Administration Guide
Page 2
... the right to its accuracy or use of the technical documentation or the information contained therein is at the risk of the user. Symantec AntiVirus™ Corporate Edition Administrator's Guide The software described in this book is furnished under a license agreement and may be trademarks or registered trademarks of their respective companies and ...
... the right to its accuracy or use of the technical documentation or the information contained therein is at the risk of the user. Symantec AntiVirus™ Corporate Edition Administrator's Guide The software described in this book is furnished under a license agreement and may be trademarks or registered trademarks of their respective companies and ...
Administration Guide
Page 5
Contents Technical support Section 1 Managing Symantec AntiVirus Chapter 1 Managing Symantec AntiVirus About managing Symantec AntiVirus 13 Managing with the Symantec System Center 14 Using console views 15 Saving console settings 16 Understanding Symantec System Center icons 17 Discovering computers and refreshing the console 19 Auditing computers 31 About clients and servers 37 About primary servers 37 About secondary ...
Contents Technical support Section 1 Managing Symantec AntiVirus Chapter 1 Managing Symantec AntiVirus About managing Symantec AntiVirus 13 Managing with the Symantec System Center 14 Using console views 15 Saving console settings 16 Understanding Symantec System Center icons 17 Discovering computers and refreshing the console 19 Auditing computers 31 About clients and servers 37 About primary servers 37 About secondary ...
Administration Guide
Page 7
... .......115 Configuring scheduled scans 115 Scheduling scans for server groups or individual Symantec AntiVirus servers 115 Scheduling scans for Symantec AntiVirus clients 118 Setting options for missed scheduled scans 120 Editing, deleting, or disabling a scheduled scan 121 Running a scheduled scan on... demand 122 Deleting files and folders that are left on computers by threats .......122 Handling Symantec AntiVirus clients with intermittent connectivity .....123 ...
... .......115 Configuring scheduled scans 115 Scheduling scans for server groups or individual Symantec AntiVirus servers 115 Scheduling scans for Symantec AntiVirus clients 118 Setting options for missed scheduled scans 120 Editing, deleting, or disabling a scheduled scan 121 Running a scheduled scan on... demand 122 Deleting files and folders that are left on computers by threats .......122 Handling Symantec AntiVirus clients with intermittent connectivity .....123 ...
Administration Guide
Page 8
...Best practice: Using Continuous LiveUpdate on 64-bit computers ... 149 Updating virus definitions files on Symantec AntiVirus servers 150 Updating and configuring Symantec AntiVirus servers using the Virus Definition Transport Method 150 Updating servers using LiveUpdate 156 Updating servers with ... 159 Minimizing network traffic and handling missed updates 160 Updating virus definitions files on Symantec AntiVirus clients 162 Updating virus definitions files on Symantec AntiVirus clients immediately 164 Configuring managed clients to use an internal LiveUpdate server 165 Enabling ...
...Best practice: Using Continuous LiveUpdate on 64-bit computers ... 149 Updating virus definitions files on Symantec AntiVirus servers 150 Updating and configuring Symantec AntiVirus servers using the Virus Definition Transport Method 150 Updating servers using LiveUpdate 156 Updating servers with ... 159 Minimizing network traffic and handling missed updates 160 Updating virus definitions files on Symantec AntiVirus clients 162 Updating virus definitions files on Symantec AntiVirus clients immediately 164 Configuring managed clients to use an internal LiveUpdate server 165 Enabling ...
Administration Guide
Page 9
... How roaming works 183 Implementing roaming 183 Analyzing and mapping your Symantec AntiVirus network 184 Identifying servers for each hierarchical level 185 Creating a list of 0 level Symantec AntiVirus servers 185 Creating a hierarchical list of Symantec AntiVirus servers 186 Configuring roaming client support options from the Symantec System Center console 186 Configuring additional roaming client support for roam...
... How roaming works 183 Implementing roaming 183 Analyzing and mapping your Symantec AntiVirus network 184 Identifying servers for each hierarchical level 185 Creating a list of 0 level Symantec AntiVirus servers 185 Creating a hierarchical list of Symantec AntiVirus servers 186 Configuring roaming client support options from the Symantec System Center console 186 Configuring additional roaming client support for roam...
Administration Guide
Page 11
Section 1 Managing Symantec AntiVirus ■ Managing Symantec AntiVirus ■ Setting up the Alert Management System
Section 1 Managing Symantec AntiVirus ■ Managing Symantec AntiVirus ■ Setting up the Alert Management System
Administration Guide
Page 13
... chapter includes the following topics: ■ About managing Symantec AntiVirus ■ Managing with the Symantec System Center ■ About clients and servers ■ About server and client groups ■ Managing with server groups ■ ...you can use configuration files if you can also use a thirdparty tool to configure Symantec AntiVirus clients. You can perform Symantec AntiVirus administrative operations such as installing antivirus protection on your network. In addition to the Symantec System Center, you want to use configuration files (Grc.dat) to perform remote ...
... chapter includes the following topics: ■ About managing Symantec AntiVirus ■ Managing with the Symantec System Center ■ About clients and servers ■ About server and client groups ■ Managing with server groups ■ ...you can use configuration files if you can also use a thirdparty tool to configure Symantec AntiVirus clients. You can perform Symantec AntiVirus administrative operations such as installing antivirus protection on your network. In addition to the Symantec System Center, you want to use configuration files (Grc.dat) to perform remote ...
Administration Guide
Page 14
.... Note: The system hierarchy is the top level that contains all server groups and client groups. 14 Managing Symantec AntiVirus Managing with the Symantec System Center Managing with the Symantec System Center When the Symantec System Center runs, it displays a system hierarchy of object selected in tree appear in an expandable/collapsible tree. Console tree...
.... Note: The system hierarchy is the top level that contains all server groups and client groups. 14 Managing Symantec AntiVirus Managing with the Symantec System Center Managing with the Symantec System Center When the Symantec System Center runs, it displays a system hierarchy of object selected in tree appear in an expandable/collapsible tree. Console tree...
Administration Guide
Page 15
... Center Using console views Each product management snap-in the Symantec AntiVirus view. Table 1-1 Data columns in the Symantec AntiVirus view Object selected in left pane System hierarchy icon Server group icon Groups icon (for client groups) Data columns... on the selected view. When System Hierarchy is added, which includes fields related to Symantec AntiVirus, such as Last Scan and Definitions. For example, when you install the Symantec AntiVirus management snap-in, the Symantec AntiVirus view is selected, the Console Default View includes the following data columns: ■ Name...
... Center Using console views Each product management snap-in the Symantec AntiVirus view. Table 1-1 Data columns in the Symantec AntiVirus view Object selected in left pane System hierarchy icon Server group icon Groups icon (for client groups) Data columns... on the selected view. When System Hierarchy is added, which includes fields related to Symantec AntiVirus, such as Last Scan and Definitions. For example, when you install the Symantec AntiVirus management snap-in, the Symantec AntiVirus view is selected, the Console Default View includes the following data columns: ■ Name...
Administration Guide
Page 16
...you are prompted to see the last saved view the next time you launch the Symantec System Center. 16 Managing Symantec AntiVirus Managing with the Symantec System Center Table 1-1 Data columns in the Symantec AntiVirus view Object selected in left pane, expand System Hierarchy. 2 On the View menu... Center console displays the Console Default View. The other views available depend upon which managed Symantec AntiVirus products you change console views 1 In the Symantec System Center console, in right pane Client group icon or Server icon ■ Client ■ User ■ Status ...
...you are prompted to see the last saved view the next time you launch the Symantec System Center. 16 Managing Symantec AntiVirus Managing with the Symantec System Center Table 1-1 Data columns in the Symantec AntiVirus view Object selected in left pane, expand System Hierarchy. 2 On the View menu... Center console displays the Console Default View. The other views available depend upon which managed Symantec AntiVirus products you change console views 1 In the Symantec System Center console, in right pane Client group icon or Server icon ■ Client ■ User ■ Status ...
Administration Guide
Page 17
...group or a server may be resolved in lost settings. Symantec AntiVirus server running on a supported Windows or NetWare computer. For security reasons, all server groups. Understanding Symantec System Center icons The Symantec System Center uses icons to the locked server group icon...MMC is the primary server for the Quarantine Server. Symantec AntiVirus primary server running on a supported Windows or NetWare computer. Unlocked server group or client group. Managing Symantec AntiVirus 17 Managing with the Symantec System Center Choosing No may result in this server group...
...group or a server may be resolved in lost settings. Symantec AntiVirus server running on a supported Windows or NetWare computer. For security reasons, all server groups. Understanding Symantec System Center icons The Symantec System Center uses icons to the locked server group icon...MMC is the primary server for the Quarantine Server. Symantec AntiVirus primary server running on a supported Windows or NetWare computer. Unlocked server group or client group. Managing Symantec AntiVirus 17 Managing with the Symantec System Center Choosing No may result in this server group...
Administration Guide
Page 18
...result from one of -date or the client group to be resolved with the Symantec System Center Table 1-2 Symantec System Center icons Icon Icon descriptions Unavailable Symantec AntiVirus server. 18 Managing Symantec AntiVirus Managing with this computer, you select this client. The communication error may be a... console to show when clients are not connected to the network. When you view options only on that is running Symantec AntiVirus server. Note: If Symantec AntiVirus detects a virus and a threat other than a virus on the computer that computer. A threat other than a ...
...result from one of -date or the client group to be resolved with the Symantec System Center Table 1-2 Symantec System Center icons Icon Icon descriptions Unavailable Symantec AntiVirus server. 18 Managing Symantec AntiVirus Managing with this computer, you select this client. The communication error may be a... console to show when clients are not connected to the network. When you view options only on that is running Symantec AntiVirus server. Note: If Symantec AntiVirus detects a virus and a threat other than a virus on the computer that computer. A threat other than a ...
Administration Guide
Page 19
..., click SSC Console Options Properties. 2 In the SSC Console Options Properties dialog box, on which Symantec AntiVirus is selected in the Windows system tray. Connected workstations running Symantec AntiVirus servers. The icon in the last row of a newly installed Symantec System Center console, the console will display in the server group view. The icon shows...
..., click SSC Console Options Properties. 2 In the SSC Console Options Properties dialog box, on which Symantec AntiVirus is selected in the Windows system tray. Connected workstations running Symantec AntiVirus servers. The icon in the last row of a newly installed Symantec System Center console, the console will display in the server group view. The icon shows...
Administration Guide
Page 20
...service is stored on the network, a computer running Symantec AntiVirus server sends a ping packet to get the data that the computer is the client's parent server. The ping program verifies that support Norton AntiVirus Corporate Edition and LANDesk Virus Protect, legacy versions of this process..., Normal Discovery runs. A successful pingpong discovery ensures that it displays in the Symantec System Center console. You can accept requests. Ping...
...service is stored on the network, a computer running Symantec AntiVirus server sends a ping packet to get the data that the computer is the client's parent server. The ping program verifies that support Norton AntiVirus Corporate Edition and LANDesk Virus Protect, legacy versions of this process..., Normal Discovery runs. A successful pingpong discovery ensures that it displays in the Symantec System Center console. You can accept requests. Ping...
Administration Guide
Page 21
... servers and their IP addresses. See "Using the Find Computer feature" on page 27. See the Symantec AntiVirus Reference Guide for every server within the server group. In a Normal Discovery, the Symantec System Center console broadcasts to all servers that are in unlocked server groups. In this way, Normal ... Managing with the address cache sent by the Discovery Service, you can use the Find Computer feature. If you are running Symantec AntiVirus server on your Discovery Service, you can use the Find Computer feature or the Importer tool. To find NetWare computers that have ...
... servers and their IP addresses. See "Using the Find Computer feature" on page 27. See the Symantec AntiVirus Reference Guide for every server within the server group. In a Normal Discovery, the Symantec System Center console broadcasts to all servers that are in unlocked server groups. In this way, Normal ... Managing with the address cache sent by the Discovery Service, you can use the Find Computer feature. If you are running Symantec AntiVirus server on your Discovery Service, you can use the Find Computer feature or the Importer tool. To find NetWare computers that have ...
Administration Guide
Page 22
..., be skipped. This reduces unwanted traffic on the local subnet. In most basic type of pings to working on the network when launching the Symantec System Center. Local Discovery generates less ping noise, but is the default Discovery method. Load from cache only operation, the Normal Discovery runs.... Center console, on page 21. For example, if you use Local Discovery, a broadcast of the computer running . 22 Managing Symantec AntiVirus Managing with pong data. Intel PDS services running on servers on the console. In very large subnets, you need to add to refresh...
..., be skipped. This reduces unwanted traffic on the local subnet. In most basic type of pings to working on the network when launching the Symantec System Center. Local Discovery generates less ping noise, but is the default Discovery method. Load from cache only operation, the Normal Discovery runs.... Center console, on page 21. For example, if you use Local Discovery, a broadcast of the computer running . 22 Managing Symantec AntiVirus Managing with pong data. Intel PDS services running on servers on the console. In very large subnets, you need to add to refresh...
Administration Guide
Page 23
... IP subnet range. Following an Intense Discovery, the following Discovery types run: ■ Local Discovery ■ Load from the Symantec System Center console. Understanding IP Discovery IP Discovery provides discovery by these factors. Note: The ability of servers. For this reason...to discover computers across the network. Running the Discovery Service You manually run IP Discovery only periodically. Managing Symantec AntiVirus 23 Managing with the Symantec System Center Understanding Intense Discovery Intense Discovery walks My Network Places on the local Windows 2000 computer or ...
... IP subnet range. Following an Intense Discovery, the following Discovery types run: ■ Local Discovery ■ Load from the Symantec System Center console. Understanding IP Discovery IP Discovery provides discovery by these factors. Note: The ability of servers. For this reason...to discover computers across the network. Running the Discovery Service You manually run IP Discovery only periodically. Managing Symantec AntiVirus 23 Managing with the Symantec System Center Understanding Intense Discovery Intense Discovery walks My Network Places on the local Windows 2000 computer or ...
Administration Guide
Page 24
... the console root. 2 On the Tools menu, click Discovery Service. 3 In the Discovery Service Properties window, on page 27. See the Symantec AntiVirus Reference Guide for new computers that are trying to run the Find Computer feature or the Importer tool first. 24 Managing... Symantec AntiVirus Managing with or without including IP addresses and subnets. To run the Discovery Service and find servers with the Symantec System Center Note: The Discovery service uses WINS (Windows Internet Naming Service) or...
... the console root. 2 On the Tools menu, click Discovery Service. 3 In the Discovery Service Properties window, on page 27. See the Symantec AntiVirus Reference Guide for new computers that are trying to run the Find Computer feature or the Importer tool first. 24 Managing... Symantec AntiVirus Managing with or without including IP addresses and subnets. To run the Discovery Service and find servers with the Symantec System Center Note: The Discovery service uses WINS (Windows Internet Naming Service) or...
Administration Guide
Page 25
IP Subnet search results are displayed in the Find Computer dialog box. You can also access IP Discovery functionality in the Symantec System Center console status bar. To discover without also running IP Discovery, uncheck Enable IP Discovery. 4 In the Scan Type list, select ... Center console, on page 27. See "Using the Find Computer feature" on the Tools menu, click Discovery Service. Managing Symantec AntiVirus 25 Managing with the Symantec System Center Once Enable IP Discovery is checked, an IP Discovery session runs whenever you clicked IP Subnet, type the subnet mask to ...
IP Subnet search results are displayed in the Find Computer dialog box. You can also access IP Discovery functionality in the Symantec System Center console status bar. To discover without also running IP Discovery, uncheck Enable IP Discovery. 4 In the Scan Type list, select ... Center console, on page 27. See "Using the Find Computer feature" on the Tools menu, click Discovery Service. Managing Symantec AntiVirus 25 Managing with the Symantec System Center Once Enable IP Discovery is checked, an IP Discovery session runs whenever you clicked IP Subnet, type the subnet mask to ...
Administration Guide
Page 26
...unless the password for servers and clients. Intense Discovery also performs the same local subnet broadcast as well. 26 Managing Symantec AntiVirus Managing with information about themselves and their clients. Load from cache only and Local Discovery will appear in the Network ... Discovery. Each server's server group will run discovery, click Run Discovery Now, and then click Close. Servers respond immediately with the Symantec System Center 2 In the Discovery Service Properties window, on page 23. 3 Under Discovery Cycle, select the Interval in minutes if necessary...
...unless the password for servers and clients. Intense Discovery also performs the same local subnet broadcast as well. 26 Managing Symantec AntiVirus Managing with information about themselves and their clients. Load from cache only and Local Discovery will appear in the Network ... Discovery. Each server's server group will run discovery, click Run Discovery Now, and then click Close. Servers respond immediately with the Symantec System Center 2 In the Discovery Service Properties window, on page 23. 3 Under Discovery Cycle, select the Interval in minutes if necessary...