×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Antivirus for IPCC Express

Unanswered Question
Nov 18th, 2003
User Badges:

Which antivirus software is tested to install in an IPCC server?

I read in some place it was McAfee Netshield version 4.5 but the product that McAfee has now is McAfee VirusScan. Has anyone tried with this?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
aslam@necbns.com Tue, 11/18/2003 - 10:00
User Badges:
  • Bronze, 100 points or more

I got the following information from different posts by other users in this forum, if you search you should be able to find it here ...


CA's Advanced Anti Virus for NT/2000 in Development and Production


Norton Anti Virus in both development and production environments with ICM R4.1 and ICM R4.5 as well as CCS, CMB and CEM without incident.


The following notification comes directly from cisco:


To: Cisco’s CCBU Customers


CC: Cisco Software Sales


From: Cisco Customer Advocacy

Cisco Product Management

Cisco Engineering


Date: October 11, 2001


Re: Preliminary Anti-Virus Software Recommendations



Many of our enterprise and service provider customers have expressed an interest in understanding Cisco’s recommendations for the use of anti-virus software. The recommendations below are preliminary and based on Cisco’s actual usage of anti-virus software in development lab environments. Cisco will seek to establish broader recommendations that include all of the product lines within Cisco’s Voice Technology Group, of which CCBU is a member. Cisco does not provide official certifications for anti-virus software products, however the following recommendations are based on Cisco’s experience working with customers who have successfully implemented anti-virus software with our software solutions.


The recommendations in this memo are provided for the following CCBU software products:


· Cisco Network Applications Manager (NAM)

· Cisco Intelligent Contact Management (ICM)

· Cisco Admin Workstations

· Cisco ACD PGs, IVR PGs, NICs

· Cisco Agent Desktop (formerly: Turnkey CTI)

· Cisco Collaboration Server (CCS)

· Cisco Media Blender (CMB)

· Cisco Web Gateway

· Cisco TrailHead Server

· Cisco eMail Manager (CeM)

· Cisco WebView / WebView II

· Cisco Internet Service Node (ISN) Application Server and Voice Browser


Of these products, particular care should be taken for systems that can use Microsoft Internet Information Server (IIS): Cisco Collaboration Server (CCS), Cisco Media Blender (CMB), Cisco TrailHead Server, Cisco eMail Manager (CeM), Cisco WebView / WebView II, and Cisco Internet Service Node (ISN) Application Server and Voice Browser. Additionally, any server positioned outside the corporate firewall, or having frequent connections to the Public Internet should be addressed as part of the anti-virus strategy.


While Cisco does not formally certify specific anti-virus software products, it is important to note that many default anti-virus options settings may adversely affect the performance of the products listed above. The performance degradation is due to increased CPU load and memory utilization contributed by the anti-virus software.


For customers who choose to implement anti-virus software on their systems, the following general guidance is recommended:


· The software not be set to run in an “automatic” or “background” mode where all incoming data or modified files are scanned in real time.


· Full scans of systems should be set to run only during scheduled maintenance windows.


· Virus scanning engines and definition files should be updated on a regular basis as per the organization’s current security/anti-virus policy.


Cisco is also concerned about virus protection and uses specific products in the development and testing labs at the CCBU. The testing labs are working on testing the following products in our labs:


On Microsoft Windows NT Workstation 4.0, Service Pack 6a and Windows 2000 Professional Service Pack 2 we currently run:

· Network Associates (McAfee) Netshield 4.5.0.534 (Full Mode)

· McAfee ScanEngine 4.150 (updated weekly)

· McAfee Virus Definitions 4.0.4164 (updated nightly)


On Microsoft Windows NT Server 4.0, Service Pack 6a and Windows 2000 Server, Service Pack 2 we currently run:

· Network Associates (McAfee) NetShield 4.5.0 service pack 1 (Full Mode)

· McAfee ScanEngine 4.150 (upgraded weekly)

· McAfee Virus Definitions 4.0.4164 (updated nightly)

Additionally, these anti-virus products are configured to run in Active/Full mode, rather than in Constant/Passive mode. They are updated both weekly and nightly as per Cisco’s corporate anti-virus security policy and additionally the Virus Definition DAT files are set to use the Randomization option, scheduled during low system use and maintenance window periods. This use is consistent with the general guidance provided above. The specific configuration used for these products is as follows:


The following items for the Netshield On-Access Monitor are as selected and the process is enabled:


Under Detection: Scan

*Inbound Files

*Boot Sectors

*Floppy During Shutdown


Under Detection: Files to Scan

*All Files


Under Advanced

*All Items Selected

*Maximum archive scan time set to 29 seconds


Under Actions

*When a virus is found: Clean infected files automatically

*Response to user: Send message to user is selected


Under Reports

*Accept Defaults


Under Exclusions

*Leave Empty



Automatic Upgrade/Update Properties are as follows:


Under Update

*Get from FTP Source

*Enter an FTP Computer name and directory: wwwin-gog/dats


Under Schedule: Run

*Select Daily, set time to 1AM



Under Upgrade

*Get from FTP Source

*Enter an FTP Computer name and directory: wwwin-gog/dats/upgrades


Under Schedule: Run

*Select Weekly, set time to 1AM


Scan Local Drives

*Accept Defaults

Under Schedule Run

*Select Daily, set time to 1AM




Cisco recommends regular updates of the virus scanning engines and virus definition files which customers can obtain from their anti-virus software vendors directly. Some viruses have also prompted updates to operating system or web server components from Microsoft; however, customers should note that these new patches may not yet be fully tested for compatibility with Cisco software products. Before applying any such patches, customers should refer to the published compatibility matrix on Cisco Connection Online (CCO) at:


http://www.cisco.com/warp/public/78/sw_compatability_matrix.html


New viruses can be unpredictable, so Cisco cannot assume responsibility for consequences of virus attacks on mission critical applications.


Again, this is a preliminary statement on Cisco’s anti-virus software recommendations. Cisco will have forthcoming announcements related to anti-virus recommendations. Please contact your Cisco sales representative or reseller for Cisco’s latest recommendations

Actions

This Discussion