Virus and Worm protection

The Modular Messaging system bridges your telephony and TCP/IP networks, thus integrating voice and data services into a single unit. Users can access Modular Messaging using the various access mechanisms to exchange information in the form of e-mail, files, and data. Viruses and Worms are targeted mainly at the operating systems, Microsoft in particular. Modular Messaging is based on the Windows and Linux operating environments, but it is hardened enough so that there is a lesser need to use Windows-based and Linux-based applications which are more susceptible to virus attacks.

Viruses are most commonly transferred through e-mail, in the form of binary file attachments, through infected Web sites or through shared disk drives on the network. The voice server acts as an accessible e-mail server, but the Modular Messaging system does not perform any file scanning for virus detection. Modular Messaging supports the SMTP/ MIME protocol for retrieval of messages from the Linux-based MSS to the e-mail clients connecting through IMAP4 or POP3 interfaces. However, when voice messages are retrieved from the e-mail clients on the network, they receive only sound (.wav) files. These files are stored and transferred and cannot be executed on the servers themselves. It is advised that users detach (not launch) file attachments and scan them for viruses, before use.

System administrators should implement firewalls and Access Control Lists on the gateway routers to block any SMTP traffic from external sources. This will restrict spam mail virus and worm entry through the voice mail system. Avaya recommends that you implement an anti-virus protection software directly on the corporate e-mail servers and on individual user systems to detect any SMTP/MIME viruses. Anti-virus detection may also be run on the Modular Messaging servers at regular intervals. Infected files, if detected, should be cleaned or removed and restored from the backup.

Avaya recommendations

Avaya recognizes the concerns that customers have for deployment of Windows-based solutions, the timely installation of security patches, and the use of anti-virus software.

Patching

Avaya monitors the security patches released by Microsoft, determines if the patches are appropriate for Modular Messaging, and, if so, conducts tests to assess its compatibility with Modular Messaging. Information on obtaining the patches that Avaya determines are appropriate for Modular Messaging customers are posted in the form of security bulletins on the support Web site, http://support.avaya.com/security. Avaya endeavors to test and certify the compatibility of Microsoft Service Packs with Modular Messaging within 90 days of release of the service pack from Microsoft. Upon certification, Avaya might recommend that customers obtain and install the service pack directly from Microsoft. Customers should contact Avaya or refer to the Avaya support Web site, for detailed information. When appropriate, certified Microsoft service packs are included as part of the next release of Modular Messaging.

Internet Explorer Security

With Modular Messaging, IE 5.0 will be installed on the MAS. It is recommended that IE 5.0 should be used for Modular Messaging administration only. Microsoft recommends that you subscribe to their Security Notification Service. To do that you have to set IE to use lesser security settings. As a best practice, ensure that at least one computer in the network, other than the Avaya Messaging Application Server (MAS), is subscribed to the Security Notification Service. Follow the steps provided below to reduce the possibility of exposures to internet worms (recent being Code Red and the Nimda) and viruses:

1. Start Internet Explorer

2. Click Tools > Internet Options.

3. From the Internet Options dialog box, click the appropriate icon for the security level that you want to customize (Internet, Intranet, Trusted, Untrusted).

4. Click Security > Custom Level.

5. Under Scripting, check the Prompt field.

6. Click OK.
   Repeat steps 2 to 6 for each of the four security levels.

7. Click OK and exit Internet Explorer.

Top of page

Anti-virus Software

Customers can choose to install and manage anti-virus software for added security at their own risk. For the current version of the Avaya Modular Messaging solution, Avaya allows customers to load anti-virus software on the Avaya Messaging Application Server (MAS). However, the customer must assume full risk for any undesired interactions between the anti-virus software and the Avaya product. Customers are responsible for the procurement, installation, and management of anti-virus products in all cases.

It is best to install anti-virus software only after the Avaya products are installed. If anti-virus software is installed prior to installing any Avaya messaging application, be certain to uninstall the anti-virus software before proceeding, and do not reinstall it until after the installation is complete and the correct operation of the Avaya product has been verified. It is important to consider the impact that anti-virus scanning may have on the performance of the Avaya messaging servers prior to scanning for viruses. For example, performing a complete I/O file scan may have a negative impact on the relative server performance. Avaya recommends that you do not employ any message scanning that could drastically impact the performance of the Avaya servers.

General recommendations

The following are some general recommendations for limiting virus problems.

• Run the corporate standard anti-virus programs on a regular basis. Download and install updates to the anti-virus software when they become available from your anti-virus vendor.

• Never open any files or macros attached to an e-mail from an unknown, suspicious or untrustworthy source. Delete these attachments immediately, then double delete them by emptying your trash. Delete spam, chain, and other junk e-mail without forwarding it.

• Never download files from unknown or suspicious sources.

• Avoid direct disk sharing with read and write access unless there is a business requirement to do so.

• Always scan a diskette from an unknown source for viruses, before using it.

• Back up critical data and system configurations on a regular basis and store the data in a safe place.

Anti-virus programs are available in the form of standalone e-mail hosts, firewalls, and routers with embedded scanning. Following is a list of some commercially available virus detection programs for e-mail gateways:

• Aladdin's eSafe Protect Gateway

• Computer Associate's eTrust Antivirus for Gateways

• McAfee's WebShield (Network Associates)

• Symantec's Norton Antivirus for Gateways

Additionally, following are some anti-virus solutions for Windows based servers:

• Symantec's Norton Antivirus for Windows

• Network Associate's McAfee VirusScan for Windows

• TrendMicro's Serverprotect for Windows

Top of page