apc4.0 configuration guide eng v1

AhnLab, Inc Global

Business

Team Category Version Issue Date

Confidential 1.0 2010-12-07

Company Restricted Working copy if printed

Page 1 of 38

AhnLab Policy Center 4.0

Configuration Guide

AhnLab, Inc Global

Business




Page 2 of 38

Table of Content

1. DOMAIN SETTINGS .............................................................................................................................................. 4

1.1. Option ................................................................................................................................................................. 5

1.1.1. Endpoint Protection ........................................................................................................................................ 5

1.1.2. Log Shipping Policy ....................................................................................................................................... 6

1.2. Update ................................................................................................................................................................. 6

1.2.1. Update Server ................................................................................................................................................. 7

1.2.2. Online Patch .................................................................................................................................................... 9

1.3. Grouping ........................................................................................................................................................... 10

1.3.1. Agent Grouping ............................................................................................................................................ 10

1.3.2. Policy Pending Group ................................................................................................................................... 11

1.3.3. Duplicate Group Settings .............................................................................................................................. 11

2. DATABASE CLEANUP/BACKUP ....................................................................................................................... 12

3. AGENT INSTALLER UPLOAD ........................................................................................................................... 14

4. DISTRIBUTION ..................................................................................................................................................... 18

5. SECURITY POLICY MANAGEMENT .............................................................................................................. 21

5.1. Default Agent Policy ......................................................................................................................................... 21

5.1.1. General .......................................................................................................................................................... 21

5.1.1.1. General Settings ........................................................................................................................................ 22

5.1.1.2. Operation Settings ..................................................................................................................................... 22

5.2. Default Proactive Defense Policy ..................................................................................................................... 23

5.2.1. General Settings ............................................................................................................................................ 23

5.3. Default V3 IS 8.0 Policy ................................................................................................................................... 24

5.3.1. System Scan .................................................................................................................................................. 24

5.3.1.1. Scan Setting > Manual Scan ................................................................................................................... 24

5.3.2. System Tuning .............................................................................................................................................. 25

5.3.2.1. Remote Agent Control -> System Optimization ....................................................................................... 25

5.3.3. Miscellaneous ............................................................................................................................................... 26

5.3.3.1. Preferences -> Event Alert ........................................................................................................................ 26

5.4. Default V3 Net 7.0 Policy ................................................................................................................................. 28

5.4.1. Virus Scan ..................................................................................................................................................... 28

5.4.1.1. Advanced Settings > Advanced Defense ................................................................................................ 28

5.4.2. Anti-Hacking ................................................................................................................................................ 29

5.4.2.1. Port Filter > Default Settings .................................................................................................................. 29

5.4.2.2. IP Address Filter > Default Settings ........................................................................................................ 29

5.4.3. Others ............................................................................................................................................................ 29

5.4.3.1. Alert Settings > Tray Icon Settings ......................................................................................................... 29

5.5. Default Update Policy ....................................................................................................................................... 30

5.5.1. Update ........................................................................................................................................................... 30

5.5.1.1. Default Settings ......................................................................................................................................... 30

5.5.1.2. Update Settings ......................................................................................................................................... 31

AhnLab, Inc Global

Business




Page 3 of 38

6. APPENDIX .............................................................................................................................................................. 32

6.1. Distribution ....................................................................................................................................................... 32

6.1.1. Software Distribution .................................................................................................................................... 32

6.1.2. File Distribution ............................................................................................................................................ 35

6.2. Backup the Security Policy ............................................................................................................................... 38

AhnLab, Inc Global

Business




Page 4 of 38

1. Domain Settings

In this section, this guide describes the details to configure the domain settings for client agent management,

update, virtual grouping of client systems, alert and time server synchronization.

You can configure the domain settings in [Management]>[Domain], then please select the domain in the list and

click the Domain Settings link.

- Option (Endpoint Protection/Log Shipping Policy/User Information Database/Agent Password/Relay Server)

- Update (Update Server/Update Interval/Online Patch)

- Grouping (Agent Grouping/Policy Pending Group/Duplicate Group)

- Alert (Alert Email Setting/Alert Option/Virus Detection Alert)

- Others (Time Server/Update Prevention)

In this guide, we just provide with the default configuration of APC server. Therefore, this document will guide

some options and settings menus (menus written in blue). If you need more detailed configuration and settings,

please contact system engineer in AhnLab or refer to the user guide, APC40_AG_en_US.pdf.

AhnLab, Inc Global

Business




Page 5 of 38

1.1. Option

Please configure two menus (Endpoint Protection & Log Shipping Policy) in Option menu.

In case of other menus, please leave it as default option.

1.1.1. Endpoint Protection

You can choose security programs which can be managed by APC.

If APC does not control another security programs, please uncheck the checkbox like below.

Noted) Please make sure whether Asset Management/Remote Control is checked or not.

AhnLab, Inc Global

Business




Page 6 of 38

1.1.2. Log Shipping Policy

Please select the log shipping targets as captured above.

1.2. Update

Please configure setting for [Update Server].

AhnLab, Inc Global

Business




Page 7 of 38

1.2.1. Update Server

In case of settings of Update Server, the default value is as below.

This configuration will affect to the update of APC server. APC server will get the latest engine/patch file from

AhnLab global update server. After configuring update server settings, please click [OK] button to check the

connection to update server.

If you see the message like below, please check your internet connection or internal network settings.

ping auth.ahnlab.com or telnet auth.ahnlab.com 80

ping updateglobal.ahnlab.com or telnet updateglobal.ahnlab.com 80

Check whether you have your internal domain server.

Check whether you have your internal proxy server.

All updates of AhnLab product will be done through HTTP service (80 port), therefore please make sure to

open HTTP service from APC server to AhnLab update server.

If you need to input User-Defined URL, please input the URL below.

http://updateglobal.ahnlab.com/onetouch

AhnLab, Inc Global

Business




Page 8 of 38

However, if you have the proxy server in your network, configure the proxy server settings like below.

If you want to get the latest engine/patch from global update server, move to [Monitor Center]>[Summary] and

Click the link of number of [Total], then click [Update Engine Now] link.

AhnLab, Inc Global

Business




Page 9 of 38

1.2.2. Online Patch

Please do not check the checkbox for [Download Online Patch].

AhnLab, Inc Global

Business




Page 10 of 38

1.3. Grouping

Please configure setting for [Grouping].

1.3.1. Agent Grouping

Agent Grouping enables to arrange the client systems to different types of groups based on the user-defined

configuration

We recommend you to use [Use Auto-Grouping] by Class C IP address as above.

Noted) However, if administrator wants to use their own grouping method which is not based on IP address,

please make sure to uncheck the checkbox of [Use Auto-Grouping]. If you do not uncheck this option, it will be

grouped by IP address automatically.

Refer to APC40_AG_en_US.pdf on page 58 for kinds and details of automatic grouping method

AhnLab, Inc Global

Business




Page 11 of 38

1.3.2. Policy Pending Group

Please change the period as 14 days. (Default value is 7 days.)

It means that if the client system is disconnected during 14 days, it will be moved to [Policy Pending Group] in

[Virtual Group].

1.3.3. Duplicate Group Settings

Please check whether the option was selected like below.

The duplicated client system by IP address will be moved to [Duplicate Group] in [Virtual Group].

AhnLab, Inc Global

Business




Page 12 of 38

2. Database Cleanup/Backup

To keep the determined database size, you need to regularly clean and back up the database. In this section, you

can learn how to manage the schedules for database cleanup and backup.

When you click [Database Cleanup/Backup] link, you can see the setting windows below.

Then, please click [Add] button.

AhnLab, Inc Global

Business




Page 13 of 38

Please configure [Database Cleanup] option like below.

Noted) If you have logs that you want to keep, please uncheck the checkbox. And also, it depends on the database

size and the policy for managing database in the customer site. According to the policy, you can change the option

of [Interval] & [Task Target] as well.

You can see the task is created as below.

If you want to modify or delete the specific task, please select a task in the list and click [Modify] or [Delete]

button.

AhnLab, Inc Global

Business




Page 14 of 38

3. Agent Installer Upload

To control client systems and inherit central security policies and commands, the agent must be installed on each

client system. To distribute and run the agent installer, you should create it and notify the users of client systems to

run it. In this section, it describes how to create the agent installer and configuring settings related to agent

installation and remote agent control.

When you create the agent installer, you must carefully consider the following things:

The name of each created agent installer must be unique.

Configure the remote control settings depending on company administrative policies.

Consider the network environment of your company.

AhnLab, Inc Global

Business




Page 15 of 38

When you click [Agent Installer Upload] link, you can see the setting windows below.

Then, please click [Add] button.

Then, you can see the windows below.

AhnLab, Inc Global

Business




Page 16 of 38

Please make sure to disable [Proactive Defense] option. When you disable [Proactive Defense] option, you can

see the alert message below. Please click [Yes].

After that, please click [Advanced] option.

Please check the checkbox of [Run file before installing agent] and register RmAgent2.exe (Removal Tool for

APC Agent).

Location: C:\Program Files\APC2\Policy Server\pkgroot\apc\AgentInstall\AgentPatchBase\First\RmAgent2.exe

Parameters: -FULLSILENT

When you input the parameter, please make sure to use all capital letters with -.

The reason why you input the parameter enforces to run the removal tool of APC agent in order to uninstall the

previous version of APC agent.

AhnLab, Inc Global

Business




Page 17 of 38

When you finish the registration of APC agent installer, you can see the installation file as below.

The installer is located in the system folder below.

\\Program Files\AhnLab\APC2\Policy Server\pkgroot\apc\AgentInstall\AgentSetup.exe

When you distribute APC agent installer to client system, please use the URL below.

http://APC_Server_IP:8080 (Web server port was determined when you install APC server.)

If you wonder details about distributing the agent installer, please refer to APC40_AG_en_US.pdf on page 82.

AhnLab, Inc Global

Business




Page 18 of 38

4. Distribution

You can distribute the software, file or security program onto the client system. If you distribute the software or

security program, you can run it after distribution.

You can configure the setting of [Distribution] in [Management]>[Domain], then please select the domain in the

list and click the Distribution link.

And then, the pop-up windows will occur. Please click [Add] button and try to register the security product, like

V3 Internet Security, V3Net for Windows Server and Smart Update Utility.

Noted) Before you register security products, please contact AhnLab engineer to get the latest version of AhnLab

products or check the notice board of Global Support System (GSS).

AhnLab, Inc Global

Business




Page 19 of 38

First, please add [Smart Update Utility].

In case of Smart Update Utility, you dont need to input Serial No. like below.

When you select Installation File, please select MpSetup.ini file of each master file.

In case of V3 products, you have to input Serial No. like below.

When you select Installation File, please select MpSetup.ini file of each master file.

Noted) You can register other security products (including V3Net for Windows Server) as above.

AhnLab, Inc Global

Business




Page 20 of 38

When you finish registering the security product, you can see the list as below.

Please refer to APC40_AG_en_US.pdf on page 91 for more information about file distribution.

AhnLab, Inc Global

Business




Page 21 of 38

5. Security Policy Management

You can configure the security policy for each client system. In this section, we just deal with options that need

to be changed. And also, this configuration is not a mandatory. It is the recommended configuration. Administrator

can configure the policy depend on their own security policy.

5.1. Default Agent Policy

To configure the agent policy, please move to [Default agent policy] like below.

5.1.1. General

You can configure the general and operation settings to manage the client system. The general settings enable

you to configure the security programs to manage and policy download and system information upload

interval settings. In operation settings, you can configure the settings for agent operation.

AhnLab, Inc Global

Business




Page 22 of 38

5.1.1.1. General Settings

Please change the option of Management Target.

5.1.1.2. Operation Settings

AhnLab, Inc Global

Business




Page 23 of 38

5.2. Default Proactive Defense Policy

To configure the proactive defense policy, please move to [Default Proactive Defense Policy] like below.

5.2.1. General Settings

Sometime, user can enable [Proactive Defense] option when creating the agent installer. Then this option is

turned on. Please disable [Proactive Defense] as above.

AhnLab, Inc Global

Business




Page 24 of 38

5.3. Default V3 IS 8.0 Policy

To configure V3IS8.0 policy, please move to [Default V3 IS 8.0 policy] like below.

5.3.1. System Scan

5.3.1.1. Scan Setting > Manual Scan

1) Check the option of [Terminate a thread of an infected process]

2) Change the option of [If an infected file is running] to [Repair after forced termination]

3) Uncheck the option of [Change home page]

4) Check the option [Scan after disabling shared files and folders]

AhnLab, Inc Global

Business




Page 25 of 38

Please see the screenshot below.

5.3.2. System Tuning

5.3.2.1. Remote Agent Control -> System Optimization

1) Check the option of [System Cleanup] > [Install/Remove] & [Registry]

2) Uncheck the option of [Temporary Internet Files Cleanup] > [Internet Explorer History List] &

[AutoComplete Password History]

AhnLab, Inc Global

Business




Page 26 of 38

3) Check the option of [Recently Used Files Cleanup] > [RealPlayer] & [WordPad] & [Paint] & [Windows

Media Player]


5.3.3. Miscellaneous

5.3.3.1. Preferences -> Event Alert

1) Uncheck the option of [Prevent an alert in presentation mode]

2) Uncheck the option of [Display an alert when a security event occurs]

AhnLab, Inc Global

Business




Page 27 of 38


AhnLab, Inc Global

Business




Page 28 of 38

5.4. Default V3 Net 7.0 Policy

To configure V3Net 7.0 policy, please move to [Default V3 Net 7.0 policy] like below.

5.4.1. Virus Scan

5.4.1.1. Advanced Settings > Advanced Defense

Uncheck the option of [Track an IP address that tries to access shared folders].

AhnLab, Inc Global

Business




Page 29 of 38

5.4.2. Anti-Hacking

5.4.2.1. Port Filter > Default Settings

Uncheck the option of [Enable Port Filter].

5.4.2.2. IP Address Filter > Default Settings

Uncheck the option of [Apply Allowed/Blocked IP Addresses].

5.4.3. Others

5.4.3.1. Alert Settings > Tray Icon Settings

Uncheck the option of [Show alert events].

AhnLab, Inc Global

Business




Page 30 of 38

5.5. Default Update Policy

To configure Update settings, please move to [Default update policy] like below.

5.5.1. Update

5.5.1.1. Default Settings

Uncheck the option of [V3 IS 7.0] & [V3 Net 6.0].

AhnLab, Inc Global

Business




Page 31 of 38

5.5.1.2. Update Settings

If you have your own proxy server, please check the option of [Use proxy server] and input the information

of proxy server as below.

If you do not have your own proxy server, you dont need to check the option of [Use proxy server].

AhnLab, Inc Global

Business




Page 32 of 38

6. Appendix

6.1. Distribution

You can distribute not only the security program (V3 Products) but also the software and file onto the client

system.

6.1.1. Software Distribution

Please select the domain in the list and click the Distribution link.

And then, the pop-up windows will occur. Please click [Add] button and try to register the executable

software. First, you have to prepare for the software that you want to distribute to client systems.

1) Create a folder and place the software as below.

Noted) Please make sure to create new folder and place just one file that you want to distribute like as

below.

2) Input the information and click [OK].

AhnLab, Inc Global

Business




Page 33 of 38

3) Then, the software will be packed (compressed) and see the created package in the list as below.

4) When you check the folder which the software is located in, you can see the package, RunCmd.exe and

ini file are created as below.

AhnLab, Inc Global

Business




Page 34 of 38

5) To distribute the software, select the package and click [Distribute] button.

6) When the distribution is successful, you can see the result as below.

7) Then, you can see the software is running in client system as below.

AhnLab, Inc Global

Business




Page 35 of 38

6.1.2. File Distribution

1) Create a folder and place the file as below.

Noted) Please make sure to create new folder and place just one file that you want to distribute like as

below.

2) Input the information and click [OK].

You have to assign the specific folder that you want to distribute the file in client system.

The default path (which APC provided) is like left.

(You can see the list using the select box for [Folder:].)

If you want to use the specific folder, you can input the absolute path as above.

Noted) The specific folder must exist in client system.

AhnLab, Inc Global

Business




Page 36 of 38

3) Then, the file will be packed (compressed) and see the created package in the list as below.

4) When you check the folder which the file is located in, you can see the package, DistFile.exe and ini

file are created as below.

AhnLab, Inc Global

Business




Page 37 of 38

5) To distribute the file, select the package and click [Distribute] button.

6) When the distribution is successful, you can see the result as below.

7) Then, you can see the file has been distributed in client system as below.

AhnLab, Inc Global

Business




Page 38 of 38

6.2. Backup the Security Policy

You can back up the security policy using the simple method. First, please move to [Management]>[Policy].

1) To import the security policy settings, select the security policy and click .

When appears, select the file to import and click [Open].

2) To export the security policy settings, select the security policy and click .

When appears, enter the file name and click [Save].

Please refer to APC40_AG_en_US.pdf on page 108 for more information.

apc4.0 configuration guide eng v1

Documents