Dr.Web Enterprise Security Suite Control Center
Centralized control over the protection of all hosts in the corporate network
Dr.Web Enterprise Security Suite Control Center provides centralized security administration for all hosts in the corporate network:
- Workstations, terminal servers, virtual servers, embedded system clients;
- File servers and application servers (including terminal and virtual servers);
- E-mail servers;
- Mobile devices.
Manage your corporate anti-virus protection from anywhere in the world with Dr.Web Enterprise Security Suite Control Center. All you need is a web browser. The Control Center runs on any operating system on any computer connected to the Internet, and no additional software is needed.
The intuitive interface will help you deploy an anti-virus network in the shortest time possible in any corporate network regardless of its size and organization; it does not matter how many machines and branch offices are connected over the network, what its topology is, or whether an Active Directory server is available. Administrators do not need to acquire any special skills to deploy the anti-virus network.
The Dr.Web Control Center lets administrators control all components of the anti-virus network from inside the network or remotely over the Internet, monitor the security status of all protected hosts, and receive notifications on virus incidents and configure an automatic response to such events. All that’s needed is a TCP/IP connection between the administrator’s computer and the anti-virus server.
The Control Center’s maintenance costs are reduced to a minimum thanks to simple administration routines and the Web-administrator’s ability to provide an at-a-glance view of the entire corporate anti-virus network from anywhere in the world.
The versatile Web-administrator, combined with the solution’s seamless integration with Windows NAP and the option to create custom event handlers in any script language, reduces the workload of system administrators by freeing them of daily anti-virus routines.
Equally reliable in networks of any scale and structural complexity, from small workgroup networks to distributed intranets with tens of thousands of hosts, the Control Center offers exceptional scalability. Interaction between the anti-virus servers of the Control Center (which is connected to a SQL-server used for data storage) and between the servers and protected workstations that make up the complex communication system is organized hierarchically.
This results in a single anti-virus network of interconnected workstations, making it possible to collect information about the entire network on one server. The hierarchical organization makes the Control Center the perfect choice for multi-branch companies whose networks are not connected to the Internet.
Wide range of supported network protocols
The Control Center simultaneously supports TCP/IP (IPV6 included) and IPX/SPX and NetBIOS protocols for interaction between the anti-virus server and protected computers, allowing the solution to be used in diverse network environments. Communication between different components of the system can be encrypted to ensure secure communication between anti-virus network components, thus making it safe to administer the network from any computer anywhere in the world.
Compared with competitive solutions from other developers, the Control Center guarantees minimal network traffic. A special data transfer protocol for TCP/IP and NetBIOS networks provides data traffic compression in TCP/IP, IPX/SPX, or NetBIOS networks.
The operation of a Dr.Web anti-virus network is completely transparent. An administration audit log records all installation and configuration activities. All components can record their activities in separate log files with customized verbosity, and all file operations performed by the anti-virus software are reflected in the statistics. A notification system informs administrators about problems in the network. Such notifications can be displayed by the Web-administrator or sent via e-mail.
The notification system provides an administrator with the following features:
- customizable text of threat notifications
- notifications on virus attacks, scan results, and file deletions
- a special threat-alert icon
- an option to view reports in the Web-administrator or export information into CSV, HTML or XML formats
- customizable logging verbosity
- retrieval of information on the following
- virus activities with detected viruses arranged by group
- detected client vulnerabilities
- scanning errors
- anti-virus components running on protected PCs
- abnormal behaviour of protected machines
Dr.Web Enterprise Security Suite unique features:
- comprehensive protection from most known threats powered by the built-in anti-virus, anti-spam, firewall and office control (available with a comprehensive protection license);
- support of Windows and Unix server platform, simple installation procedure and reliable protection providing minimal TCO compared with competitive solutions;
- centralized protection of all network hosts: workstations, mail and file servers as well as application servers including terminal servers;
- support of 32- and 64-bit operating systems;
- installation of agent software in an infected system with a high probability for successful curing;
- minimal network load achieved through implementation of a small-sized engine featuring latest technologies;
- highly efficient detection of threats including unknown viruses;
- administration of the entire network protection infrastructure from one computer (over the administration web-interface) from any location even outside the corporate network;
- implementation of individual security policies for groups of employees at the company;
- several administrators can manage different groups separately making Dr.Web Enterprise Security Suite a good choice for companies with high security requirements as well as for multi-branch organizations;
- configurable security policies for any type of users including mobile users and for any workstation even if it is currently unavailable ensure up-to-date protection at any time;
- protection of the solution's settings against modification by users;
- protection of networks that are not connected to the internet;
- several installation methods – active directory policies, launch scripts and the built-in remote installation procedure. installation can still be performed even if the host is unreachable for a Dr.Web enterprise suite server;
- support of most known internal and external databases: Oracle, PostgreSQL, Microsoft SQL Server or Microsoft SQL Server Compact Edition or any other DBMS that supports SQL-92 over ODBC can be utilized as an external database;
- support of custom event handlers written by the user in any script language providing direct access to internal interfaces of Dr.Web Enterprise Security Suite;
- updates rollback – even if updating causes an error, the host won't remain unprotected;
- simultaneous support of several network protocols (TCP/IP (including IPV6), IPX/SPX, NetBIOS) allowing to deploy the anti-virus network using an existing network infrastructure;
- Dr.Web Enterprise Security Suite is an open solution allowing a system administrator to use it to install and synchronize products from other developers thus lowing information security system deployment costs;
- easy-to-understand protection control system and unsurpassed usability and efficiency of network stations search;
- customizable list of components of products to be updated and version upgrade control enable an administrator to distribute only updates that are necessary and have been tested in the network.
The Web-administrator is a component of the Dr.Web Control Center that does not require installation and enables a system administrator to control the operation of all anti-virus services from any computer and solve emerging problems in a timely manner.
The Web-administrator is a visual remote administration tool available at any time and from anywhere to control the anti-virus protection of up to thousands of geographically dispersed workstations and mail servers via a single graphical interface. The Web-administrator can be used on any machine under virtually any operating system. The user-friendly interface allows easy control over the entire protected network.
- Low-cost administration
- The Web-administrator lets you control the dynamic anti-virus network environment easily. System administrator productivity increases, administrative routines are optimized, and daily tasks are performed in a matter of minutes. Just adjust the key parameters of your anti-virus servers and protected objects, and launch jobs.
- Instant response to threats
- With regular scan and updating scheduling tools, the Web-administrator makes administering an anti-virus network simple. Various tools for collecting and analyzing information let you control the status of protected objects in the network, respond to emerging threats within seconds of detection, pinpoint sources of infection, and promptly adjust corporate security policy to changing conditions.
- Full control over network security
- The Web-administrator lets you configure any component of the anti-virus network and monitor the status of agents. And most importantly, administrators can configure a schedule for anti-virus servers or any group of agents while staying put; there is no need to move around to different locations.
- The virus database’s version control and agent blocking help keep installed components up to date and prevent the spread of infection.
- Versatile licensing
- With the Web-administrator, you no longer need to consider which operating system you use. The console launched under Windows or Mac OS allows you to connect to an anti-virus server run on a Linux machine and change server settings as you see fit.
- Getting statistics with one click
- The statistics-collecting feature enables you to generate reports for a desired period with the custom verbosity and import the information into an external file.
- Instant notifications
- The message interface allows an administrator to send messages to selected users or to groups of users. If the user’s PC is connected to the Internet, the message will be delivered to the user immediately. If the machine is offline when the message is sent, it will be delivered as soon as the machine connects to the Internet. The messaging tool can be used for:
- alerting users about epidemics and inform them what to do if a system has been compromised;
- sending technical messages;
- sending greetings.
- Anti-virus server
The Control Center included in Dr.Web Enterprise Security Suite connects to anti-virus server that facilitates the centralized administration of an anti-virus network including its deployment, virus database and software component updating, network protection status monitoring, virus incident notifications, and statistics collection. Detailed descriptions of all features related to the centralized management of individual products can be found in the “Control Center” tab of the corresponding products.
- The Control Center’s anti-virus server can be installed on a computer connected to the local network. It stores distribution files of anti-virus packages for different operating systems, updates of virus databases and package program modules, user key files, and the configurations of protected objects. The server can also send information upon request from the agent to the corresponding machine.
- The cross-platform architecture of the server software allows it to be run on both Windows and Linux servers. No other competitive solution can boast such compatibility.
- The server can communicate with agents over virtually any network protocol currently in use (TCP/IP (including both IPv4 and IPV6), IPX/SPX, NetBIOS), allowing the anti-virus network to be deployed using an existing network infrastructure.
- The anti-virus server retrieves updates of virus databases and agent components. It keeps the Internet traffic of the anti-virus software low and automatically configures updating routines.
- Updates of protection components can be retrieved from the anti-virus server as well as directly from Doctor Web updating servers, allowing anti-virus software on computers and laptops to be kept up to date. This can be vital for machines that may be unable to connect to the anti-virus server regularly.
- Collecting statistics
- The anti-virus server stores the configuration of each agent in the network and scanning statistics from each anti-virus component of each protected machine in its database. To store data, the server can utilize both its built-in database and an external database. With a single source for storing server information and critical data backups, restoring server operations after database files become corrupted, or when the server must be ported to another machine, becomes easy.
- Anti-virus agents
Anti-virus agents are installed on protected computers, servers, and mobile devices, and if necessary on the machine running the anti-virus server. Agents send virus event reports and other relevant information to the anti-virus server.
Dr.Web Enterprise Security Suite agents let you control anti-virus protection for the following types of objects:
Protected objects Supported OS and platforms Workstations
Terminal server clients
Virtual server clients
Mac OS X
File servers and application servers (including virtual and terminal servers) Windows
Mac OS X Server
Novell Storage Services
E-mail and SMTP-gateway users Unix
Internet gateway users Kerio
Mobile devices Windows Mobile
Anti-virus agents work as efficiently as any other product or solution from Doctor Web. Agents that protect Windows workstations feature components such as a scanner, SpIDer Guard® file monitor, SpIDer Mail® monitor, SpIDer Gate™ HTTP monitor, a self-protection module, and office control.
Additional protective features for Windows workstations
- Dr.Web Enterprise Security Suite scanner is a new component specifically designed for the Dr.Web Enterprise Security Suite agent for Windows. It allows an administrator to perform a remote silent scan without significantly hindering the performance of target machines.
- Mobile mode. Agents can work on laptops that remain disconnected from an anti-virus network for an extended period. If the employee goes on a business trip, his laptop won’t remain unprotected, and the anti-virus will still be able to receive updates.
In order to install the Dr.Web Enterprise Security Suite Control Center, the following requirements must be met:
- IP (including IPV6) , IPX or NetBIOS network (all protected computers and the server must be connected to the network). The following requirements must be met for machines on which the anti-virus software will be installed:
- Port 2193 TCP and UDP as well as the port 23 for NetBIOS must be open - for communication between the server and anti-virus components.
- Socket 2371 for IPX / SPX must be open to allow anti-virus components to connect to the server.
- Ports 2193 and 2372 for UDP must be open to enable the network scanner to search the network.
- Ports 139 and 445 for TCP and UDP utilized by the network installer must be open.
- Port 9080 for HTTP utilized by the Web-administrator must be open.
- Port 9081 for HTTPS utilized by the Web-administrator must be open.
- an anti-virus server: Pentium III 667 or faster CPU, at least 512 MB (1GB if the internal database is used) RAM, up to 12 GB of free disk space (8 GB is utilized by the built-in database in the installation directory, and 4 GB is used in the system temp directory), Windows 2000/XP/2003/Vista/2008/7/8/2012, Linux (glibc2.3 and later), FreeBSD (6.4 and later), Solaris (Intel and Sparc);
- the anti-virus server must be able to connect to the Dr.Web Global Updating System over the Internet for automatic retrieval of contents for the centralized installation and updating directory;
- a TCP/IP connection must be established between the Web-administrator and the Dr.Web Anti-virus server;
- any web browser for the Web-administrator.
IMPORTANT! MS Installer 2.0 is required to install the anti-virus server under Windows. The installer is included in Windows 2000 (SP3) and in later versions of Windows. If an earlier version of Windows is used, download and install MS Installer 2.0 prior to installing the anti-virus server.
IMPORTANT! No other anti-virus software (including other versions of Dr.Web) must be installed on workstations connected to the anti-virus network.
The system requirements for other products that can be managed with the Dr.Web Enterprise Security Suite Control Center can be found in the software product descriptions.