To set the configuration parameters of the Dr.Web Enterprise Server:
1.Select the Administration item in the main menu.
2.Click Dr.Web Enterprise Server Configuration in the control menu.
3.A window for setting the Server configuration will be opened.
|
Values of fields, marked by the * sign, must be obligatory specified. |
General Tab
The Name parameter sets the name of the Server. If it is not specified; the name of the computer where Enterprise Server software is installed is used.
The Threads parameter sets number of Server threads which are serving Agents. Change the default setting on advice of the technical support only.
The DB connections parameter sets number of database connections with the Server. Change the default setting on advice of the technical support only.
The Authorization queue parameter sets the maximum number of workstations which can be added to the Server authorization queue. Any natural number is allowed.
In the Updates bandwidth drop-down list, the maximal network traffic bandwidth for updates from Server to Agents is set:
◆If this parameter is set to Unlimited, updates for Agents will be transferred without limitation of network traffic bandwidth.
◆If this parameter is variant from Unlimited (has a numerical value), updates for Agents will be transferred in ranges of specified bandwidth of summary network traffic for all Agents updates.
In the Newbie drop-down list, the connection policy for new workstations can be set (for more, read p. New Stations Approval Policy). The Reset unauthorized to newbie flag instructs to reset the parameters of connection with Server for unauthorized workstations which have not passed authorization check. This option can be helpful when you change Server settings (such as public key) or change the DB. In such cases workstations will not be able to connect to the Server and will need to get the new parameters to assess to the Server.
The Statistics flag instructs to send statistics on the operation of Enterprise Server for analysis to the Internet server at http://stat.drweb.com/. If necessary, you can set up the connection parameters in the field below. It is not recommended to set the interval of sending less than 1 hour.
To configure statistics via the Dr.Web Control Center, use the Settings tab.
In the Encryption and Compression drop-down lists the policy of traffic encryption and compression between Enterprise Server and Enterprise Agents is selected (for more, read p. Traffic Encryption and Compression).
You can also use the following options:
◆Set the Show host name flag to log host names instead of workstations IP addresses.
◆Set the Replace NetBios name flag to display host names instead of workstation names in the catalog of the anti-virus network (when host names cannot be detected, IP addresses are displayed).
|
Show host name and Replace NetBios name flags are cleared by default. If the DNS service is not set up properly, enabling these boxes may considerably slow down the Server operation. When using any of these options, it is recommended to enable cashing names on the DNS server. |
|
If the Replace NetBios name flag is set and anti-virus network contains the Proxy server, when for all stations connected to the Server via the Proxy server, in the Dr.Web Control Center, the name of computer on which the Proxy server is installed, will be shown instead of stations names. |
◆Synchronize the station description - sets the synchronization of the station description with the description in the Dr.Web Control Center. If the station description in the Dr.Web Control Center is absent, the user description will be set to this field. If descriptions differ, the description in the Dr.Web Control Center will be replaced by the user description.
Statistics Data Tab
On the Statistics data tab you can configure statistics information to write in the log file and to the Server data base.
To add corresponding type of information to the DB, set the following flags:
◆Quarantine - logs stations Quarantine state.
◆List of the station modules in DB - logs the list of the Anti-virus modules at the station.
◆List of installed components in DB - logs the list of Anti-virus components (Scanner, Monitors, etc) that are installed at the station.
◆Information on the start/end of the components in DB - logs the information about starting and stopping events of Anti-virus components (Scanner, Monitors, etc) at stations.
◆Infection in DB - logs the statistic data about infections, detected at the stations.
◆Errors of scanning in DB - logs information about all errors, occurring during scanning at the stations.
◆Statistics of scanning in DB - logs the results of stations scanning.
◆Information about installations in DB - logs the information about Agent installations at the stations.
◆Station jobs execution log - log results of tasks execution on workstations and store the log in the DB.
◆Station status monitoring - log status changes for workstations and store the log in the DB.
◆Virus databases monitoring - log changes in virus databases status and contents on workstations and store the logs in the DB.
To view statistics information:
1.Select the Network option of the main menu.
2.Select a station or a group in the hierarchical list.
3.Open the corresponding section of the control menu (see the table below).
|
Detailed information about statistic data is described in the Viewing the Statistics section. |
The table below describes correspondence between flags in the Statics data tab of the Server settings and items of the control menu on the Network page.
If you clear flags on the Statistics data tab, corresponding items of the control menu become hidden.
Correspondence between flags of Statistics data section and items of the control menu
Server parameters |
Menu options |
|---|---|
Quarantine |
General → Quarantine |
List of the station modules in DB |
Tables → Modules |
List of installed components in DB |
General → Installed components |
Information on the start/end of the components in DB |
Tables → Start/End |
Infection in DB |
Tables → Infections Tables → Viruses |
Errors of scanning in DB |
Tables → Errors |
Statistics of scanning in DB |
Tables → Statistics Tables → Full statistics |
Information about installations in DB |
Tables → All network installations |
Station jobs execution log |
Tables → Jobs Tables → Virus Bases |
Station status monitoring |
Tables → Status Tables → Virus Bases |
Virus databases monitoring |
Tables → Virus Bases |
Statistics Tab
On the Statistics tab you can configure sending of the statistics on virus events to the Doctor Web company.
Set the Statistics flag, to activate the sending process. The following fields will become available:
◆Interval - an interval in minutes for sending the statistics;
◆Server - an IP-address or DNS name and a port of statistics server (by default, stat.drweb.com:80);
◆URL - a path to the catalog on the statistics server (by default, /update/se);
◆ID - an MD5 key of the Server (located in the enterprise.key Server key file);
◆User - a user name for identification of the sent statistics (contact the Dr.Web Technical Support Service for your user name);
◆Password - a password for authentication of the sent statistics (contact the Dr.Web Technical Support Service for your password);
◆Proxy - (if necessary) the address of a proxy server for sending the statistics;
◆Proxy user - (if necessary) the name of a user of the proxy server (is not required for anonymous assess);
◆Proxy password - (if necessary) a password to assess the proxy server (is not required for anonymous assess).
Server and Interval are the only obligatory fields.
Click Save, to accept changes in settings.
Security Tab
On the Security tab, restrictions for network addresses from which Agents, network installers and other (“neighboring”) Enterprise Servers will be able to access the given Server are set.
To manage Server audit log, use the following flags:
◆Audit operations allows to log operations of administrator with the Dr.Web Control Center and writing the log into the DB.
◆Audit server internal operations allows to log Enterprise Server internal operations and writing the log into the DB.
|
To view the audit log, select the Administration option in the main menu, then Audit log item in the control menu. |
The Agents, Installations and Neighbors additional tabs are designed to set the restrictions for the correspondent types of connections.
To set access restrictions for any type of connection:
1.Go to the correspondent tab (Agents, Installations or Neighbors).
2.To allow all connections, clear the Use this ACL flag.
3.To make the list of allowed or denied addresses, set the Use this ACL flag.
4.To allow any TCP address, include it into the TCP:Allow or TCPv6:Allow list.
5.To deny any TCP address, include it into the TCP:Deny or TCPv6:Deny list.
To edit the address list:
1.Specify the address in the corresponding field and click Save.
2.To add a new field, click the 
button in the corresponding section.
3.To delete a field, click 
.
The network address is specified as: <IP-address>/[<prefix>].
|
Lists for TCPv6 addresses will be available, if the IPv6 interface is installed on the computer. |
Examples:
1.Prefix 24 stands for a network with a network mask: 255.255.255.0
Containing 254 addresses.
Host addresses look like: 195.136.12.*
2.Prefix 8 stands for a network with a network mask: 255.0.0.0
Containing up to 16387064 addresses (256*256*256).
Host addresses look like: 125.*.*.*
The addresses not included into any of the lists are allowed or denied depending on whether the Deny priority flag is set. If the flag is set, the addresses not included into any of the lists (or included into both of them) are denied; otherwise, such addresses are allowed.
Restrictions for IPX addresses can be set similarly.
Database Tab
On the Database tab, a DBMS for storage of the centralized log of the Dr.Web ESS anti-virus and for its setting is selected.
For more, read p. Setting the Mode of Operation with Databases.
Alerts Tab
The parameters in the Alerts tab allow to set up the mode of notifying the anti-virus network administrators and other users on virus attacks and other events detected by the program.
For more, read p. Setting Alerts.
Transports Tab
On the Transports tab, the parameters of the transport protocols used by the Server are set up.
For each protocol the name of Enterprise Server can be specified in the Name field; if no name is specified, the name set on the General tab is used (see above, if no name is set on the tab, the computer name is used). If for a protocol a name other than the name on the General tab is specified, the name from the protocol description will be used by the service detecting the Server of Agents, etc.
In the Address field, specify the address of the interface which Server uses for interaction with the Agents on the workstations.
In the Cluster address field, specify the address of the interface which Server uses for interaction with the Agents and Network Installers while searching for an active Enterprise Servers. See the Dr.Web Enterprise Server Detection Service section for more details.
This parameters should be specified in the network addresses format described in Appendix E. The Specification of Network Addresses.
Modules Tab
On the Modules tab, protocols for interaction of the Server with other ESS components can be chosen.
By default, the interaction is enabled for the:
◆Enterprise Agents,
◆NAP Validator component,
◆Agent Network Installers.
The interaction of the Enterprise Server with other Enterprise Servers is disabled. For a multi-server network configuration (read p. Peculiarities of a Network with Several Dr.Web Enterprise Servers), enable this protocol by setting the correspondent flag.
Location Tab
On the Location tab, you can specify additional information about the computer on which Enterprise Server is installed.