Avaya

Modular Messaging Help

Home | Search | Site Index
Print | Back | Fwd | Legal | Close

 Getting Started 
 Installation 
 Administration 
 Maintenance 
 Reference 
Home > Getting started > Modular Messaging and security > Virus, worm, and spam protection

Virus, worm, and spam protection

The Modular Messaging system bridges your telephony and TCP/IP networks to integrate voice and data services into a single unit. Use the various Modular Messaging access mechanisms to exchange information in the form of e-mail, files, and data.

Viruses are commonly transferred through e-mail in the form of executable file attachments. Viruses can also be transferred through infected Web sites or through shared disk drives on the network. Viruses and worms are targeted mainly at the operating systems, in particular Microsoft.

The Message Storage Server (MSS) supports the SMTP/MIME protocol for delivery of messages. The MSS does not scan incoming messages for viruses. As a result, subscriber mailboxes can receive messages that contain virus-laden attachments.

Messages generated by the Message Application Server (MAS) can contain sound files (.wav) and fax image (.tif) attachments. The MSS receives and stores these messages. When a subscriber uses the telephone user interface (TUI) to listen to the messages, the MAS can retrieve a message from the mailbox. The message can include a virus that was delivered from another server.

Avaya recommends the following guidelines:

  • Do not run an e-mail client on the MAS.

  • Do not use Internet Explorer on the MAS to retrieve messages from the Messages Web server.

The MSS and the MAS never execute any attachment received in a message when a subscriber uses a TUI to retrieve messages.

Users can retrieve messages through e-mail clients that connect through IMAP4 or POP3 interfaces. Voice and fax messages retrieved using these e-mail clients contain only sound files (.wav) and fax image (.tif) attachments. Avaya recommends that users detach and do not open any file attachment. Users should scan attachments for viruses before opening them. Administrators can also configure an additional virus scanner to remove viruses before messages are delivered to the MSS. A variety of scanners are available.

System administrators can also implement firewalls and access control lists (ACLs) on the gateway routers to block any SMTP traffic from external sources. Firewalls and ACLs restrict spam mail, virus, and worm entry into the voice mail system. Administrators can use spam filters on the network to protect against spammers and unsolicited e-mails. Avaya recommends that you implement anti-virus protection software to detect any SMTP/MIME viruses. Implement the software directly on the corporate e-mail servers and on individual user systems. Clean or remove infected files that are detected.

Topics in the section include:

Avaya recommendations

Avaya recognizes the concerns that customers have for deployment of Windows-based solutions, the timely installation of security patches, and the use of anti-virus software.

This topic discusses the following recommendations:

Patching

Avaya monitors the security patches released by Microsoft and determines if the patches are appropriate for Modular Messaging. Avaya tests appropriate patches to assess their compatibility with Modular Messaging. Security bulletins on the support Web site, http://support.avaya.com/security, provide information about the appropriate patches for Modular Messaging customers.

Avaya tests and certifies the compatibility of Microsoft Service Packs with Modular Messaging. Avaya tries to certify the compatibility within 90 days of release of the service pack from Microsoft. After the service packs are certified, Avaya can recommend that customers obtain and install the service pack directly from Microsoft. Customers can contact Avaya or go to the Avaya support Web site for the most current advisories, reports, and security-related concerns. When appropriate, Avaya includes certified Microsoft Service Packs as part of the next release of Modular Messaging.

Avaya notification service

Avaya recommends that customers sign up for the e-mail notification service of Security Advisories. The e-mail notification service provides the latest security information. Customers can find the service in the My Subscriptions section on the Avaya support Web site. Avaya recommends that customers sign up for Microsoft Security Notification Service.

Internet Explorer security

With Modular Messaging, Internet Explorer (IE) 6 is installed on the Avaya Messaging Application Server (MAS). Avaya recommends that IE be used for Modular Messaging administration only. Do not use IE on the MAS to retrieve messages from the Message Web server.

Microsoft recommends that you subscribe to their Security Notification Service. To do that, set IE to use lesser security settings. As a best practice, ensure that at least one computer in the network, other than the MAS, is subscribed to the Security Notification Service.

Anti-virus software

Avaya strongly recommends that customers install anti-virus software on any Microsoft Windows computer that runs Avaya Modular Messaging software. The anti-virus software used and the method of installation depend on customer requirements and the local implementation. Customers are responsible for the purchase, installation, and management of anti-virus products in all cases.

Before you install or upgrade anti-virus software on the MAS, understand how any network change can affect the Modular Messaging system. Review the TCP/IP and User Datagram Protocol (UDP) LAN ports that Modular Messaging requires to operate. You must understand how changes in the installed or upgraded anti-virus software can affect the LAN ports. Consult your account team or business partner to identify the LAN ports that Modular Messaging uses for normal operation.

Check the anti-virus software on the MAS system to ensure that port 25 (SMTP) and port 389 (LDAP) are not disabled and are not scanned. If you configure anti-virus software and these ports are disabled, the MAS and MSS cannot communicate.

This topic discusses the following recommendations:

Disable anti-virus software during installation of Avaya messaging products

Install anti-virus software after you install the Avaya messaging products. If anti-virus software is already installed before you install any Avaya messaging application, disable the anti-virus software. Enable the anti-virus software after the installation. Verify the correct operation of the Avaya product.

Scanning cautions

Consider the impact that anti-virus scanning has on the performance of the Avaya messaging servers.

Avaya recommends that you schedule the anti-virus scan during off-peak hours when the system is not busy. By default, the MAS backs up its data to the MSS at 11:00 p.m. You can reschedule the backup for another time.

Do not use a message-scanning method that can impact the performance of the Avaya servers. For example, do not use "on-access" or "on-delivery" scanning. This type of scan runs whenever a file changes and can have a negative impact on server performance.

Note: Some anti-virus software applications default to scan on startup. Disable this feature. If you do not, the anti-virus software increases the time that a system comes back online after a reboot.

Anti-virus software administration

Avaya recommends administering the anti-virus software as described in the following paragraphs.

Scan the hard disk at least once a week during off-peak hours. Avaya recommends a daily scan. You can run scans on multiple Modular Messaging servers at the same time. However, avoid scheduling the anti-virus scan at the same time as a backup occurs on the MAS. By default, the backup starts at 11:00 p.m. each night.

Schedule virus definition updates to occur automatically at least once a week. The updates must occur before the next scheduled scan time to ensure that the latest data (DAT) files are used during the scan. However, do not schedule updates to occur during a virus scan.

If the anti-virus software locates a virus, it must first attempt to clean the file. If the file cannot be cleaned, move the file to a different directory.

General recommendations

The following recommendations limit virus problems:

  • Run the corporate standard anti-virus programs on a regular basis. Download and install updates to the anti-virus software when they become available from your anti-virus vendor.

  • If you use an anti-virus program, ensure that you are monitoring the supplier for the latest DAT files.

  • Never open any files or macros attached to an e-mail from an unknown, suspicious, or untrustworthy source. Delete these attachments immediately. Then, empty your trash bin.

  • Delete and do not forward spam, chain, and other junk e-mail.

  • Never download files from unknown or suspicious sources.

  • Do not share disks with read and write access unless there is a business requirement to do so.

  • Scan each disk from an unknown source for viruses before you use the disk.

  • Back up critical data and system configurations on a regular basis, and store the data in a safe place.

Anti-virus programs are available in the form of standalone e-mail hosts, firewalls, and routers with embedded scanning. Some commercially available virus detection programs for e-mail gateways are:

  • Aladdin eSafe Protect Gateway

  • Computer Associates eTrust Antivirus for Gateways

  • McAfee WebShield (Network Associates)

  • Symantec AntiVirus for Gateway Solution

Additionally, some anti-virus solutions for Windows based servers are:

  • Network Associates McAfee VirusScan for Windows

  • Symantec Norton AntiVirus for Windows

Note: Avaya does not specifically recommend any of the products listed above. Avaya recommends that you explore these and other similar products and select the one that best meets your requirements.

 

Top of page

Home | Search | Site Index | Print | Back | Fwd | Legal | Close

©2007 Avaya Inc. All rights reserved. Last modified: