E-mail and Server Security 10.01 Release Notes

E-mail and Server Security 10.01 Release Notes
RELEASE NOTES
F-Secure® E-mail and Server Security
Version 10.01 RTM build 173
Copyright © 1993-2013 F-Secure Corporation. All Rights Reserved.
Portions Copyright © 2004 BackWeb Technologies Inc.
Portions Copyright © 2003 Commtouch® Software Ltd.
This product includes software developed by the Apache Software Foundation (http://www.apache.org/).
Copyright © 2000-2004 The Apache Software Foundation. All rights reserved.
This product includes PHP, freely available from http://www.php.net/.
Copyright © 1999-2006 The PHP Group. All rights reserved.
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).
Copyright © 1998-2012 The OpenSSL Project. All rights reserved.
This product includes cryptographic software written by Eric Young ([email protected]).
Copyright © 1995-1998 Eric Young ([email protected]). All rights reserved.
This product includes software written by Tim Hudson ([email protected]).
This product includes optional Microsoft SQL Server 2008 R2 SP1 Express Edition.
Copyright © 2010 Microsoft Corporation. All rights reserved.
This product may be covered by one or more F-Secure patents, including the following:
GB2353372, GB2366691, GB2366692, GB2366693, GB2367933, GB2368233, GB2374260
1. General
This document contains late-breaking information about F-Secure E-mail and Server Security 10.01.
We strongly recommend that you to read the entire document before installing the software.
2. About F-Secure E-mail and Server Security
F-Secure E-mail and Server Security provides protection for your Microsoft® Windows Server®,
Microsoft® Exchange Server, Microsoft® Small Business Server, Citrix® XenApp, and Windows
Terminal servers. The solution can be licensed and deployed as F-Secure Server Security, on perserver basis, or F-Secure E-mail and Server Security, on per-user or terminal connection basis.
F-Secure E-mail and Server Security replaces previous F-Secure Anti-Virus for Windows Servers,
F-Secure Anti-Virus for Citrix Servers and F-Secure Anti-Virus for Microsoft Exchange products.
With F-Secure Server Security license, you can install the following features:

Virus and Spyware Protection – protects your computer against viruses, trojans, spyware,
rootkits and other malware.

DeepGuard™ – proactive zero-day protection technology detects unknown threats by
monitoring program behavior in real-time and stopping dangerous activities.

Web Traffic Scanning – detects and blocks malicious content in web traffic (HTTP protocol)
to provide additional protection against malware.

Browsing Protection – protection for your terminal users against web browser exploits and
rogue web sites.
With F-Secure E-mail and Server Security license, you can install the following additional features:

Anti-Virus for Microsoft Exchange – protects incoming, outgoing, and internal mail traffic
and Exchange public folders from malware and other security threats and provides content and
attachment filtering.

Spam Control – detects and filters spam messages from e-mail traffic providing real-time
protection against all types of spam, regardless of its content, format or language.
The solution is available in the following languages: English, German, French, Japanese, Italian,
Korean, Spanish, Swedish, and Polish.
3. What's new
3.1 Key features
This section describes features and improvements that have been implemented in F-Secure E-mail and
Server Security 10.00 RC since F-Secure E-Mail and Server Security 9.20:

F-Secure Policy Manager 11 compatibility – added support for the latest version of
F-Secure Policy Manager.

DeepGuard™ version 5 – advanced behavioral analysis techniques have been added to
further improve the malware detection rate.

New Browsing protection and Web traffic scanning – based on the Network Interceptor
Framework to provide smooth protection for Internet browsing independent from the web
browser.

Microsoft® Windows Server 2012 and 2012 R2 – added support for new server platforms.

Microsoft® Exchange Server 2013 – added support for the new Exchange Server version.

Bug fixes – see the list of fixed issues below.

New languages – added localization to Swedish and Korean languages.
3.2 Fixed issues from the previous releases
This section lists important issues fixed in F-Secure E-mail and Server Security 10.01 release:

CSEP-618 Heading “Target” garbled in Scan report on Japanese UI

CSEP-722 ESS/SS 10 doesn't create alert whenever PMS is not reachable

CSEP-230 ESS: FTR incorrectly recognize logfile as bat, cmd or vbs (CTS-85702)

CSEP-600 System is not usable after installing SS/ESS 10

CSEP-617 Typo on ESS 10.00 Web UI PMP Setting in Japanese UI


CSEP-829 Japanese alert e-mail subject garbled in some clients when alert language is set to
JPN
CSEP-68 Delay on network services with AVCS enabled (SPT-253)
4. System requirements
Before you install the product, we recommend that you review sections in this topic to ensure that your
network, hardware, software, and other system components meet the requirements.
Note: The minimum hardware requirements may not be sufficient if you run multiple services on the
same system.
4.1 System requirements for F-Secure Server Security installation
To install F-Secure Server Security, the following minimum hardware and system requirements are
recommended.
Hardware
Computer:
Any computer that meets the requirements for the supported
operating system.
Disk space:
1 GB (1.5 GB free or more is recommended).
Internet connection:
Internet connection is required to receive updates and use
cloud-based detection.
4.2 System requirements for F-Secure E-mail and Server Security installation
To install F-Secure E-mail and Server Security, the following system requirements are additionally
recommended.
Hardware
Computer:
Any computer that meets the requirements for the supported
Microsoft Exchange Server.
Disk space:
10 GB or more.
Internet connection:
Internet connection is required to receive updates and use virus
outbreak, anti-spam and cloud-based detection.
4.3 Supported Operating Systems
The product can be installed on a computer running one of the following operational systems:

Microsoft® Windows Server 2003 with the latest service pack

Microsoft® Windows Server 2003 R2

Microsoft® Windows Server 2008

Microsoft® Windows Server 2008 R2

Microsoft® Small Business Server 2003

Microsoft® Small Business Server 2003 R2

Microsoft® Small Business Server 2008

Microsoft® Small Business Server 2011, Standard edition

Microsoft® Small Business Server 2011, Essentials

Microsoft® Windows Server 2012

Microsoft® Windows Server 2012 Essentials

Microsoft® Windows Server 2012 R2
All Microsoft Windows Server editions are supported except:

Windows Server for Itanium processor

Windows DataCenter and HPC editions

Windows Storage editions

Windows MultiPoint Server

Windows Home Server
Note: For performance and security reasons, you can install the product only on NTFS partition.
4.4 Supported Microsoft Exchange Servers
F-Secure E-mail and Server Security can be installed on a computer running the following Microsoft
Exchange Server versions:

Microsoft® Exchange Server 2003 with the latest service pack

Microsoft® Exchange Server 2007 (64-bit version) with the latest service pack

Microsoft® Exchange Server 2010 service pack 2, service pack 3

Microsoft® Exchange Server 2013

Microsoft® Small Business Server 2003

Microsoft® Small Business Server 2008

Microsoft® Small Business Server 2011, Standard edition
The product supports the following roles of Microsoft Exchange Server 2007/2010:

Edge Server role

Hub Server role

Mailbox Server role

Combo Server (Mailbox Server and Hub Server roles)
Note: The 32-bit version of Microsoft Exchange Server 2007 is not supported.
Important: The Collaboration Data Objects for Exchange (CDOEX) update is required if you plan to
install F-Secure E-mail and Server Security on Microsoft Exchange Server 2007 running on Microsoft
Windows Server 2008 R2. The update and installation instructions are available in Microsoft
Knowledge Base article 98270. It is important to note that the CDOEX update must be installed before
installing Microsoft Exchange Server 2007 SP3.
4.5 Cluster environments
F-Secure E-mail and Server Security 10.01 can be installed on Microsoft Exchange Server clusters.
The following cluster configurations are supported:

Microsoft® Exchange Server 2003 Active-Passive clustering

Microsoft® Exchange Server 2003 Active-Active clustering

Microsoft® Exchange Server 2007 Cluster Continuous Replication (CCR) model

Microsoft® Exchange Server 2007 Single Copy Cluster (SCC) model

Microsoft® Exchange Server 2010 Database Availability Groups
4.6 SQL Server requirements
F-Secure E-mail and Server Security 10.01 requires Microsoft® SQL Server for the quarantine
management. The following versions of Microsoft SQL Server are recommended to use:

Microsoft® SQL Server 2005 (Enterprise, Standard, Workgroup or Express Edition) with the
latest service pack

Microsoft® SQL Server 2008 (Enterprise, Standard, Workgroup or Express Edition)

Microsoft® SQL Server 2008 R2 (Enterprise, Standard, Workgroup or Express Edition)

Microsoft® SQL Server 2012 (Enterprise, Business Intelligence, Standard, or Express Edition)
Microsoft SQL Server 2008 R2 SP1 Express Edition is distributed with the product and can be installed
during F-Secure E-mail and Server Security 10.01 Setup.
Note: Microsoft .NET Framework version 2.0 and Microsoft Windows Installer 4.5 are required to install
Microsoft SQL Server 2008 R2 SP1 Express Edition. They can be downloaded from Microsoft
Download Center. If you plan to have Microsoft SQL Server on the same server, install these
components before installing F-Secure E-mail and Server Security.
Important: We do not recommend using MSDE or Microsoft SQL Server 2005/2008/2008R2 Express
Edition if you are planning to use the centralized quarantine management or if your organization sends
and receives a large amount of e-mails. For more information about the limitations of the Microsoft SQL
Server 2005/2008/2008R2 Express Edition or MSDE, see the product manual.
4.7
Supported terminal servers
F-Secure E-mail and Server Security 10.01 supports the following terminal server platforms:

Microsoft Windows Terminal/RDP Services (on the above mentioned Windows Server
platforms)

Citrix® Presentation Server 4.5

Citrix® XenApp 5.0

Citrix® XenApp 6.0

Citrix® XenApp 6.5
4.8 Centralized management requirements
F-Secure Policy Manager 10.20 or later is required if you plan to centrally manage F-Secure Server
Security or F-Secure E-mail and Server Security installations.
4.9 Other requirements
To administer the product with F-Secure Web Console, one of the following web browser software is
required:

Microsoft Internet Explorer 7.0 or later

Mozilla Firefox 3.0 or later

Google Chrome (up-to-date versions)
Any other Web browser supporting HTTP 1.0, SSL, Java scripts and cookies may be used as well.
Before you log in to F-Secure Web Console, check that JavaScript and cookies are enabled in the
browser. You need to add the address of F-Secure Web Console (https://127.0.0.1:25023/) to
the Trusted sites in the Internet Explorer security options to make sure that F-Secure Web Console
works properly.
5. Setup and configuration
5.1 Installation instructions
Note: Before you install F-Secure Server Security or F-Secure E-mail and Server Security, uninstall
any potentially conflicting products, such as other antivirus or server security software.
To install the product, you need to log in with administrator-level privileges.
Refer to the manual for detailed installation instructions.
5.2 Remote installation
Remote installation with F-Secure Policy Manager is possible for F-Secure Server Security only. To
deploy F-Secure E-mail and Server Security, you need to make the attended installation either locally
or over the remote desktop connection.
5.3 Compatibility with F-Secure Policy Manager
The product is not compatible with older versions of F-Secure Policy Manager. To administer the
product with F-Secure Policy Manager, use version 10.20.
5.4 Upgrade installation
You can upgrade F-Secure Server Security or F-Secure E-mail and Server Security from the previous
versions of F-Secure products by running the setup program and following the installation instructions.
You can upgrade the following product versions:

F-Secure Anti-Virus for Windows Servers 9.0

F-Secure Anti-Virus for Citrix Servers 9.0

F-Secure Anti-Virus for Microsoft Exchange 9.0 or 9.10

F-Secure Server Security 9.20 or 10.00

F-Secure E-mail and Server Security 9.20 or 10.00
Refer to the manual for detailed upgrade instructions.
Note: Upgrade or reinstall the product above similar PSB products are not supported. Uninstall PSB
Sever Security or PSB E-mail and Server Security before installing this product.
5.5 Using pre-installed Microsoft SQL Server
Microsoft SQL Server 2008 R2 SP1 Express Edition is distributed with the product and included in the
product installation package. If you need to use F-Secure E-mail and Server Security with your own
installation of Microsoft SQL Server, make sure that you select the Mixed mode in the Authentication
mode page. To change the authentication mode after the installation, refer to the Microsoft SQL Server
documentation.
5.6 Reconfiguration of Quarantine storage
During the installation, F-Secure E-mail and Server Security is configured to exclude all its working
folders from the real-time file scanning to prevent interferences with any operation of the e-mail
scanning. If the location of the Quarantine storage folder is changed in future, you need to reconfigure
the product to exclude the folder from the real-time file scan. Refer to the manual for detailed
instructions on adding such exclusions.
5.7 Uninstallation instructions
To uninstall F-Secure Server Security or F-Secure E-mail and Server Security, use Add or Remove
Programs from the Windows Control Panel. Restart the server after uninstalling all the components.
Note: Some files and directories may remain under the product installation directory
(%ProgramFiles(x86)%\F-Secure), programs data directory (%ALLUSERSPROFILE%\F-Secure), and
user’s temporary directories (%TEMP%) after you uninstall the product. We recommend that you
remove these directories and files manually.
6. Known issues
6.1 Installation and uninstallation
Default F-Secure Policy Manager port can be busy on servers with Microsoft Exchange (CTS62982)
When installing F-Secure Policy Manager and F-Secure E-mail and Server Security on the same
server, make sure that you specify the correct port number of the Policy Manager Server. If you did not
specify the correct port number during the installation, you can change it later with F-Secure Web
Console.
Admin.pub cannot be located during installation on Windows Server Core edition (CTS-69882)
When installing the product on Windows Server Core platform, the Browse button in the Setup wizard
is not functioning because the common Windows dialog is missing. As the workaround, you can enter
the path to the admin.pub file manually.
Entering full license key does not activate On Access Scanning and On Demand Scanning
immediately (CTS-70470)
When your evaluation version of the product expires and you enter the full license key, on-access and
on-demand scanning may not be activated immediately and thus not provide full server protection. It
may take up to half an hour before the product gets fully functional. In order to speed up the license
activation process, you can restart FSGKHS service or reboot the server.
Shifting evaluation license from one product to another is not supported
You cannot register the evaluation installation of F-Secure Server Security with the full license key for
F-Secure E-mail and Server Security or vice versa. If you want to purchase a license for different
product, uninstall the evaluation product first.
6.2 Virus and Spyware Protection
Scanning big folders does not disinfect found malware if scanning is interrupted (CTS-68901)
When a manual scan task that was started from the Web Console is interrupted, the admin-defined
actions may not take place for found malware or spyware items. You need to run the manual scanning
again and wait until it is completed for the actions to take place.
Quarantined files are not restored with original file attributes (CTS-67794, CTS-67800)
The advanced file attributes (as compression or encryption) as well as symbolic link information are not
preserved when a file is placed to the quarantine. Therefore, when the file is restored from the
quarantine, it does not get all original attributes back. If the file had originally any of the advanced file
attributes set, you need to restore them manually after restoring the file from quarantine.
EFS encrypted file cannot be scanned via scheduled scanning (CTS-88303/CSEP-221)
Scheduled scan failed to scan an encrypted file with eicar.com inside and returns the error "file cannot
be opened". There can be many users on server and every user can have own encrypted files. To scan
those files, scanning must run with every user credentials which is impossible. Workaround is to use
manual scanning for those files.
6.3 DeepGuard
DeepGuard installation requires Microsoft Windows 2003 Server reboot
If the product is installed with DeepGuard protection component on Microsoft Windows 2003 Server
platforms, you need to restart the server to finalize the installation.
DeepGuard 4 does not work on Windows Server 2003 64-bit
The 64-bit version of Windows Server 2003 does not include upgraded driver support routines of
Microsoft's PatchGuard, which prevents kernel modifications. This makes this specific version of
Windows incompatible with DeepGuard. If you are using the 64-bit version of Windows Server 2003,
we recommend that you upgrade your operating system to benefit from our award winning DeepGuard
technology.
6.4 Browsing Protection
Change in Browsing protection settings may look ineffective due to caching
Sometimes it may seem that a change in Browsing protection settings is not applied, because the
browser finds the page content from the cache. Use Ctrl-F5 to ignore the cache and reload the content.
Browsing protection search results
Browsing protection does not show safety ratings on search result pages that use HTTPS.
6.5 Web Traffic Scanning
Web Traffic Scanning does not handle encrypted traffic
The current version of NIF-based Web Traffic Scanning cannot handle the content of encrypted
network traffic, e.g. HTTPS protocol.
Web Traffic Scanning causes download speed to decrease (CTS-90775/SPT-255)
In some cases, the download speed is affected by Web Traffic Scanning resulting in slow download
speeds.
6.6 Web Console
Manual Scanning does not allow to scan mapped network drives/shares (CTS-70572)
When you log in to Web Console, it does not load the full user profile, so you cannot scan a network
drive or share from the manual scanning page. Scan network drives/shares with “Virus and spyware
scanning” menu from F-Secure icon in the system tray or with the “Scan Folder for Viruses” menu from
Windows Explorer.
Internet Explorer 8 may show the security warning on the login page (CTS-70956)
If the session expires, the Web Console returns to the login page automatically. When this happens,
Internet Explorer 8 may show the security warning about content that may be delivered using nonsecure connection. You can ignore this warning.
Web Console might delay on refreshing the page automatically
Sometimes after you change and save a new setting (for example, Language of the user interface),
there may be a few second delay while the Web Console tries to automatically refresh the page.
6.7 Cluster environments
Messages may not be scanned when Exchange is moved from one cluster node to another
(CTS-62925)
When Exchange cluster groups are moved from one node to another while the product is running on
Active-Passive cluster environment, F-Secure Anti-Virus for Microsoft Exchange service can be down
for a short time. While the service is down, some e-mail messages may not be scanned on the
transport level. However, all e-mail messages and attachments are scanned without interruptions on
the storage level.
Incorrect quarantine statistics are shown when Web Console is open on the passive node (CTS63021)
Quarantine and other product statistics are not updated on the passive node as some of the product
services are down or suspended. Therefore, when you connect to the Web Console on the passive
node, the product status and statistics are not shown correctly. We strongly recommend that you
connect to the Web Console using the name or IP address of the cluster instead of the name or IP
address of the cluster nodes.
6.8 Disclaimers
Disclaimers are not added to messages release from quarantine (CTS-67265)
Disclaimers are not added to outbound mails that are manually released from the Quarantine, since it is
not possible to say if they are really safe or not.
Disclaimer is not added to TNEF mails with empty body (CTS-70123)
Disclaimer is not added to TNEF encoded mails with empty body that have no text and no attachments.
This problem occurs only on Microsoft Exchange Server 2007.
Disclaimer is not added to mails if sender/recipient is in the list of trusted senders/recipients
(CTS-70124)
If the e-mail sender or recipient is included to the Trusted Senders or Trusted Recipients list, the
disclaimer is not added to the message.
6.9 Quarantine
Recipients are not listed for quarantined attachments that are blocked in real-time (CTS-73434)
If malicious or disallowed attachments are blocked during real-time scanning in the Exchange store,
they are listed in the Quarantine Query without the name of the corresponding recipient mailbox where
they have been blocked. However, the information about the mailbox that contains the malicious or
disallowed attachment can be found in the product alerts.
7. Contact information and feedback
We are looking forward to hearing comments and feedback on the product functionality, usability and
performance.
Please report any technical issues through the F-Secure support web site: http://support.f-secure.com/
Before sending us a report about your issue, run F-Secure Support Tool FSDiag.exe on the host that is
running F-Secure Server Security or F-Secure E-mail and Server Security. This utility gathers basic
information about hardware, operating system, network configuration and installed F-Secure and thirdparty software. You can run the F-Secure Support Tool from the Web Console as follows:
1. Log in to the Web Console.
2. Type https://127.0.0.1:25023/fsdiag/ in the address field of the browser. (If you are accessing
the server remotely, use the real IP address of the server instead of 127.0.0.1).
3. F-Secure Support Tool starts automatically and the dialog displays the data collection progress.
4. When the tool has finished collecting the data, click Report to download and save the collected
data
You can also run the FSDiag.exe utility under F-Secure\Common folder. The tool generates a file
called FSDiag.tar.gz.
8. F-Secure license terms
F-Secure license terms are included in the software. You must read and accept them before you can
install and use the software.
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement