Appendix C. Operation in Central Protection Mode

Dr.Web for Kerio WinRoute can operate in the central protection mode in a network managed by Dr.Web Control Center. The central protection helps automate and simplify configuring and managing information security of computers within logical structures (for example, company computers that access each other from both inside and outside of company's local networks). Protected computers are united in one anti-virus network which security is monitored and managed from central server (Dr.Web Control Center) by administrators. Connection to centralized anti-virus systems guarantees high level of protection while requiring minimum efforts from end-users.

Logical Structure of Anti-virus Networks

Solutions for central protection from Doctor Web use client-server model (see Figure 4).

Workstations and servers are protected by local anti-virus components (clients; herein, Dr.Web for Kerio WinRoute) installed on them, which provides for anti-virus protection of remote computers and ensures easy connection to central protection server.

Local computers are updated and configured from central server. The stream of instructions, data and statistics in the anti-virus network goes also through the central protection server. The volume of traffic between protected computers and the central server can be quite sizeable, therefore solutions provide options for traffic compression. To prevent leak of sensitive data or substitution of software downloaded onto protected computers, encryption is also supported.

All necessary updates are downloaded to central protection server from Dr.Web Global Update System servers.

Local anti-virus components are configured and managed from central protection server according to commands from anti-virus network administrators. Administrators manage central protection servers and topology of anti-virus networks (for example, validate connections to central protection server from remote computers) and configure operation of local anti-virus components when necessary.


Picture 4. Logical structure of anti-virus networks.

Operation of Dr.Web for Kerio WinRoute in Central Protection Mode

For operation of Dr.Web for Kerio WinRoute in central protection mode, version 6 of Dr.Web Agent is required to be installed and operate correctly on the same operating system.



The version 6.00.2 of Dr.Web for Kerio WinRoute is not compatible with Dr.Web Agent of version other than 6.


Dr.Web for Kerio WinRoute operating in the central protection mode provides the following possibilities:

Recording the start events of Kerio firewall with the installed plug-in Dr.Web for Kerio WinRoute. Start events are displayed in the Start/Stop table of Dr.Web Control Center. The stop event of Kerio firewall is not recorded.
Sending statistics of Dr.Web for Kerio WinRoute operation. The statistics is displayed in the Statistics and Summary statistics tables of Dr.Web Control Center.
Sending notifications on detected viruses with information on the infections and performed actions. These events are displayed in the Infection table of Dr.Web Control Center.
Virus databases and anti-virus engine updates from Dr.Web Control Center repositories. This action allow disabling the standard updater of Dr.Web for Kerio WinRoute which starts by default according to a schedule. In this case components update starts from Dr.Web Control Center repositories according to its schedule.
Using a license key file for Dr.Web for Kerio WinRoute that is registered at anti-virus network. On the start of Kerio firewall with the installed plug-in Dr.Web for Kerio WinRoute the license key file for the station in anti-virus network will be used. If this key is invalid, the plug-in will use the local key file stored in the program installation folder.