Central Anti-Virus/SpyWare Server
___________________________________________________________
Contents: Lab-status | SAV-Info
| Thumb Drives | Desktop-Admin-Info | FAQ | World
Activity | Version
_______________________________________________________
The Computing Division maintains a Central Anti-virus/Spyware management facility here at Fermilab. This system provides central virus signature updates and logging controls for all of the Windows based systems supported by the Computing Division. We are currently using the Symantec Enterprise Edition version 10 product to help protect our community from Virus, Adware, and Spyware issues.
Current World Virus Activity:
-----------------------------------------------------------------------------------------------------------------------------------------------
Fermilab Status:
We are currently using the Symantec Enterprise Edition version 10.1/10.2 products to help protect our community from Virus, Adware, and Spyware issues. This software is a combination of client and server software that works in tangent to monitor and alert for virus issues. Version 10 of the Symantec product now includes real time protection for adware, and spyware compared to version 9 where the protection only occurred during scheduled scans. Version 10 also includes the ‘Tamper Protection’ feature that provides protection to the Symantec software from hackers that attempt to deactivate or modify Symantec’s code.
Current Symantec supported Windows XP/2000/Server 2003 client – Version 10.1.0.401 or higher
Current Mac supported version – 10.0
Windows Vista/Server 2008 Clients – 10.2.1.1000
Please note: If you are
running any version of 10.0 or 10.1, you MUST update to at least 10.1.0.401
to correct a serious exploitable issue by order of the Fermilab’s Computer
Security Team (12-26-2006).
--------------------------------------------------------------------------------------------------------------------------------
Latest Symantec Client software version is
10.1.8.8000 (XP, 2000/2003) and 10.2.2.2000(Vista, Server 2008)
(Note: Version 10.2 is only for Windows Vista/Server 2008 systems, and
Symantec will not be releasing a 10.2 version for Windows XP or Windows
2000/2003)
Version History:
10.1.0.401 Current
Base
10.1.4.4000 – No major
client enhancements
10.1.5.5000 – no major
client enhancements
10.1.5.5001 – minor
update, but no major client enhancements
10.1.5.5010 – minor update for report
server, but no major client enhancements (12-26-2006)
10.2.0.276 – Version
that will support Windows
(note, the
XP/2000/2003 code is still at 10.1.5.5000 in the 10.2 CD image)
10.1.6.6010 – updates
to correct SAV Report server – no major updates for XP or 2000 Clients
10.2.1.1000 –
Corrected issues with Vista client and added Server 2008 Support
10.1.7.7000 – Minor
updates for Symantec server code
10.1.8.8000 – Minor
updates for Symantec server code
10.2.2.2000 –
Corrected minor issues with Vista and Server 2008 clients
To determine which version you are running, please click here.
----------------------------------------------------------------------------------------------------------------------------------
Version 10.1 Changes/Enhancements/Known Issues
Known issue with OUTLOOK: (not outlook express)
Enhancements for e-mail:
-----------------------------------------------------------------------------------------------------------------------------------------------
Latest Virus Threat Information from SYMANTEC: click here
-----------------------------------------------------------------------------------------------------------------------------------------------
Information for Desktop SAV Administrators:
There are special details for those desktop administrators that support the desktops/laptops. Please Click here for those details.
-----------------------------------------------------------------------------------------------------------------------------------------------
Portable thumb drives or USB memory sticks are a handy way to transport data from computer to computer. Unfortunately, this is also a handy way to obtain a virus or malware. The Symantec AV software will prevent unwanted virus/malware from infecting your computer. It is also good practice to scan any unknown data from a thumb drive before copying or executing any application from the drive.
To scan the thumb drive, after it is installed, the drive will be assigned a drive letter like any other disk drive. Simply bring up “MY computer” or run explorer. If you select the thumb drive device and ‘right mouse’ click, you will see something like this:
If you chose the ‘Scan for Viruses’ selection, this will invoke the startup for the Symantec Anti-virus scanning software for that particular device.
After the scan is complete, you should see something like this:
Q. How do I get the latest version of the
software?
A. The software is licensed code, and is distributed to the desktop support teams. Please contact your desktop support group for assistance.
Q. I got a message that I got a virus. What do I do?
A. In most cases, when you get a pop-up message regarding a virus, the Symantec software will either repair or move the offending file(s) to the quarantine folder. Automatically, your desktop support group should have been informed, and they should be contacting you shortly. If you recently were reading e-mail, browsing the web, or downloading/installing software, please make a note of this and have that information ready.
Q. What if I already have spyware protection software?
OR
Q. I’m getting messages from ‘Tamper Protection’ saying some application is trying to alter Symantec’s code. Why?
A. It is not advisable to be running multiple virus/spyware detection software on the same machine at the same time. Prior to version 10 of Symantec’s antivirus product, we did not have real-time protection against adware and spyware; so many users installed such products. There are many products available that will do adware and spyware protection (like spysweeper, Microsoft Defender, etc.) unfortunately, the license agreement on many of these products are only for personal use, and using such products here at Fermilab would be in violation. Additionally, some of these products are still in ‘Beta’ testing, and hence should not be used on production desktops. Additionally, we use the new feature in Symantec version 10 called Tamper protection. This feature reduces the additional known attack used by hackers where the attack program disables or modifies the anti-virus software. Tamper protection reduces this ability by monitoring the Symantec software for such attempts. Unfortunately, 3rd party adware/spyware products may interfere with the Tamper protection feature. It is recommended that if you are using Symantec anti-virus version 10, you should disable or remove any other 3rd party adware/spyware monitoring software.
Q. Does Symantec support XP-64 (or Vista-64, 2003-server-64, 2008-Server-64)?
A. Yes, versions 10.1 and 10.2 provide support for the 64-bit versions of the Windows operating systems. Note: to install the 64-bit version of the anti-virus/spyware protection software for XP and Server 2003 using the 10.1 CD, you cannot use the setup program from the root of the install CD. You will need to drill down to the SAVWin64/x86 directory, and run the ‘setup.exe’ that is in that folder.
Q. The system is doing a scan, and it is slowing my machine down. What can I do?
A. The weekly scan is an integral part of the protection provided by the anti-virus software. You can delay the scan. For more details, go here.
|
last modified 06-12-2009 email helpdesk@fnal.gov |
|
|
|
|
|
|
