Dell PowerStore 1200T Using the Common Event Enabler 8.x on Windows Platforms - Page 24

Steps

1.

Navigate to the Symantec Protection Engine

Status

page. Click

Configuration

and

Resources

.

2.

Specify a temporary directory for scanning.

NOTE:

Allow enough room for this directory to grow because it can become several GBs in size. If a local AV solution is

used, ensure to also exclude this directory from scanning. A local AV solution on the AV machine must not be allowed to

scan the temporary working directory in use by Symantec Protection Engine.

Setting container handling policies

The

RPCRequestTimeout

value set in the

viruschecker.conf

file (the default is 25000 milliseconds) should be set to

greater than the Symantec Protection Engine Container File Processing Limit for the time to extract a file. Not doing so can

cause the VNX Data Mover or Unity NAS server to repeat the scans for large files to other AV machines while the scan is still in

progress by the AV machine.

This timeout should be set 30 to 60 seconds higher than the container file processing limit so that the VNX Data Mover or

Unity NAS server has adequate time to receive the response. The Symantec timeout can be set lower depending on the security

scanning requirements and processing load of the AV machine.

Modifying LimitChoiceStop settings

The

LimitChoiceStop

parameter controls container violations actions. If this is set to false, the scan engine allows access to

a file that is violating some of the container policies (such as max extract time exceeded) and will only log this error. If this is set

to true (the default setting), the scan engine blocks access to (deletes) the file on the container violations.

About this task

You need to set the

LimitChoiceStop

parameter to false. Failure to perform this step results in an

AV_INTERFACE

error

and CAVA will not come online:

Steps

1.

Edit the

filtering.xml

file that resides in the SAV install directory.

2.

Set the

LimitChoiceStop

option to

false

.

Trend Micro ServerProtect

If you are installing Trend Micro ServerProtect, use the installation path shown in

Installation procedure for Trend Micro

.

Table 5. Installation procedure for Trend Micro

Step

Action

Procedure

1.

Create a domain user with the EMC virus-checking right.

Configuring the Domain User Account

2.

Configure virus-checking parameters on the VNX Data Movers

or Unity NAS servers.

Configuring viruschecker.conf

3.

Install CAVA (as part of CEE) on the Windows AV machines.

Installing the Common Event Enabler

4.

Install the Trend AV engine.

Install Trend Micro ServerProtect

5.

Start the virus-checking client on the VNX Data Movers or Unity

NAS servers.

Managing the VC Client

6.

Verify the CAVA installation.

Verify the installation

24

Installing Third-Party Application Antivirus Engines

Section	Page
Dell CEE Using the Common Event Enabler on Windows Platforms	1
Contents	3
Preface	7
Introduction	8
About CEE	8
System requirements	9
AntiVirus partners	9
Support for third-party applications	10
Restrictions	10
Related information	11
Installing Third-Party Application Antivirus Engines	12
Installation overview	12
Computer Associates eTrust	13
F-Secure AntiVirus	14
Kaspersky Anti-Virus	15
McAfee VirusScan	18
McAfee Endpoint Security Threat Prevention	19
Microsoft Forefront Endpoint Protection 2010	19
Microsoft System Center 2012 Endpoint Protection	20
Sophos Anti-Virus	20
Symantec Endpoint Protection	22
Set Symantec Endpoint Protection options	22
Set Windows Service Control Manager options	23
Symantec Protection Engine	23
Setting exclusions	23
Setting container handling policies	24
Modifying LimitChoiceStop settings	24
Trend Micro ServerProtect	24
Install Trend Micro ServerProtect	25
Installing the Common Event Enabler Framework	27
Install CEE	27
Verifying the CEE installation package	28
Complete the CEE installation for Windows Server	28
Uninstall CEE	29
Configuring the Domain User Account	30
Domain user account overview	30
Determine the interface name on the Data Mover	31
Create a domain user account	32
Create with Active Directory on a Windows Server	32
Create from User Manager for Domains	32
Create a local group on each Data Mover or NAS server	33
Assign the EMC virus-checking right to the group	33
Assign local administrative rights to the AV user	34
Managing CAVA	36
(Optional) Install EMC Unity/VNX/VNXe NAS Management snap-in	36
Display virus-checking information	36
Audit virus-checking information	37
Start, stop, and restart CAVA	38
Perform a full file system scan	38
Verify the status of a file system scan	39
Stop a file system scan	39
Enable scan-on-first-read	39
Update virus definition files	40
Turn off the AV engine	40
Turn on the AV engine	40
Manage CAVA thread usage	41
Adjust the maxVCThreads parameter	41
View the application log file from a Windows Server	42
Enable automatic virus detection notification	42
Customize virus-checking notification	42
Customize notification messages	43
Managing the Registry and AV Drivers	45
EMC CAVA configuration Registry entries	45
EMC AV driver Registry entry	45
Manage the EMC AV driver	45
Managing VCAPS	47
Set up access	47
Managing CEE for RabbitMQ	48
Set up CEE for RabbitMQ	48
Managing Indexing	49
Set up access for Splunk	49
Monitoring and Sizing the Antivirus Agent	51
Install the CAVA Calculator	51
Start the CAVA Calculator	52
Uninstall the CAVA Calculator	52
Configure the sizing tool	52
Enable the sizing tool	53
Manually compile the cava.mof file	53
Create the cavamon.dat file	53
Start the sizing tool	54
Size the antivirus agent	54
(Optional) Gather AV statistics with cavamon.vbs	54
Third-Party Consumer Applications	55
Overview	55
Set up consumer application access	55
Troubleshooting	57
Dell E-Lab Interoperability Navigator	57
Error messages	57
Known problems	57
Training and Professional Services	58
Unity and VNX CAVA Information	59
CAVA concepts	59
CAVA restrictions and limitations	59
CAVA and Data Mover or NAS server	60
User interface choices	60
CAVA features	60
Load balancing and fault tolerance	61
Updating virus definition files	61
Scan-on-first-read	61
Scan on write	61
Scanning after definition file update (manual process)	61
Virus-checking continuation	61
CAVA sizing tool	62
CAVA Calculator	63
Virus-checking client	63
Configuring viruschecker.conf	64
Create and edit viruschecker.conf	64
Define AV machine IP addresses in viruschecker.conf	65
Send viruschecker.conf to the Data Mover	65
(Optional) Define VC scanning criteria	66
viruschecker.conf parameters	66
Managing the VC Client	70
Start the VC client	70
Stop the VC client	71
Update the viruschecker.conf file	71
Verify the installation	72
Unity and VNX CEPA Information	73
CEPA concepts	73
CEPA restrictions and limitations	73
Overview of the cepp.conf file	74
Create the cepp.conf file	75
Edit the cepp.conf file	78
Assign rights in Windows Server	78
Assign rights for third-party applications	79
Start the CEPA facility	79
Verify the CEPA status	79
Stop the CEPA facility	80
Display the CEPA facility properties	80
Display the CEPA facility statistics	81
Display detailed information for a CEPA pool	81
Index	82
A	82
B	82
C	82
D	82
E	82
F	82
H	83
I	83
K	83
L	83
M	83
N	83
P	83
R	83
S	83
T	84
U	84
V	84

Dell PowerStore 1200T Using the Common Event Enabler 8.x on Windows Platforms - Page 24

Setting container handling policies, Modifying LimitChoiceStop settings, Trend Micro ServerProtect

Page 24 highlights