Operation in Centralized Protection Mode

Dr.Web can operate in the centralized protection mode in a network managed by Dr.Web Control Center. Centralized protection helps automate and simplify configuring and managing information security of computers within logical structures (for example, company computers that access each other from both inside and outside of company local networks). Protected computers are united in one anti-virus network which security is monitored and managed from the centralized protection server (Dr.Web Control Center) by administrators. Connection to centralized anti-virus systems guarantees high level of protection while requiring minimum efforts from end-users.

Logical Structure of Anti-virus Networks

Doctor Web solutions for central anti-virus protection use a client-server model.

Workstations or servers are protected from security breaches and spam by local anti-virus components (clients) that ensure anti-virus protection and facilitate the connection to the centralized protection server.

The stream of instructions, data, and statistics in the anti-virus network also goes via the centralized protection server. All the traffic between protected computers and the central server can be quite sizeable, therefore solutions provide options for traffic compression. To prevent leak of sensitive data or substitution of software downloaded onto protected computers, encryption is also supported.

All necessary updates are downloaded to centralized protection server from the servers of Dr.Web Global Update System.

Local anti-virus components are configured and managed from the centralized protection server according to commands from anti-virus network administrators. Administrators manage centralized protection servers and create anti-virus networks (for example, validate connections to the centralized protection server from remote computers) and configure operation of local anti-virus components when necessary.

Dr.Web in the centralized protection mode

Dr.Web Agent needs to be installed and operate correctly, so that the anti-virus plug-in could operate in the centralized protection mode.

In the centralized protection mode, Dr.Web has the following options:

•recording the startup/termination events of IBM Lotus Domino with the installed Dr.Web plug-in. The startup/termination events are displayed in the Start/End table of Dr.Web Control Center;

•sending the plug-in statistics. The statistics is displayed in the Statistics and Summary statistics tables of Dr.Web Control Center;

•sending notifications on detected viruses with information on the infection and applied action. These events are displayed in the Infection table of Dr.Web Control Center;

•sending URL to the web console of the Dr.Web administrator to Dr.Web Control Center. This allows displaying the URL via the console for managing the anti-virus plug-in on the specific IBM Lotus Domino server. A URL can be set by the system administrator or automatically generated based on the settings of the server document in the address book of the Lotus Domino server.

•updating Dr.Web virus databases, scan engine, and Anti-spam databases from Dr.Web Control Center repositories. This action allows you to disable the standard Dr.Web Updater, which by default performs scheduled updates. In this case, the components will be scheduled to update by Dr.Web Control Center and via its repository;

•using the Dr.Web license key file registered for this station at the Dr.Web Control Center network. To activate this function, select Use Dr.Web Control Center key file option in step 5 during installation.

To set the URL value

1.Set the DrWebAdminURL parameter in the notes.ini server file. For example,

2.Reboot the Lotus Domino server.

To set the parameter value without rebooting the Lotus Domino server

•In the server console, execute the following command:

Transfer of the value to the Dr.Web Control Center will be executed within a minute.