User manual F-SECURE CLIENT SECURITY 7.00 ADMINISTRATOR GUIDE

[. . . ] F-Secure Client Security Administrator's Guide "F-Secure" and the triangle symbol are registered trademarks of F-Secure Corporation and F-Secure product names and symbols/logos are either trademarks or registered trademarks of F-Secure Corporation. All product names referenced herein are trademarks or registered trademarks of their respective companies. F-Secure Corporation disclaims proprietary interest in the marks and names of others. Although F-Secure Corporation makes every effort to ensure that this information is accurate, F-Secure Corporation will not be liable for any errors or omission of facts contained herein. [. . . ] Timestamp Displays the date and time when the spyware item was found on the host. Severity Host Spyware Status CHAPTER 5 185 The Spyware Reported by Hosts will be cleaned if you run a manual spyware scan on the hosts, as well as when quarantined spyware is removed periodically on the hosts. Default Spyware Handling If the Change spyware control to automatically quarantine all new spyware setting is selected, all new spyware that is not explicitly allowed by the administrator is quarantined automatically. This applies to both real-time and manual spyware scanning. This changes the following settings: In the Spyware Scanning on File Access section the Action on spyware setting is set to Remove automatically and quarantine. In the Manual Spyware Scanning section the Action on spyware setting is changed to Remove automatically and quarantine. On Spyware Control page the Deny access to spyware setting is enabled. Click the Change spyware scanning to automatically quarantine all new spyware link when you are sure that preventing spyware from running does not interfere with ordinary, legitimate applications in your company. 5. 8. 2 Setting up Spyware Control for the Whole Domain This example explains how to set up spyware control in such a way that it is transparent to the end-users and that it protects them against spyware and tracking cookies. When you are setting up spyware control for the first time, you should first use a small test environment that consists of hosts that have the applications normally used in your company installed on them. At this phase you can also allow certain applications, if that is necessary. After the testing phase you can distribute the policy to the whole managed domain. 186 Spyware Control also detects riskware. Riskware is any program that does not intentionally cause harm but can be dangerous if misused, especially if set up incorrectly. Examples of such programs are chat programs (IRC), or file transfer programs. If you want to allow the use of these programs in the managed domain, you should include them in the test environment and allow their use when you are checking and configuring rules for the applications in Spyware and Riskware Reported by hosts table. Step 1. Create a Test Domain and Enable Spyware Scanning 1. Create a test environment with a few computers that have the programs normally used in your company installed. Import these hosts to the centrally managed domain. Go to the Settings tab and select the Real-Time Scanning page. Enable spyware scanning on the hosts by selecting Scan for spyware in the Spyware Scanning on File Access section. Alternatively, you can launch a manual spyware scan on the hosts. to distribute the policy. Step 2. Check the Reported Spyware and Riskware 1. A list of the spyware and riskware found during the scanning is displayed in the Spyware and Riskware Reported by hosts table. Check the list of reported spyware and riskware. If there are applications that are needed in your organization, select the application in the table and click Allow Application. A dialog asking you to confirm the action is opened. [. . . ] Please include the following information with your support request: 313 1. Name and version number of your F-Secure software program (including the build number). Name and version number of your operating system (including the build number). A detailed description of the problem, including any error messages displayed by the program, and any other details, which could help us duplicate the problem. [. . . ]