Last updated on 02.11.2012
Dr.Web Anti-virus for Microsoft ISA Server and Forefront TMG (hereinafter referred to as Dr.Web Anti-virus) is an anti-virus plug-in designed to protect corporate systems against viruses and spam. It flexibly integrates into the system and processes all traffic transferred via HTTP, FTP, SMTP and POP3 protocols in order to detect and neutralize all types of malicious objects. The plug-in checks the incoming Internet traffic for viruses, dialers, adware, hacktools, jokes and riskware. If a threat is detected, it is processed according to the application settings.
The application integrates into Microsoft ISA Server and Microsoft Forefront TMG by implementing its data filters, that give access to them to the Dr.Web anti-virus engine. Dr.Web Anti-virus operates on the Dr.Web CMS platform (Dr.Web Central Management Service), which supports the central configuration of application settings and components and remote administration via protected protocol HTTPS. Dr.Web CMS has inner web server Dr.Web CMS Web Console with client authentication, thus, only the authorized administrators can access the application settings.
Dr.Web Anti-virus for Microsoft ISA Server and Forefront TMG allows joining the servers, where the Microsoft firewalls reside, into a cluster (hierarchic tree of main server and sub-servers) to replicate the application parameters from the main server to the sub-servers and thus, manage the whole protection system from only one server.
Dr.Web Anti-virus can perform the following functions:
| • | Scan all Microsoft ISA Server and Microsoft Forefront TMG traffic, transferred via HTTP, FTP (including FTP over HTTP), SMTP and POP3 protocols |
| • | Block access to the infected objets for users within the network protected by Microsoft ISA Server or Microsoft Forefront TMG firewall |
| • | Isolate infected and suspicious objects to Quarantine |
| • | Add notifications on virus events to the Event log and to the internal event database in Dr.Web CMS |
| • | Filter spam in the e-mails via SMTP protocol |
| • | Add accompanying text to the e-mail messages containing security threats |
| • | Restrict access to web resources using Office Control |
| • | Collect statistics |
| • | Automatically update virus databases and components of the plug-in |
Dr.Web Anti-virus uses virus databases, which are constantly supplemented with new records to assure up-to-date protection. Also, a heuristic analyzer is used for additional protection against unknown viruses.
New Features in This Release
| • | Creating clusters. The version 6.00.1 allows organizing the Dr.Web CMS services installed on different servers in a hierarchy tree to support replication of the parameters of applications working under Dr.Web CMS platform. The parameters are replicated from the main server to the sub-server, that allows configuring the server tree parameters from the root host. Due to Dr.Web CMS platform, the whole system of servers is configured just as only one server: the administrator console allows setting up the servers separately or the system of servers in general, reviewing the log messages on the operation of the system and its components in one window. |
| • | New service Dr.Web SSM (Dr.Web Start/Stop Manager). The Dr.Web CMS platform now includes a special service Dr.Web SSM (Dr.Web Start/Stop Manager) to control the operation of the applications and responds to abnormal events, e.g., hand-ups or unexpected stops. In case errors occur during the operation of the application, the Dr.Web SSM service either restarts or reloads it. This service allows to remotely start, stop or restart the applications working under the Dr.Web CMS platform. |
| • | Anti-virus engine. The application uses the newest versions of Dr.Web Virus-Finding Engine modules and Dr.Web Scanning Engine service. The scanning has been optimized. |
Installation
To install Dr.Web Anti-virus for Microsoft ISA Server and Forefront TMG 6.00.1, your computer must meet the following minimum requirements:
Hardware requirements
Specification |
Requirement |
|
|---|---|---|
In case Microsoft ISA Server is used |
In case Microsoft Forefront TMG is used |
|
CPU |
Pentium III 733 MHz or higher |
Pentium III 1.86 MHz or higher |
RAM |
1 GB or more |
2 GB or more |
Disk space |
300 MB for installation. Additional disk space is needed for temporary data storage while performing the anti-virus check. The size of the disk space depends on the user requests intensity and the size of the downloaded files. |
|
Monitor |
VGA-compatible monitor |
|
Operating system and software requirements
Specification |
Requirement |
|||||||||
|---|---|---|---|---|---|---|---|---|---|---|
In case Microsoft ISA Server is used |
In case Microsoft Forefront TMG is used |
|||||||||
Operating system |
One of the following:
|
One of the following:
|
||||||||
File system |
NTFS |
|||||||||
Firewall |
Microsoft® ISA Server 2004 Microsoft® ISA Server 2006 |
Microsoft® Forefront® TMG 2010 |
||||||||
Additional software |
Microsoft® Windows Installer 3.1or higher |
|||||||||
Microsoft .NET Framework 3.5 |
||||||||||
Internet Explorer 6 or higher or Mozilla FireFox 3 or higher |
||||||||||
Installation of Dr.Web Anti-virus for Microsoft ISA Server and Forefront TMG 6.00.1
To install Dr.Web Anti-virus 6.00.1:
|
In case the server operates under load, it recommended to stop the Microsoft Firewall Service/Microsoft Forefront TMG Firewall manually before installing the application. |
| 1. | Before installation, make sure, that the built-in administrator account is enabled. |
| 2. | If another version of Dr.Web Anti-virus or other anti-virus software is already installed on the computer it is necessary to uninstall it using the installation file or standard tools of the OS. |
| 3. | Depending on the proxy server version, run the Dr.Web Anti-virus installation file: |
| • | drweb-600-isa-20042006-x86.exe, if you are using Microsoft ISA Server. |
| • | drweb-600-tmg-2010-x64.exe, if Microsoft Forefront TMG is used. |
| 4. | The window with a list of installation languages will open. Select Russian or English as the installation language. Click OK. |
| 5. | The InstallShield Wizard will open on the first window of the installation process. Click Next to continue. |
| 6. | A window with the text of the License Agreement will open. To continue installation you should read and accept the license by selecting I accept the terms in the license agreement. Click Next. |
| 7. | Select the licensing type. You can use the key file obtained from Dr.Web Control Center or a local key file. Click Next. |
| 8. | If you have selected to use the local key file on the previous step, specify the path to it. Click Browse and select the necessary key file. Click Next. |
| 9. | On the Ready to install page, click Install to begin installation of Dr.Web Anti-virus on your computer. |
| 10. | If the service of the firewall Microsoft ISA Server/Microsoft Forefront TMG has not been stopped before installation, the system attempts to stop it automatically for some. If these attempts fail, a window prompting to try again or stop the program installation and roll back all the system changes will open. To continue installation, stop the Microsoft ISA Server/Microsoft Forefront TMG firewall service manually. |
| 11. | Further actions of the InstallShield Wizard do not require user interference. Once the installation is complete, click Finish. |
|
During the installation you'll be prompted about Microsoft ISA Server/Microsoft Forefront TMG restart. After the installation completes, make sure that the Microsoft Firewall Service/Microsoft Forefront TMG Firewall service is started. If the service is not started automatically, you need to start it manually. |
Upgrade to version 6.00.1
To update Dr.Web Anti-virus to version 6.00.1, reinstall the application:
| 1. | Stop the Microsoft ISA Server/Microsoft Forefront TMG firewall service. |
| 2. | Make sure, that the built-in administrator account is enabled. |
| 3. | Uninstall Dr.Web Anti-virus of the previous version by starting the installation file of the program od using the standard Add or Remove programs utility on the Windows Control Panel. |
The application configuration file cmsdb is not deleted by default on deleting the application. Therefore, all user settings are saved and may be used after the next installation of the product. However, if the newer version contains new basic configuration parameters, you cannot use the saved configuration file "as is", because it can lead to failures in the operation of application. If you prefer to re-use the saved configuration parameters, please contact Doctor Web technical support to inquire about the Dr.Web CMS parameters compatibility in different versions of the application. Generally, if the newer version contains additional parameters, it is sufficient to add the new variables to the existing configuration base and specify their types and default values correctly.
| 4. | Delete the cmsdb and cmstracedb files from the %ProgramFiles%\DrWeb for ISA Server folder manually. |
| 5. | Install Dr.Web Anti-virus, following the instructions given above. |
Additional Information
Support is available to customers who have purchased a commercial version of Doctor Web products. Visit Doctor Web technical support site at http://support.drweb.com/.
If you encounter any issues installing or using company products, take advantage of the following Doctor Web support options:
| • | Download and review the latest manuals and guides at http://download.drweb.com/ |
| • | Read the frequently asked questions at http://support.drweb.com/ |
| • | Look for the answer in Dr.Web knowledge database at http://wiki.drweb.com/ |
| • | Browse the Dr.Web official forum at http://forum.drweb.com/ |
If you have not found solution for the problem, you can request direct assistance from Doctor Web Technical Support by filling in the web-form in the corresponding section of the support site at http://support.drweb.com/.
For regional office information, refer to the Doctor Web official website at http://company.drweb.com/contacts/moscow.
All rights reserved. This document is a property of Doctor Web No part of this document may be reproduced, published or transmitted in any form or by any means for any other purpose than the purchaser’s personal use without proper attribution.
TRADEMARKS
Dr.Web, SpIDer Mail, SpIDer Guard, CureIt!, CureNet!, AV-Desk and Dr.WEB logos are trademarks and registered trademark of Doctor Web. Other trademarks, registered trademarks and company names used in this document are property of their respective owners.
DISCLAIMER
In no event shall Doctor Web and its resellers or distributors be liable for errors or omissions, or any loss of profit or any other damage caused or alleged to be caused directly or indirectly by this document, the use of or inability to use information contained in this document.
© Doctor Web, 2012
Russia, Moscow – Saint-Petersburg