Re: Trend Micro CSM Suite v2 and ISA 2004

I wouldn't be so hard on yourself ;-).

SSL is the default, and it should work. But to simplify - I de-select it.

Here's an old post, worth repeating now that I prefer CSM 2 over 3.

Here's the procedure for Trend CSM for SMB.

1. Decide whether you want to use the Adminstrator account for CSM, or
another account. If you don't want to use the Administrator account, create
an account. (I use the Administrator account.)

2. Run setup - install on IIS is generally the only selection available.
3. Enter the FQDN server.domain.local OR the IP of the SBS. I prefer the IP,
it seems to work better.
4. Install into IIS Virtual Web Site (New site, not the default web site)
5. Use port 8085 for communication. NOTE: - any unused port is fine, check
IIS to ensure the one you select is not in use.
6. Deselect SSL.
7. Use Administrator account - If ISA enter proxy info, if no ISA enter
nothing in proxy.
8. If you don't have the activation code - register now, the email with the
code comes real quick. (note that you can go this far prior to the actual
install if you like, and get the activation code so you don't have to do
this while installing).
9. Accept the server/client port.
10. Accept the client installation for the SBS (installs the Officescan
client on the server)
11. The install proceeds, then open the admin console.

- This completes Officescan installation, now on to Scanmail.

12. Go to the Scanmail link on the left, and install Scanmail to the IP of
your SBS. Scanmail and eManager are installed.

- This completes the installation of CSM SMB. Now you need to make some
settings.

1. In the CSM console, click on the Clients view so you can see the
Officescan 'domain'. Your SBS will be listed there.
2. Create a new Officescan 'domain', and move your SBS computer to the new
domain. The original domain will be used for workstations.
3. Click on your SBS computer icon, and set the client priveliges to your
liking.
4. Click on Scan options | Real time Scan settings, and find the Exclusions
link.
5. Put <drive> pagefile.sys in the lower 'file' exclusion list.
6. Put <these are default locations>

c:\Program files\exchsrvr
\trend,
\trend micro in the directory exclusion area.
Note that if you have moved your exchange data and or logs somewhere, be
sure to exclude them. Note also you can be more granular with your
exclusions if you want - you don't have to exclude the entire directory.

Another note - there is a tick box for excluding Trend product directories,
but I do it manually anyway.
Yet another note - On all screens make sure you APPLY the settings by
scrolling down to the bottom and clicking the button.

What you've done with the two Officescan 'domains', is enabled different
settings for the server versus the clients. Now when you add client
machines, you can set the options on that domain (rather than each
workstation) so they apply to all workstations, but not the server. Sometime
this is useful.

7. Click on Updates, Server updates, Automatic Update, check the options and
set the frequency to hourly.

8. Click on Manual Update, select the options you want, and update now to
get the lates files and make sure connectiviy is there.

9. Log off Officescan console.

Scanmail

1. Use the non HTML console from start | all programs.
2. Log on, click on Scheduled Update.
3. Enable scheduled update, and set it to hourly, select pattern file and
engine.
4. If you use ISA, click on the Proxy Settings button and enter the proxy
info.
5. Click on Update Now, select the options, set proxy info if you use ISA,
and click on Update now.

Those are the basics to get protection. You can learn the fine tuning and
option stuff (including eManager) as you go.



--
Les Connor [SBS Community Member - SBS MVP]
-----------------------------------------------------------
SBS Rocks !
----------------------
"Tell me and I'll forget. Show me and I'll remember. Involve me and I'll
understand." - Confucius


"Bill" <billyg1943@xxxxxxxxxxx> wrote in message
news:e9TXRyRJGHA.220@xxxxxxxxxxxxxxxxxxxxxxx
> Hi Les,
>
> Put it down to my stupidity. It looked to me like the install wanted me
> to use SSL so I did :(. I will re-install without!
>
> Cheers,
> Bill
>
> "Les Connor [SBS Community Member - SBS MVP]" <les.connor@xxxxxxxxxxxx>
> wrote in message news:uMRvR9OJGHA.3100@xxxxxxxxxxxxxxxxxxxxxxx
>> Hi Bill,
>>
>> I'm wondering what the motivation is for SSL? Are you accessing the
>> console directly from external locations? Typically, the management
>> console is accessed from the server console itself, or from a workstation
>> on the lan - and under those cicumstances I don't see where SSL would be
>> required. I've never bothered with SSL for the console, and therefore
>> can't offer any troubleshooting tips.
>>
>> --
>> Les Connor [SBS Community Member - SBS MVP]
>> -----------------------------------------------------------
>> SBS Rocks !
>> ----------------------
>> "Tell me and I'll forget. Show me and I'll remember. Involve me and I'll
>> understand." - Confucius
>>
>>
>> "Bill" <billyg1943@xxxxxxxxxxx> wrote in message
>> news:u0RzucLJGHA.3896@xxxxxxxxxxxxxxxxxxxxxxx
>>> Hi, anybody got a how-to on post installation tasks in ISA 2004 to allow
>>> ssl access to Office Scan Management Console? I have use 4343 as SSL
>>> port 8090 for the web site. I have configured an SSL rule and a web
>>> publishing rule but I they don't work and I have no idea why.
>>>
>>
>>
>
>


.