Home » McAfee Manuals » Computer Software » McAfee GSSCDE-AA-DA » Manual Viewer

McAfee GSSCDE-AA-DA User Guide - Page 118

Anti-Virus Scanner Actions, Default Actions

View all McAfee GSSCDE-AA-DA manuals

Add to My Manuals
Save this manual to your list of manuals

Page 118 highlights

McAfee® GroupShield™ 7.0 User Guide Policy Manager 10 Scanners and filters Editing anti-virus scanner actions 1 From Policy Manager, select a submenu item that has anti-virus scanner. The policy page for the submenu item appears. 2 Choose a desired policy. 3 Click Anti-Virus Scanner. The View Settings tab for the anti-virus scanner appears. 4 Under Actions to take section, click the Edit link. The Anti-Virus Scanner Actions page appears. 5 In Cleaning tab, under Virus and trojans cleaning, select the option Attempt to clean any detected virus or trojan to enable the cleaning of any virus or trojan. 6 Under If cleaning succeeds, take the following action, select the desired option(s) if the cleaning succeeds: „ Log - to record the detection in a log. „ Quarantine - to take a copy of the item and store it in the quarantine database. „ Notify administrator - to send an alert message to the email administrator. „ Notify sender - to send an alert message to the sender, when the original email message does not originate in the same domain as Microsoft® Exchange Server 2003/2007. „ Notify recipient - to send an alert message to the recipient, when the recipient is not in the same domain as Microsoft® Exchange Server 2003/2007. 7 In the remaining tabs (Default Actions, Custom Malware, Packers, and PUPs), choose a primary action from the drop-down list and select one or more secondary actions. In the Custom Malware tab, you can also see the custom malware categories that you have selected while creating a new set of anti-virus scanner options (Advanced tab) Note Primary and secondary anti-virus scanner actions Primary actions for On-Access scan include: „ Replace detected item with an alert - to replace the detected item with an alert message. „ Delete embedded item - to delete the detected item. For example, to delete an attachment that triggers a detection rule. „ Delete message - to delete the email message item. „ Allow through - to allow the item to continue to the next scanning phase or on to its final destination. 118

Section	Page
Contents	3
1 Introduction	7
About GroupShield for Exchange	7
What is GroupShield?	7
How does GroupShield work?	7
How GroupShield protects Exchange?	8
Email server protection - McAfee GroupShield	8
How does scanning work?	9
Other areas to protect	9
GroupShield Features	11
What is New?	12
Features not supported	15
Using this Guide	16
Audience	16
Conventions	17
Getting product information	18
Standard documentation	18
Contact information	19
2 Pre-Installation	21
Pre-Installation scenarios	21
Types of installation	22
Standard installation	22
Silent installation	22
Cluster installation	22
System requirements	23
3 Installing the Software	25
Accessing the software	25
What is included with the software?	26
Installing GroupShield for Microsoft® Exchange Server 2003/2007	26
SiteList editor	29
GroupShield for Exchange Access Control	29
Installing additional components	30
Buffer Overflow Protection	30
Installing McAfee Anti-Spam for GroupShield	31
Silent installation	32
Configuring GroupShield in a cluster environment	33
Local Continuous Replication (LCR) on Exchange Server 2007	34
Clustered Continuous Replication (CCR) on Exchange Server 2007	34
Single Copy Cluster (SCC, N+1 cluster configuration) on Exchange Server 2003 and 2007	34
Cluster Uninstallation	37
Upgrading GroupShield from v6.0.2 or higher	37
4 Post-Installation Tasks and Maintenance	39
Testing your GroupShield installation	39
Testing the anti-virus component	39
Testing the McAfee Anti-Spam component	40
Testing GroupShield installation using McAfee Virtual Technician	40
Quarantining using McAfee Quarantine Manager 4.1	41
Upgrading Blacklists and Whitelists	42
Maintaining your GroupShield application	43
Modifying the GroupShield installation	43
Modifying GroupShield	43
Repairing the GroupShield installation	44
Repairing GroupShield	44
Restoring original out-of-box configuration	45
Uninstalling GroupShield for Exchange	45
Removing GroupShield for Exchange	45
5 Integrating with ePolicy Orchestrator 3.6	47
Introduction	47
Pre-requisites for using ePolicy Orchestrator 3.6	47
Introducing ePolicy Orchestrator console	48
Before you begin	49
Installation	49
Upgrading from GroupShield for Exchange version 6.0.x NAP settings	52
Configuring GroupShield Policies	53
Managing Policies	54
Scheduling tasks	55
AutoUpdate task	56
On-Demand scan task	57
Reports	59
Configuring reports	60
Uninstallation	60
Removing GroupShield for Exchange from Client Computer	60
Removing GroupShield for Exchange from ePolicy Orchestrator	61
6 Integrating with ePolicy Orchestrator 4.0	63
Introduction	63
Pre-requisites for installing ePolicy Orchestrator 4.0	63
Before you begin	63
ePolicy Orchestrator agent	64
Pre-requisites for using ePolicy Orchestrator 4.0	64
Installation	65
Checking-in the McAfee GroupShield for Microsoft Exchange Server 2003/2007 package to the ePolicy Orchestrator server	65
Installing GroupShield for Exchange on the client computer	66
Extensions	67
Introducing ePolicy Orchestrator 4.0 Dashboard	68
Creating a new dashboard	68
Reporting	69
Running a query	69
Creating a new query	69
Systems	70
Policies	71
Client tasks	72
AutoUpdate task	72
On-Demand scan task	73
Uninstallation	74
Removing GroupShield for Exchange from the client computer	74
Removing GroupShield for Exchange from the ePolicy Orchestrator server	75
7 Integrating with ProtectionPilot 1.5	77
Introduction	77
Pre-requisites for using ProtectionPilot	77
Introducing ProtectionPilot	77
Before you begin	79
Installation	79
Configuring GroupShield policies	80
Setting and enforcing policies	81
Scheduling tasks	83
Creating a new on-demand scan task	84
Creating a new AutoUpdate task	84
Uninstallation	85
8 Getting Started with the User Interface	87
Dashboard	88
Statistics & information	88
Statistics	89
Versions & updates	89
Reports	90
On-demand scans	90
Scheduling a new on-demand scan	90
Modifying an existing on-demand scan	92
Deleting an on-demand scan	92
The ‘Run Now’ link	93
Status report	93
Scheduling a new status report	93
The ‘Run Now’ link	94
Graphical reports	95
Simple reports	95
Advanced reports	95
9 Detected Items	97
Spam	98
Phish	98
Viruses	99
Potentially unwanted programs	99
Unwanted content	100
Banned file types/messages	101
All items	101
10 Policy Manager	105
Policy manager views	105
Inheritance view	106
Advanced view	107
Creating a subpolicy	108
Policy settings	109
List all scanners	109
View settings	112
Specify users	112
Scanners and filters	113
Core scanners	114
Anti-virus scanner	114
Content scanning	119
File filtering	124
Anti-spam	128
Anti-phishing	132
Filters	135
Corrupt content	135
Protected content	137
Encrypted content	138
Signed content	139
Password-protected files	140
Scanner control	142
MIME mail settings	145
HTML files	149
Mail size filtering	151
Miscellaneous	153
Alert settings	153
Disclaimer text	155
Shared resource	156
Scanners and alerts	156
Filter rules	160
Time slots	162
11 Settings & Diagnostics	163
On-access settings	163
Notifications	167
Anti spam	168
Detected items	168
McAfee Quarantine Manager	169
Local database	169
User interface preferences	170
Dashboard settings	170
Graph and chart settings	170
Diagnostics	171
Debug logging	171
Error reporting service	172
Event logging	172
Product log	172
Product log	173
DAT settings	174
Import and export configuration	174
Configuration	175
Site list	175