Home » Dell Manuals » Storage Devices » Dell PowerStore 1200T » Manual Viewer

Dell PowerStore 1200T Using the Common Event Enabler 8.x on Windows Platforms - Page 23

Set Windows Service Control Manager options, Symantec Protection Engine, Setting exclusions

View all Dell PowerStore 1200T manuals

Add to My Manuals
Save this manual to your list of manuals

Page 23 highlights

Set Windows Service Control Manager options About this task For Symantec Endpoint Protection versions 11.04 and 11.06 only, perform the following steps: Steps 1. Open the Microsoft Windows Service Control Manager and navigate to Symantec Endpoint Protection. 2. Right-click Symantec Endpoint Protection and select Properties. 3. Click the Log On tab. 4. Set This account to the same EMC CAVA Service user who has EMC virus checking rights. 5. Click OK. Symantec Protection Engine Symantec Protection Engine resides on an AV machine and interfaces with CAVA by using the Internet Content Adaptation Protocol (ICAP) protocol. The application that requires antivirus scanning links to the Symantec library of scanning API calls by using this protocol. About this task NOTE: You must change the Symantec Protection Engine service from SYSTEM to the same user that is running CAVA, otherwise access problems can result. Domain user account overview provides more information about configuring the domain user and assigning access rights. Steps 1. Install the Symantec Protection Engine software. The Symantec documentation provides specific installation steps. 2. Navigate to the Symantec Protection Engine Status page. Click Configuration. 3. Select ICAP protocol, and type 1344 in the Port number box. NOTE: In order for Symantec Protection Engine to work with VNX or Unity, ICAP needs to accept requests from IP address 127.0.0.1. This can be done by either leaving the bind address field blank that includes all addresses, or by specifying 127.0.0.1. 4. Perform the following: a. Stop the Scan Engine Service. b. Open a command prompt, navigate to the directory where the scan engine has been installed, and run the following command: java -jar xmlmodifier.jar -s /policies/Misc/HonorReadOnly/@value false policy.xml c. Restart the Scan Engine Service. If the above setting is not specified, Symantec Protection Engine cannot delete the infected files because CAVA will not accept any scan requests. 5. Click LiveUpdate. Click LiveUpdate Now to get any new definition files. Setting exclusions When using Symantec Protection Engine and Symantec Endpoint Protection on the same machine, the temporary scan directory of Symantec Protection Engine must be set in the Exclusions section of the File System Auto-Protect configuration menu in the Symantec Endpoint Protection main console. This is to ensure that the AV engine takes action on all infected files that the virus scan detects. About this task Installing Third-Party Application Antivirus Engines 23

Section	Page
Dell CEE Using the Common Event Enabler on Windows Platforms	1
Contents	3
Preface	7
Introduction	8
About CEE	8
System requirements	9
AntiVirus partners	9
Support for third-party applications	10
Restrictions	10
Related information	11
Installing Third-Party Application Antivirus Engines	12
Installation overview	12
Computer Associates eTrust	13
F-Secure AntiVirus	14
Kaspersky Anti-Virus	15
McAfee VirusScan	18
McAfee Endpoint Security Threat Prevention	19
Microsoft Forefront Endpoint Protection 2010	19
Microsoft System Center 2012 Endpoint Protection	20
Sophos Anti-Virus	20
Symantec Endpoint Protection	22
Set Symantec Endpoint Protection options	22
Set Windows Service Control Manager options	23
Symantec Protection Engine	23
Setting exclusions	23
Setting container handling policies	24
Modifying LimitChoiceStop settings	24
Trend Micro ServerProtect	24
Install Trend Micro ServerProtect	25
Installing the Common Event Enabler Framework	27
Install CEE	27
Verifying the CEE installation package	28
Complete the CEE installation for Windows Server	28
Uninstall CEE	29
Configuring the Domain User Account	30
Domain user account overview	30
Determine the interface name on the Data Mover	31
Create a domain user account	32
Create with Active Directory on a Windows Server	32
Create from User Manager for Domains	32
Create a local group on each Data Mover or NAS server	33
Assign the EMC virus-checking right to the group	33
Assign local administrative rights to the AV user	34
Managing CAVA	36
(Optional) Install EMC Unity/VNX/VNXe NAS Management snap-in	36
Display virus-checking information	36
Audit virus-checking information	37
Start, stop, and restart CAVA	38
Perform a full file system scan	38
Verify the status of a file system scan	39
Stop a file system scan	39
Enable scan-on-first-read	39
Update virus definition files	40
Turn off the AV engine	40
Turn on the AV engine	40
Manage CAVA thread usage	41
Adjust the maxVCThreads parameter	41
View the application log file from a Windows Server	42
Enable automatic virus detection notification	42
Customize virus-checking notification	42
Customize notification messages	43
Managing the Registry and AV Drivers	45
EMC CAVA configuration Registry entries	45
EMC AV driver Registry entry	45
Manage the EMC AV driver	45
Managing VCAPS	47
Set up access	47
Managing CEE for RabbitMQ	48
Set up CEE for RabbitMQ	48
Managing Indexing	49
Set up access for Splunk	49
Monitoring and Sizing the Antivirus Agent	51
Install the CAVA Calculator	51
Start the CAVA Calculator	52
Uninstall the CAVA Calculator	52
Configure the sizing tool	52
Enable the sizing tool	53
Manually compile the cava.mof file	53
Create the cavamon.dat file	53
Start the sizing tool	54
Size the antivirus agent	54
(Optional) Gather AV statistics with cavamon.vbs	54
Third-Party Consumer Applications	55
Overview	55
Set up consumer application access	55
Troubleshooting	57
Dell E-Lab Interoperability Navigator	57
Error messages	57
Known problems	57
Training and Professional Services	58
Unity and VNX CAVA Information	59
CAVA concepts	59
CAVA restrictions and limitations	59
CAVA and Data Mover or NAS server	60
User interface choices	60
CAVA features	60
Load balancing and fault tolerance	61
Updating virus definition files	61
Scan-on-first-read	61
Scan on write	61
Scanning after definition file update (manual process)	61
Virus-checking continuation	61
CAVA sizing tool	62
CAVA Calculator	63
Virus-checking client	63
Configuring viruschecker.conf	64
Create and edit viruschecker.conf	64
Define AV machine IP addresses in viruschecker.conf	65
Send viruschecker.conf to the Data Mover	65
(Optional) Define VC scanning criteria	66
viruschecker.conf parameters	66
Managing the VC Client	70
Start the VC client	70
Stop the VC client	71
Update the viruschecker.conf file	71
Verify the installation	72
Unity and VNX CEPA Information	73
CEPA concepts	73
CEPA restrictions and limitations	73
Overview of the cepp.conf file	74
Create the cepp.conf file	75
Edit the cepp.conf file	78
Assign rights in Windows Server	78
Assign rights for third-party applications	79
Start the CEPA facility	79
Verify the CEPA status	79
Stop the CEPA facility	80
Display the CEPA facility properties	80
Display the CEPA facility statistics	81
Display detailed information for a CEPA pool	81
Index	82
A	82
B	82
C	82
D	82
E	82
F	82
H	83
I	83
K	83
L	83
M	83
N	83
P	83
R	83
S	83
T	84
U	84
V	84

Match case Limit results 1 per page

Set Windows Service Control Manager options

About this task

For Symantec Endpoint Protection versions 11.04 and 11.06 only, perform the following steps:

Steps

Open the Microsoft Windows

Service Control Manager

and navigate to

Symantec Endpoint Protection

Right-click

Symantec Endpoint Protection

and select

Properties

Click the

Log On

tab.

Set

This account

to the same EMC CAVA Service user who has EMC virus checking rights.

Click

Symantec Protection Engine

Symantec Protection Engine resides on an AV machine and interfaces with CAVA by using the Internet Content Adaptation

Protocol (ICAP) protocol. The application that requires antivirus scanning links to the Symantec library of scanning API calls by

using this protocol.

About this task

NOTE:

You must change the Symantec Protection Engine service from SYSTEM to the same user that is running CAVA,

otherwise access problems can result.

Domain user account overview

provides more information about configuring the

domain user and assigning access rights.

Steps

Install the Symantec Protection Engine software. The Symantec documentation provides specific installation steps.

Navigate to the Symantec Protection Engine

Status

page. Click

Configuration

Select

ICAP

protocol, and type

1344

in the

Port number

box.

NOTE:

In order for Symantec Protection Engine to work with VNX or Unity, ICAP needs to accept requests from IP

address 127.0.0.1. This can be done by either leaving the bind address field blank that includes all addresses, or by

specifying 127.0.0.1.

Perform the following:

Stop the Scan Engine Service.

Open a command prompt, navigate to the directory where the scan engine has been installed, and run the following

command:

java -jar xmlmodifier.jar -s /policies/Misc/HonorReadOnly/@value

false policy.xml

Restart the Scan Engine Service.

If the above setting is not specified, Symantec Protection Engine cannot delete the infected files because CAVA will not

accept any scan requests.

Click

LiveUpdate

. Click

LiveUpdate Now

to get any new definition files.

Setting exclusions

When using Symantec Protection Engine and Symantec Endpoint Protection on the same machine, the temporary scan directory

of Symantec Protection Engine must be set in the Exclusions section of the File System Auto-Protect configuration menu in the

Symantec Endpoint Protection main console. This is to ensure that the AV engine takes action on all infected files that the virus

scan detects.

About this task

Installing Third-Party Application Antivirus Engines