11-18-2003 08:47 AM - edited 03-13-2019 02:36 AM
Which antivirus software is tested to install in an IPCC server?
I read in some place it was McAfee Netshield version 4.5 but the product that McAfee has now is McAfee VirusScan. Has anyone tried with this?
11-18-2003 10:00 AM
I got the following information from different posts by other users in this forum, if you search you should be able to find it here ...
CA's Advanced Anti Virus for NT/2000 in Development and Production
Norton Anti Virus in both development and production environments with ICM R4.1 and ICM R4.5 as well as CCS, CMB and CEM without incident.
The following notification comes directly from cisco:
To: Ciscos CCBU Customers
CC: Cisco Software Sales
From: Cisco Customer Advocacy
Cisco Product Management
Cisco Engineering
Date: October 11, 2001
Re: Preliminary Anti-Virus Software Recommendations
Many of our enterprise and service provider customers have expressed an interest in understanding Ciscos recommendations for the use of anti-virus software. The recommendations below are preliminary and based on Ciscos actual usage of anti-virus software in development lab environments. Cisco will seek to establish broader recommendations that include all of the product lines within Ciscos Voice Technology Group, of which CCBU is a member. Cisco does not provide official certifications for anti-virus software products, however the following recommendations are based on Ciscos experience working with customers who have successfully implemented anti-virus software with our software solutions.
The recommendations in this memo are provided for the following CCBU software products:
· Cisco Network Applications Manager (NAM)
· Cisco Intelligent Contact Management (ICM)
· Cisco Admin Workstations
· Cisco ACD PGs, IVR PGs, NICs
· Cisco Agent Desktop (formerly: Turnkey CTI)
· Cisco Collaboration Server (CCS)
· Cisco Media Blender (CMB)
· Cisco Web Gateway
· Cisco TrailHead Server
· Cisco eMail Manager (CeM)
· Cisco WebView / WebView II
· Cisco Internet Service Node (ISN) Application Server and Voice Browser
Of these products, particular care should be taken for systems that can use Microsoft Internet Information Server (IIS): Cisco Collaboration Server (CCS), Cisco Media Blender (CMB), Cisco TrailHead Server, Cisco eMail Manager (CeM), Cisco WebView / WebView II, and Cisco Internet Service Node (ISN) Application Server and Voice Browser. Additionally, any server positioned outside the corporate firewall, or having frequent connections to the Public Internet should be addressed as part of the anti-virus strategy.
While Cisco does not formally certify specific anti-virus software products, it is important to note that many default anti-virus options settings may adversely affect the performance of the products listed above. The performance degradation is due to increased CPU load and memory utilization contributed by the anti-virus software.
For customers who choose to implement anti-virus software on their systems, the following general guidance is recommended:
· The software not be set to run in an automatic or background mode where all incoming data or modified files are scanned in real time.
· Full scans of systems should be set to run only during scheduled maintenance windows.
· Virus scanning engines and definition files should be updated on a regular basis as per the organizations current security/anti-virus policy.
Cisco is also concerned about virus protection and uses specific products in the development and testing labs at the CCBU. The testing labs are working on testing the following products in our labs:
On Microsoft Windows NT Workstation 4.0, Service Pack 6a and Windows 2000 Professional Service Pack 2 we currently run:
· Network Associates (McAfee) Netshield 4.5.0.534 (Full Mode)
· McAfee ScanEngine 4.150 (updated weekly)
· McAfee Virus Definitions 4.0.4164 (updated nightly)
On Microsoft Windows NT Server 4.0, Service Pack 6a and Windows 2000 Server, Service Pack 2 we currently run:
· Network Associates (McAfee) NetShield 4.5.0 service pack 1 (Full Mode)
· McAfee ScanEngine 4.150 (upgraded weekly)
· McAfee Virus Definitions 4.0.4164 (updated nightly)
Additionally, these anti-virus products are configured to run in Active/Full mode, rather than in Constant/Passive mode. They are updated both weekly and nightly as per Ciscos corporate anti-virus security policy and additionally the Virus Definition DAT files are set to use the Randomization option, scheduled during low system use and maintenance window periods. This use is consistent with the general guidance provided above. The specific configuration used for these products is as follows:
The following items for the Netshield On-Access Monitor are as selected and the process is enabled:
Under Detection: Scan
*Inbound Files
*Boot Sectors
*Floppy During Shutdown
Under Detection: Files to Scan
*All Files
Under Advanced
*All Items Selected
*Maximum archive scan time set to 29 seconds
Under Actions
*When a virus is found: Clean infected files automatically
*Response to user: Send message to user is selected
Under Reports
*Accept Defaults
Under Exclusions
*Leave Empty
Automatic Upgrade/Update Properties are as follows:
Under Update
*Get from FTP Source
*Enter an FTP Computer name and directory: wwwin-gog/dats
Under Schedule: Run
*Select Daily, set time to 1AM
Under Upgrade
*Get from FTP Source
*Enter an FTP Computer name and directory: wwwin-gog/dats/upgrades
Under Schedule: Run
*Select Weekly, set time to 1AM
Scan Local Drives
*Accept Defaults
Under Schedule Run
*Select Daily, set time to 1AM
Cisco recommends regular updates of the virus scanning engines and virus definition files which customers can obtain from their anti-virus software vendors directly. Some viruses have also prompted updates to operating system or web server components from Microsoft; however, customers should note that these new patches may not yet be fully tested for compatibility with Cisco software products. Before applying any such patches, customers should refer to the published compatibility matrix on Cisco Connection Online (CCO) at:
http://www.cisco.com/warp/public/78/sw_compatability_matrix.html
New viruses can be unpredictable, so Cisco cannot assume responsibility for consequences of virus attacks on mission critical applications.
Again, this is a preliminary statement on Ciscos anti-virus software recommendations. Cisco will have forthcoming announcements related to anti-virus recommendations. Please contact your Cisco sales representative or reseller for Ciscos latest recommendations
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: