McAfee M4050 Troubleshooting Guide - Page 13

Using anti-virus software with the Manager, McAfee VirusScan and SMTP notification

Get McAfee M4050 - Network Security Platform PDF manuals and user guides
UPC - 731944582832
View all McAfee M4050 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 13 highlights

McAfee® Network Security Platform 6.0 Before You Install Port # 1812 Protocol UDP Description RADIUS Integration Direction of communication Manager-->RADIUS server  Close all open programs, including email, the Administrative Tools > Services window, and instant messaging before installation to avoid port conflicts. A port conflict may prevent the application from binding to the port in question because it will already be in use. Caution: The Manager is a standalone system and should not have other applications installed. Using anti-virus software with the Manager If you plan to install anti-virus software such as McAfee VirusScan on the Manager, be sure the MySQL directory and its sub-directories are excluded from the anti-virus scanning processes. For example selecting ...\Manager\MySQL and its subdirectories will exclude the entire MySQL installation directory from the anti-virus scanning processes. Otherwise, Network Security Platform packet captures may result in the deletion of essential MySQL files. Also exclude the Network Security Platform installation directory and its sub-directories because temporary files are created there that might conflict with the anti-virus scanner. Note: If you install McAfee VirusScan 8.5.0i on the Manager after the installation of the Manager software, the MySQL scanning exceptions will be created automatically, but the Network Security Platform exceptions will not. McAfee VirusScan and SMTP notification From 8.0i, VirusScan includes an option (enabled by default) to block all outbound connections over TCP port 25. This helps reduce the risk of a compromised host propagating a worm over SMTP using a homemade mail client. VirusScan avoids blocking outbound SMTP connections from legitimate mail clients, such as Outlook and Eudora, by including the processes used by these products in an exclusion list. In other words, VirusScan ships with a list of processes it will allow to create outbound TCP port 25 connections; all other processes are denied that access. The Manager takes advantage of the JavaMail API to send SMTP notifications. If you enable SMTP notification and also run VirusScan 8.0i or above, you must therefore add java.exe to the list of excluded processes. If you do not explicitly create the exclusion within VirusScan, you will see a Mailer Unreachable error in the Manager Operational Status to each time the Manager attempts to connect to its configured mail server. To add the exclusion, follow these steps: 4

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
McAfee® Network Security Platform 6.0
Before You Install
4
Port #
Protocol
Description
Direction of communication
1812
UDP
RADIUS Integration
Manager-->RADIUS server
Close all open programs, including email, the
Administrative Tools > Services
window, and
instant messaging before installation to avoid port conflicts. A port conflict may
prevent the application from binding to the port in question because it will already be
in use.
Caution:
The Manager is a standalone system and should not have other
applications installed.
Using anti-virus software with the Manager
If you plan to install anti-virus software such as McAfee VirusScan on the Manager, be
sure the MySQL directory and its sub-directories are excluded from the anti-virus scanning
processes. For example selecting
...\Manager\MySQL
and its subdirectories will exclude the
entire MySQL installation directory from the anti-virus scanning processes. Otherwise,
Network Security Platform packet captures may result in the deletion of essential MySQL
files.
Also exclude the Network Security Platform installation directory and its sub-directories
because temporary files are created there that might conflict with the anti-virus scanner.
Note:
If you install McAfee VirusScan 8.5.0i on the Manager
after
the installation of
the Manager software, the MySQL scanning exceptions will be created
automatically, but the Network Security Platform exceptions will not.
McAfee VirusScan and SMTP notification
From 8.0i, VirusScan includes an option (enabled by default) to block all outbound
connections over TCP port 25. This helps reduce the risk of a compromised host
propagating a worm over SMTP using a homemade mail client.
VirusScan avoids blocking outbound SMTP connections from legitimate mail clients, such
as Outlook and Eudora, by including the processes used by these products in an exclusion
list. In other words, VirusScan ships with a list of processes it will allow to create outbound
TCP port 25 connections; all other processes are denied that access.
The Manager takes advantage of the JavaMail API to send SMTP notifications. If you
enable SMTP notification and also run VirusScan 8.0i or above, you must therefore add
java.exe to the list of excluded processes. If you do not explicitly create the exclusion
within VirusScan, you will see a
Mailer Unreachable
error in the Manager Operational Status
to each time the Manager attempts to connect to its configured mail server.
To add the exclusion, follow these steps: