Configuring virus checking

4	Configuring virus checking

4.1	Configuring Virus Scanning Engines

The virus-checking feature of GFI MailSecurity scans all SMTP traffic, inbound and outbound emails, for viruses using multiple Virus Scanning Engines. When GFI MailSecurity is installed on the Microsoft Exchange server machine, you can also configure GFI MailSecurity to scan the information store for viruses.

NOTE: When GFI MailSecurity is installed on a Microsoft Exchange Server 2007/2010 machine, Information Store Protection is available only when the Mailbox Server Role and Hub Transport Server Role are installed.

GFI MailSecurity ships with both Norman and BitDefender Virus Scanning Engine as standard. However, you can optionally license the AVG, Kaspersky and McAfee Virus Scanning Engines, which are supported as well. All of the aforementioned anti-virus packages are proven and reliable virus detection engines, which have received many awards and certifications, including the industry leading certifications of ICSA.

$C:\Documents and Settings\ozammit\My Documents\MSEC\Manual\images\virus scanning engines.png$

Screenshot 37 - Virus Scanning Engines status page

You can view the operational and license status of each Virus Scanning Engine along with the execution sequence of the installed Virus Scanning Engines by clicking on the GFI MailSecurity ► Virus Scanning Engines node.

The Virus Scanning Engines are listed in the same order of priority used by GFI MailSecurity to scan emails for viruses (Priority 0 being the highest or top priority).

Each Virus Scanning Engine must be configured separately. To configure virus checking, click the required Virus Scanning Engine from the Status page on display in the right window. Alternatively, you can expand the Virus Scanning Engines node and click the required Virus Scanning Engine node (for example, Kaspersky).

NOTE: If you are running GFI MailSecurity on a Microsoft Exchange machine and the Information Store Scanning status is set to Disabled for all Virus Scanning Engines, the Information Store Scanning feature is disabled. The GFI MailSecurity configuration will inform you with a dialog that the Information Store Scanning feature is going to be disabled since you are trying to disable the only Virus Scanning Engine left which is set to scan the Information Store. If you click OK, the particular virus-scanning engine will have the Information Store Scanning feature disabled and so will the overall Information Store Scanning feature. If you click Cancel, the virus-scanning engine will not have the Information Store Scanning feature disabled and the overall Information Store Scanning feature will remain active since there is at least one virus-scanning engine that is still configured to scan the Information Store.

$C:\Documents and Settings\ozammit\My Documents\MSEC\Manual\images\disable information store scanning.png$

Screenshot 38 - Information Store Scanning will be disabled.

If the overall Information Store Scanning feature is disabled, you need to enable it from the Information Store Protection node before you can configure any Virus Scanning Engine to scan the Information Store. If you try to configure a Virus Scanning Engine to scan the Information Store and the feature is disabled from the Information Store Protection node, the GFI MailSecurity configuration will inform you about this with a dialog as shown in the screenshot below.

$C:\Documents and Settings\ozammit\My Documents\MSEC\Manual\images\enable information store scanning before.png$

Screenshot 39 - Enable Information Store protection before configuring a Virus Scanning Engine