cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
332
Views
0
Helpful
1
Replies

Antivirus for IPCC Express

6rlopez_2
Level 1
Level 1

Which antivirus software is tested to install in an IPCC server?

I read in some place it was McAfee Netshield version 4.5 but the product that McAfee has now is McAfee VirusScan. Has anyone tried with this?

1 Reply 1

aslam
Level 3
Level 3

I got the following information from different posts by other users in this forum, if you search you should be able to find it here ...

CA's Advanced Anti Virus for NT/2000 in Development and Production

Norton Anti Virus in both development and production environments with ICM R4.1 and ICM R4.5 as well as CCS, CMB and CEM without incident.

The following notification comes directly from cisco:

To: Cisco’s CCBU Customers

CC: Cisco Software Sales

From: Cisco Customer Advocacy

Cisco Product Management

Cisco Engineering

Date: October 11, 2001

Re: Preliminary Anti-Virus Software Recommendations

Many of our enterprise and service provider customers have expressed an interest in understanding Cisco’s recommendations for the use of anti-virus software. The recommendations below are preliminary and based on Cisco’s actual usage of anti-virus software in development lab environments. Cisco will seek to establish broader recommendations that include all of the product lines within Cisco’s Voice Technology Group, of which CCBU is a member. Cisco does not provide official certifications for anti-virus software products, however the following recommendations are based on Cisco’s experience working with customers who have successfully implemented anti-virus software with our software solutions.

The recommendations in this memo are provided for the following CCBU software products:

· Cisco Network Applications Manager (NAM)

· Cisco Intelligent Contact Management (ICM)

· Cisco Admin Workstations

· Cisco ACD PGs, IVR PGs, NICs

· Cisco Agent Desktop (formerly: Turnkey CTI)

· Cisco Collaboration Server (CCS)

· Cisco Media Blender (CMB)

· Cisco Web Gateway

· Cisco TrailHead Server

· Cisco eMail Manager (CeM)

· Cisco WebView / WebView II

· Cisco Internet Service Node (ISN) Application Server and Voice Browser

Of these products, particular care should be taken for systems that can use Microsoft Internet Information Server (IIS): Cisco Collaboration Server (CCS), Cisco Media Blender (CMB), Cisco TrailHead Server, Cisco eMail Manager (CeM), Cisco WebView / WebView II, and Cisco Internet Service Node (ISN) Application Server and Voice Browser. Additionally, any server positioned outside the corporate firewall, or having frequent connections to the Public Internet should be addressed as part of the anti-virus strategy.

While Cisco does not formally certify specific anti-virus software products, it is important to note that many default anti-virus options settings may adversely affect the performance of the products listed above. The performance degradation is due to increased CPU load and memory utilization contributed by the anti-virus software.

For customers who choose to implement anti-virus software on their systems, the following general guidance is recommended:

· The software not be set to run in an “automatic” or “background” mode where all incoming data or modified files are scanned in real time.

· Full scans of systems should be set to run only during scheduled maintenance windows.

· Virus scanning engines and definition files should be updated on a regular basis as per the organization’s current security/anti-virus policy.

Cisco is also concerned about virus protection and uses specific products in the development and testing labs at the CCBU. The testing labs are working on testing the following products in our labs:

On Microsoft Windows NT Workstation 4.0, Service Pack 6a and Windows 2000 Professional Service Pack 2 we currently run:

· Network Associates (McAfee) Netshield 4.5.0.534 (Full Mode)

· McAfee ScanEngine 4.150 (updated weekly)

· McAfee Virus Definitions 4.0.4164 (updated nightly)

On Microsoft Windows NT Server 4.0, Service Pack 6a and Windows 2000 Server, Service Pack 2 we currently run:

· Network Associates (McAfee) NetShield 4.5.0 service pack 1 (Full Mode)

· McAfee ScanEngine 4.150 (upgraded weekly)

· McAfee Virus Definitions 4.0.4164 (updated nightly)

Additionally, these anti-virus products are configured to run in Active/Full mode, rather than in Constant/Passive mode. They are updated both weekly and nightly as per Cisco’s corporate anti-virus security policy and additionally the Virus Definition DAT files are set to use the Randomization option, scheduled during low system use and maintenance window periods. This use is consistent with the general guidance provided above. The specific configuration used for these products is as follows:

The following items for the Netshield On-Access Monitor are as selected and the process is enabled:

Under Detection: Scan

*Inbound Files

*Boot Sectors

*Floppy During Shutdown

Under Detection: Files to Scan

*All Files

Under Advanced

*All Items Selected

*Maximum archive scan time set to 29 seconds

Under Actions

*When a virus is found: Clean infected files automatically

*Response to user: Send message to user is selected

Under Reports

*Accept Defaults

Under Exclusions

*Leave Empty

Automatic Upgrade/Update Properties are as follows:

Under Update

*Get from FTP Source

*Enter an FTP Computer name and directory: wwwin-gog/dats

Under Schedule: Run

*Select Daily, set time to 1AM

Under Upgrade

*Get from FTP Source

*Enter an FTP Computer name and directory: wwwin-gog/dats/upgrades

Under Schedule: Run

*Select Weekly, set time to 1AM

Scan Local Drives

*Accept Defaults

Under Schedule Run

*Select Daily, set time to 1AM

Cisco recommends regular updates of the virus scanning engines and virus definition files which customers can obtain from their anti-virus software vendors directly. Some viruses have also prompted updates to operating system or web server components from Microsoft; however, customers should note that these new patches may not yet be fully tested for compatibility with Cisco software products. Before applying any such patches, customers should refer to the published compatibility matrix on Cisco Connection Online (CCO) at:

http://www.cisco.com/warp/public/78/sw_compatability_matrix.html

New viruses can be unpredictable, so Cisco cannot assume responsibility for consequences of virus attacks on mission critical applications.

Again, this is a preliminary statement on Cisco’s anti-virus software recommendations. Cisco will have forthcoming announcements related to anti-virus recommendations. Please contact your Cisco sales representative or reseller for Cisco’s latest recommendations

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: