Currently we provide a configured version of VirusScan which is fairly unrestrictive version which can be downloaded by anyone and is aimed at the standalone or unmanaged user. However the settings in this configured version is not suitable for managed environments. Techlinks can configure and deploy their own version of VirusScan with much more restrictive settings. Your are strongly advised to configure your own more restrictive version for your managed systems. What follows is an outline of some of the possibilities.
As ever security is a balance between usability and safety. If you have managed systems, ones which only you have Administrative rights to, then you are already in a position where you can apply much more restrictive settings and the users shouldn't actually notice since they would not have the rights in the first place, however some settings can have a negative impact on normal administrative function. Any method available to adjust system settings or to install files are used by malware to infect systems.
To configure your own more restrictive version you need a copy of Installation Designer. You can download a copy of Installation Designer from ftp://ftp.csx.cam.ac.uk/cam_only/McAfee/InstallDesigner/ You need the version which relates to the current version of VirusScan, currently the file is MID88LENRP4.zip.
The following settings are available, this is not an exclusive list as blocking http communication seems a little excessive in most cases.
Antivirus Standard Protection
- Prevent User rights policies from being altered
- Prevent hijacking of .EXE and other executable extensions
- Prevent Windows Process Spoofing
Antivirus Maximum Protection
Prevent svchost from executing non-Windows Execvutables
Prevent alteration on all file extension regisrations
Protect cached files from password and email address stealers
Common Standard protection
Protect Mozilla and Firefox files and settings
Protect Internet Explorer settings
Prevent installation of Browser helper objects and shell Extensions
Protect network settings
Prevent common programs from running files from the Temp folder
Common Maximum Protection
Prevent Programs registering to autorun
Prevent programs registering as a service
Prevent creation of new executable files in the Windows Folder
Prevent creation of new executable files in the Program Files folder
Prevent launching of files from the Downloaded Program Files folder