User manual NOD32 ESET ANTIVIRUS FOR MICROSOFT EXCHANGE 2.7

[. . . ] we protect digital worlds ESET NOD32 Antivirus for MS Exchange Server Installation Copyright © ESET, spol. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means electronic or mechanical, for any purpose without the express written permission of ESET,  spol.  s r.  o. Information in this document is subject to change without prior notice. Certain names of program products and company names used in this document might be registered trademarks or trademarks owned by other entities. [. . . ] In the Target section check the types of attachments to be scanned (Archives, Self-extracting archives, Runtime archives). When scanning archives the scanning procedure is more time consuming, because the archive must be opened for scanning. Extensions The Extensions page enables you to set which file types should be included in virus scanning. • Remove – removes the selected file extension from the list • Default – restores the default extension list setting • Scan extension−less files - adds scanning files without extensions Add a new extension (you can also use wildcards “?” and “*”) and click OK. Actions The Actions page lets you select what actions should be taken upon virus detection. When scan archives option in Detection in the Targets section is activated, this pane contains separate settings for archives and files. The type can be chosen in the pull-down menu. • Scan all files – marking this check box, XMON will scan all files types found in message attachments. The file types list will show file types excluded from scanning instead of files included in scanning. • Add – enables you to add a new file extension to the file extension list. To add a new extension use alphanumerical characters and wildcards such as “?” (represents random character) and “*” (represents random order of characters). The When virus is found settings let you select what action should be taken upon virus detection. • Clean – XMON attempts to clean the virus from the infected file. When the attempt fails, the action selected in the When virus cannot be cleaned settings is executed. • No action, mark as infected – when selected the Exchange server is notified about the infection and the user cannot open the infected message attachment. • Rename attachment/ delete message – XMON changes the attachment extension, so that it cannot be opened or run. • Delete – XMON deletes the infected message or the attachment if only the attachment is infected. The ESET NOD32 Antivirus for MS Exchange Server  deletion process can be adjusted in the Deleting setting page. • Quarantine – when checked, the infected messages will be stored in Quarantine, where it is harmless. Messages stored in Quarantine can be analyzed and cleaned later using a newer virus signature database. When virus cannot be cleaned setting is executed, if Clean option in previous menu is set. Some of the infections cannot be cleaned, because the XMON does not have a cleaning procedure for them, or because they do not contain any useful content except virus (currently the most common case). The When virus cannot be cleaned settings lets you select what action should be taken when attempt to clean an infected message fails. (No action, Mark as infected, Rename attachment/ Delete message, Delete, Quarantine) Rules The Rules settings let you select detailed rules for handling file types. If there is more than one rule for a single file type, the first rule in the list is applied. [. . . ] Protocol The Protocol settings page lets you select how the virus scanning protocol/log should be assembled. More detailed protocol can contains more information, but it can slow down the server. • Log all files – when checked, all scanned files are listed in the scanning log, including non−infected files • Synchronous logging – when checked, all the log entries are immediately written into the log file without storing them in the log cache • Scope – This setting lets you select what the scope of logging activities. The more detailed the scope, the more activities are written into the log file • Log server version – when checked, XMON writes the server version into the log file • Log license – when checked, XMON writes the XMON license into the log file • Log rules – when checked, XMON writes the list of currently enabled rules into the log file (only in detailed one) 4. Recommended settings: • Excluding Exchange files from resident protection scanning XMON scans e-mail messages stored in the MS Exchange Server storage. This storage is saved on the server file system as a single file and using non-standard settings in AMON (on-access scanner) while running on the same server, might lead to a collision between XMON and AMON. [. . . ]