Perform this procedure for both golden-template and for direct-install options.
This procedure is required for the applications that use the Windows 2012 Operating System.
Install one of the following antivirus software products for Unified CCE Call Server, Unified CCE Data Server, Unified CVP server, Unified CVP OAMP server, and Unified Reporting server.
McAfee® VirusScan® Enterprise
Symantec® Endpoint Protection
Trend Micro Server Protect Version
Install one of the following antivirus software products for Enterprise Chat and Email (ECE) .
For more information on the anitvirus versions supported by HCS for Contact Center, see the HCS for Contact Center Compatibility Information at http://www.cisco.com/c/en/us/support/unified-communications/hosted-collaboration-solution-contact-center/products-device-support-tables-list.html
Update antivirus software, manually - do not enable automatic updates.
To allow required access to installation program files or folders, perform file-blocking exclusions in the antivirus product file-and-folder protection rules. To do this in McAfee VirusScan:
Launch the VirusScan console.
Right-click Access Protection, then select Properties.
In the Anti-virus Standard Protection category, make sure that the Prevent IRC communication check box is unchecked in the Block column.
HCS for Contact Center supports Symantec Endpoint Protection.
Be aware that in the firewall component of Symantec Endpoint Protection 12.1, the Network Threat Protection feature, must be disabled. If it remains enabled, which is the default, both sides of the duplexed router shows up in simplex mode, thus blocking communications between each side of the router. This blocking impacts all deployment types.
If you retain the default (enabled) start services on side A and B of the router, a Symantec message pops up in the system tray indicating: The client will block traffic from IP address [side A router address] for the next 600 seconds(s). This message also appears in the client management security log. The Symantec Network Threat Protection traffic log indicates that a default firewall rule called “Block_all” was dynamically enabled. The result in both sides of the router come up in simplex mode.
To avoid the issue, you must disable the Symantec firewall and restart both sides of the router. To do this, double click the Symantec icon in the system tray and select Change Settings. Then configure settings for Network Threat Protection and uncheck the Enable Firewall check box at the top of the Firewall tab.