Best practices for configuring Symantec AntiVirus Corporate Edition 9.x
Question/Issue:
This document provides best practice recommendations for Symantec AntiVirus Corporate Edition 9.x (Symantec AntiVirus) when running in a networked environment.
Solution:
This document covers installation, setup, and ongoing maintenance best practices.
Installation and setup
There are a number of decisions that you must make at the time that you set up Symantec AntiVirus on your network. The following recommendations can help streamline the setup process and ensure that it can be maintained over time.
Omit unnecessary components
Symantec AntiVirus contains a number of components designed for network scalability, but in most cases these tools are not required. If you do not need a particular component, there is no reason to install it.
- The LiveUpdate Administration Utility is completely optional. For most corporate customers, it is unnecessary. The default method of definitions distribution, the Virus Definition Transport Method, is robust and easy to use. You should only use the LiveUpdate Administration Utility if specific circumstances require it.
- Central Quarantine is also optional and is not needed in smaller environments. If you choose to install and use Central Quarantine, the computer must have 64 MB of RAM available just for Central Quarantine. It should not be run on a computer that has only 64 MB of RAM and should probably not be run on a computer that is running other server applications, such as Exchange, SQL, or Domino.
Step-by-step instructions for installing the minimum components can be found in the document
Symantec AntiVirus Corporate Edition 9.x installation walk-through for small businesses.
Configure virus definition updates geographically
Because Symantec AntiVirus clients check in using User Datagram Protocol (UDP) packets, which can have problems passing through some types of network connections, Symantec recommends that you have a Symantec AntiVirus server at each physical location. Note that a Symantec AntiVirus server does not need to be a network server; it can be a Windows NT, 2000, or XP Professional workstation.
If you have a proxy server in your environment, you may need to give LiveUpdate explicit proxy settings.
To do so, read the document
How to configure LiveUpdate to connect through a proxy server.
If you are using a firewall, you may need to configure it to allow LiveUpdate to access the Internet.
For information, read the document
Settings needed to configure your firewall for LiveUpdate.
Ensure that Symantec AntiVirus does not interfere with other Symantec antivirus products
- If you have Symantec AntiVirus Corporate Edition and a Symantec product for Microsoft Exchange both installed on an Exchange server, you must set certain exclusions within Symantec AntiVirus Corporate Edition. Exclude both the temporary directory for the Symantec product for Microsoft Exchange and the Exchange Database directories.
For complete information, read the document Preventing Symantec AntiVirus Corporate Edition 9.x from scanning the Microsoft Exchange directory structure.
- If you have Symantec AntiVirus Corporate Edition and a Symantec product for Domino both installed on a Domino server, then you must configure the Symantec product for Domino to use a custom Temp directory, then exclude that directory in the Symantec AntiVirus Auto-Protect options.
For additional information, read the document Preventing Norton or Symantec AntiVirus Corporate Edition from scanning the temporary folder for Symantec products for Domino on a Notes Server.
- If you have Symantec AntiVirus Corporate Edition and Symantec AntiVirus for SMTP Gateways or Symantec Mail Security 4.0 for SMTP both installed on a server, then you must exclude the Queues directory in the Symantec AntiVirus Auto-Protect options.
For additional information, read the document Preventing Symantec AntiVirus for SMTP Gateways 3.x or Symantec Mail Security 4.0 for SMTP from being scanned by Norton or Symantec AntiVirus Corporate Edition.
- If, on the same computer, you have installed multiple Symantec programs that use the virus definitions, such as Symantec AntiVirus along with a Symantec product for Exchange or Domino, it is good practice to use only Symantec AntiVirus Corporate Edition to update the definitions. If you allow multiple programs to run LiveUpdate and attempt to update the definitions, the definitions may become corrupted.
For details, read the document Configuring LiveUpdate for multiple Symantec products installed on the same computer.
WARNING: If you install Symantec AntiVirus Corporate Edition 9.x client on an Exchange server, a Domino server, or any SMTP server, be sure not to install the Internet E-Mail Tools components. This feature monitors the standard mail ports and can cause performance degradation or failure if installed on mail servers.
For additional detail regarding this process, read the document
Installing Symantec AntiVirus 9.0 clients without E-Mail Auto-Protect plug-ins.
Ongoing maintenance
Symantec AntiVirus is designed to be a largely automated solution, but like all systems, it does require regular maintenance to ensure that it is working correctly. The following suggestions help to ensure that your network is protected constantly and to discover any problems before they cause critical failures.
Scan for viruses regularly
Symantec recommends that you perform regularly scheduled virus scans on all computers in your network. This full scan should occur at a time that minimizes the performance impact on your users, such as overnight or during weekends. Note that any exclusions that you have configured for Auto-Protect should be included as part of the configuration for any scheduled scans.
Disable network drive scanning
Symantec recommends that, after deploying Symantec AntiVirus to your network, you modify the Client Auto-Protect options in the Symantec System Center by turning off the scanning of network drives. Scanning network drives can sometimes cause issues with database software, unnecessary network traffic, and issues with network-accessed applications. Symantec recommends that you allow Auto-Protect on your server to protect its own files.
For more information, read the document
Network performance slows significantly after installing Symantec AntiVirus Corporate Edition.
Schedule regular maintenance
Symantec recommends that you perform a number of maintenance tasks to ensure that Symantec AntiVirus is configured and working correctly. The frequency of maintenance depends on the size and complexity of the network. On a small network, quarterly maintenance may suffice, while very large networks may need biweekly attention. Your maintenance schedule should include the following activities:
Note: During a global virus outbreak, telephone hold times for Technical Support may be greatly extended. Without routine maintenance, a virus outbreak is the most likely way that issues with Symantec AntiVirus will be discovered. Symantec strongly recommends performing the maintenance regularly in order to maintain network security at all times and to prevent difficulty in getting help with any potential issues.
Document ID: 2004123012152148
Last Modified: 01/18/2005
Date Created: 12/30/2004
Product(s): Symantec AntiVirus Corporate Edition 9.0
Release(s): SAV 9.0 [All Releases]
Cart
PRINT THIS PAGE