Kaspersky Anti-Virus 5.5 MP2 for Proxy Server (5.5.62) RELEASE NOTES ================================================================================ Released on: (19.02.2010) Table of contents: * What's New * Product Overview * System Requirements * Product Installation and Upgrade * Known Issues and Workarounds * Contact Information What's New -------------------------------------------------------------------------------- * HTTP user name registration in product logs has been added. If the X-Client-Username ICAP header (or other header defined in the configuration file) is set to the appropriate value, the header value will be added to log files as the user name. * The option to append scan results to ICAP header has been added. * The list of supported operating systems has been revised. * Some product bugs have been fixed. Product Overview -------------------------------------------------------------------------------- Kaspersky Anti-Virus for Proxy Server performs anti-virus traffic processing on proxy servers.Since the product uses ICAP to interact with proxy servers, the latter must support the said protocol. Kaspersky Anti-Virus for Proxy Server offers the following main features: 1. Scanning of HTTP traffic for the presence of malware including: a. Scanning of all types of infectable objects. b. Scanning of containers (compound objects like e-mail messages and archives). c. Opportunity to block access to an infected/suspicious object. d. Object disinfection (if possible). e. Support for flexible configuration of the types of objects to scan. f. The choice between two types of available anti-virus databases (standard/extended). g. Configuration of the anti-virus engine settings. 2. Notification of proxy server administrators in case of the following events: a. Access to an object blocked for some reason. b. Expiry of the license for the product. c. Outdated anti-virus database of the product. d. Internal product error. 3. User notification via HTTP at an attempt to upload/download an infected object. 4. Configuration of product logs. 5. Availability of two types of statistical data: a. Total counters b. Individual records for each processed object 6. Custom configuration of processing rules for traffic arriving from specific groups of IP addresses. 7. Remote product administration using a Webmin plug-in. System requirements -------------------------------------------------------------------------------- Hardware requirements: 1. Minimum configuration: * Intel Pentium CPU; * RAM 64MB; * HDD 200MB for temporary files and 50MB for product installation. Software requirements: 1. Supported OS: a. 32-bit platforms: * Red Hat Enterprise Linux 5.4 server * Fedora 12 * SUSE Linux Enterprise Server 10 SP3 * SUSE Linux Enterprise Server 11 * openSUSE Linux 11.2 * Debian GNU/Linux 5.03 * Mandriva Corporate Server 5 * Ubuntu 8.04.2 Server Edition * Ubuntu 9.10 Server Edition * FreeBSD 6.4, 7.2. b. 64-bit platforms: * Red Hat Enterprise Linux 5.4 server * Fedora 12 * SUSE Linux Enterprise Server 10 SP3 * SUSE Linux Enterprise Server 11 * openSUSE Linux 11.2 * Ubuntu 8.04.2 Server Edition * Ubuntu 9.10 Server Edition * FreeBSD 6.4, 7.2. 2. Supported Proxy Servers: * Squid 3.x Product Installation and Upgrade -------------------------------------------------------------------------------- Clean installation: To install the product, use the command corresponding to your OS type: In Linux/RPM: rpm -i .rpm In Linux/Debian (32 bit): dpkg -i .deb In Linux/Debian (64 bit): dpkg -i --force-architecture .deb In FreeBSD: # pkg_add .tgz Upgrading of earlier product versions is not supported. To upgrade the product, remove its previous version and install the new one. Known Issues and Workarounds -------------------------------------------------------------------------------- * For BlueCoat If the Trickle mode is enabled for BlueCoat, the AnswerMode=complete mode should be enabled for kav4proxy. Otherwise kav4proxy is not guarantied to function correctly together with BlueCoat. * For Squid 3.1 Squid cannot be restarted automatically during the postinstall configuration (see http://bugs.squid-cache.org/show_bug.cgi?id=2586). Restart Squid manually. * Correct operation of Kaspersky Anti-Virus for Proxy Server is not guaranteed if SELinux mode is enabled in your OS. * If you have installed "Kaspersky Anti-Virus for Linux/FreeBSD Workstations and File Servers" AFTER installation of Kaspersky Anti-Virus for Proxy Server, OR if kavmonitor has been restarted while using these products in combination, you should perform a restart or reload kav4proxy. * In Mandriva Linux: 1. If SECURE_LEVEL > 1 in /etc/sysconfig/msec , you have to modify the product configuration file: /etc/opt/kaspersky/kav4proxy.conf In section: [updater.options] change the string: PostUpdateCmd=/etc/init.d/kav4proxy reload_avbase to: PostUpdateCmd=sh /etc/init.d/kav4proxy reload_avbase 2. If SECURE_LEVEL=5 in /etc/sysconfig/msec , then automatic reloading of the anti-virus database after update does not function. To solve the problem, you have to run as root the following command after each update: /etc/init.d/kav4proxy reload_avbase Contact Information -------------------------------------------------------------------------------- Technical Support: http://www.kaspersky.com/helpdesk.html General Information: info@kaspersky.com