DocAve Antivirus 3.0 for Microsoft SharePoint 2007

Page | 1

DocAve Antivirus 3.0 for Microsoft SharePoint 2007

User Guide

Protect your Microsoft Office SharePoint Server 2007 or Windows SharePoint Services 3.0 Farm Using DocAve Antivirus for SharePoint

This document is intended for anyone wishing to

familiarize themselves with the user interface and

basic functionality of DocAve Antivirus, including

real-time and scan-based farm protection from

malicious viruses and other malware.

Page | 2

Table of Contents

Table of Contents................................................................................................................................................... 2

Basic Overview .......................................................................................................................................................... 3

Requirements ........................................................................................................................................................ 3

Supported Platforms ............................................................................................................................................. 3

Installation ............................................................................................................................................................ 4

Installation Steps ....................................................................................................................................................... 4

Web Front-end Settings ............................................................................................................................................ 4

License Management ............................................................................................................................................ 5

Patch Management .............................................................................................................................................. 5

Basic Configuration ................................................................................................................................................ 6

Database Configuration............................................................................................................................................. 6

Creating a new database ...................................................................................................................................... 6

Connecting to an existing database ...................................................................................................................... 6

General Settings .................................................................................................................................................... 7

Quarantine Settings .................................................................................................................................................. 7

Log Settings ............................................................................................................................................................... 7

Email Profile .............................................................................................................................................................. 8

Email Settings ............................................................................................................................................................ 8

Editing the email template .................................................................................................................................... 8

Scan Engines Management ....................................................................................................................................... 9

View Trend Micro Scan Engine information .......................................................................................................... 9

Update the scan engine ........................................................................................................................................ 9

Specify a Client Proxy ............................................................................................................................................ 9

Scheduled Scan Profile ............................................................................................................................................ 10

Antivirus .............................................................................................................................................................. 11

Real-Time Scan Settings .......................................................................................................................................... 11

Scheduled Scan ....................................................................................................................................................... 11

Reporting ................................................................................................................................................................. 12

Page | 3

Before You Begin

Basic Overview DocAve Antivirus for Microsoft SharePoint scans SharePoint content and files as they are uploaded in to

SharePoint, as well as scanning existing content that has already been uploaded in to your SharePoint

environment for viruses. It is fully integrated in to SharePoint’s Central Admin, from where you can deploy

and manage the filters on your SharePoint web front-end (WFE) servers efficiently and easily. Access to this

tool is limited to the SharePoint Farm Administrator.

Requirements The supported platforms for DocAve Antivirus are listed below. There are no additional system

requirements beyond what is required by SharePoint. The number of scanning threads run and the amount

of content in your environment will determine the resource impact on your system.

Supported Platforms Like all DocAve products, DocAve Antivirus for Microsoft SharePoint runs in a Manager/Agent configuration.

This configuration requires that the Antivirus Manager be installed on the same WFE as the SharePoint

Central Administrator and then deploying Agents to all SharePoint web front-ends (WFE) where users are

able to create or upload content. By ensuring that the Agents have been deployed to all WFEs you can

ensure maximum protection for your farm. Your SharePoint WFEs and SharePoint Central Admin Server must

be running on:

Microsoft Office SharePoint Server (MOSS) 2007 or Windows SharePoint Services (WSS) v3

Windows Server 2003, 2008, or 2008 R2

SQL Server 2000, 2005, 2008, or 2008 R2 (32 or 64 Bit for all versions listed. Standard,

Enterprise, or Express for all applicable versions.)

.NET Framework v2 or higher

Page | 4

Installation

The DocAve Antivirus Installation Wizard will guide you through the installation process. By following the

steps below, you will have DocAve Antivirus protecting your environment quickly and easily.

Installation Steps Begin by running the Installation Wizard on the SharePoint Central Admin server first. This will allow you to

remotely deploy the WFE agents for this software from Central Admin.

Note: If you have installed any previous version of the DocAve Antivirus and Content Shield, and are now

upgrading to DocAve Antivirus for Microsoft SharePoint 3.0, please uninstall the previous version of DocAve

Antivirus and Content Shield first, before installing DocAve Antivirus for Microsoft SharePoint 3.0.

1. Download the DocAve Antivirus for Microsoft SharePoint .ZIP file by requesting a Free Trial from

http://www.avepoint.com/download/ or by contacting an AvePoint representative for links to

this package.

2. Unzip the package on your SharePoint Central Admin Server.

3. Run the setup.exe file found in the unzipped directory.

4. Follow the steps on screen for configuring this tool. You will be asked for your name, company

information, and for the directory where you wish to install this software.

5. After installing the tool, you will be prompted to restart IIS* in order to complete the installation.

You can choose to reset IIS later by selecting No.

*Note: The IIS reset does not immediately restart the IIS service, but performs a “no-force” reset

of the IIS processes. Any processes currently running will be allowed to finish before this reset

takes place. If you choose to reset IIS at a later time, the installation will not be completed until it

is reset.

Congratulations! DocAve Antivirus for Microsoft SharePoint is now installed on your Central Admin Server.

Web Front-end Settings In order to protect your SharePoint environment, you must next configure DocAve Antivirus for Microsoft

SharePoint on each SharePoint web front-end server (WFE) in your environment. The WFE will execute

both the scheduled scan and real-time scan of your environment, based on the configuration set in the Central

Administration WFE Manager.

1. Navigate to Central Administration > Operations > DocAve Antivirus for Microsoft SharePoint >

Front-end Settings. This will list the available front-end servers in the Front-end Server list.

2. Click on the name of the front-end server where you want to deploy DocAve Antivirus for

Microsoft SharePoint, and select Deploy Now.

http://www.avepoint.com/download/

Page | 5

*Note: For remote installations in certain environments, if the deploy status continues to be Deploying after

several minutes, you may encounter a warning stating Please ensure the Windows SharePoint Timer Services

are in the running status. Please access the Event Viewer for that respective WFE,, and restart the service if

necessary.

License Management After installation, you must next apply the Antivirus license file for your Front-end servers. You can obtain

this license from your AvePoint sales representative. To assign a license to the Front-end server, please follow

the steps below:


Front-end Settings.

2. Under the License Management section, click the Browse button and select the license you wish

to apply. Click the Apply button, this will display detailed information about the license above.

3. Select the web front-end servers you want to assign the license to from the Front-end Server List

by clicking the front-end server’s name, and then clicking Apply License.

4. After assigning a license to a front-end server, the license status of the server will change to

Applied.

Patch Management DocAve Antivirus for Microsoft SharePoint Patch Management allows you to update the current version of

DocAve Antivirus for Microsoft SharePoint from within the program.


Front-end Settings.

2. Under the Patch Management section, click the Browse button and select the patch you wish to

load. Click the Load button, detailed information for this patch will then be listed underneath.

Select all front-end servers that have DocAve Antivirus for Microsoft SharePoint installed and

then click Apply button. Please note that you must select all servers with DocAve Antivirus for

Microsoft SharePoint at once, or the upgrade will fail.

Page | 6

Basic Configuration

Database Configuration The DocAve Antivirus for Microsoft SharePoint installation requires an application database to store its

settings and configurations. You can deploy this application database to the same SQL server instance as

SharePoint or to another SQL instance connected to your network.

Creating a new database To create a new database for the DocAve Antivirus for Microsoft SharePoint, follow the steps below.

1. Navigate to the Central Administration > Operations tab. Here you will see the AvePoint Tools

and Services field. Click the DocAve Antivirus for Microsoft SharePoint option.

2. If you did not specify a database for the application during installation, an interface will pop-up

and prompt you to do so.

3. Select the Create a new database option from the Application Database Type category.

4. Enter the database server name into the Database Server text box, and then the database name

for the new database you want to create for DocAve Antivirus.

5. Select an authentication type by checking the corresponding check-box. If you select the SQL

Server Authentication option, you will need to enter the necessary information in the SQL

Account and Password fields.

6. Click the Create button to create the new database for the application.

Connecting to an existing database To connect an existing database to use as the DocAve Antivirus for Microsoft SharePoint application database,

follow the steps below:

1. Navigate to the Central Administration > Operations tab. Here you will see the AvePoint Tools

and Services field. Click the DocAve Antivirus for Microsoft SharePoint option.

2. If you did not specify a database for the application during installation, an interface will pop-up

prompting you to do so.

3. Select the Connect to an existing database option from the Application Database Type.

4. Enter the database server name into the Database Server text box, and then the database name

you want to connect for DocAve Antivirus.

5. Select an authentication type by checking the corresponding check-box. If you select the SQL

Server Authentication option, you will need to enter the necessary information in the SQL

Account and Password fields.

6. Click the Connect button. This will connect the database to the application.

Page | 7

*Note: In order to protect your environment, it is recommended to create a new database by DocAve Antivirus

for Microsoft SharePoint or connect to an existing database which created by another DocAve Antivirus for

Microsoft SharePoint WFE installation.

General Settings

This section details several important settings to configure for DocAve Antivirus for Microsoft SharePoint after

installation.

Quarantine Settings The DocAve Antivirus for Microsoft SharePoint application allows you to either immediately delete offending

data or store offending data in a quarantined location in your environment, preventing access to the offending

content from SharePoint without removing it. Access to this location should be restricted as the contents of

the quarantined location may be infected or harmful. Using these settings, you can specify the location,

maximum space, time period to keep the files, the email notification and quarantine clearing options.

1. Naviagate to Central Administration > Operations > DocAve Antivirus for Microsoft SharePoint >

Quarantine Settings.

2. Enter a location for the quarantine into the Quarantine Path area. If the path you specify is a

network path, you must specify a user account with access to that location.

3. Set the maximum space for the quarantine, and then specify the time period to keep files in the

quarantine. By default, the time period for the files in the quarantine is 30 days.

4. You may optionally select the Warning Notification option. When selected, the program will send

a notification email once the capacity of the quarantine location is less than 10% of the available

quarantine space.

5. In the Auto Clean Quarantine field, you may wish to select Clean up quarantine automatically, the

quarantined file will be automatically deleted when the file size exceeds 90 percent of the

limitation. And the quarantined file size will be checked every 10 minutes. If Time Period option

and Clean up quarantine automatically option are selected together, it will clean up the files

accordingly when the condition meets at least one requirement.

6. Click the Save button to save the configuration. You can go to View Quarantine to view the files

in the quarantine.

Log Settings Log Settings allows you to configure the log level for each feature and specify the maximum storage time for

the log report. After configuring these settings, click the Save button to save the settings or the Reset button

to clear the configuration.

*Note: If you are experiencing any issues with this product, we ask that you set all log-levels to Debug before

contacting AvePoint technical support.

Page | 8

Email Profile This section allows you to create various email profiles to distribute relevant information to different mailing

lists, which can then be selected to receive emails after certain events. To create an email notification profile,



Email Profiles. From here, you can view any previously created email profiles in the left-hand

column.

2. Click the New Profile button to create a new profile. Enter a profile name into the provided field.

3. Enter your Outgoing Mail Server (SMTP) and specify the corresponding port for it. The default

SMTP port number for most environments is 25.

4. If you have configured any authentication requirements for your mail server, you must configure

the Email Server Authentication to comply with those requirements..

5. In the Sender field, enter the email address you would like the notifications to come from.

6. Enter the recipients you would like to include in this profile under the Recipients field. Multiple

recipients can be added to the recipient text box by entering each new recipient on their own

line*.

7. You can click the Test button to test the configuration. If the test is successful, the recipient(s)

you have specified for this profile will receive a test email message.

8. Click the Save button to save the configuration, it will now be listed under Email Profiles and can

be selected to receive notifications from the DocAve Antivirus.

*Note: Please ensure that the account used to send emails is not in the profile’s recipients list. This will

cause an error in the messaging system.

Email Settings This section is used to further customize the notifications which the recipients of an email profile will receive.

Begin by selecting the desired email profile by selecting the profile from the drop-down box for each module,

you can then edit the mail template for each module.

Editing the email template 1. Navigate to Central Administration > Operations > DocAve Antivirus for Microsoft SharePoint >

Email Settings.

2. Click the Edit Mail Template for the module you want to edit.

3. Select the keywords you want to add to the subject from the first Value Keywords drop-down box,

and then click the Add button, the keywords will be added into the subject.

4. Select the keywords you want to add to the message body from the second Value Keywords

drop-down box, and then click the Add button, the keywords will be added into the main body.

5. You can then enter any additional content you want sent in the email template.

Page | 9

6. Click the OK button to save the configuration for specific feature; or the Cancel button to cancel

the settings.

Scan Engines Management In this section, you can view information about the Trend Micro Scan Engine, update the scan engine, and

clear the collected statistics.

View Trend Micro Scan Engine information If you want to view information about the Trend Micro Scan Engine, follow the steps below.

1. On Front-end Server List page, select the check-box of Front-end Server which you want to view

information.

2. Click Show, you will see the details about Scan Engine Response Data and Scan Engine Statistic

Data. You can also click the server name to select Show.

Update the scan engine By default, the scan engine does not check for scan engine updates on a schedule automatically. If you want to

update the scan engine by schedule, you can set up the schedule by going to the Virus Signature Database

Version > Update tab, and then selecting the check-box next to Schedule. Each WFE must be able to access the

Internet in order to update the scan engine.

1. On Front-end Server List page, select the check-box of Front-end Server which you want to

specify an update schedule.

2. Click Schedule, then a Virus Signature Database Update Schedule dialog box will pop up. You can

also click the server name to select Schedule.

3. Select the update interval from Automatically Updates drop-down box and then click OK to save

the schedule.

4. After the setup, it will be displayed under Update Schedule column on Front-end Server List page.

5. If you want to do the update immediately, you can select the front-end server and then click

Update Now. You can also click the server name to select Update Now.

6. You can also cancel the update schedule of a front-end server by selecting the front-end server

and clicking Reset on the ribbon. You can also click the server name to select Reset.

Specify a Client Proxy If your WFEs do not have internet access and you wish to configure a proxy server you may do the steps

below. Here you can specify a Client Proxy to update the scan engine for any WFEs that cannot access the

Internet.

1. Click Settings, then a Proxy Settings dialog box will pop up.

2. Check the User HTTP proxy server check box.

3. Enter the IP address or the machine name of the server which you want to utilize as a proxy to

update the scan engine. Please ensure this machine can access the Internet.

4. Specify a TCP/IP port for the Scan Engine. By default, the port number is 80.

Page | 10

5. Enter a username and password with the appropriate level of access to this machine.

6. Click OK to save the configuration, all WFEs will update the scan engine through this specified

machine.

*Note: Please make sure you can connect to the machine from the Central Administration Server and all other

WFEs.

Scheduled Scan Profile These profiles allow you to configure the basic settings for scheduled scan jobs.

Profile Name: Enter a profile name for the scheduled scan profile into the provided field.

Number of Threads: This will start several threads while scanning for a virus. The scans will be

faster and more efficient if you specify a higher thread count, however, this will require more

system resources.

Scan File Versions: Scans all versions of the files in SharePoint if you select this option, since each

SharePoint version is a unique object, it is recommended that all versions are scanned.

Virus Scan Action: Allow you to configure what happens to infected files for different file rules

during a scheduled scan job.

Basic Virus Rule: The operation specified in this field is used for any files infected with

common, repairable viruses. There are four actions you can select: Clean, Delete, Quarantine,

and Report,.

Clean: Clean the infected documents by deleting the infected parts of the file.

Delete: The content of the infected file will be replaced by detailed information of

the job which deleted it.

Quarantine: A .dat file and a .xml file of the infected file will be created in the

quarantine.

Report only: Generate a report for each infected file. You can navigate to Central

Administration > Operations > DocAve Antivirus for Microsoft SharePoint > Scheduled

Scan Reports and click on the corresponding scheduled scan job to view the reports.

Un-repairable Virus Rule: The operation specified in this field is used for any files infected

with un-repairable viruses. There are three actions you can select: Delete, Quarantine, and

Report,.

Delete: Contents of the infected file will be replaced by a detailed report of the job

that deleted it.

Quarantine: A .dat file and a .xml file of the infected file will be created in the

quarantine location.

Report only: Generate a report for each infected file. You can navigate to Central

Administration > Operations > DocAve Antivirus for Microsoft SharePoint > Scheduled

Scan Reports and click on the corresponding scheduled scan job to view the reports.

Page | 11

Customize Delete and Quarantine Information: Allow you to configure what information will

appear to the users when the item is deleted or quarantined.

Click the Save button to save the configuration, and then the profile will be listed on the left column.

Antivirus

After configuring the basic configuration settings above, you may now configure the settings to scan files for

viruses in SharePoint. DocAve Antivirus for Microsoft SharePoint allows you create rules for the scan engine

which it will use to scan the content in SharePoint accordingly.

Real-Time Scan Settings

After configuring the initial settings, DocAve Antivirus will perform a real-time scan of the files in the

SharePoint farm with this product deployed. There are several options you can configure for real-time

scanning:

Antivirus Settings: Specify when you want the files to be virus scanned, whether users are allowed

to download infected documents, and whether you want your virus scanner to clean infected files.

o Please note that only when Scan documents on upload or Scan documents on download is

checked will the settings for a real-time scan will work.

Antivirus Time Out: Enter a number into the Time out duration box. If the time waiting for a server

response is longer than the time you specify, the scan will be considered a Time out.

Antivirus Threads: Enter the number of threads you wish to use when scanning into the Number of

threads text box.

o The more threads you allow the tool to create the faster and more efficient the scanning will

be, however, this will require more system resources.

Click the Save button to save the configuration.

Scheduled Scan Scheduled Scan allows you set up a plan to scan the content in specific site at a specified time. To set up a plan,



Scheduled Scan.

2. Enter a plan name into the provided field.

3. Clicking on the name of the farm will expand the tree further to display any sub-items.

4. Select the content you want to scan by checking the corresponding check-boxes.

5. You can set the scan job to run on a schedule by checking the Enable Full Schedule or Enable

Incremental Schedule check-box.

Page | 12

6. Using the calendar icon next to the Start Time field, select a date for the scan job to run, and then

select the time from the corresponding drop-down box.

7. Set an interval for recurring rules based on Only Once, by Minute, by Hour, by Day, by Week, or

by Month.

8. There are two scan types: Full and Incremental.

Full: This will scan all content in the specific location.

Incremental: This option scans only the changes from the previous scan job in the

specific location (including creating / updating the items).

*Note: If no full scan has been performed previously, the incremental option will perform an

initial full scan job by default. Although incremental scans improve performance, a full scan

is recommended whenever your Trend Micro Scan Engine receives a new virus definition

update.

9. You may enter a Description in the field provided to help distinguish this job in the report.

10. Select a scheduled scan profile from the drop-down box. It is a mandatory option.

11. Select an email profile from the drop-down box; this contains the list of profiles that you created

earlier in the Email Profile section. This feature is optional.

Reporting After scanning the content, DocAve Antivirus will generate a report for the job. There are two kinds of

reports: Real-Time Reports and Scheduled Scan Reports.

For the Real-Time Reports, all infected files will be listed in the report list. You can view more detailed

information of the infected files in the list.

For the Reports generated by scheduled scanning jobs, all scheduled scanning jobs will be listed in it. You can

view more detailed information and the job status for the scanning plan. By clicking the job name, you can

view the detailed information of the infected files found in the job including:

Name: the name of the infected file.

Status: the current status of the file.

Result: the operation result of the file.

Virus: the virus ID, violation name and virus count.

Scan Time: the time of the scan time.

User: the owner of the file.

Size: the size of the infected file.

URL: the URL of the file.

Page | 13

Copyright

2010 AvePoint, Inc. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written consent of AvePoint, 3 Second Street, Jersey City, NJ 07311, USA Trademarks AvePoint DocAve® , AvePoint logo, and AvePoint, Inc. are trademarks of AvePoint, Inc. Microsoft, MS-DOS, Internet Explorer, Microsoft Office SharePoint Servers 2007, SharePoint Portal Server 2003, Windows SharePoint Services, Windows SQL server, and Windows are either registered trademarks or trademarks of Microsoft Corporation. Adobe Acrobat and Acrobat Reader are trademarks of Adobe Systems, Inc. All other trademarks are property of their respective owners. Changes The material in this document is for information only and is subject to change without notice. While reasonable efforts

have been made in the preparation of this document to assure its accuracy, AvePoint makes no representation or

warranty, expressed or implied, as to its completeness, accuracy, or suitability, and assumes no liability resulting from

errors or omissions in this document or from the use of the information contained herein. AvePoint reserves the right to

make changes in the product design without reservation and without notification to its users.

AvePoint 3 Second Street Jersey City, NJ 07311 USA

20101029.084328

DocAve Antivirus 3.0 for Microsoft SharePoint 2007

Documents

Transcript of DocAve Antivirus 3.0 for Microsoft SharePoint 2007