McAfee Anti-Virus 8.0i for the PC

McAfee Anti Virus 8.0i is a much more robust product than previous versions. Some of the new features of this product act similarly to a firewall. It is highly recommended that before installing or configuring MAV 8.0i, you visit our McAfee Documentation Page and read the McAfee 8.0i Best Practices Guide, and the McAfee 8.0i Quick Reference Guide. Also available are the indepth McAfee 8.0i Installation Guide and the McAfee Product Guide.

This information will help you optimize the efficiency of MAV 8.0i and minimize the possibilty of this more sophisticated version creating problems for you or your users.

McAfee Documentation Page

The McAfee Documentation Page contains four sets of documents from McAfee.

• These are:
  • McAfee 8.0i Best Practices Guide
  • McAfee 8.0i Quick References GuideGuide
  • McAfee 8.0i Installation Guide
  • McAfee 8.0i Product Guide

Installing McAfee 8.0i

McAfee is the primary anti virus solution used for SCS PC desktops. To install and configure McAfee Anti-Virus 8.0i, please use the following instructions.

NOTE: When performing an "Upgrade" instead of a new installation, you may be prompted to "Save Your Old Settings". SCS recommends that you do not save your old settings, but use these instructions to help you set up and configure MAV 8

The following instruction contains information specific to computers residing on the SCS network.

• If installing from a CD, click on 'Setup' .
• If installing from a compressed format (.exe), simply click on the icon.
• Follow the installation prompts beginning with the following screen:

• Click "Next"

The Software License Agreement opens.

• Click on the button next to "I accept.....".
• Click on "OK"

The "Select Setup Type" box opens:

• Choose "Typical
• Click on "Next"

The "Ready to Install" box opens.

• Click on "Install".

When the installation is complete, the following box opens

• Uncheck "Run On Demand Scan"

Failure to do this will result in the machine starting a hard drive scan that can be very time comsuming.

• Leave the checkmark next to "Update Now"
• Click on "Finish"

McAfee will then connect to NAI for the most current AV Engine and DAT files.

The default "Update" location is McAfee's update site. It is recommended that you maintain that setting.

NOTE: McAfee now issues updated DAT files on a daily basis. It is imperative that every machine be updated as frequently as posssible (Daily, at Start up, etc) as appropriate to the usage of that machine.

• You may be prompted to restart your computer, if prompted, please do so before continuing.

Configuring McAfee 8.0i

Before continuing with the configuration Of MAV 8, please read the information available at the McAfee Documentation Page

Auto Updates

In the system tray at the lower right corner of the screen, locate the "V-Shield" icon.

• Right click on the icon and select "Virus Scan Console" from the menu

The Console opens

• Right click on "Auto Update"
• Select "Properties" from the menu

The "AutoUpdate Properties" box opens.

• Place a check mark next to each of the three "Update Options"
• Click on "Schedule"

The "Task" tab of the "Schedule Settings" box opens.

• Check the box next to "Enable..."
• In "User Account Settings" you can enter a user, a domain, and a password to lock changes to your configuration.
• Click on the "Schedule" tab.

• Click on the down arrow in the "Schedule Task" window

• Select when you want "AutoUpdate" to run.

NOTE: McAfee now issues updated DAT files on a daily basis. It is imperative that every machine be updated as frequently as posssible (Daily, at Start up, etc) as appropriate to the usage of that machine.

Next, you will need to set the time of day to run the "AutoUpdate".

NOTE: For computers that are left on 24/7, it is recommended that the "AutoUpdate" be scheduled nightly, so as to minimize the impact on system resources and users.

Next, enable randomization.

• Click "Apply", then "OK"

Scan All Fixed Discs

Return to the "Virus Scan Console"

• Right click on "Scan All Fixed Discs"
• Select "Properties" from the menu

The "On Demand Scan Properties" box opens

• In this box, you are presented with several tabs that enable you to customize the On Demand Scan. The default settings suit most needs, and may not need to be changed.
• By clicking on the "Schedule" button on the right side of the box, you can schedule when you want to scan the hard drive(s) of the machine.
• As with the "AutoUpdate" feature, you are presented with a "Schedule Settings" box that contains a "Task" tab, and a "Schedule" tab.

• The "Task" tab, allows you to enable the task, set a user, domain and password protect your settings.
• The "Schedule" tab allows you to set the time of day the task should be run.

NOTE: If you choose to run this task daily, and the "AutoUpdate" task daily, make sure the scan is set to run AFTER the "AutoUpdate". Also, it is a good practice to scan the hard discs as frequently as possible at times that will not impact the user.

• Enable randomization, click "Apply" and then "OK" to save your settings.

Return to the "Virus Scan Console"

On Access Scanner

• Return to the "Virus Scan Console"*
• Right click on "On-Access Scanner"
• Select "Properties"

The "Virus Scan On-Access Scan Propreties" box opens.

• Here you can customize the settings for the "On-Access Scan".
  • On the "General" tab," Scan", make sure there is a check mark next to "Boot Sectors" and "Floppy during shutdown"
  • ScriptScan allows you to scan for JavaScript and VBScript scripts that are executed by the Windows Scripting Host. For example, Internet Explorer web page scripts.
  • Blocking allows you to block connections from remote computers that have infected files in a shared folder, for a specified amount of time.
  • Unwanted Programs allows you to specify which actions to take when an unwanted program is detected by the on-access scanner.
• Additional information is located on the McAfee Documentation Page
• When finished, click "OK"

Unwanted Programs Policy

Return to the "Virus Scan Console"

• Right click on "Unwanted Programs Policy"
• Select "Properties"

The "Unwanted Programs Policy" box opens.

• Detect and take action on potentially unwanted programs, such as spyware, adware, etc.

SCS recommends that a check be placed next to'spyware', 'adware', 'dialers', and 'password crackers'.

• Additional information is located on the McAfee Documentation Page
• Click on "Apply" and "OK" to save your settings.

On Delivery Email Scanner

Return to the "Virus Scan Console"

• Right click on "On Delivery Email Scanner"
• Select "Properties"

The "On Delivery Email Scan Properties" box opens

• Configure the On-Delivery E-mail Scanner and the On-Demand E-mail Scanner to scan Lotus Notes e-mail clients or MAPI-based e-mail clients such as Microsoft Outlook and take action on any detections
• Using the tabs located here, you can customize the scan of emails and attachments.
• Additional information is located on the McAfee Documentation Page
• Click "OK" to save your settings.

Buffer Overflow Protection

Return to the "Virus Scan Console"

• Right click on "Buffer Overflow Protection"
• Select "Properties"
• The "Buffer Overflow Protection Properties" box opens.

• Buffer Overflow Protection will block exploited buffer overflows from executing code on your computer.
• Additional information is located on the McAfee Documentation Page
• Click "OK" to save your settings.

On Access Protection

Return to the "Virus Scan Console"

• Right click on "Access Protection"
• Select "Properties"

The "Access Protection Properties" box opens.

NOTE: VirusScan Enterprise comes with a number of pre-configured rules for both Port Blocking and File, Share, and Folder Protection. It is important that you review each of these rules to verify that they do not restrict access to ports, processes, programs, files, shares, or folders used by your users.

Additional information is located on the McAfee Documentation Page

• The "Port Blocking" tab allows you to restrict access to inbound and outbound ports as well as files, shares, and folders.
• You may want to check the tab regarding inbound ftp traffic in addition to the default tabs.
• Here, you can also block single ports, or a range of ports to help ensure strong protection.

The "File, Share, and Folder Protection" tab is broken into two sections.

• The upper section allows you to apply a broad rule to manage your existing shares.
• The lower section allows you to make specific rules for files or folders.

Before changing any of the default settings, first read zbout "File, Share, and Folder Protection in the Mc Afee 8.0i Best Practices Guide (pg 8)

• Block exploited buffer overflows from executing code on your computer.
• Additional information is located on the McAfee Documentation Page

By default, many of the pre-configured rules in MAV 8 are set to "Warning Mode". It is recommended that you use these rules in "Warning Mode" for a short time, then review the log file to help determine whether to change these rules to one of the blocking modes.

User Comments

• Set ALLOWTOPICCHANGE = TechHelpAdminGroup

Last changed: 29 Apr 2005