User manual F-SECURE CLIENT SECURITY 9.00 ADMINISTRATOR GUIDE

[. . . ] In this way it is very easy to make sure that the entire domain is protected, and to modify the protection settings when necessary. You can also restrict the users from making changes to the security settings, and be sure that the protection is always up-to-date. 10 | F-Secure Client Security | Introduction System requirements This section provides the system requirements for both Policy Manager Server and Policy Manager Console. Policy Manager Server In order to install Policy Manager Server, your system must meet the minimum requirements given here. Operating system: Microsoft Windows: · Microsoft Windows Server 2003 SP1 or higher (32-bit); Standard, Enterprise, Web Edition or Small Business Server editions Windows Server 2003 SP1 or higher (64-bit); Standard or Enterprise editions Windows Server 2008 SP1 (32-bit); Standard, Enterprise or Web Server editions Windows Server 2008 SP1 (64-bit); Standard, Enterprise, Web Server, Small Business Server or Essential Business Server editions Windows Server 2008 R2; Standard, Enterprise or Web Server editions · · · · Processor: P4 2 GHz processor or faster. Managing more than 5000 hosts or using Web Reporting requires P4 3 GHz level processor or faster. Memory: 512 MB RAM, 1 GB RAM recommended. [. . . ] Spyware scanning also detects and reports riskware. Riskware is any program that does not intentionally cause harm but can be dangerous if misused, especially if set up incorrectly. Examples of such programs are chat programs (IRC), or file transfer programs. Spyware control settings The settings for spyware scanning are described here. Spyware scanning is included as part of real-time scanning and manual scanning. When Real-time scanning enabled is selected on the Real-time scanning page, spyware scanning is also turned on. Similarly, whenever a manual scan is run, spyware is automatically included in the scan. The action taken when spyware is detected is determined by the action selected on the Real-time scanning and Manual scanning pages. The Applications excluded from spyware scanning table displays the spyware and riskware items that have been allowed by the administrator. The Spyware and riskware reported by hosts table contains the following information: Spyware and riskware reported by hosts Spyware or Riskware Name Type Displays the name of the spyware object or riskware. The type can be adware, data miner, dialer, malware, monitoring tool, porn dialer, riskware, vulnerability, worm, cookie (tracking cookie) or misc (miscellaneous). Displays the severity of the spyware item. Displays the name of the host on which the spyware item was found. Displays the current status of the spyware item. The statuses are: Potentially active - The spyware item is still potentially active on the host. No action has been taken on the host against the spyware item. Severity Host Spyware Status 78 | F-Secure Client Security | Configuring virus and spyware protection Spyware and riskware reported by hosts Removed - The spyware item has been removed from the host. Quarantined - The spyware item was quarantined on the host. Currently In quarantine - The spyware item is currently in quarantine on the host. Timestamp Displays the date and time when the spyware item was found on the host. The spyware reported by hosts will be cleaned if you run a manual spyware scan on the hosts, as well as when quarantined spyware is removed periodically on the hosts. Setting up spyware control for the whole domain This example explains how to set up spyware control in such a way that it is transparent to the end-users and that it protects them against spyware and tracking cookies. When you are setting up spyware control for the first time, you should first use a small test environment that consists of hosts that have the applications normally used in your company installed on them. At this phase you can also allow certain applications, if that is necessary. After the testing phase you can distribute the policy to the whole managed domain. Riskware is any program that does not intentionally cause harm but can be dangerous if misused, especially if set up incorrectly. [. . . ] This is a comma-separated list of executable names without paths. Note: No spaces are allowed between the items. EnableHTTPScanning=1 0 = HTTP Scanning disabled 166 | F-Secure Client Security | Modifying prodsett. ini [FSPSINST. DLL] Settings for Client Security - Network Scanner 1 = HTTP Scanning enabled StartImmediatelyForApps= iexplore. exe, firefox. exe, This setting defines which executables should start netscape. exe, opera. exe, msimn. exe, outlook. exe, HTTP scanning immediately. Other processes will go mozilla. exe in scanning mode only after the first access to an external server port 80. This is a comma-separated list of executable names without paths. [. . . ]