Bitdefender Security for Exchange manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243

Ir para a página of

Bom manual de uso

As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto Bitdefender Security for Exchange. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoBitdefender Security for Exchange vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.

O que é a instrução?

A palavra vem do latim "Instructio" ou instruir. Portanto, no manual Bitdefender Security for Exchange você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.

Infelizmente, pequenos usuários tomam o tempo para ler o manual Bitdefender Security for Exchange, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.

Então, o que deve conter o manual perfeito?

Primeiro, o manual Bitdefender Security for Exchange deve conte:
- dados técnicos do dispositivo Bitdefender Security for Exchange
- nome do fabricante e ano de fabricação do dispositivo Bitdefender Security for Exchange
- instruções de utilização, regulação e manutenção do dispositivo Bitdefender Security for Exchange
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes

Por que você não ler manuais?

Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque Bitdefender Security for Exchange não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos Bitdefender Security for Exchange e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço Bitdefender na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas Bitdefender Security for Exchange, como para a versão papel.

Por que ler manuais?

Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo Bitdefender Security for Exchange, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.

Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual Bitdefender Security for Exchange. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação

Índice do manual

  • Página 1

    EXCHANGE Administrator's guide[...]

  • Página 2

    BitDefender Security for Exchange Administrator's guide Published 2010.05.21 Copyright© 2010 BitDefender Legal Notice All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without w[...]

  • Página 3

    She came to me one morning, one lonely Sunday morning Her long hair flowing in the mid-winter wind I know not how she found me, for in darkness I was walking And destruction lay around me, from a fight I could not win BitDefender Security for Exchange[...]

  • Página 4

    T able of Contents License and W arranty .. .. .. .. .. ... .. .. .. ... .. .. .. .. ... .. .. .. ... .. .. .. .. .. viii Preface .. ... .. .. .. ... .. .. .. .. ... .. .. .. ... .. .. .. .. ... .. .. .. ... .. .. .. .. ... .. .. xiii 1. Conventions Used in This Book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [...]

  • Página 5

    6.2. Mailbox (VSAPI) Scanning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Configuration and Management ............................ 27 7. Getting Started . .. ... .. .. .. .. ... .. .. .. ... .. .. .. .. ... .. .. .. ... .. .. .. .. 28 7.1. Connecting to Another Computer . . . . . . . . . . . . . .[...]

  • Página 6

    10.3. Configuring Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 1 1. Antivirus . .. .. .. .. ... .. .. .. ... .. .. .. .. ... .. .. .. ... .. .. .. .. ... .. .. .. . 124 1 1.1. Real-time Antivirus Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]

  • Página 7

    16. General . .. .. .. ... .. .. .. .. ... .. .. .. ... .. .. .. .. ... .. .. .. ... .. .. .. .. .. 213 16.1. Report Virus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213 16.2. Report Incidents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [...]

  • Página 8

    License and W arranty IF YOU DO NOT AGREE TO THESE TERMS AND CONDITIONS DO NOT INST ALL THE SOFTW ARE. BY SELECTING "I ACCEPT", "OK", "CONTINUE", "YES" OR BY INST ALLING OR USING THE SOFTW ARE IN ANY WA Y , YOU ARE INDICA TING YOUR COMPLETE UNDERST ANDING AND ACCEPT ANCE OF THE TERMS OF THIS AGREEMENT . These[...]

  • Página 9

    (excepting the case when the desktop computer provides network services by running BitDefender Management Server). Each user may install this software on a single computer or on a single operating system and may make one additional copy for backup on a different device. The number of users allowed is the number of the users of the license. SUITE LI[...]

  • Página 10

    COPYRIGHT . All rights, titles and interest in and to BitDefender and all copyright rights in and to BitDefender (including but not limited to any images, photographs, logos, animations, video, audio, music, text, and "applets" incorporated into BitDefender), the accompanying printed materials, and any copies of BitDefender are owned by B[...]

  • Página 11

    INCIDENT AL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMIT A TION OR EXCLUSION MA Y NOT APPL Y TO YOU. IN NO CASE SHALL BITDEFENDER'S LIABILITY EXCEED THE PURCHASE PRICE P AID BY YOU FOR BITDEFENDER. The disclaimers and limitations set forth above will apply regardless of whether you accept to use, evaluate, or test BitDefender . IMPORT ANT NOTI[...]

  • Página 12

    Contact BitDefender , at 24 Preciziei Street, West Gate Park, Building H2, ground floor , Sector 6, Bucharest, Romania, or at T el No: 40-21-206.34.70 or Fax: 40-21-264.17.99, e-mail address: office@bitdefender .com . License and Warranty xii BitDefender Security for Exchange[...]

  • Página 13

    Preface This guide is intended to all network administrators who have chosen BitDefender Security for Exchange as a security solution for their company's Microsoft Exchange servers. The information presented in this book is suitable not only for computer literates, it is accessible to everyone who is able to work under Windows. This book will [...]

  • Página 14

    1.2. Admonitions The admonitions are in-text notes, graphically marked, bringing to your attention additional information related to the current paragraph. Note The note is just a short observation. Although you can omit it, the notes can provide valuable information, such as specific feature or a link to some related topic. Important This requires[...]

  • Página 15

    3. Request for Comments We invite you to help us improve the book. We have tested and verified all of the information to the best of our ability . Please write to tell us about any flaws you find in this book or how you think it could be improved, to help us provide you with the best documentation possible. Let us know by sending an e-mail to docum[...]

  • Página 16

    Installation 1 BitDefender Security for Exchange[...]

  • Página 17

    1. System Requirements Before installing the product, make sure that your system meets the following minimum system requirements: ● Operating system:  Windows 2000 with Service Pack 4 and Update Rollup 1  Windows Server 2003 with Service Pack 1  Windows Server 2008 ● Exchange 2003 Standard or Enterprise or ● Exchange 2000 Standard or[...]

  • Página 18

    2. Installing BitDefender Security for Exchange In order to install BitDefender Security for Exchange, you need an installation file or an installation CD that contains the installation package. The installation file comes under different names, depending on the BitDefender business products it contains. Y ou can download the installation file from[...]

  • Página 19

    BitDefender will also check if BitDefender Security for Exchange is already installed on the local computer . If the same version as the one in the setup file is installed, you will have to modify the existing configuration. If an older version is installed, the installation process will continue as it should, with the only difference that the alre[...]

  • Página 20

    2. Please read the License Agreement, select I accept the terms in the License Agreement and click Next . Note If you do not agree to these terms click Cancel . The installation process will be abandoned and you will exit setup. 3. Y ou can see the list of all BitDefender products designed for Windows-based servers available in the installation pac[...]

  • Página 21

    6. If you do not want the readme file to be opened at the end of the installation, clear the View Readme file check box. Click Install in order to begin the installation of the product. Note BitDefender will automatically detect your version of Microsoft Exchange Server. 7. Click Finish to complete product installation. Note Y ou may be asked to re[...]

  • Página 22

    3. Repairing or Removing BitDefender If you want to modify , repair or remove BitDefender , follow this path from the Windows start menu: Start → Programs → BitDefender Security for Windows Servers → Modify , Repair or Uninstall . Y ou will be requested to confirm your choice by clicking Next . A new window will appear where you can select: ?[...]

  • Página 23

    T o install a product, click the corresponding arrow and then select Will be installed on local hard drive on the shortcut menu. T o remove a product, click the corresponding arrow and then select Entire feature will be unavailable on the shortcut menu. 3.2. Repair BitDefender If BitDefender Security for Exchange starts to perform unexpectedly , yo[...]

  • Página 24

    An error occurred while removing BitDefender If an error has occurred while removing BitDefender , the removal process will be aborted and a new window will appear . Click Run UninstallT ool to make sure that BitDefender has been completely removed. The uninstall tool will remove all the files and registry keys that were not removed during the auto[...]

  • Página 25

    Description 10 BitDefender Security for Exchange[...]

  • Página 26

    4. Features and Benefits Comprehensive protection for Exchange Servers BitDefender Security for Exchange provides antivirus, antispyware, antispam, antiphishing, attachment and content filtering seamlessly integrated with the MS Exchange Server , to create a malware free messaging environment. It protects Exchange servers against the latest, most s[...]

  • Página 27

     Through its optimized scanning process, increases mail delivery speed and reduces server workload  Improves the IT manager's productivity and prevents the loss of confidential information by filtering all mail passing through the Exchange server based on content (subject line, sender , recipient) and attachment and the criteria defined [...]

  • Página 28

     Easy-to-interpret statistics and reports based on the information received from BitDefender Security for Exchange 4.2. Key Features ● Certified antivirus engines ● Proactive heuristic protection against zero-day threats ● Multiple layers of anti-spam filtering ● Content and attachment filtering ● Antispyware and antiphishing protectio[...]

  • Página 29

    Upgrades. Registered users benefit from free upgrades to any new version of the product during the license period. Special price offers are also available to returning customers. Free 24/7 Professional T echnical Support. Certified representatives provide BitDefender business customers with free permanent support online, by telephone or e-mail. Thi[...]

  • Página 30

    5. Core Modules The core functionalities of BitDefender Security for Exchange are defined by 4 modules: Antivirus , Antispam , Content Filtering and Attachment Filtering . 5.1. Antivirus Basically , there are two kinds of antivirus scanning: ● Antivirus scanning at SMTP (Simple Mail T ransfer Protocol) level ● Antivirus scanning at mailbox, or [...]

  • Página 31

    Note By default background scanning is disabled. Y ou should enable it only as a second layer of protection when you want to check all your databases and make sure they are clean. ● Proactive scanning allows scanning messages before they are actually accessed. When a message is submitted to the Store, it is placed in the global scanning queue and[...]

  • Página 32

    Different filtering policies can be defined for users and user groups. The rules are those that specify which filters to use to analyze the message and the actions to take on spam, based on the groups to which the sender and the recipients belong. The Antispam filters are grouped into two categories: ● Global filters - configurable filters meant [...]

  • Página 33

    address of the sender matches one of the IP addresses provided for the specified domain. If the domain address of the sender matches an associated IP address, the message is considered legitimate and antispam filtering stops. Otherwise, the message is considered SP AM and the connection is dropped. Real-time Blackhole List The Real-time Blackhole L[...]

  • Página 34

    Note These filters can be enabled and configured by the administrator separately for each rule. In order to configure them, go to the Antispam module, Policies section and set the appropriate rules. For more details, please refer to “ Creating Rules ” (p. 160 ) . White List / Black List Most people communicate regularly with a group of people o[...]

  • Página 35

    BitDefender maintains a database of such links. The URL filter checks every URL link in a message against its database. If a match is made, the message is tagged as SP AM. Image Filter Since avoiding heuristic filter detection has become quite a challenge, images are increasingly used in spam messages. Many spam messages contain either a single spa[...]

  • Página 36

    5.3. Content Filtering Content Filtering checks messages to see if the subject, the sender ’s or the recipient(s)’ address contain certain specified strings. If a defined string matches one of these mail headers, the message is detected and the specified action is taken. Both incoming and outgoing SMTP mail is verified. Different filtering poli[...]

  • Página 37

    6. How Does It W ork? BitDefender Security for Exchange scans e-mail messages both at SMTP (Simple Mail Transfer Protocol) level and at mailbox, or VSAPI (Virus Scanning Application Program), level. E-mail messages entering or leaving the Exchange server are scanned at SMTP level. Inside the Exchange server , e-mail messages entering or leaving the[...]

  • Página 38

    Connection Level When an attempt is made to establish a connection, the message is checked against the Allow / Deny IP List . If there is a match, the connection is dropped. Otherwise, the message is checked against the global Sender Black List . If the filter finds a match, the connection is dropped. Content Level If the message passes connection [...]

  • Página 39

    4. "Block sexually explicit content" Filter . If the message matches the filtering rule, it is considered SP AM, the antispam filtering stops and the specified action is taken on the message. 5. Charset Filter . If the message matches the filtering rule, it is considered SP AM, the antispam filtering stops and the specified action is take[...]

  • Página 40

    6.1.3. Attachment Filtering If the message is not deleted during content filtering, then the mail attachments, if any , are verified according to a specific attachment filtering group policy . The message is checked against the attachment filtering rules, by order of priority , until the sender and the recipients of the message match a rule. The me[...]

  • Página 41

    by BitDefender . The scanning is performed according to the options specified by the default antivirus rule. Real-time VSAPI scanning can also be done through three additional methods, intended to optimize the overall scanning process: background, proactive or transport scanning. This is how scanning works: ● If the message was checked through pr[...]

  • Página 42

    Configuration and Management 27 BitDefender Security for Exchange[...]

  • Página 43

    7. Getting Started BitDefender Security for Exchange can be configured and managed through a centralized, MMC-based management console. The management console provides access to all features and settings of BitDefender Security for Exchange. T o access the management console, use the Windows Start menu, by following the path Start → Programs → [...]

  • Página 44

     Statistics - offers real-time statistical information regarding the activity of the Antivirus, Antispam, Content Filtering and Attachment Filtering modules.  Reports - allows you to create customized reports on product activity .  Alerts & Logs - allows configuring the logging options and sending alerts about the events that occur dur[...]

  • Página 45

    Important T o remotely manage a BitDefender Security for Exchange product, you must first set an administrative password for the respective product. T o connect to a BitDefender Security for Exchange product installed on a remote computer , follow these steps: 1. Right-click BitDefender Security for Exchange in the tree menu. 2. From the contextual[...]

  • Página 46

    Change administrative password 3. In the Password field, type the desired administrative password. 4. In the Confirm password field, type the password again. 5. Click OK 7.3. Exporting/Importing Product Settings Y ou can export and import the product settings. This helps you easily configure other BitDefender Security for Exchange products within t[...]

  • Página 47

    3. Select the folder where to save the product settings and click OK . 7.3.2. Importing Product Settings T o import previously saved product settings, follow these steps: 1. Right-click BitDefender Security for Exchange in the tree menu. 2. From the contextual menu, select Import product settings to open the Import T ool. Import T ool 3. Click Impo[...]

  • Página 48

    4. Select the folder where the product settings were saved and click OK to import them. 5. W ait until the Import T ool completes the importing process. Importing Settings The Import T ool first stops the Microsoft Exchange Transport service, the Microsoft Information Store and the BitDefender Security for Exchange services. Then, it imports the pr[...]

  • Página 49

    Finish Click Exit to close the window . Getting Started 34 BitDefender Security for Exchange[...]

  • Página 50

    8. Registration and My Account BitDefender Security for Exchange comes with a 30-day trial period. If you decide that BitDefender Security for Exchange is the best choice for your organization, proceed to register its full version. Y ou should also register a BitDefender account in order to benefit from free BitDefender technical support and other [...]

  • Página 51

    8.1. Step 1/3 - Register BitDefender Security for Exchange Registration If you do not have a BitDefender license, click the provided link to go to the BitDefender online store and purchase a license key . T o register BitDefender Security for Exchange, select Register the product , type the license key in the Enter key field and click the Register [...]

  • Página 52

    8.2. Step 2/3 - Register a BitDefender Account Account Registratiion I do not have a BitDefender account T o create a BitDefender account, select Create a new BitDefender account and provide the required information. The data you provide here will remain confidential. Note If you want to create an account later , select the corresponding option. ?[...]

  • Página 53

    Note Use the provided e-mail address and password to log in to your account at http://myaccount.bitdefender .com . Click Create account . T o successfully create an account you must first activate your e-mail address. Check your e-mail address and follow the instructions in the e-mail sent to you by the BitDefender registration service. Click Next [...]

  • Página 54

    8.3. Step 3/3 - Finish Finish Click Finish to close the window . Note T o log in to your BitDefender account, click My account . Registration and My Account 39 BitDefender Security for Exchange[...]

  • Página 55

    9. Monitoring The Monitoring snap-in provides you with all the necessary means to monitor and control the product activity . If you click Monitoring in the tree menu, the dashboard will be displayed. The dashboard provides you with useful information on the status of BitDefender Security for Exchange and helps you easily solve the issues that requi[...]

  • Página 56

    9.1. Dashboard Click Monitoring in the tree menu to see the dashboard. Dashboard The dashboard provides you with useful information on the status of BitDefender Security for Exchange and helps you easily solve the issues that require your attention. Y ou should check the dashboard frequently in order to quickly identify and solve the issues affecti[...]

  • Página 57

    9.1.1. Important Links At the top of the dashboard there are several useful links. Description Link Opens a web page where you can buy the product from. Buy Opens your BitDefender account web page. My Account Opens the registration wizard . Register Opens the BitDefender support web page. Support Opens the help file. Help Opens a window where you c[...]

  • Página 58

    T o find out details about these issues, do one of the following: ● Click a status button to see the respective category of issues. ● Click corresponding to Issue details to expand this section and see all possible issues. The Issue details section contains three tables, one for each status button. Each table displays the monitored items and th[...]

  • Página 59

    Description Status Critical issue. Antispam filtering is disabled and the Exchange server is not protected against spam. Not enabled Click Fix to enable antispam filtering. ● Content Filtering. The issues that can be reported are listed in the following table: Description Status Requires attention. Content filtering is enabled, but no content fil[...]

  • Página 60

    Description Status 2. Not an issue. Attachment filtering is not enabled and no attachment filtering rule is configured. Update Status If the Update Status button is orange or red, there are update issues affecting BitDefender Security for Exchange. Click the button to see the respective issues. A table named Update Status will be displayed and you [...]

  • Página 61

    Description Status Critical issue. A new product update has been downloaded and it is not installed on your system. Product update downloaded, please install it Clicking Fix will install the update. If the update requires stopping traf fic or rebooting the server , you will have to confirm your choice by clicking OK . T o be able to schedule the in[...]

  • Página 62

    License Status If the License Status button is orange or red, there are issues concerning the license of your BitDefender Security for Exchange. Note The License Status button and the related issues are not available if BitDefender Security for Exchange is managed by BitDefender Management Server . Click the button to see the respective issues. A t[...]

  • Página 63

    Description Status Requires attention. Y ou have not registered an account yet. Y ou do not have an account. Please create an account Click Fix to open the registration wizard and create a new account or provide the details of an existing one. Click Fix to open the registration wizard where you can create a new account or log in to an existing one.[...]

  • Página 64

    The statistics are grouped based on the core modules: Antivirus, Antispam, Content Filtering and Attachment Filtering. 9.1.4. Product Status T o see information on the product status, click corresponding to the Product status section. Y ou can see the name of the server BitDefender Security for Exchange is installed on, as well as the product versi[...]

  • Página 65

    Statistics There are five main windows which provide real-time statistical information on the overall product activity and the activity of the Antivirus, Antispam, Content Filtering and Attachment Filtering modules. Each of these categories contains several types of statistics grouped into 4 time intervals: current day , last week, last month and t[...]

  • Página 66

    Description T ype Shows the top of the malware detected. T op Malware Lists mail senders based on the quantity of malware sent. T op Malware Senders Lists mail recipients based on the quantity of malware received. T op Malware Recipients ● Antispam. Contains the statistics on the Antispam module. Description T ype Provides overall statistics on t[...]

  • Página 67

    9.2.1. Clearing All Records By default, BitDefender automatically erases statistical information older than one week. If you wish to keep the statistical information for a different period of time, click the Purge Options button and set the number of days / weeks / months for which statistics are to be stored. Note Statistics older than the specifi[...]

  • Página 68

    Reports Y ou can see all the existing reports listed in the table. For each report, the following information is provided: the report name, the date when the report was generated, the type of information it contains and the format. Y ou can create the following types of reports: ● Antivirus. Create custom reports with information on the activity [...]

  • Página 69

    Description Report T ype Contains the mail senders ordered by the quantity of malware sent. T op Malware Senders Contains the mail recipients ordered by the number of malware received. T op Malware Recipients ● Antispam. Create custom reports with information on the activity of the Antispam module. Description Report T ype Provides complete infor[...]

  • Página 70

    Description Report T ype Provides complete information on the activity of the Attachment Filtering module. T otal Contains the mail senders ordered by the number of attachment filtering rules matched. T op V olume Senders Contains the mail recipients ordered by the number of attachment filtering rules matched. T op V olume Recipients 9.3.1. Managin[...]

  • Página 71

    Step 1/5 - W elcome to the Report Wizard Welcome Click Next to continue or Cancel to quit. Step 2/5 - Select Report T ype Select Report T ype First, you must select the module the generated report is on: Antivirus , Antispam , Content Filtering or Attachment Filtering . Then select one of the report types available for the module you have chosen. M[...]

  • Página 72

    Note For more information on the available report types, please refer to the table presented at the beginning of the “ Reports ” (p. 52 ) section. Depending on your choice, the report may contain a summary of or only specific data about the activity of a specified component. Click Next . Step 3/5 - Select Report Format Select Report Format Sele[...]

  • Página 73

    Step 4/5 - Select T ime Interval Select Time Interval Select the time interval covered in the report: ● Last day ● Last week ● Last month ● Custom If you need information about the BitDefender activity related to a specific time interval, select Custom and specify the start and end date. T o specify the start and end date, either click the [...]

  • Página 74

    Step 5/5 - V iew Summary View Summary This window displays the selected report settings. Y ou can make any changes by returning to the previous steps (click Back ). Click Finish to generate the report. The report will appear in the Reports section. Monitoring 59 BitDefender Security for Exchange[...]

  • Página 75

    9.4. Alerts & Logs The Alerts & Logs snap-in allows configuring the BitDefender notification system. BitDefender is by default configured to keep a log of its activity . The BitDefender log provides you with a comprehensive list of the events that occured during product operation. T o configure logging or view the log files, go to the Logs [...]

  • Página 76

    Alerts Mail Alerts BitDefender can notify the network administrator by sending configurable mail alerts in case an event for which they have been set takes place. Enabling this alert will provide you with relevant and timely information about the status of your server , and may eliminate the need to access the BitDefender management console. Note T[...]

  • Página 77

    2. Configure the SMTP settings, as described in the “ Configuring Mail Alert Settings ” (p. 62 ) section. 3. Configure the recipients of the mail alerts, as described in the “ Configuring Mail Alert Recipients ” (p. 63 ) section. 4. Go to the Events tab and configure the events for which mail alerts should be sent, as described in the “ C[...]

  • Página 78

    Important Provide a valid e-mail address for the SMTP server , otherwise the server may decline to send an e-mail whose sender (e-mail address) is unknown to it. ● If the SMTP server used to send messages requires authentication, select Use SMTP Server Authentication and enter the user name and password in the corresponding fields. Note NTLM auth[...]

  • Página 79

    Recipients Provide the e-mail address in the corresponding field and click Add to add the recipient to the list. T o import e-mail addresses from a txt file, click Import , select the file and then click Open . If you want to export the list to a txt file, click Export and save the file to the desired location. T o remove one or several selected re[...]

  • Página 80

    If you want to disable this service, clear the check box corresponding to Enable Net Send Alerts and then click Apply to save the changes. Important In case of a virus outbreak it is not advisable to use this type of alert. Configuring Net Send Alert Recipients T o configure the recipients of the net send alerts click the corresponding Configure bu[...]

  • Página 81

    9.4.2. Logs BitDefender is by default configured to keep a log of its activity . The BitDefender log provides you with a comprehensive list of the events that occured during product operation. Note By default, the log file is saved in: ?:Program FilesBitDefenderBitDefender for Windows Servers ServicesBDLog . T o configure logging and to view th[...]

  • Página 82

    Configuring Logging T o log the product activity to a file, select Enable file logging . BitDefender creates the log file in ?:Program FilesBitDefenderBitDefender for Windows Servers ServicesBDLog . By default, when the file reaches the size limit of 1024 KB, a new log file is created. Specify the size limit of the log files in the Maximum log [...]

  • Página 83

    Events All of the events that may occur are listed in the table. There are 3 types of events: ● Information - such events provide information about the product activity . ● W arning - such events provide critical information about aspects of the product activity which require your attention. ● Error - such events provide information about err[...]

  • Página 84

    Description Event Refers to the occurrence of an error during the update process. Update Error Occurs when an infected file or a file suspected of being infected has been detected. Infected/suspected file detected Groups critical information regarding the activity of BitDefender . BitDefender W arning Occurs when a file could not be scanned by BitD[...]

  • Página 85

    Note If event notification is disabled, the event is not logged and no alert is sent when it takes place. Configuring Events Y ou can configure the notification methods separately for each event in the list. T o configure the notification methods for a specific event, select it and click Configure event . The configuration window will appear . Foll[...]

  • Página 86

    When an event takes place, based on its importance, it can be logged and, possibly , specified recipients may be notified through mail and net send alerts of its occurrence. Choose one of the following options to set the importance level: ● Disabled - to disable event notification. Note If event notification is disabled, the event is not logged a[...]

  • Página 87

    Configure Mail Alerts Configure Alert T ext BitDefender allows you to configure the alert content. Y ou can see the default text in the box. Make the desired changes to the alert content. Important Y ou should NOT modify the strings that begin with the $ symbol as they provide valuable information about the event. Configure Alert Recipients Provide[...]

  • Página 88

    T o import e-mail addresses from a txt file, click Import , select the file and then click Open . If you want to export the list to a txt file, click Export and save the file to the desired location. T o remove one or several selected recipients click Remove . Click Apply to save the changes and OK if you want to close the window . Step 3/3 - Confi[...]

  • Página 89

    Important Y ou should NOT modify the strings that begin with the $ symbol as they provide valuable information about the event. Configure Alert Recipients Provide the computer name in the corresponding field and click Add to add the recipient to the list. Note Beside the recipients defined here, the alert will also be sent to those defined in the A[...]

  • Página 90

    9.5. Quarantine BitDefender allows isolating files in a secure area, named quarantine. T o see the quarantined files and manage them, click Quarantine in the tree menu (under Monitoring ). Quarantine Quarantine is divided into 4 areas: ● Antivirus - contains the objects that BitDefender found infected or suspect and which were stored in the quara[...]

  • Página 91

    ● Attachment Filtering - contains the messages that matched an Attachment Filtering and which were stored in the quarantine area. Click a link to see the quarantined files for the corresponding component. 9.5.1. Antivirus Quarantine Click Antivirus in the tree menu ( Quarantine module) to enter this section. Antivirus Quarantine This is where you[...]

  • Página 92

    Quarantined files are encrypted. In order to see an item from the quarantine area, select it and then click Save to disk to decrypt the file. In this way you can analyze the item and send it by mail. Note T o learn how to manage the quarantined files and the quarantine area, please refer to “ Managing Quarantine ” (p. 81 ) . 9.5.2. Antispam Qua[...]

  • Página 93

    being spam, the mail address of the sender , the mail address of the recipients, the subject and the file name of the message. Quarantined files are encrypted. In order to see an item from the quarantine area, select it and then click Save to disk to decrypt the file. In this way you can analyze the item and send it by mail. T o decrypt and deliver[...]

  • Página 94

    This is where you can see the messages that matched a Content Filtering rule and which were stored in the quarantine area. For each quarantined message, the following information is provided: the date and time when it was quarantined, the matching rule, the mail address of the sender , the mail address of the recipients, the subject and the file na[...]

  • Página 95

    Attachment Filtering Quarantine This is where you can see the messages that matched an Attachment Filtering rule and which were stored in the quarantine area. For each quarantined message, the following information is provided: the date and time when it was quarantined, the matching rule, the mail address of the sender , the mail address of the rec[...]

  • Página 96

    9.5.5. Managing Quarantine T o manage the quarantined files and the quarantine areas, use the following buttons: ● Restore - decrypts selected quarantined messages from the Antispam, Content Filtering and Attachment Filtering quarantine areas and delivers them to their intended recipients. For more information, please refer to “ Restoring Quara[...]

  • Página 97

    Important Provide a valid e-mail address for the SMTP server , otherwise the server may decline to send an e-mail whose sender (e-mail address) is unknown to it. ● IP - type the IP address used by the server . ● Port - type the port used by the server . If the server used to send the messages requires authentication, select the Use authenticati[...]

  • Página 98

    T o configure the server settings, click Settings . This will open the server settings window . 5. W ait for the restoration to complete and click Close to close the window . Configuring Quarantine Properties T o set the location of the quarantine folder and configure the purge options, click the Properties button. The following window will appear:[...]

  • Página 99

    By default, quarantined files older than 90 days are automatically deleted. T o change the time interval during which files are stored in the quarantine, type the number of hours / days / weeks / months in the corresponding field. Click OK to save the changes and close the window . If you want to apply the default settings, click Set Defaults . 9.6[...]

  • Página 100

    Scheduled T asks Y ou can see all the existing scheduled tasks listed in the table. For each task, the following information is provided: the task type and name, the last time when it was performed, the next time it is scheduled to run and the status. 9.6.1. Managing Scheduled T asks T o manage the scheduled tasks, use these buttons: ● Run Now - [...]

  • Página 101

    ● Delete - deletes one or several selected scheduled tasks. Y ou will have to confirm your choice by clicking Y es . ● Enable / Disable - enables / disables one or several selected scheduled tasks. ● Properties - opens the configuration window of a selected scheduled task, allowing you to modify it and to configure more advanced settings. 9.6[...]

  • Página 102

    Step 2/4 - Select T ask T ype Select T ask T ype Provide the task name and then select Update T ask . Click Next . Step 3/4 - Configure Schedule Run T ask Periodically Specify the task schedule. Y ou must choose one of the following options from the menu: Monitoring 87 BitDefender Security for Exchange[...]

  • Página 103

    ● Once - to run the task one time only , at a given moment. Specify the start date and time in the Start Date / Start Time fields. ● Periodically - to run the task periodically , at certain time intervals (minutes, hours, days, weeks, months, years), starting with a specified date and time. T o configure the necessary settings, follow these ste[...]

  • Página 104

    Step 4/4 - View Summary View Summary This window displays the task settings. Y ou can make any changes by returning to the previous steps (click Back ). Select Open the advanced properties of this task when I click "Finish" if you want the Properties window of this task to be opened after you complete the wizard. In this window you can mo[...]

  • Página 105

    Viewing General Information Open the configuration window to check general information. General Y ou can see general information about the task (the name, the status, the last time when the task ran). If you want to change the task name, enter a new name in the corresponding field. T o enable the task, select Enable T ask . Otherwise, clear this ch[...]

  • Página 106

    Schedule Specify the task schedule. Y ou must choose one of the following options from the menu: ● Once - to run the task one time only , at a given moment. Specify the start date and time in the Start Date / Start Time fields. ● Periodically - to run the task periodically , at certain time intervals (minutes, hours, days, weeks, months, years)[...]

  • Página 107

    ● Week Days - to run the task repeatedly only in certain days of the week starting with a specified date and time. T o configure the necessary settings, follow these steps: 1. Specify the start date in the Start Date field. 2. If you want to run the task repeatedly until a certain date, check End Date and specify the end date in corresponding fie[...]

  • Página 108

    Step 1/7 - Welcome to the Scheduled T asks Wizard Welcome Click Next . Step 2/7 - Select T ask T ype Select T ask T ype Provide the task name and then select Generate Report T ask . Click Next . Monitoring 93 BitDefender Security for Exchange[...]

  • Página 109

    Step 3/7 - Configure Schedule Run T ask Periodically Specify the task schedule. Y ou must choose one of the following options from the menu: ● Once - to run the task one time only , at a given moment. Specify the start date and time in the Start Date / Start Time fields. ● Periodically - to run the task periodically , at certain time intervals [...]

  • Página 110

    1. Specify the start date in the Start Date field. 2. If you want to run the task repeatedly until a certain date, check End Date and specify the end date in corresponding field. 3. Specify the start time in the Start T ime field. 4. Specify the day or days of the week on which the task should be run. Click Next . Step 4/7 - Select Report T ype Sel[...]

  • Página 111

    Step 5/7 - Select Report Format Select Report Format Select the format of the report file ( HTML , text or CSV ). Depending on your selection, the report will be created as an HTML, text or comma-separated values (CSV) file. Click Next . Step 6/7 - Select T ime Interval Select Time Interval Select the time interval covered in the report: Monitoring[...]

  • Página 112

    ● Last day ● Last week ● Last month ● Custom If you need information about the BitDefender activity related to a specific time interval, select Custom and specify the start and end date. T o specify the start and end date, either click the numbers in the date field and enter new values or click the arrow to choose a date from the calendar .[...]

  • Página 113

    Note The task will appear in the Scheduled T asks section. Configuring Properties In order to modify an existing scheduled task or to configure more advanced settings, unavailable in the configuration wizard, just double-click the task or select it and click Properties . The configuration window will appear . Note T o open the configuration window [...]

  • Página 114

    Click Apply to save the changes. If you want to save the changes and close the configuration window , click OK . If you want to close the configuration window without making any changes, click Cancel . Modifying Schedule Click the Schedule tab in the configuration window to modify the schedule. Schedule Specify the task schedule. Y ou must choose o[...]

  • Página 115

    2. If you want to run the task repeatedly until a certain date, check End Date and specify the end date in the corresponding field. 3. Specify the start time in the Start T ime field. 4. Specify the task frequency by specifying the number of minutes / hours / days / weeks / months / years between two successive occurrences of such task, in the corr[...]

  • Página 116

    Settings Follow these steps to configure the report settings: 1. Choose on which module (Antivirus, Antispam, Content Filtering, Attachment Filtering) to generate the report. 2. Select one of the report types available for the previously specified module. Note For more information on the available report types, please refer to the table presented a[...]

  • Página 117

    If you want to close the configuration window without making any changes, click Cancel . Configuring Notifications Click the Notifications tab in the configuration window to configure notifications. Notifications Select Report Generated to enable notifications on report generation. Note T o choose how to obtain information about the occurrence of t[...]

  • Página 118

    9.6.4. On-demand Scanning T asks Scheduling T asks T o create a new scheduled task, click New task . The configuration wizard will appear and it will guide you through the process of creating a scheduled task. Follow these steps to schedule an on-demand scanning task: Step 1/7 - Welcome to the Scheduled T asks Wizard Welcome Click Next . Monitoring[...]

  • Página 119

    Step 2/7 - Select T ask T ype Select T ask T ype Provide the task name and then select On-demand Scanning T ask . Click Next . Step 3/7 - Configure Schedule Run T ask Periodically Specify the task schedule. Y ou must choose one of the following options from the menu: Monitoring 104 BitDefender Security for Exchange[...]

  • Página 120

    ● Once - to run the task one time only , at a given moment. Specify the start date and time in the Start Date / Start Time fields. ● Periodically - to run the task periodically , at certain time intervals (minutes, hours, days, weeks, months, years), starting with a specified date and time. T o configure the necessary settings, follow these ste[...]

  • Página 121

    Step 4/7 - Select Scan T arget Select Scan T arget Select the check boxes corresponding to the items (groups, mailboxes and public folders) you want to be scanned. If you want to scan all the Exchange databases (mailboxes and public folders), just click Select All . T o clear all check boxes and start a new selection, click Clear All . Y ou can sel[...]

  • Página 122

    Step 5/7 - Set Actions Set Actions Different actions can be configured for the infected and suspect objects detected by BitDefender . There is a list of actions that can be applied to each category of detected objects (infected or suspect). When such an object is detected, the first action in the corresponding list is applied. If this action fails,[...]

  • Página 123

    Description Action The suspect object (mail body / attachment / public file) is moved to the quarantine folder . Move to Quarantine The suspect object (mail body / attachment / public file) is deleted. Delete object The suspect message is deleted. Delete e-mail The suspect message is delivered in full to its recipients. Ignore In addition, BitDefen[...]

  • Página 124

    Note T o view the report file, at the end of the scanning, open the configuration window (select the task and click Properties ) and then click View Log . Log Scanning Select Log start/end of on-demand scanning to record the start and the end of the process in the log file. Note The corresponding event from the Events section must be enabled and pr[...]

  • Página 125

    Note The task will appear in the Scheduled T asks section. Configuring Properties In order to modify an existing scheduled task or to configure more advanced settings, unavailable in the configuration wizard, just double-click the task or select it and click Properties . The configuration window will appear . Note T o open the configuration window [...]

  • Página 126

    Viewing General Information General Y ou can see general information about the task (the name, the status, the last time when the task ran). If you want to change the task name, enter a new name in the corresponding field. If the task is running, you can end the scanning process by clicking End T ask . T o see the report file on the last task execu[...]

  • Página 127

    Modifying Schedule Click the Schedule tab in the configuration window to modify the schedule. Schedule Specify the task schedule. Y ou must choose one of the following options from the menu: ● Once - to run the task one time only , at a given moment. Specify the start date and time in the Start Date / Start Time fields. ● Periodically - to run [...]

  • Página 128

    2. If you want to run the task repeatedly until a certain date, check End Date and specify the end date in the corresponding field. 3. Specify the start time in the Start T ime field. 4. Specify the task frequency by specifying the number of minutes / hours / days / weeks / months / years between two successive occurrences of such task, in the corr[...]

  • Página 129

    Settings Select Scan T arget Select the check boxes corresponding to the items (groups, mailboxes and public folders) you want to be scanned. If you want to scan all the Exchange databases (mailboxes and public folders), just click Select All . T o clear all check boxes and start a new selection, click Clear All . Y ou can select Show only selected[...]

  • Página 130

    Advanced Scan Settings If you do not want to scan messages that exceed a certain size limit, select Maximum mail size to be scanned and provide the size limit in the corresponding field. Beside messages, you can select other objects to be scanned: Contacts , T asks and Appointments . Click OK to save changes and close the window . Limit Scanning Ti[...]

  • Página 131

    Actions Different actions can be configured for the infected and suspect objects detected by BitDefender . There is a list of actions that can be applied to each category of detected objects (infected or suspect). When such an object is detected, the first action in the corresponding list is applied. If this action fails, the next action in the lis[...]

  • Página 132

    Description Action The infected object (mail body / attachment / public file) is deleted. Delete object The infected message is deleted. Delete e-mail The infected object (mail body / attachment / public file) is moved to the quarantine folder . Move to Quarantine The infected message is delivered in full to its recipients. Ignore Actions for suspe[...]

  • Página 133

    Notifications Log Scanning Select Log start/end of on-demand scanning to record the start and the end of the process in the log file. Note The corresponding event from the Events section must be enabled and properly configured. For more information, please refer to “ Configuring Events ” (p. 70 ) . Configure Report Settings Select Generate Scan[...]

  • Página 134

    The report can be generated in HTML, text or CSV format. Y ou can choose the format of the report file from the menu. Note T o view the report file, at the end of the scanning process, open the configuration window (select the task and click Properties ) and then click View Log . Click Apply to save the changes. If you want to save the changes and [...]

  • Página 135

    10. SMTP Groups BitDefender allows creating user groups, in order to apply dif ferent scanning and filtering policies for different user categories. For example, you can create appropriate policies for the IT department, for the sales team or for the managers of your company . T o create new user groups or manage existing groups, click SMTP Groups [...]

  • Página 136

    10.1. Managing Groups T o manage the groups, use these buttons: ● New Group - creates a new group. Y ou will have to configure the group before it appears in the table. ● Copy - copies one or several selected groups. ● Delete - deletes one or several selected groups. Y ou will have to confirm your choice by clicking Y es . ● Properties - op[...]

  • Página 137

    Group Properties T o configure the group follow these steps: 1. Identify the new group. Provide the group name and, optionally , the group description in the corresponding fields. 2. Add users to the new group. ● Provide the e-mail address in the corresponding field and click Add . ● Add users from the Active Directory user list. Click Browse t[...]

  • Página 138

    Browse for Users (Groups) Y ou can see the list of all the users from Active Directory that have an SMTP address assigned. The list structure is the one from Active Directory . The user list is automatically updated once a day . T o update the list, click Update Now . Click the box labeled with "+" to show all items contained by an object[...]

  • Página 139

    1 1. Antivirus The Antivirus module protects the Exchange server against viruses, spyware and riskware, and it ensures that users do not access infected e-mails. It detects infected or suspect messages and attempts to disinfect them or isolates the infection, according to the specified actions. The default settings can be managed in the Policies ta[...]

  • Página 140

    1 1.1. Real-time Antivirus Protection Click Antivirus in the tree menu to enter this section. Real-time Antivirus Protection This is where you can enable real-time protection and configure advanced antivirus settings. If you want the real-time antivirus protection to be enabled, select Enable real-time antivirus scanning . Otherwise, clear the chec[...]

  • Página 141

    1 1.1.1. Configuring Advanced Antivirus Settings Several advanced settings concerning the scanning process can be configured. These settings are applied regardless of the policy . Click Options to open the configuration window of the advanced antivirus settings. Advanced Antivirus Settings In this window you can configure VSAPI scanning and SMTP sc[...]

  • Página 142

    Background scanning means scanning all folders with a low priority . When an object that has been checked by the background scanning is requested, it will not be scanned again unless a virus definition update has been made. Therefore, enabling this scan method optimizes the overall scanning process. T o perform background scanning of the messages a[...]

  • Página 143

    Note We recommend enabling transport scanning only when BitDefender Security for Exchange is installed on a gateway . Additional options are available by clicking the Advanced button. Advanced VSAPI settings ● Scan RTF - select this option if you want the body messages in Rich T ext Format (RTF) to be scanned. ● Scan Plain T ext - select this o[...]

  • Página 144

    If SMTP scanning is enabled, BitDefender can add a footer to all scanned mails. Select the Add footer to scanned emails check box to activate this option and type the desired text in the text box below . Maximum Archive Depth T o Scan Archives can contain other archives. It is possible to find files with multiple archive levels. If there are too ma[...]

  • Página 145

    Scanning Instances 1 1.2. Policies Click Antivirus in the tree menu and then the Policies tab to enter this section. Antivirus 130 BitDefender Security for Exchange[...]

  • Página 146

    Policies This is where you can configure the rules of the real-time antivirus scanning. 1 1.2.1. Managing Rules Y ou can see all the existing rules listed in the table. For each rule, the following information is provided: priority , the name and the groups of senders and recipients it applies to. The rules are listed by order of priority with the [...]

  • Página 147

    ● If the message was not scanned before the client’s request, it is scanned according to the rule. ● If the message was checked before by proactive or background scanning and no update was performed in the meantime, the message is delivered without being scanned according to the rule. ● If the message was checked before by proactive or back[...]

  • Página 148

    1 1.2.2. Creating Rules T o create a rule, choose one of these methods: ● copy an existing rule and click Properties to modify it. ● click New Rule and configure the new rule. In both cases, a new window will appear . Next, you must configure or modify the rule. 1 1.2.3. Configuring Rules T o configure a rule follow these steps: Step 1/6 - Prov[...]

  • Página 149

    Provide the rule name and, optionally , the rule description. T o enable the rule, select Enabled . If you want the rule to be disabled, clear the check box. Step 2/6 - Select Senders Groups Click the From tab and select the groups of senders the rule applies to. Senders Groups The following options are available: ● All - the rule applies to all [...]

  • Página 150

    If necessary , you can create a new group by clicking New and configuring it. The new group will appear in the Groups section. T o configure an existing group or to see its parameters, select it and click Details . Note T o learn how to configure a group, please refer to “ Creating Groups ” (p. 121 ) . Step 3/6 - Select Recipients Groups Click [...]

  • Página 151

    If you choose Selected , you have to select from the list the groups you want the rule to apply to. Y ou can select Match all recipients to apply the rule only if all the recipients of the message belong to the specified groups. For example, if the e-mail is sent to several recipients and at least one of them is not found in the specified groups, t[...]

  • Página 152

    Step 4/6 - Configure Scan Options Click the Scan Options tab and configure the scan options for the messages matching this policy . Scan Options If you do not want the messages to be scanned for malware, select Do not scan . Then, click OK to save the changes and close the configuration window . If you select Scan , the messages will be scanned for[...]

  • Página 153

    Description Option All mail attachments are scanned, regardless of their extension. Scan all extensions Only the attachments containing applications are scanned. This category is limited to files with the Scan only application extensions following extensions: .exe ; .com ; .dll ; .ocx ; .scr ; .bin ; .dat ; .386 ; .vxd ; .sys ; .wdm ; .cla ; .class[...]

  • Página 154

    Actions Different actions can be configured for the infected and suspect objects detected by BitDefender . There is a list of actions that can be applied to each category of detected objects (infected or suspect). When such an object is detected, the first action in the corresponding list is applied. If this action fails, the next action in the lis[...]

  • Página 155

    Description Action The infected object (mail body / attachment) is deleted. Delete object The infected message is deleted. Delete e-mail The infected message is delivered in full to its recipients. Ignore Note The Delete e-mail action does not work on Exchange 2000 VSAPI scanning, it only works on Exchange 2000 SMTP scanning. Actions for suspect ob[...]

  • Página 156

    Step 6/6 - Configure Notifications Click the Notifications tab and specify whether to issue notifications or not when infected messages are detected or files cannot be scanned. Notifications Select the events for which to issue notifications: ● Infected file detected - when an infected file was detected. ● File not scanned - when a file could n[...]

  • Página 157

    1 1.3. On-demand Scanning BitDefender can scan the Exchange databases (mailboxes and public folders) for viruses and spyware on-demand. T o configure and initiate on-demand scanning processes, click Antivirus in the tree menu and then the On-demand tab. Note On-demand scanning is available only for back-end Exchange servers. On-demand Scanning In o[...]

  • Página 158

    Note Only one on-demand scan can be run at a time. Please note that on-demand scanning increases resource consumption. Y ou should not set BitDefender to scan the Exchange databases when the server workload is at a high level. If you want to schedule an on-demand scan, click Schedule and follow the steps of the wizard. For more information, please [...]

  • Página 159

    On-demand Scan Settings Select Scan T arget Select the check boxes corresponding to the items (groups, mailboxes and public folders) you want to be scanned. If you want to scan all the Exchange databases (mailboxes and public folders), just click Select All . T o clear all check boxes and start a new selection, click Clear All . Y ou can select Sho[...]

  • Página 160

    Advanced Scan Settings If you do not want to scan messages that exceed a certain size limit, select Maximum e-mail message size to be scanned and provide the size limit in the corresponding field. Beside messages, you can select other objects to be scanned: Contacts , T asks and Appointments . Click OK to save changes and close the window . Scannin[...]

  • Página 161

    Actions Different actions can be configured for the infected and suspect objects detected by BitDefender . There is a list of actions that can be applied to each category of detected objects (infected or suspect). When such an object is detected, the first action in the corresponding list is applied. If this action fails, the next action in the lis[...]

  • Página 162

    Description Action The infected object (mail body / attachment / public file) is moved to the quarantine folder . Move to Quarantine The infected object (mail body / attachment / public file) is deleted. Delete object The infected message is deleted. Delete e-mail The infected message is delivered in full to its recipients. Ignore Actions for suspe[...]

  • Página 163

    Notifications Log Scanning Select Log start/end of on-demand scanning to record the start and the end of the on-demand scanning in the log file. Note The corresponding event from the Events section must be enabled and properly configured. For more information, please refer to “ Configuring Events ” (p. 70 ) . Configure Report Settings Select Ge[...]

  • Página 164

    The report can be generated in HTML, text or CSV format. Y ou can choose the format of the report file from the menu. Click OK to save the changes and close the configuration window . 1 1.3.2. Viewing Scan Reports By default, everytime you scan the Exchange server on-demand, a scan report is created. The report provides you with detailed informatio[...]

  • Página 165

    12. Antispam The Antispam module offers protection against spam, phishing and other attacks. It uses a combination of various filters and engines to determine whether messages are spam or not and to check them for patterns of spam. Based on the groups the sender and the recipients belong to, you can specify various actions to be taken on the spam m[...]

  • Página 166

    12.1. Antispam Filtering Click Antispam in the tree menu and then the Antispam tab to enter this section. Antispam Filtering This is where you can enable antispam filtering and configure the global antispam filters. If you want the antispam protection to be enabled, select Enable antispam filtering . Otherwise, clear this check box. Click Apply to [...]

  • Página 167

    12.1.1. Configuring Global Antispam Filters Several global antispam filters can be configured to filter all of the incoming mail traffic, in order to reduce the traffic on the server . These filters are used before a specific group filtering policy is applied. Note We recommend you to configure these filters when BitDefender Security for Exchange i[...]

  • Página 168

    Note The Allow IP List is used to except IP addresses from ranges of IP addresses defined on the Deny IP List. Select Enable Allow / Deny IP List and configure the IP addresses if you want to use the Allow / Deny IP List to filter the incoming mail traffic. Add IP Addresses. Click Add to add a new IP address to the list. The configuration Add IP Ad[...]

  • Página 169

    Manage IP List. Y ou can see the IP addresses and the associated action listed in the table. If you want to modify an entry , either double-click it or select it and click Modify . T o remove one or several selected entries, click Remove and then Y es to confirm your choice. Import / Export IP List. T o export the IP list to a txt file, click Expor[...]

  • Página 170

    Manage Addresses. Y ou can see the e-mail addresses listed in the table. If you want to modify an address, either double-click it or select it and click Modify . T o remove one or several selected addresses, click Delete and then Y es to confirm your choice. Import / Export Addresses. T o import addresses from a txt file, click Import , select it a[...]

  • Página 171

    Spammers often try to "spoof" the sender's e-mail address to make the e-mail appear as being sent by someone in your domain. T o prevent this, you can use IP Match. If an e-mail appears to be from a domain that you have specified in the IP Match rule list (such as your own company domain), BitDefender checks to see if the IP address [...]

  • Página 172

    In the table on the right, you can see the IP addresses as they are added. If you want to modify an existing entry , select it, make the necessary changes and click Modify . T o select all entries, just click Select All . T o delete one or several entries from the list, select them and click Remove and then Y es to confirm your choice. 3. Click OK [...]

  • Página 173

    the DNSBL protocol and RBL servers to filter spam based on mail servers' reputation as spam senders. A DNS check is performed on the domain d.c.b.a.rbl.example.com , where d.c.b.a is the reversed IP address of the server and rbl.example.com is the RBL server . If the DNS replies that the domain is valid, it means that the IP is listed in the R[...]

  • Página 174

    12.2. Policies Click Antispam in the tree menu and then the Policies tab to enter this section. Policies This is where you can specify the antispam filtering options. Y ou can modify the default rule to specify the antispam filtering options for all of the mail traffic, or you can configure new rules in order to create customized group filtering po[...]

  • Página 175

    Note Messages are checked against each rule, by order of priority , until the sender and the recipients of the message match a rule. The message is then processed according to the antispam filtering options specified by that rule. Please note that the mail traffic is first filtered using the global antispam filters. The messages that pass the globa[...]

  • Página 176

    ● click New Rule and configure the new rule. In both cases, a new window will appear . Next, you must configure or modify the rule. 12.2.3. Configuring Rules T o configure a rule follow these steps: Step 1/7 - Provide General Data Open the configuration window and provide general data for the rule. General Provide the rule name and, optionally , [...]

  • Página 177

    Step 2/7 - Select Senders Groups Click the From tab and select the groups of senders the rule applies to. Senders Groups The following options are available: ● All - the rule applies to all senders, no matter if they belong to a group or not. ● Selected - the rule applies only to senders from the selected groups. If you choose Selected , you ha[...]

  • Página 178

    Note T o learn how to configure a group, please refer to “ Creating Groups ” (p. 121 ) . Step 3/7 - Select Recipients Groups Click the T o tab and select the groups of recipients the rule applies to. Recipients Groups The following options are available: ● All - the rule applies to all recipients, no matter if they belong to a group or not. ?[...]

  • Página 179

    recipients and at least one of them is not found in the specified groups, the rule will not apply . Note The addresses in the Cc and Bcc fields also count as recipients. Click Select All to select all groups. If you click Clear All no group will be selected. If necessary , you can create a new group by clicking New and configuring it. The new group[...]

  • Página 180

    Step 4/7 - Set Actions Click the Actions tab and specify the actions to be taken on the messages matching this policy . Actions If you do not want the messages to be scanned using the antispam filters, select Do not scan . Then, click OK to save the changes and close the configuration window . If you select Scan , the messages will be scanned using[...]

  • Página 181

    The Bayesian Filter , the Pre-trained Bayesian Filter and the NeuNet Filter give to each scanned message a Spam score. The aggregate of these scores represents an overall spam score. The overall spam score is measured against the desired level of spam sensitivity (threshold), and a decision is made. If the spam score for a message exceeds the thres[...]

  • Página 182

    Description Action ● [SPAM]${subject}[SPAM] - to add [SPAM] before and after the subject. This is the default subject pattern. ● [SPAM] - to replace the subject with [SPAM] . ● [$score% SPAM]$subject - to add [x SPAM] before the subject, where x represents the spam score. An e-mail header is added to the messages detected as spam. Add a heade[...]

  • Página 183

    Antispam Engines Note For more information on the antispam filters mentioned here, please refer to “ Policy Filters ” (p. 18 ) . The following options are available: ● Enable pre-trained Bayesian Filter - enables / disables the pre-trained Bayesian Filter . ● Enable Multi Filter - enables / disables the Multi Filter . This filter has severa[...]

  • Página 184

    ● Enable Image Filter - enables / disables the Image Filter . ● Enable URL Filter - enables / disables the URL Filter . ● Enable RBL Filter - enables / disables the global RBL Filter . ● Enable Heuristic Filter - enables / disables the Heuristic Filter . Note T o enable / disable a filter select / clear the corresponding check box. Step 6/7[...]

  • Página 185

    List filter , the administrator can set a list of trusted and untrusted addresses from which to respectively "always accept" or "always reject" e-mail messages. Select Enable White / Black Lists to filter messages using the White List and the Black List. White List The White List contains e-mail addresses expected to send legiti[...]

  • Página 186

    Import / Export Addresses. T o import addresses from a txt file, click Import , select it and then click Open . T o export the existing addresses to a txt file, click Export and save the file to the desired location. In this way you can use the address list when configuring BitDefender server products on other machines or after reinstalling the pro[...]

  • Página 187

    configuring BitDefender server products on other machines or after reinstalling the product. Click OK to save the changes and close the window . If you click Cancel all changes will be lost. Step 7/7 - Configure Bayesian Filter Click the Bayesian Filter tab and configure the Bayesian Filter . Bayesian Filter The Bayesian Filter constantly collects [...]

  • Página 188

    HAM folder (the folder containing legitimate mail) and the SP AM folder by clicking Browse . Note The messages in the SP AM and HAM folders are deleted after the training is completed. In order to get the best results, it is recommended to train the Bayesian Filter often. Provide the training interval in the corresponding field. The recommended int[...]

  • Página 189

    13. Content Filtering Content Filtering helps you filter e-mail messages based on certain character strings found in the e-mail headers (subject, from, to, cc) or in the e-mail body . By using Content Filtering, you can achieve the following goals: ● prevent unwanted mail content from entering the Exchange server mailboxes. ● block outgoing mai[...]

  • Página 190

    13.1. Content Filtering Click Content Filtering in the tree menu to enter this section. Content Filtering This is where you can enable content filtering. If you want content filtering to be enabled, select Enable content filtering . Otherwise, clear this check box. Click Apply to save the changes. Note In order to configure the global content filte[...]

  • Página 191

    13.2. Policies Click Content Filtering in the tree menu and then the Policies tab to enter this section. Policies This is where you can specify the content filtering options. Y ou can modify the default rule to specify the content filtering options for all of the mail traffic, or you can configure new rules in order to create customized group filte[...]

  • Página 192

    Note Messages are checked against each rule, by order of priority , until the sender and the recipients of the message match a rule. The message is then processed according to the content filtering options specified by that rule. Default Rule. There is one rule created by default that manages the global content filtering settings. Y ou cannot copy [...]

  • Página 193

    13.2.3. Configuring Rules T o configure a rule follow these steps: Step 1/6 - Provide General Data Open the configuration window and provide general data for the rule. General Provide the rule name and, optionally , the rule description. T o enable the rule, select Enabled . If you want the rule to be disabled, clear the check box. Content Filterin[...]

  • Página 194

    Step 2/6 - Select Senders Groups Click the From tab and select the groups of senders the rule applies to. Senders Groups The following options are available: ● All - the rule applies to all senders, no matter if they belong to a group or not. ● Selected - the rule applies only to senders from the selected groups. If you choose Selected , you ha[...]

  • Página 195

    Note T o learn how to configure a group, please refer to “ Creating Groups ” (p. 121 ) . Step 3/6 - Select Recipients Groups Click the T o tab and select the groups of recipients the rule applies to. Recipients Groups The following options are available: ● All - the rule applies to all recipients, no matter if they belong to a group or not. ?[...]

  • Página 196

    recipients and at least one of them is not found in the specified groups, the rule will not apply . Note The addresses in the Cc and Bcc fields also count as recipients. Click Select All to select all groups. If you click Clear All no group will be selected. If necessary , you can create a new group by clicking New and configuring it. The new group[...]

  • Página 197

    Filtering Options If you do not want the messages to be scanned using content filtering options, select Do not scan . Then, click OK to save the changes and close the configuration window . If you select Scan , the messages will be scanned using the content filtering options configured for this policy . Next, you must specify the rule conditions. N[...]

  • Página 198

    T o specify the strings, click Configure subject . A new window will appear , where you can configure the defined strings (please see “ Configuring Strings ” (p. 183 ) ). Filtering Mail by Sender Address Select Sender and specify the rule strings in order to filter mail by the sender address. All the messages the sender address of which matches[...]

  • Página 199

    Specify parameters Provide the string in the corresponding field and click Add . Y ou can choose to enter either a wildcard expression or a regular expression. Note Y ou can use the following wildcards: ● * replaces zero, one or more characters. For example, you can enter *xxx* to detect the messages that contain the xxx string in the headers (su[...]

  • Página 200

    Description Option The rule applies only if an entire string matching the specified parameter is detected. Match whole word only Y ou can see all the defined strings in the list. T o remove entries, select them and click Remove . Click OK to save the changes. Step 5/6 - Set Actions Click the Actions tab and specify the actions to be taken on the de[...]

  • Página 201

    Description Action The detected message is deleted. Delete e-mail The detected message is moved to the quarantine folder . Quarantine e-mail The detected message is delivered in full to its recipients. Deliver e-mail The detected message is rejected with a 550 SMTP error code. Reject e-mail Y ou can also set additional actions to be taken on the de[...]

  • Página 202

    Step 6/6 - Configure Notifications Click the Notifications tab and specify whether to issue notifications or not when messages match the rule. Notifications Select Rule matched to issue notifications when messages match the rule. Note The corresponding event in the Events section must be enabled and properly configured. For more information, please[...]

  • Página 203

    14. Attachment Filtering The Attachment Filtering module provides filtering features for mail attachments. It can detect attachments with certain name patterns, of a certain type or exceeding a certain size limit. By using Attachment Filtering, you can achieve the following goals: ● limit the size of the attachments entering or leaving the Exchan[...]

  • Página 204

    14.1. Attachment Filtering Click Attachment Filtering in the tree menu to enter this section. Attachment Filtering This is where you can enable attachment filtering. If you want attachment filtering to be enabled, select Enable attachment filtering . Otherwise, clear this check box. Click Apply to save the changes. Note In order to configure the gl[...]

  • Página 205

    14.2. Policies Click Attachment Filtering in the tree menu and then the Policies tab to enter this section. Policies This is where you can specify the attachment filtering options. Y ou can modify the default rule to specify the attachment filtering options for all of the mail traffic, or you can configure new rules in order to create customized gr[...]

  • Página 206

    Note Messages are checked against each rule, by order of priority , until the sender and the recipients of the message match a rule. The message is then processed according to the attachment filtering options specified by that rule. Default Rule. There is one rule created by default that manages the global content filtering settings. Y ou cannot co[...]

  • Página 207

    14.2.3. Configuring Rules T o configure a rule follow these steps: Step 1/6 - Provide General Data Open the configuration window and provide general data for the rule. General Provide the rule name and, optionally , the rule description. T o enable the rule, select Enabled . If you want the rule to be disabled, clear the check box. Step 2/6 - Selec[...]

  • Página 208

    Senders Groups The following options are available: ● All - the rule applies to all senders, no matter if they belong to a group or not. ● Selected - the rule applies only to senders from the selected groups. If you choose Selected , you have to select from the list the groups you want the rule to apply to. Click Select All to select all groups[...]

  • Página 209

    Step 3/6 - Select Recipients Groups Click the T o tab and select the groups of recipients the rule applies to. Recipients Groups The following options are available: ● All - the rule applies to all recipients, no matter if they belong to a group or not. ● Selected - the rule applies only to recipients from the selected groups. If you choose Sel[...]

  • Página 210

    Note The addresses in the Cc and Bcc fields also count as recipients. Click Select All to select all groups. If you click Clear All no group will be selected. If necessary , you can create a new group by clicking New and configuring it. The new group will appear in the Groups section. T o configure an existing group or to see its parameters, select[...]

  • Página 211

    If you do not want the messages to be scanned using attachment filtering options, select Do not scan . Then, click OK to save the changes and close the configuration window . If you select Scan , the messages will be scanned using the attachment filtering options configured for this policy . Next, you must specify the rule conditions. Note Messages[...]

  • Página 212

    All the names excepted from scanning are listed in the box. T o remove entries, select them and click Remove . Filtering Attachments by T ype Select Detect all extensions except for the following and specify the excepted extensions in order to filter attachments by type. All attachments with extensions other than those specified as exceptions will [...]

  • Página 213

    Actions Y ou must choose one of the following actions: Description Action The message containing the detected attachment is deleted. Delete e-mail The detected attachment is deleted. Delete attachment The detected attachment is replaced with a specified text. Replace attachment with text T o specify the text to be delivered instead of the attachmen[...]

  • Página 214

    Description Action The message containing the detected attachment is delivered in full to its recipients. Deliver e-mail The detected message is rejected with a 550 SMTP error code. Reject e-mail Y ou can also set additional actions to be taken on the detected messages. The following actions are available: Description Action The subject of the mess[...]

  • Página 215

    Step 6/6 - Configure Notifications Click the Notifications tab and specify whether to issue notifications or not when attachments match the rule. Notifications Select Rule matched to issue notifications when attachments match the rule. Note The corresponding event in the Events section must be enabled and properly configured. For more information, [...]

  • Página 216

    15. Update New viruses and spyware are found and identified every day . This is why it is very important to keep BitDefender up to date with the latest signatures. By default, BitDefender automatically checks for updates every hour . Updates can be classified in the following ways: ● Antivirus updates - as new threats appear , the files containin[...]

  • Página 217

    15.1. Update T o find out information on the update status and if product updates are available, click Update in the tree menu and then the Update tab. Update If you want to update BitDefender immediately , just click Update Now . The Update module will check for updates at the specified update locations. If new malware signatures or scanning engin[...]

  • Página 218

    15.1.2. Product Update The product updates are different from the signature updates. Their function is to deliver bug fixes and new features to the product. There are two types of updates for the product: ● product updates (patches) - these are files that bring improvements to the current product; they are usually smaller size updates that do not[...]

  • Página 219

    15.2. Update Settings T o configure the update frequency and the update settings, click Update in the tree menu and then the Settings tab. Update Settings 15.2.1. Configuring Update Schedule There are two ways to update BitDefender Security for Exchange on a regular basis: ● Using the automatic update. The automatic update feature allows updating[...]

  • Página 220

    Important Keep automatic update enabled in order to be protected against the latest threats. T o change the frequency BitDefender checks for updates, follow these steps: 1. T ype the number of hours between two consecutive checks for updates in the Automatic update interval field. 2. Click Apply to save the changes. T o disable automatic update, fo[...]

  • Página 221

    15.2.3. Configuring Product Updates Installing product updates regularly is essential to the security of your server . Depending on the level of interference with the server , there are three types of product updates: ● product updates that do not require stopping server traffic or to reboot the server ● product updates that require stopping se[...]

  • Página 222

    15.3. Update Locations T o set the update locations, click Update in the tree menu and then the Locations tab. Update Locations BitDefender can update from the local network, over the Internet, directly or through a proxy server . For more reliable and faster updates, you can configure two update locations: a First update location and a Second upda[...]

  • Página 223

    Note If you are connected to a local network that has BitDefender virus signatures placed locally , you can change the location of the updates here. ● Allow unsigned updates - select this option to allow updates from a local server to be installed. ● Use proxy - select this option if the company uses a proxy server . The following settings must[...]

  • Página 224

    Update Notifications This is where you can specify the update events for which notifications should be issued. Select the update events for which to issue notifications: ● Update performed - when an update was performed. ● No update available - when no update is available. ● Update failed - when an error occurred during an update and the upda[...]

  • Página 225

    15.5. Update Roll Back If you have performed a product update since first installing BitDefender , you can always revert to the previous product version using the Rollback feature. This feature is very useful in case the product starts behaving unexpectedly . T o see if there is any rollback available, click Update in the tree menu and then the Rol[...]

  • Página 226

    15.6. Manual Update This method allows installing the latest virus and spyware signatures. T o install a patch or a product upgrade of the latest version, go to the Product Update section. Important Use the manual update when the automatic update cannot be performed or when the computer is not connected to the Internet. Manual update is performed u[...]

  • Página 227

    date stamp in the folder name). Extract the content of the archive in the Plugins folder and accept overwriting existing files. 6. Start BitDefender Antivirus Scanning Service. Right-click BitDefender Antivirus Scanning Service and select Start . 7. Start BitDefender File Scanning Service. Right-click BitDefender File Scanning Service and select St[...]

  • Página 228

    16. General The General snap-in allows configuring BitDefender to send the BitDefender Lab reports regarding the viruses found on the server and the incidents that occurred during product operation. 16.1. Report V irus Real-time Virus Reporting (RTVR) allows sending reports about the viruses and spam found on your server to the BitDefender Lab in o[...]

  • Página 229

    Report Virus Real-time Virus Reporting is disabled by default. T o activate it, follow these steps: 1. Select Enable real-time virus reports . 2. Click Apply to save the changes. 16.2. Report Incidents BitDefender Security for Exchange contains an incident management module that allows creating incident reports during product crashes. By agreeing t[...]

  • Página 230

    T o configure the incident management module, click General in the tree menu and then the Report Incidents tab. Report Incidents By default, the reports created automatically during product crashes are not sent to the BitDefender Lab. T o configure BitDefender to send incident reports to the BitDefender Lab, follow these steps: 1. Select I agree to[...]

  • Página 231

    T esting BitDefender 216 BitDefender Security for Exchange[...]

  • Página 232

    17. Antivirus T est Y ou can verify that the BitDefender Antivirus component works properly by the help of a special test file, known as the EICAR Standard Anti-virus T est file. EICAR stands for the European Institute of Computer Anti-virus Research . This is a dummy file, detected by antivirus products. The file can be created using any text edit[...]

  • Página 233

    18. Antispam T est Y ou can verify that the BitDefender Antispam component is correctly installed and works properly by the help of a special test, known as GTUBE . GTUBE stands for the Generic T est for Unsolicited Bulk Email . The test consists of entering the following 68-byte string, as one line, in the body of the email: XJS*C4JDBQADN1.NSBN3*2[...]

  • Página 234

    T roubleshooting and Getting Help 219 BitDefender Security for Exchange[...]

  • Página 235

    19. BitDefender Configuration Repair T ool If you have problems with BitDefender Security for Exchange, you can use the BitDefender Configuration Repair T ool to restore the last known good configuration. The BitDefender Configuration Repair T ool backs the configuration file up every hour so that you can restore it if needed. This tool can be succ[...]

  • Página 236

    Repairing Configuration The window displays the status of the restoration process. First, the BitDefender Configuration Repair T ool stops the services belonging to the BitDefender Security for Windows Servers products installed on the system (services belonging to Microsoft applications may also be stopped; for example, Microsoft Exchange T ranspo[...]

  • Página 237

    Finish Click Exit to close the window . BitDefender Configuration Repair T ool 222 BitDefender Security for Exchange[...]

  • Página 238

    20. BitDefender Support T ool The BitDefender Support T ool creates a zip archive of files required by our support technicians to troubleshoot BitDefender Security for Exchange. T o use the Support T ool, follow these steps: 1. Open the BitDefender Support T ool using this path from the Windows start menu: Start → All Programs → BitDefender Sec[...]

  • Página 239

    Gathering Information The Support T ool gathers product information, information related to other applications installed on the machine and the software and hardware configuration. 4. The Support T ool informs you when the process has completed. Finish The name of the zip archive that has been created on your desktop is displayed in this window . C[...]

  • Página 240

    21. Support With BitDefender , dedication to saving customers’ time and money by providing the most advanced products at the fairest prices has always been a top priority . Moreover , we believe that a successful business is based on good communication and commitment to excellence in customer support. Y ou are welcome to ask for support at any ti[...]

  • Página 241

    and development teams, along with more general articles about virus prevention, the management of BitDefender solutions with detailed explanations, and many other articles. The BitDefender Knowledge Base is open to the public and freely searchable. The extensive information it contains is yet another means of providing BitDefender customers with th[...]

  • Página 242

    North America BitDefender , LLC PO Box 667588 Pompano Beach, Fl 33066 Phone (sales&technical support): 1-954-776-6262 Sales: sales@bitdefender .com Web: http://www .bitdefender .com Web Self-Service: http://kb.bitdefender .com/site/KnowledgeBase/showMain/2/ Germany BitDefender GmbH Airport Of fice Center Robert-Bosch-Straße 2 59439 Holzwickede[...]

  • Página 243

    Fax: +34 932179128 Phone (office&sales): +34 902190765 Phone (technical support): +34 935026910 Sales: comercial@bitdefender .es Website: http://www .bitdefender .es Web Self-Service: http://www .bitdefender .es/site/KnowledgeBase/showMain/2/ Romania BITDEFENDER SRL West Gate Park, Building H2, 24 Preciziei Street Bucharest, Sector 6 Fax: +40 2[...]