Forefront for OCS beta 1 - les notes importantes a lire

Ceci est un extrait du readme.htm qui est sur le CD mais c’est bon de le lire avant toute installation :-)

Important Notes

1– After a fresh install, new signature files must be downloaded to ensure the most up-to-date protection. An hourly scanner update for each licensed engine is scheduled. These updates will start 5 minutes after Forefront Security for Office Communications Server services are started.

Note: You should successfully update at least one engine before the installation is considered complete. Until all the licensed engines have been successfully downloaded, errors may appear in the ProgramLog.txt file. These errors include "ERROR: Could not create mapper object". 

2– The standard Forefront Security for Office Communications Server license includes eight AV scan engines: Microsoft, Norman, Sophos, Command, Kaspersky, VBuster, AhnLab, and Computer Associates. During a fresh install, five random engines are selected for scanning; the Forefront Server Security Administrator can subsequently be used to change the engine selection. A maximum of five engines can be selected per scan job.

3– To enable the Forefront Server Security Administrator to connect to a remote Forefront server, the "Anonymous Logon" group must be granted remote access permission. To make this change, run 'dcomcnfg'. Expand Component Services, right click My Computer, and then select Properties. On the COM Security tab, click Edit Limits and add remote access to the "Anonymous Logon" user.

On WinXP SP2, an additional setting change must be made to allow the Forefront Server Security Administrator application. Open Control Panel, and then open 'Security Center'. Click Windows Firewall, and on the Exceptions tab, click 'Add Program'. Select Forefront Server Security Administrator from the list, and then click OK to return to the Exceptions tab. Select the checkbox for Forefront Server Security Administrator, and then click 'Add port'. Give the port a name, enter '135' for the port number, and select TCP. Click OK twice.

If there is concern about opening port 135 to all computers, it can be opened for only the Forefront Server servers. When adding port 135, click 'Change Scope' and select 'Custom List'. Type in the IP addresses of all Forefront Server servers you want to connect to.

4– Forefront Security for Office Communications Server is able to scan the first part of a multi-part RAR file. Any other part of a multi-part RAR will be treated as CorruptedCompressed, and be treated according to the "Delete Corrupted Compressed Files" setting.

5– To prevent Forefront from requiring a reboot during an upgrade or uninstall, shut down the MOM agent (or any other monitoring software) and make sure that any command prompts or Explorer windows do not have the Forefront installation folder or any of the subfolders open. After the upgrade or uninstall is complete, start the MOM agent again.

6– Microsoft Forefront Security for Office Communications Server does not support customers using their own procedure to download engine updates from the Microsoft web sites. Forefront provides the ability for a server to be used as a redistribution server, but this server must use Forefront to get the updates from Microsoft.

7– Forefront Security for Office Communications Server database path names (DatabasePath registry key) have a maximum size of 216 characters.

8– If you change the install path, its name must be less than 170 characters.

9– Localized database path names (in the DatabasePath registry key) are not supported.

10– UNC paths specified for engine updates must not end with a backslash ("").

11– Importing filter lists from a UTF-8 formatted file is not supported.

12– Keyword filtering analyzes the contents of Excel files, as well as the Text, HTML, Word, and PowerPoint types shown in the Forefront Server Security Administrator.

13– Single node management of Forefront Security for Office Communications Server is available via the Forefront Server Security Administrator. Multi-server management of Forefront Server Security through the Microsoft Forefront Security Management Console is not available.

14– In order to provide a consistent User Experience in the Microsoft Forefront Server Security Administrator Client, the servers involved should be configured with uniform locale settings. Specifically, the System Locale settings of the computer where the server is being run should match the User Locale settings of the computer where the client is being run. If these two locales do not match, date and time information will be presented in a combination of formats that may be confusing.

15– You can move the Quarantine and Incidents databases. However, for FSOCS to function properly, you must move both databases, and all related databases and support files. For more information, see "Moving the databases" in the "Reporting and statistics" chapter of the "Forefront Security for Office Communications Server User Guide".

Known Issue

1– Attachments compressed with PKWARE's DCL-Implode are not scanned.

2– Attachments compressed with PKWARE's Deflate64(tm) are not scanned at this time.

3– Installing Microsoft Forefront Security for Office Communications Server in a folder that contains non-ASCII characters is not supported. Choose a path that contains only characters from the following groups: letters (A-Z, a-z), numbers (0-9) or the symbols :/!#$%'()+,-.;=@[]^_`{}~.

4– If you have multiple filter lists with names that differ only by case, they will not work properly.

5– If you run the Repair option from setup.exe after the product has been installed and all FSOCS services are running, the FSCController and the FSCMonitor services will be disabled and marked for deletion. If this occurs, uninstall FSOCS, restart the server, and then reinstall FSOCS. If services are stopped before running Repair, this problem does not occur.