Guest

Cisco Unified Communications Manager (CallManager)

McAfee VirusScan Enterprise 7.0 with Cisco CallManager 3.3 (3)

 Feedback

Table Of Contents

Application Note

Introduction

Installation

Configuration

Scheduled File Scanning Can Have a Negative Impact on the Server

Using Cisco IDS Host Sensor and McAfee Enterprise VirusScan 7.0

Uninstall


Application Note


Using McAfee VirusScan Enterprise 7.0
with Cisco CallManager 3.3 (3)

Introduction

Cisco Systems does not formally certify antivirus products with CallManager software. However, Cisco recognizes that in today's environment any Windows 2000 Server needs to have virus protection and the Cisco CallManager is no exception. Cisco has verified McAfee Enterprise VirusScan 7.0 with CallManager under heavy traffic loads. CallManager installation with McAfee VirusScan Enterprise Version 7.0 is supported by Cisco TAC.

While the installation and configuration of McAfee Enterprise VirusScan

http://www.networkassociates.com/us/products/mcafee/antivirus/email/vs.htm is very easy, there are a few important steps that need to be taken. This document will provide information on the installation and configuration of McAfee Enterprise VirusScan 7.0 on the CallManager Platforms based on Cisco's experience in our won lab environments and from customers who have successfully implemented antivirus software.

Installation

1. Double-click the setup.exe executable. Click Next.

2. Read the License Agreement. Choose the proper License expiry type and Country. Choose the radio button to accept the terms and click OK.

3. Select Typical for the Setup type and click Next.

4. Click Install to start installation

5. Uncheck the "Update Now" and "Run On-Demand Scan" boxes. These should be completed after the configuration. Click Finish.

Configuration

For normal operation on Cisco CallManager 3.X, the default settings for McAfee Enterprise VirusScan 7.0 are fine. However, there are two important considerations:

Scheduled File Scanning Can Have a Negative Impact on the Server

There is a difference between the protection McAfee Enterprise VirusScan 7.0 offers by running in the background and scheduled file scanning of the entire directory structure. Scheduled file scanning is very processor intensive. This could potentially impact call processing if this occurred during high volume traffic. As such, it is critical to only schedule a complete file scan during the middle of the night or other non-peak time schedules.

Using Cisco IDS Host Sensor and McAfee Enterprise VirusScan 7.0


Note: It is important to note that in order for McAfee and the Cisco Host IDS Sensor to co-exist on the same server, McAfee should be configured to not scan the directory where the Cisco Host IDS Sensor or Console is configured. Once McAfee is installed, the icon will appear in the system tray as shown below.


Right Click on the `V' icon and select On-Access Scan Properties.

This will bring up the VirusScan On-Access Scan Properties Panel. The settings shown here are the default settings for McAfee Enterprise VirusScan 7.0.

Choose All Processes in the left panel. Select the Detection Tab. You can safely select the `All Files' option under the `What to Scan' section if you desire that functionality.

Click the Exclusions button.

Click Add and choose the C:\Program Files\Cisco IDS directory

When finished, it should look like this.

Select the Advanced Tab (if available). Uncheck the boxes under Heuristics. Click OK.

Uninstall

McAfee Enterprise VirusScan 7.0 can be uninstalled using the normal Windows 2000 software uninstall procedure

1. Open the Control Panel

2. Choose add/remove programs

3. Click the Remove button on the McAfee VirusScan Enterprise

4. Click yes to confirm