements are as follows:

(14)

The operating system requirements for Microsoft Exchange 2010 are as follows:

■ Windows Server 2008 with SP2 (64-bit) Standard or Enterprise Edition

■ Windows Server 2008 R2 (64-bit) Standard or Enterprise Edition The operating system requirements for Microsoft Exchange 2007 are as follows:

■ Windows Server 2008 with SP1or later (64-bit) Standard or Enterprise Edition

■ Windows Server 2003 with SP2 (64-bit) Standard or Enterprise Edition

■ Windows Server 2003 R2 (64-bit) Standard or Enterprise Edition The operating system requirements for Microsoft Exchange 2003 are as follows:

■ Windows Server 2003 SP1/SP2/R2 Standard or Enterprise or Data Center Edition

Operating system

The Exchange platform requirements for Microsoft Exchange 2007/2010 are as follows:

■ Exchange Server 2007 SP1/SP2

■ Exchange Server 2010

(15)

■ Intel(TM) Pentium II 266 MHz or higher processor; recommended Intel Pentium or compatible 733MHz processor

Requirement for Exchange Server 2003 only

■ x64 architecture-based processor that supports Intel Extended Memory 64 Technology (Intel EM64T)

x64 architecture-based computer with AMD 64-bit processor that supports AMD64 platform

Requirement for Exchange Server 2007/Server 2010 only

■ Only for Exchange 2007 Mailbox server role, Exchange Server MAPI client and Collaboration Data Objects 1.2.1

Requirement for mailbox role of Exchange Server 2007 only

■ 1 GB of memory for Mail Security besides the minimum requirements for the operating system and Exchange. Approximately 4GB or more of memory is required.

■ 500-MB disk space is required for Mail Security. This space does not include disk space required for items such as quarantined messages and attachments, reports, and log data.

■ .NET Framework version 2.0

■ MDAC 2.8 or higher

■ DirectX 9 or higher

■ Microsoft Internet Information Services (IIS) Manager Requirement for Exchange Server 2007 only

■ Only for Exchange Server 2010, Microsoft .NET Framework 3.5 and Microsoft Windows Powershell 2.0

Minimum system requirements

Ensure that the components.NET Framework, MDAC, and DirectX are installed before you install Mail Security.

Adobe Acrobat Reader is not a requirement to install and run Mail Security. However, it is required to view the reports that are generated in .pdf format. You can download Adobe Acrobat Reader fromwww.adobe.com.

For more information, see the Symantec Mail Security for Microsoft Exchange

Implementation Guide.

Console system requirements

You can install the Mail Security console on a computer on which Mail Security is not installed. The console system requirements are as follows:

(16)

■ Windows Server 2003/R2/SP2

■ Windows XP

■ Windows Vista 32-bit

■ Windows Server 2008/R2/SP2 Standard and Enterprise Edition

■ Windows 7 Operating system

■ 512 MB RAM

■ 162 MB available disk space

This does not include the space required for items such as quarantined messages and attachments, reports, and log data.

■ .NET Framework version 2.0

■ Microsoft Internet Information Services (IIS) Manager Requirement is for Exchange Server 2007 only

Ensure that .NET Framework is installed before you install Mail Security.

Minimum system requirements

Adobe Acrobat Reader is not a requirement to install and run the Mail Security Console. However, it is required to view the reports that are generated in .pdf format. You can download Adobe Acrobat Reader fromwww.adobe.com.

Installation options

Use any of the following installation procedures, depending on the type of installation that you want to perform:

You can install or upgrade Mail Security on a local computer that is running the Microsoft Exchange server.

Local server

You can install Mail Security on remote servers through the product console.

Remote server

You can install the product console on a computer that is not running Mail Security. This lets you manage your servers from any computer that has access to your Exchange servers. Console

You can install Mail Security using automated installation tools.

Silent/automated installation

You can install Mail Security in a Microsoft Cluster environment.

Microsoft cluster server

You can install Mail Security in a Veritas cluster environment. Veritas cluster server

(17)

For more information about installation procedures, see the Symantec Mail Security

for Microsoft Exchange Implementation Guide.

Migrating to version 6.5

Mail Security supports upgrades from Mail Security 4.6x and higher.

Table 3lists the settings that do not migrate from version 5.x to the new version. Table 3 Version 5.x migration settings

Description Setting

This feature is no longer supported.

Enable and configure Symantec Premium AntiSpam for spam detection.

Heuristic antispam

The “Save to folder” option is no longer supported. If “Save to folder” was a disposition for a content filtering rule, the disposition is set to “Log Only.” The “Add X-header” settings associated with the “Save to folder” disposition has been removed.

In the Symantec Premium AntiSpam settings, the “Save to folder” settings and the “Add X-header” settings associated with them have been removed. The “Add X-header” settings that are not associated with the “Save to folder” settings migrate as is.

Save to folder option

These items do not migrate. Report templates and the

report database

This feature is no longer supported. SESA Alerts

These settings do not migrate. Re-enable and schedule background scanning.

Background scanning

Mail Security does not support upgrades from 5.0 on Veritas Cluster Server configurations.

Veritas Cluster Server configurations

If you are upgrading from 4.6x, the policy settings are incorporated into the applicable policy on the new installation. Mail Security 5.x and higher does not contain a separate multiserver console. Single and multiple servers are

administered from the same console. Multiserver console settings do not migrate to the new version. Custom policies, heuristic antispam settings, content filtering rules, and report templates do not migrate to the new version.

(18)

Table 4lists the migrations from version 4.6x to the new version. Table 4 Version 4.6x migration settings

Description Setting

Migrates to the new version as the standard policy. Auto-protect

This feature is no longer supported.

Enable and configure Symantec Premium AntiSpam for spam detection.

Heuristic antispam

These settings are no longer supported. Macro Virus Rule

These settings are no longer supported. Bloodhound Virus Rule

These settings do not migrate. Mass-Mailer Virus Rule

This feature is no longer supported. HeartBeat

These settings do not migrate. Filtering subpolicy

This feature is no longer supported. Messenger Service Alerts

This feature is no longer supported. AMS Alerts

This feature is no longer supported. SESA Alerts

These settings do not migrate. Scheduled scans

These settings do not migrate. Manual scans

This rule is migrated to a new rule — File Name Rule. Attachment Blocking rule

These settings do not migrate. Outbreak settings

This feature is no longer supported. Content Dictionary

Reports cannot be viewed through the console.

Reports that you generated in version 4.6x are copied to the following directory:

<Installation directory>\Server\Reports\4.6

You can view a report by opening it from this directory. Generated reports

These features and documents do not migrate. Report templates and the

report database

These settings do not migrate. Re-enable and schedule background scanning.

Background scanning Getting Started

(19)

Where to get more information about Mail Security

Mail Security includes a comprehensive help system that contains conceptual, procedural, and context-sensitive information.

Press F1 to access information about the page on which you are working. If you want more information about features that are associated with the page, select a More Information link in the Help page, or use the Table of Contents, Index, or Search tabs in the Help viewer to locate a topic.

The Symantec Mail Security for Microsoft Exchange Implementation Guide provides information about using this product and is found on the product CD in the following location:

\DOCS\SMSMSE\

You can visit the Symantec Web site for more information about your product; the following online resources are available:

■ Provides access to the technical support Knowledge Base, newsgroups, contact information, downloads, and mailing list subscriptions

www.symantec.com/techsupp/ent/enterprise.html

■ Provides information about registration, frequently asked questions, how to respond to error messages, and how to contact Symantec License

Administration

www.symantec.com /licensing/els/help/en/help.html

■ Provides product news and updates

www.symantec.com/enterprise/index.jsp

■ Provides access to the Threat Explorer, which contains information about all known threats

www.symantec.com/enterprise/security_response/threatexplorer/azlisting.jsp

(20)

Getting Started

References

Related documents

You can install or upgrade Symantec Mail Security on a local computer that is running Microsoft Exchange Server. Remote server

In order for this feature to work effectively Write spam confidence level (SCL) to scanned messages based on spam score option in Server protection &gt; Microsoft Exchange Server

If you are opening a message that has not been scanned by the most current virus signature database, Microsoft Exchange Server sends the message to ESET Mail Security to be

If you are opening a message that has not been scanned by the most current virus signature database, Microsoft Exchange Server sends the message to ESET Mail Security to be

Write spam confidence level (SCL) to scanned messages based on spam score option (in Mail server protection &gt; Microsoft Exchange Server &gt; Transport agent) must be enabled in

ESET Mail Security 4 for Microsoft Exchange Server (EMSX) is an integrated solution protecting user mailboxes from various types of malware content (most often they are

Symantec Mail Security for Microsoft Exchange — Management Pack Integration Guide Viewing Symantec Mail Security for Microsoft Exchange events and performance

Symantec Mail Security for Microsoft Exchange — Management Pack Integration Guide Viewing Symantec Mail Security for Microsoft Exchange events and performance