http://www.advantage-computers.co.uk/cli/ACX001/pdf/VIPRE_Enterprise_QSG by Advantage Computers Limited

VIPRE Enterprise

Quick Start Guide

Table of Contents Welcome to VIPRE Enterprise ...................................................................................................................... 2 System Requirements................................................................................................................................... 4 About Network Architecture .......................................................................................................................... 5 Gathering Proxy and Server information....................................................................................................... 6 Using VPE ..................................................................................................................................................... 6 1. Install the VPE Server ........................................................................................................................... 7 2. Log on to the VPE Console................................................................................................................... 7 3. Register Enterprise ............................................................................................................................... 8 4. Configure the VPE System ................................................................................................................... 8 5. Add a Policy .......................................................................................................................................... 9 6. Configure a Policy ............................................................................................................................... 10 7. Add Agents to a Policy and Deploy Agents to the Workstations ........................................................ 14 8. Scan Agent Workstations.................................................................................................................... 15 9. Manage Agents, Quarantined Items, and Threats .............................................................................. 16 10. Generate Reports.............................................................................................................................. 17

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

Welcome to VIPRE Enterprise VIPRE Enterprise (VPE) is an enterprise application that is installed on a server and referred to as the VPE server. The VPE server deploys Agents on to your network workstations. Administrators use the policy-based, centrally-managed Admin Console to manage and remove viruses and a broad range of malware from the network. VPE is also a scalable solution, appropriate for both small and large organizations. This Quick Start Guide is designed to give you a basic understanding of the tasks necessary for implementing VPE.

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

System Requirements The VPE Server should be installed on a Windows 2000, 2003, or 2008 server. It is possible to install the VPE Server on a Windows 2000/XP/Vista workstation, but this is not recommended if you plan to deploy more than 50 agents. Administration Console and Enterprise Service: • Operating System:

•

o Windows Server 2008 o Windows Vista o Windows Server 2003 o Windows XP Professional o Windows 2000 Server with SP4 or later o Windows 2000 Professional with SP4 or later Pentium III 400 MHz or higher

•

300 MB free disk space

•

512 MB memory

•

1024 x 768 monitor resolution

•

Miscellaneous: o o o

MDAC 2.6 SP2 or later Internet Explorer 6 or later Microsoft .NET Framework 2.0

VPE Agent: • Operating System:

•

o Windows 2008 (32 and 64 bit) o Windows Vista, SP1 (32 and 64 bit) o Windows Server 2003, R2, SP1, SP2 (32 and 64 bit) o Windows XP Professional, SP1, SP2, SP3 (32 and 64 bit) o Windows XP Home SP1, SP2, SP3 o Windows 2000 Server with SP4 RU1 or later o Windows 2000 Professional with SP4 RU1 or later 150 MB free disk space

•

256 MB memory

•

Miscellaneous:

•

o Internet Explorer 6 or later Email Client: o o o o

Vista Windows Mail Outlook 2000+ Outlook Express 5.0+ SMTP and POP3

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

About Network Architecture Before beginning, it is important to understand the relationship of how VPE works. The diagram below illustrates the relationship between the basic components of VPE: Admin Console, VPE Server, and the Agent Workstations (WS 1-3). The IP addresses shown are examples; the ports listed are the actual ports VPE uses.

Admin Console The Admin Console is the central management interface for VPE. Use it for overall configuration, to control agent deployment, get updates to the threat database, manage quarantined malware, manage policies and agents, and schedule scans. You can also view individual or group workstation data and generate reports. The console communicates with the VPE server over port 18087. Note: The console does not need to be running for VPE to scan the network.

VPE Server The VPE Server stores the agent and threat databases, a list of known networked workstations, policies, and agent threat tracking information. The server also uploads threat database and agent software updates to agents, receives reports from agents (the primary traffic), and communicates with the Admin Console. Firewalls must be configured to allow short XML bursts (using SOAP â&#x20AC;&#x201C; Simple Object Access Protocol) used for communication to the Agents. Administrators can deploy as many VPE servers as required. The server communicates with the Agent workstations on port 18086.

Agent Workstations (WS 1-3) Agent software is installed on networked workstations. Agents can be deployed directly from the Admin console with push installation (IP, network browse, or an Active Directory machine account), or as a stand-alone installation package (for example, self-extracting executable). Agents communicate to the VPE server with heartbeats in intervals that are admin-defined and report spyware to the server, which updates the Agent threat databases. The agents communicate with the server on port 18082.

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

Gathering Proxy and Server information Before you start installing and using VPE, gather the following information: •

Proxy: If your network uses a Proxy, such as ISA or Squid, use the proxy configuration information to access the Internet. VPE validates product registration and obtains software and threat database updates through Internet connections.

•

Email server: VPE can automate sending email notifications and/or reports regarding threat detections. To use this feature, you must have an SMTP server. You will need the SMTP server name and/or IP address to communicate to the VPE server.

•

SQL server: By default, VPE uses an Access database to store all reporting information gathered from the agents. If you will have more than 200 agents deployed from this VPE server you may want to use an MSSQL Server to store this information. In order to use this feature you will need to know the name or IP address of the server along with an account which has the rights needed to create a new database.

Using VPE This high-level procedure covers relevant information for a quick install, setup, and running of VPE. 1.

Install the VPE Server.

Log on to the VPE Console.

Configure the VPE System.

Add a policy.

Configure a policy.

Add agents to a policy and deploy agents to the workstations.

Scan agent workstations.

Manage agents, quarantined items, and threats.

10. Generate reports.

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

1. Install the VPE Server After you have reviewed the requirements and gathered proxy and server information, you are ready to install VPE on the machine that will act as the VPE Server. The VPE Console is installed with the VPE Server. Also, the VPE Console can be installed on virtually any PC that can access the VPE Server. We recommend that you accept all default values and options during installation. During installation, you will be asked for the following information: •

Registration Code: If evaluating the product, then leave this field blank. The registration code can be entered into the product at any time. Note: In evaluation mode, you can have up to 5 agents only deployed for 30 days.

•

Ports: There are 3 different communication ports used by various components of VPE: o o o

18087: port on the VPE Server that the Admin Console uses to communicate. 18086: port on the Agent workstations that the VPE Server uses to communicate. 18082: port on the VPE Server that the Agent workstations use to communicate. Warning: It is highly recommended to leave the default values unless some other application is already using these ports.

Once you have installed VPE successfully, you are ready to open the VPE Console and logon.

2. Log on to the VPE Console After VPE is successfully installed on a server, that server is referred to as the "VPE Server." The "VPE" icon for the VPE console is installed on the desktop by default. Once launched, you will need to log on to the application.

To logon to VPE: 1.

After VPE is successfully installed, double-click the VPE icon on your desktop. The logon window opens. -orClick Start, select Programs>Sunbelt Software>VPE>VPE. The logon window opens.

Enter Server name. This is the name or IP address of the VPE Server (by default, the machine on which you just installed VPE).

Enter Port number. Port 18087 is the default port the Admin Console uses to communicate with the VPE Server.

Enter a Username, Password, and Domain. This account is either an administrator on the VPE server or a member of the VPEAdmins group on the VPE server.

Click Logon. A successful logon establishes a connection between the VPE Server and the Admin Console.

Once you have logged on successfully, you can register the product or continue using the trial and set up the system configuration.

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

3. Register Enterprise You can register VPE at any time. The Registration page allows you to enter your registration code and purchase the product. Warning: You have 30 days before you must register or certain functionality will be disabled. During the 30 day trial, you will have full functionality, as well as access to all product and threat definition updates. You are limited to deploying only 5 agents during this trial.

To register VPE: 1.

From the System>Registration page, click Edit. The Enter Registration Code dialog box displays. -orTo purchase VPE, click Buy Now. The Sunbelt Software, Inc. shopping cart displays in your default browser.

Enter your registration code and click OK. Your product is now registered giving you full access to the product, as well as allowing you access to all product and threat definition updates.

4. Configure the VPE System Before you can start using VPE, you need to enter any proxy and server information that is relevant to your network environment. From the VPE Explorer, access the System>Configuration page to enter your configuration. Click a setting's corresponding Change button to display a dialog box allowing you to change the configuration settings. Note: VPE uses the Simple Object Access Protocol (SOAP) to communicate over port 80 for both registration and product updates. Please check with your firewall vendor to insure this is supported to insure proper updates and registration. In most cases, you can create an exception for these updates by creating a rule to allow traffic to *.sunbeltsoftware.com over port 80.

Once your system is configured, you can add and configure a policy.

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

5. Add a Policy After configuring the system, add a policy. Policies allow you to create settings for grouping similarly used workstations. For example: •

Laptops that use remote access.

•

Accounting workstations that have similar needs in your enterprise.

•

Geographic areas to make sure scheduled scans happen at the appropriate times.

•

Low bandwidth areas for throttling updates from the VPE Server to conserve bandwidth.

•

Large quantities (over 500) of deployed agents for managing communication with the VPE Server.

Note: Instead of creating a new policy, you can use the Default Policy; this is useful if you are testing out the software, have a small number of workstations to deploy an agent to, or modify the Default for you to use as a "template" for which to base additional policies. Tip: You can configure the Default Policy, so that whenever you create a new policy that new policy will be based on how you configure the Default, not the application defaults.

To add a policy: 1.

From the VPE toolbar, click the Add Policy

icon. The New Policy dialog box displays.

Enter an alphanumeric name for the new policy, and click OK. A policy based on the Default policy is added to the VPE Server and displays under the Policies area of the Explorer in the leftside of the console. Note: You can use characters that follow the typical Windows naming conventions.

Once you have added a policy, you should configure the policy and then add agents to the policy.

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

6. Configure a Policy After adding a policy, you need to configure it. Configurations made to a policy affect all agents assigned to it. Here are some key points on each tab to get you started. Note: The Agent Settings, Scanning, Active Protection, Email Protection, and Known Good/Bad tabs are initially read only; click the Edit button to make any changes.

Agents The Agents tab is a view of the Agent Catalog showing all the agents assigned to that policy. From this tab you can add, deploy, or re-assign agents, run scans, and view agent details.

Note: The Agents tab is discussed more fully in the "Agent Catalog" section of the User Guide and online Help.

Agent Settings The Agent Settings tab allows you to configure user interaction, agent logging, server communication, and updates. The default policy is configured to hide the VPE agents from the end users and not allow any interaction by them. Note: If you want the agent to not show up in the Add/Remove Programs, you need to select this option before deploying the agent.

Note: The Agent Settings tab is discussed more fully in the "Policies - Agent Settings Tab" section of the User Guide and online Help.

Scanning The Scanning tab allows you to set the schedule for automatic scans and what those scans will look for. You can also configure action taken on specific types of threats and set to receive emails for detected threats. The default policy is configured to automatically perform a quick scan at 12 noon every weekday and perform a deep scan at 12 noon on weekends. Additionally, the default action for any found threats during a scan is to report only; this is so that you can get a baseline of what

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

applications on the network may be detected as threats (for example, Virtual Network Computing (VNC)). Note: By default, policies only report the existence of spyware and malware and do not remove it.

Note: The Scanning tab is discussed more fully in the "Policies - Scanning Tab" section of the User Guide and online Help.

Active Protection The Active Protection tab allows you to enable and configure the AP settings for agents. AP is disabled by default; so, malware will only be detected during a scan rather than execution.

Note: The Active Protection tab is discussed more fully in the "Policies - Active Protection Tab" section of the User Guide and online Help.

Email Protection The Email Protection tab allows you to enable email protection and control whether the end user can turn this feature off. It is disabled by default; so, malware will only be detected during a scan rather than upon receipt or sending of an email message. Note: If the agent computer uses an email client that requires specific port settings, then those port settings MUST be set the same in this tab. Otherwise, the default of POP3 to 110 and SMTP to 25 is applicable to most configurations, especially over a network. This is mainly changed for agents deployed on laptops or remote users.

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

Note: The Email Protection tab is discussed more fully in the "Policies - Active Protection Tab" section of the User Guide and online Help.

Known Good/Bad The Known Good/Bad tab allows you to list files that you know to be good or bad, so that VPE will automatically allow or block those files accordingly.

Note: The Known Good/Bad tab is discussed more fully in the "Policies - Known Good/Bad Tab" section of the User Guide and online Help.

Allowed Threats VPE's threat database is comprehensive and may detect applications not considered as threats by all end users, such as VNC and Weatherbug. The Allowed Threats tab allows you to list these and other applications so that they will not be quarantined or deleted by VPE.

Note: The Allowed Threats tab is discussed more fully in the "Policies - Allowed Threats Tab" section of the User Guide and online Help.

Deployment The Deployment tab allows you to complete three basic functions: select specific options for auto deployment, enter a machine or a list of machines to which to deploy, and enter a machine or list of machines to exclude.

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

Note: The Deployment tab is discussed more fully in the "Auto Deployment of Agents" section of the User Guide and online Help. Once you have configured a policy, you need to add agents to it.

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

7. Add Agents to a Policy and Deploy Agents to the Workstations After configuring a policy, you must add agents to that policy. Note: An agent can be assigned to only one policy; however, a policy can have multiple agents assigned to it.

To add one or more agents to a policy and deploy them to workstations: 1.

Click the Add Agents icon on the VPE Console toolbar. The Computer Browser dialog box displays giving you a network browser view of machines on your network. Depending on your network and number of workstations, it could take a couple of minutes to display. -orFrom the Agents tab of the policy, select Policy> Add Agents from the toolbar menu. The Computer Browser dialog box displays.

Browse to the workstation(s) and select one or more. -orManually enter the name or IP address of the workstation(s) you want to assign an agent to.

Click OK. The Agent Deployment Wizard displays, allowing you to deploy the agent(s) to the workstation(s). Follow the prompts in the wizard. Note: An Automated Push Installation is the recommended option for the deployment wizard. The display lists machines which have been added to the policy but do not have agents installed. After you have completed this wizard the machines specified will have an agent installed and operate as specified in the policy.

The following conditions are important to follow when deploying agents: •

The account being used to log into the VPE console must have local administrator rights on the agent system. If the account does not have administrative rights to the agent system, you will receive a prompt for proper credentials before the agent deployment will continue. (Simple File Sharing must be disabled on Windows XP.)

•

Must be able to access the UNC path of the agent system (for example, \\machinename\c$).

•

Agent must have ports 18086 and 18082 open through their firewall to insure communication with the server.

Note: This is just the basic idea and method to get you started using VPE. For more information on deploying agents, please refer to the Enterprise Console Help. Once agents are deployed to workstations, you can scan agent workstations.

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

8. Scan Agent Workstations After agents are deployed onto workstations, they will be scanned based on the schedule configured in the policy's Scanning tab.

To scan an agent workstation: 1.

From the policy's Agents tab, right-click the agent and select Scanning>Scan. The Scan Type dialog box displays.

Note: You can select more than one agent to scan. 2.

Select either a Quick or Deep scan and click OK.

Once workstations have been scanned, you can manage agents, quarantined items, and threats and generate reports.

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

9. Manage Agents, Quarantined Items, and Threats After agents are deployed to workstations, from the Console's Explorer you can access information about all agents on your network (Agents), all quarantined items in your network (Quarantine), and all threats in the Threat Database (Threats).

Agents On the Agents page, all agents on your network are listed. Right-click on an agent to view options from a menu. Also, you can double-click on an agent to open a dialog box containing the following tabs: •

Agent Details - displays the workstation environment, severity level detection, agent status, agent software and threat database version information, and a scan summary.

•

Quarantine - displays the items quarantined by the enterprise server for the agent selected.

•

Scan History -contains a history of all scans performed, and the results from those scans, for that workstation.

•

AP History - displays a list of all AP events that occurred on that agent.

•

Email AV History - displays a list of all email AV events that occurred on that agent.

•

System Messages - displays a log of events that occurred on the agent (e.g. AP enabled, service started, etc.).

Quarantine On the Quarantine page, all quarantined items by any agent are listed. There is a single line entry for every unique item quarantined. You can double-click an item to display a grid with details of the machines that have quarantined a particular threat. Right-click on any item to view options from a menu.

Threats On the Threats page, all threats in the threat database are listed. Right-click on any threat to view options from a menu. To get an idea of what deployed agents are finding, you can generate reports.

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153

VIPRE Enterprise

Quick Start Guide

10. Generate Reports After agents are deployed and scanning, you can generate reports to view various details. VPE includes several report templates that you can use as-is or make modifications and save it as a new customized template.

Tip: Run the Executive Summary for a quick overview of what has been found on your network

To generate a report: 1.

From the Explorer under the Report section, select one of the listed reports. The report area displays.

Click Preview. The selected report displays.

Optionally, from the Report toolbar you can select any of the following options for a report:

Show Report Schedule to schedule reports to run automatically at a specific date and time. Show Report Design to change the layout of the report. Save Layout to save your changes to the layout. Export Report to a different file format including PDF, XLS, RTF, TIF, HTM, or TXT. Email Report to you or selected recipients. Table of Contents to create a table of contents for your report. This is typically available only when the report is large enough. o Print to print a hard copy of the report. o Copy to copy the text displayed on the current page of the report. o Find to search for specific details of the report. o Change Page View to change how the pages display on your screen. o Zoom to enlarge a specific area of the report. o Page Scrolling to go to a specific page of the report. o Annotations to add personalized notes to any part of the report. If you experience any problems with VPE, you can contact our technical support at the number listed in the footer below. o o o o o o

Other product and company names herein may be trademarks of their respective companies.

http://www.sunbeltsoftware.com/support support@sunbetsoftware.com Toll-free Technical Support: 877-673-1153