How to configure Bitdefender Security for ISA Servers

Bitdefender Security for ISA Servers allows organizations to protect their Microsoft® ISA Servers to block specific types of websites, scan downloaded files and email attachments from web email services. Ensuring compliance to corporate security policies becomes easier and companies will be able to maintain control of sensitive data that would otherwise leak from inside of the organization.

 

After installing the product, you need to configure it in order to scan the traffic - HTTP and/or FTP. In order to do that, first, you need to create groups and then apply traffic rules onto those groups.

In order to create the groups, please open the Bitdefender Security for ISA Servers console and go to the Policies menu, expand it and go to Policy Elements menu, which expanded, will give you the two options: Client Groups and Content Groups.   

Img1

 

 

By selecting the Client Groups menu, you can define custom client groups to be used when creating rules. A group can contain one or more computers.To create a group you must run the Client Group Wizard (from the contextual menu point New and select Client Group). The wizard is a four step procedure that will easily guide you into creating different Client Groups on which you can apply different traffic rules.

 

By selecting the Content Groups menu, you can define custom content groups to be used when creating rules. A content group can contain more content types which can be file extensions (.xyz) or MIME types (class/subclass). The second form (MIME types) is only used for the HTTP traffic, when the header is present.
When analyzing an FTP traffic rule, Bitdefender will compare the file extension to the extensions defined in the content group. As for the HTTP traffic, if the content-type header is present, its value will be searched in the group content type list. If the content type is not found or the header does not exist, Bitdefender will search for the file extension. By default, Bitdefender comes with 5 content groups: Application, Image, Text, Audio and Video. To create a content group you must run the Content Group Wizard (from the contextual menu point New and select Content Group). The wizard is a four step procedure. 

Once the groups are created, you can setup the Rules that will scan the traffic. In order to create them, please select the option Rules under the Policies menu.

Img2


Here you can define specific filtering rules for specific IP address groups across multiple scan types. A system of safe domain white lists configurable by the administrator is also available so that the traffic between the ISA Server and the respective domains is not scanned. By default Bitdefender scans all downloaded files through the HTTP protocol and downloaded & uploaded files through the FTP protocol.

Note:A rule is built for a group of clients.


         1.  Assignment to a group is done based on the IP address of the client having made the request to access the web page or file.
         2.  Rules are analyzed by order of definition, until the IP address is matched to a Client Group.
         3.  The defined action is taken (scan or no scan, depending on the constraints defined in the Address White List and the Content Group). Then, the IP address leaves the content filter.
         4.  If no rule is found for the respective IP, the implicit action will be applied: scanning.

 

It is recommended that one rule be defined for each group as no other newly defined rules will be taken into consideration once a match has been found.

 

In the next step, you will go through the Configuration sections:
         •  Application Filters
         •  Antivirus Engine
         •  Alerts
         •  Antivirus Update
         •  RTVR
         •  General

 

In the Application Filters section, you can enable or disable the Bitdefender filters that scan all HTTP and FTPbased
traffic. 

 

 

Img3

 


HTTP: All HTTP responses to clients are sent by the Firewall service of the Microsoft ISA to the Bitdefender filter,
which decides if they need to be scanned or not. After being scanned, the responses are sent to the clients. The unscanned responses are let through without being intercepted.

 

FTP: The FTP filter is attached by the Firewall to each FTP session opened by the client. The filter monitors the FTP
FTP client-server communication and in case it detects a Bitdefender for MS ISA Servers Enterprise Edition Filter Description data connection for file transfer (upload or download), it intercepts such transfer and scans it or not, according to the defined rules.

 

In the Antivirus Engine section, you can set the actions to be taken on the infected files and the quarantine location as followed. Bitdefender allows for the selection of two actions to be taken in case an infected document is found.

 

 

Img4

 

 

First action

 

Ignore - Ignore infected objects. No action taken.
Disinfect - Disinfect infected objects.
Delete - Delete infected objects.
Move to Quarantine - Isolate infected objects in the quarantine zone.

 

The Second action is a supplementary measure of protection and it is only activated if the first action is Disinfect.

Ignore - Ignore infected objects. No action taken.
Delete - Delete infected objects.
Move to Quarantine - Isolate infected objects in the quarantine zone.

 

The Quarantine option allows for the selection of the quarantine location. The default location of the quarantine zone is: C:\Program Files\Common Files\Softwin\ADD-ONS\quar. If you want to change it, type the complete path in the Quarantine location field (the specified folder must have been previously created).

 

In the Alerts section,you can configure the alarm messages. The alert service of Microsoft Internet Security and Acceleration (ISA) Server notifies you when specified events occur. Bitdefender has designed 5 special types of events that can generate alarm messages:

 

Bitdefender Information: An alert is generated when Bitdefender services start and stop.

Bitdefender Warning: An alert is generated in case a special situation appears: e.g. license expiration (Bitdefender will alert you three days in advance), protection disabled, etc.

Bitdefender Error: An alert is generated upon the occurrence of a malfunction of Bitdefender. Such situations may appear, for example, because of the accidental deletion of some files or of the failure to load the Antivirus engines.

Bitdefender HTTP Virus: An alert is generated in case an infected file is detected in the HTTP traffic.

Bitdefender FTP Virus: An alert is generated in case an infected file is detected in the FTP traffic.

 

In the Antivirus Update section, you can configure the Bitdefender update settings. Nowadays the risk of having your computer infected is higher both because of the appearance of new viruses and spyware and of the spread of existing ones.
Bitdefender for MS ISA Servers Enterprise Edition has a built-in function for the automatic update of virus definitions. Every 3 hours the update function is launched and it connects to the Bitdefender upgrade server. In case an update is found, such update is done transparently, without administrator's intervention, through a file download. 

 

Img5

 

In the RTVR (Real TIme Virus Reporting) section, you can enable the virus reporting feature.
The module is customized for each country and it allows for the sending of alerts on found viruses to the Bitdefender Lab. The reports will contain no confidential data, such as your name, IP address or other, and they will not be used for commercial purposes. The information supplied will only include the name of the country and the virus name and it will solely be used to create statistic reports.

 


























Read More
Posted in Security By Moyea Media

How to Install Admin Panel of Security Curator? Read more...

Read More
Posted in Security By Moyea Media

Advanced SystemCare pro v6 FAQ

Apr 2, 2013 7:59:19 PM

This FAQ offers some common and clasic QA for Advanced SystemCare pro v6. 

Read More
Posted in Security By Moyea Media

Auslogics Antivirus Tutorial

Apr 2, 2013 7:57:16 PM

How can Auslogics Antivirus be installed? What to do when Auslogics Antivirus cannot detect a virus or spyware?

Read More
Posted in Security By Moyea Media

How to Deploy Bitdefender Client Security? This is detail guide for it.


Read More
Posted in Security By Moyea Media

How to use Mobile Spy

Apr 2, 2013 7:50:27 PM

This guide will show you how to use Mobile Spy step by step with Mobile Spy which is monitoring software which allows you to  secretly monitor child or employee cell phone activities in real time.

Read More
Posted in Security By Moyea Media

How to use AceSpy

Apr 2, 2013 7:43:20 PM

Thank you for choosing AceSpy program for monitoring needs. The following post is a user guide for AceSpy for Windows to share a quick reference for users.

Read More
Posted in Security By Moyea Media

Guide about how to Use BitDefender Antivirus Scanner for Unices

Read More
Posted in Security By Moyea Media

How to use SniperSpy

Apr 2, 2013 7:20:12 PM

This page is designed to guide you every step of the way after your software purchase. The minimum system requirements for your local and remote computers are listed below:

 

Minimum System Requirements

Pentium or AMD 433mhz or Better Processor, 64MB RAM

Windows 2000 / XP / Vista / 7 / 8

Internet Connection Requirements

Any Standard Dial-up (56k) or High-Speed Internet Connection

Read More
Posted in Security By Moyea Media

How-to Categories

Best Sellers

Top Rated Reviews

Moyea PPT to Video Converter

Moyea PPT to video converter is the best PowerPoint to video converter in the world. This PowerPoint to video converter can convert PowerPoint to video, PowerPoint to movie, PowerPoint to audios and even mobile devices as you wish.

Pavtube Blu-ray Ripper

With stunning performance, Pavtube Blu ray ripper is the best Blu-ray ripping tool.

Pavtube ByteCopy

Pavtube Bytecopy is the best Blu ray to MKV converter and the best option to rip and convert commercial Blu-ray movies to MKV container format with multiple audio tracks and subtitles included.

Leawo Blu-ray Creator

Leawo Blu-ray Creator is a combination of Blu-ray burner and DVD creator.

Moyea PPT to DVD Burner Pro

Moyea PPT to DVD burner Pro, the best PowerPoint to DVD burner, is powerful enough for converting PowerPoint to DVD, PowerPoint to blu ray, PowerPoint to video...