Sunteți pe pagina 1din 38

AhnLab, Inc

Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

AhnLab Policy Center 4.0


Configuration Guide

Company Restricted

Working copy if printed


Page 1 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

Table of Content
1.

DOMAIN SETTINGS .............................................................................................................................................. 4


1.1.
Option ................................................................................................................................................................. 5
1.1.1.
Endpoint Protection ........................................................................................................................................ 5
1.1.2.
Log Shipping Policy ....................................................................................................................................... 6
1.2.
Update ................................................................................................................................................................. 6
1.2.1.
Update Server ................................................................................................................................................. 7
1.2.2.
Online Patch.................................................................................................................................................... 9
1.3.
Grouping ........................................................................................................................................................... 10
1.3.1.
Agent Grouping ............................................................................................................................................ 10
1.3.2.
Policy Pending Group ................................................................................................................................... 11
1.3.3.
Duplicate Group Settings .............................................................................................................................. 11

2.

DATABASE CLEANUP/BACKUP ....................................................................................................................... 12

3.

AGENT INSTALLER UPLOAD ........................................................................................................................... 14

4.

DISTRIBUTION ..................................................................................................................................................... 18

5.

SECURITY POLICY MANAGEMENT .............................................................................................................. 21


5.1.
Default Agent Policy ......................................................................................................................................... 21
5.1.1.
General .......................................................................................................................................................... 21
5.1.1.1.
General Settings ........................................................................................................................................ 22
5.1.1.2.
Operation Settings ..................................................................................................................................... 22
5.2.
Default Proactive Defense Policy ..................................................................................................................... 23
5.2.1.
General Settings ............................................................................................................................................ 23
5.3.
Default V3 IS 8.0 Policy ................................................................................................................................... 24
5.3.1.
System Scan .................................................................................................................................................. 24
5.3.1.1.
Scan Setting > Manual Scan ................................................................................................................... 24
5.3.2.
System Tuning .............................................................................................................................................. 25
5.3.2.1.
Remote Agent Control -> System Optimization ....................................................................................... 25
5.3.3.
Miscellaneous ............................................................................................................................................... 26
5.3.3.1.
Preferences -> Event Alert ........................................................................................................................ 26
5.4.
Default V3 Net 7.0 Policy ................................................................................................................................. 28
5.4.1.
Virus Scan ..................................................................................................................................................... 28
5.4.1.1.
Advanced Settings > Advanced Defense ................................................................................................ 28
5.4.2.
Anti-Hacking ................................................................................................................................................ 29
5.4.2.1.
Port Filter > Default Settings .................................................................................................................. 29
5.4.2.2.
IP Address Filter > Default Settings ........................................................................................................ 29
5.4.3.
Others ............................................................................................................................................................ 29
5.4.3.1.
Alert Settings > Tray Icon Settings ......................................................................................................... 29
5.5.
Default Update Policy ....................................................................................................................................... 30
5.5.1.
Update ........................................................................................................................................................... 30
5.5.1.1.
Default Settings......................................................................................................................................... 30
5.5.1.2.
Update Settings ......................................................................................................................................... 31

Company Restricted

Working copy if printed


Page 2 of 38

AhnLab, Inc

6.

Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

APPENDIX.............................................................................................................................................................. 32
6.1.
Distribution ....................................................................................................................................................... 32
6.1.1.
Software Distribution .................................................................................................................................... 32
6.1.2.
File Distribution ............................................................................................................................................ 35
6.2.
Backup the Security Policy ............................................................................................................................... 38

Company Restricted

Working copy if printed


Page 3 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

1. Domain Settings
In this section, this guide describes the details to configure the domain settings for client agent management,
update, virtual grouping of client systems, alert and time server synchronization.

You can configure the domain settings in [Management]>[Domain], then please select the domain in the list and
click the Domain Settings link.
-

Option (Endpoint Protection/Log Shipping Policy/User Information Database/Agent Password/Relay Server)


Update (Update Server/Update Interval/Online Patch)
Grouping (Agent Grouping/Policy Pending Group/Duplicate Group)
Alert (Alert Email Setting/Alert Option/Virus Detection Alert)
Others (Time Server/Update Prevention)

In this guide, we just provide with the default configuration of APC server. Therefore, this document will guide
some options and settings menus (menus written in blue). If you need more detailed configuration and settings,
please contact system engineer in AhnLab or refer to the user guide, APC40_AG_en_US.pdf.

Company Restricted

Working copy if printed


Page 4 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

1.1. Option
Please configure two menus (Endpoint Protection & Log Shipping Policy) in Option menu.
In case of other menus, please leave it as default option.

1.1.1. Endpoint Protection


You can choose security programs which can be managed by APC.
If APC does not control another security programs, please uncheck the checkbox like below.

Noted) Please make sure whether Asset Management/Remote Control is checked or not.

Company Restricted

Working copy if printed


Page 5 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

1.1.2. Log Shipping Policy

Please select the log shipping targets as captured above.

1.2. Update
Please configure setting for [Update Server].

Company Restricted

Working copy if printed


Page 6 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

1.2.1. Update Server


In case of settings of Update Server, the default value is as below.

This configuration will affect to the update of APC server. APC server will get the latest engine/patch file from
AhnLab global update server. After configuring update server settings, please click [OK] button to check the
connection to update server.
If you see the message like below, please check your internet connection or internal network settings.

ping auth.ahnlab.com or telnet auth.ahnlab.com 80


ping updateglobal.ahnlab.com or telnet updateglobal.ahnlab.com 80
Check whether you have your internal domain server.
Check whether you have your internal proxy server.

All updates of AhnLab product will be done through HTTP service (80 port), therefore please make sure to
open HTTP service from APC server to AhnLab update server.
If you need to input User-Defined URL, please input the URL below.
http://updateglobal.ahnlab.com/onetouch
Company Restricted

Working copy if printed


Page 7 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

However, if you have the proxy server in your network, configure the proxy server settings like below.

If you want to get the latest engine/patch from global update server, move to [Monitor Center]>[Summary] and
Click the link of number of [Total], then click [Update Engine Now] link.

Company Restricted

Working copy if printed


Page 8 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

1.2.2. Online Patch


Please do not check the checkbox for [Download Online Patch].

Company Restricted

Working copy if printed


Page 9 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

1.3. Grouping
Please configure setting for [Grouping].

1.3.1. Agent Grouping


Agent Grouping enables to arrange the client systems to different types of groups based on the user-defined
configuration

We recommend you to use [Use Auto-Grouping] by Class C IP address as above.


Noted) However, if administrator wants to use their own grouping method which is not based on IP address,
please make sure to uncheck the checkbox of [Use Auto-Grouping]. If you do not uncheck this option, it will be
grouped by IP address automatically.
Refer to APC40_AG_en_US.pdf on page 58 for kinds and details of automatic grouping method
Company Restricted

Working copy if printed


Page 10 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

1.3.2. Policy Pending Group


Please change the period as 14 days. (Default value is 7 days.)
It means that if the client system is disconnected during 14 days, it will be moved to [Policy Pending Group] in
[Virtual Group].

1.3.3. Duplicate Group Settings


Please check whether the option was selected like below.
The duplicated client system by IP address will be moved to [Duplicate Group] in [Virtual Group].

Company Restricted

Working copy if printed


Page 11 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

2. Database Cleanup/Backup
To keep the determined database size, you need to regularly clean and back up the database. In this section, you
can learn how to manage the schedules for database cleanup and backup.

When you click [Database Cleanup/Backup] link, you can see the setting windows below.
Then, please click [Add] button.

Company Restricted

Working copy if printed


Page 12 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

Please configure [Database Cleanup] option like below.

Noted) If you have logs that you want to keep, please uncheck the checkbox. And also, it depends on the database
size and the policy for managing database in the customer site. According to the policy, you can change the option
of [Interval] & [Task Target] as well.
You can see the task is created as below.

If you want to modify or delete the specific task, please select a task in the list and click [Modify] or [Delete]
button.

Company Restricted

Working copy if printed


Page 13 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

3. Agent Installer Upload


To control client systems and inherit central security policies and commands, the agent must be installed on each
client system. To distribute and run the agent installer, you should create it and notify the users of client systems to
run it. In this section, it describes how to create the agent installer and configuring settings related to agent
installation and remote agent control.

When you create the agent installer, you must carefully consider the following things:

The name of each created agent installer must be unique.


Configure the remote control settings depending on company administrative policies.
Consider the network environment of your company.

Company Restricted

Working copy if printed


Page 14 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

When you click [Agent Installer Upload] link, you can see the setting windows below.
Then, please click [Add] button.

Then, you can see the windows below.

Company Restricted

Working copy if printed


Page 15 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

Please make sure to disable [Proactive Defense] option. When you disable [Proactive Defense] option, you can
see the alert message below. Please click [Yes].

After that, please click [Advanced] option.

Please check the checkbox of [Run file before installing agent] and register RmAgent2.exe (Removal Tool for
APC Agent).
Location: C:\Program Files\APC2\Policy Server\pkgroot\apc\AgentInstall\AgentPatchBase\First\RmAgent2.exe
Parameters: -FULLSILENT
When you input the parameter, please make sure to use all capital letters with -.
The reason why you input the parameter enforces to run the removal tool of APC agent in order to uninstall the
previous version of APC agent.

Company Restricted

Working copy if printed


Page 16 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

When you finish the registration of APC agent installer, you can see the installation file as below.

The installer is located in the system folder below.


\\Program Files\AhnLab\APC2\Policy Server\pkgroot\apc\AgentInstall\AgentSetup.exe
When you distribute APC agent installer to client system, please use the URL below.
http://APC_Server_IP:8080 (Web server port was determined when you install APC server.)

If you wonder details about distributing the agent installer, please refer to APC40_AG_en_US.pdf on page 82.
Company Restricted

Working copy if printed


Page 17 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

4. Distribution
You can distribute the software, file or security program onto the client system. If you distribute the software or
security program, you can run it after distribution.

You can configure the setting of [Distribution] in [Management]>[Domain], then please select the domain in the
list and click the Distribution link.
And then, the pop-up windows will occur. Please click [Add] button and try to register the security product, like
V3 Internet Security, V3Net for Windows Server and Smart Update Utility.
Noted) Before you register security products, please contact AhnLab engineer to get the latest version of AhnLab
products or check the notice board of Global Support System (GSS).

Company Restricted

Working copy if printed


Page 18 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

First, please add [Smart Update Utility].


In case of Smart Update Utility, you dont need to input Serial No. like below.

When you select Installation File, please select MpSetup.ini file of each master file.
In case of V3 products, you have to input Serial No. like below.

When you select Installation File, please select MpSetup.ini file of each master file.
Noted) You can register other security products (including V3Net for Windows Server) as above.

Company Restricted

Working copy if printed


Page 19 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

When you finish registering the security product, you can see the list as below.

Please refer to APC40_AG_en_US.pdf on page 91 for more information about file distribution.

Company Restricted

Working copy if printed


Page 20 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

5. Security Policy Management


You can configure the security policy for each client system. In this section, we just deal with options that need
to be changed. And also, this configuration is not a mandatory. It is the recommended configuration. Administrator
can configure the policy depend on their own security policy.

5.1. Default Agent Policy


To configure the agent policy, please move to [Default agent policy] like below.

5.1.1. General
You can configure the general and operation settings to manage the client system. The general settings enable
you to configure the security programs to manage and policy download and system information upload
interval settings. In operation settings, you can configure the settings for agent operation.

Company Restricted

Working copy if printed


Page 21 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

5.1.1.1. General Settings


Please change the option of Management Target.

5.1.1.2. Operation Settings

Company Restricted

Working copy if printed


Page 22 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

5.2. Default Proactive Defense Policy


To configure the proactive defense policy, please move to [Default Proactive Defense Policy] like below.

5.2.1. General Settings


Sometime, user can enable [Proactive Defense] option when creating the agent installer. Then this option is
turned on. Please disable [Proactive Defense] as above.

Company Restricted

Working copy if printed


Page 23 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

5.3. Default V3 IS 8.0 Policy


To configure V3IS8.0 policy, please move to [Default V3 IS 8.0 policy] like below.

5.3.1. System Scan


5.3.1.1. Scan Setting > Manual Scan
1) Check the option of [Terminate a thread of an infected process]
2) Change the option of [If an infected file is running] to [Repair after forced termination]
3) Uncheck the option of [Change home page]
4) Check the option [Scan after disabling shared files and folders]

Company Restricted

Working copy if printed


Page 24 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

Please see the screenshot below.

5.3.2. System Tuning


5.3.2.1. Remote Agent Control -> System Optimization
1) Check the option of [System Cleanup] > [Install/Remove] & [Registry]
2) Uncheck the option of [Temporary Internet Files Cleanup] > [Internet Explorer History List] &
[AutoComplete Password History]
Company Restricted

Working copy if printed


Page 25 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

3) Check the option of [Recently Used Files Cleanup] > [RealPlayer] & [WordPad] & [Paint] & [Windows
Media Player]
Please see the screenshot below.

5.3.3. Miscellaneous
5.3.3.1. Preferences -> Event Alert
1) Uncheck the option of [Prevent an alert in presentation mode]
2) Uncheck the option of [Display an alert when a security event occurs]

Company Restricted

Working copy if printed


Page 26 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

Please see the screenshot below.

Company Restricted

Working copy if printed


Page 27 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

5.4. Default V3 Net 7.0 Policy


To configure V3Net 7.0 policy, please move to [Default V3 Net 7.0 policy] like below.

5.4.1. Virus Scan


5.4.1.1. Advanced Settings > Advanced Defense
Uncheck the option of [Track an IP address that tries to access shared folders].

Company Restricted

Working copy if printed


Page 28 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

5.4.2. Anti-Hacking
5.4.2.1. Port Filter > Default Settings
Uncheck the option of [Enable Port Filter].

5.4.2.2. IP Address Filter > Default Settings


Uncheck the option of [Apply Allowed/Blocked IP Addresses].

5.4.3. Others
5.4.3.1. Alert Settings > Tray Icon Settings
Uncheck the option of [Show alert events].

Company Restricted

Working copy if printed


Page 29 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

5.5. Default Update Policy


To configure Update settings, please move to [Default update policy] like below.

5.5.1. Update
5.5.1.1. Default Settings
Uncheck the option of [V3 IS 7.0] & [V3 Net 6.0].

Company Restricted

Working copy if printed


Page 30 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

5.5.1.2. Update Settings


If you have your own proxy server, please check the option of [Use proxy server] and input the information
of proxy server as below.

If you do not have your own proxy server, you dont need to check the option of [Use proxy server].

Company Restricted

Working copy if printed


Page 31 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

6. Appendix
6.1. Distribution
You can distribute not only the security program (V3 Products) but also the software and file onto the client
system.

6.1.1. Software Distribution


Please select the domain in the list and click the Distribution link.
And then, the pop-up windows will occur. Please click [Add] button and try to register the executable
software. First, you have to prepare for the software that you want to distribute to client systems.
1) Create a folder and place the software as below.
Noted) Please make sure to create new folder and place just one file that you want to distribute like as
below.

2) Input the information and click [OK].

Company Restricted

Working copy if printed


Page 32 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

3) Then, the software will be packed (compressed) and see the created package in the list as below.

4) When you check the folder which the software is located in, you can see the package, RunCmd.exe and
ini file are created as below.

Company Restricted

Working copy if printed


Page 33 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

5) To distribute the software, select the package and click [Distribute] button.

6) When the distribution is successful, you can see the result as below.

7) Then, you can see the software is running in client system as below.

Company Restricted

Working copy if printed


Page 34 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

6.1.2. File Distribution


1) Create a folder and place the file as below.
Noted) Please make sure to create new folder and place just one file that you want to distribute like as
below.

2) Input the information and click [OK].

You have to assign the specific folder that you want to distribute the file in client system.
The default path (which APC provided) is like left.
(You can see the list using the select box for [Folder:].)
If you want to use the specific folder, you can input the absolute path as above.
Noted) The specific folder must exist in client system.

Company Restricted

Working copy if printed


Page 35 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

3) Then, the file will be packed (compressed) and see the created package in the list as below.

4) When you check the folder which the file is located in, you can see the package, DistFile.exe and ini
file are created as below.

Company Restricted

Working copy if printed


Page 36 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

5) To distribute the file, select the package and click [Distribute] button.

6) When the distribution is successful, you can see the result as below.

7) Then, you can see the file has been distributed in client system as below.

Company Restricted

Working copy if printed


Page 37 of 38

AhnLab, Inc
Category

Version

Issue Date

Confidential

1.0

2010-12-07

Global
Business
Team

6.2. Backup the Security Policy


You can back up the security policy using the simple method. First, please move to [Management]>[Policy].

1) To import the security policy settings, select the security policy and click
When <Import> appears, select the file to import and click [Open].
2) To export the security policy settings, select the security policy and click
When <Export> appears, enter the file name and click [Save].
Please refer to APC40_AG_en_US.pdf on page 108 for more information.
Company Restricted

.
.

Working copy if printed


Page 38 of 38

S-ar putea să vă placă și