Installing DirectQuarantine

Administrator’s Guide
DirectQuarantine
Norman Email Protection
version 5.51
Features
•• Antivirus
•• Antispam
•• SandBox
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
| 
Limited Warranty
The contents of this manual are for informational use only and are subject to change without notice. Neither
Norman nor anyone else who has been involved in the creation or production of this manual assumes any
responsibility or liability for any errors or inaccuracies that may occur in this manual, nor for any loss of anticipated profit or benefits, resulting from the use of this manual.
This manual is protected by copyright laws and international treaties. Your right to copy this manual is limited
by copyright law and the terms of your software license agreement. As the software licensee, you may make a
reasonable number of copies or printouts, provided they are for your own use. Making unauthorized copies,
adaptations, compilations or derivative works for any type of distribution is prohibited and constitutes a punishable violation of the law.
Any references to names of actual companies, products, people and/or data used in screenshots are fictitious and
are in no way intended to represent any real individual, company, product, event and/or data unless otherwise
noted.
Norman, Norman Email Protection and Norman Antivirus are trademarks of Norman Safeground AS. directQuarantine™ and Sequential Content Analyzer (SCA)™ are trademarks of Vircom Inc. Windows, Windows
Server 2003/2008/2012, IIS, Internet Information Server, Windows Exchange Server, Active Directory, Windows
SQL and Microsoft Outlook are either registered trademarks or trademarks of Microsoft® Corporation in the
United States and/or other countries. All other products or services mentioned in this document are identified by
the trademarks or service marks of their respective companies or organizations.
Norman Email Protection is based on the Professional Internet Mail Services product licensed from the University of Edinburgh.
Certain algorithms used in parts of this software are derived from the RSA Data Security, Inc. MD5 MessageDigest Algorithm.
Copyright (c) 1990-2014 Norman Safeground AS
Norman Safeground AS
Address: Strandveien 37, Lysaker, NORWAY
Postal: PO Box 43, 1324 Lysaker, NORWAY
For more information, visit our website at www.norman.com
Revised February 2014.
ii
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
| 
Table of Contents
Introduction..............................................................................4
Getting Started......................................................................19
About this manual.................................................................... 4
Using DirectQuarantine........................................................19
Acronyms.............................................................................. 4
Initial login.............................................................................19
Help and support...................................................................... 4
Quarantine client interface.........................................19
Contact support................................................................ 4
About quarantine mailbox...........................................19
Related documents.......................................................... 4
Viewing message content.......................................... 20
Deleting messages......................................................... 20
Application overview............................................................5
Direct Quarantine for Outlook.............................................5
Introduction..........................................................................5
Full or trial version...............................................................5
Upgrading DirectQuarantine.........................................5
Deploying DirectQuarantine on your network............7
Overview.................................................................................7
Installation.................................................................................11
Installing the application........................................................11
Overview................................................................................11
Software requirements..................................................11
Installing DirectQuarantine.................................................12
Message types.................................................................. 20
Probability sort order......................................................21
Managing event logs...............................................................22
Manage quarantine events.........................................22
Server logs...........................................................................22
Client logs............................................................................22
View audit logs...................................................................22
Troubleshooting DirectQuarantine...............................23
Troubleshooting techniques.....................................23
Set log level option..........................................................23
Disable the DirectQuarantine client......................23
Uninstall the application..............................................25
Contact Support..............................................................25
Verify the Email Protection server
configuration.......................................................................12
Client install prerequisites............................................13
Optional: Create an OU for the
DirectQuarantineServer account............................15
Firewall configuration.....................................................15
Install DirectQuarantine client via a GPO.....................16
Test client-server connectivity..................................17
Install DirectQuarantine client manually......................18
iii
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Introduction
Introduction
About this manual
This document is written for administrators who will be installing and configuring Email Protection’s
DirectQuarantine application in a Windows client-server environment.
Acronyms
The following acronyms are used in this guide.
•• AD = Active Directory
•• DC = Domain Controller
•• DQ = DirectQuarantine
•• GPO = Group Policy Object
•• OU = Organizational Unit
•• VM = Virtual Machine
Help and support
Contact support
If you have specific questions concerning the use of one of our products, please contact our support team.
•• Web: www.norman.com
•• Email: [email protected]
•• Phone:
+47 67 10 97 00
•• Fax: +47 67 58 99 40
Working hours are from 8 a.m. to 4 p.m., Monday to Friday.
Related documents
The documentation set for Email Protection and its applications can be found under the business section of:
•• http://safeground.norman.com
4
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Application overview
Application overview
Direct Quarantine for Outlook
Introduction
DirectQuarantine is an Outlook add-on that presents a live view of the quarantined messages and all the necessary tools to manage them, using controls that are built right into Outlook. By using DirectQuarantine, users no
longer have to wait hours for summary reports, log into the WebQuarantine to check the contents, or to rely on
administrators to release messages on their behalf.
Email Protection users who currently receive Quarantine Reports and use WebQuarantine can continue to do so:
installing DirectQuarantine does not replace or disable either application.
Full or trial version
The DirectQuarantine server application is included with the Email Protection installation package, and is installed by default. The program is available for use by licensed users, but also provides a free 30-day trial version.
If you are interested in buying the product, please contact our Sales department at: [email protected].
Upgrading DirectQuarantine
The upgrade process differs, depending on your current version of DirectQuarantine. Please check your current
version and follow the appropriate instructions below.
Upgrading from version 1.1 or 1.2 > 2.0
You must first uninstall the original client file. If the program had been installed manually, uninstall it manually
from the users’ machines before installing the new file.
If the client had been deployed by GPO, use the following instructions:
1 Uninstall the client file using the procedure described at the end of this document: see “Uninstall the application” on page 25.
2 Remove the client file from the shared folder and replace it with the new dQ Client.msi file.
3 Follow the steps outlined in “Install DirectQuarantine client via a GPO” on page 16 to deploy the new file.
Upgrading from version 2.0 and above
If the client had been deployed by GPO, there’s no need to uninstall the previous version. Please use the following
instructions:
1 Place a copy of the new dQ Client.msi file in a shared folder
2 On the Active Directory server, open Group Policy Management
3 Locate and right-click the DirectQuarantine GPO > Edit
4 Expand User Configuration > Software Settings
5
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Application overview
5 Right-click Software Installation > New > Package, select the newest dQ Client.msi file > Open
6 In Deploy Software: select Advanced > OK
7 In Deployment: select Assigned, Install this application at logon, and Basic > OK
8 In Upgrades: select Required upgrade for existing packages > OK
When users next login, the Outlook clients will receive the new package.
If the client had been installed manually, simply install the new client version to update.
Upgrading from version 1.0
Please contact technical support via email to [email protected]. Contact details can also be found at our web
site on the Business section of www.norman.com.
6
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Application overview
Deploying DirectQuarantine on your network
Overview
The DirectQuarantine application is based on a client-server distributed architecture that is designed to support multiple network configurations: both on-premise (local) and hosted. Deployment requires the following
modules:
• The DirectQuarantine server
• The DirectQuarantine client
The DirectQuarantine server module must be installed on the Email Protection server. It provides a service that
establishes a connection between the Microsoft Outlook client and the Email Protection server, and communicates with the quarantine database. Installation is supported on a physical Email Protection server or a Virtual
Machine.
The DirectQuarantine client module is installed on the client (or users’) computers. It can be deployed using a
Group Policy Object (GPO) in an Active Directory environment, or by manually installing the application. Note
that manual client installation is required if using a Terminal Server.
The following sections illustrate the most frequently-used configurations.
On premise Email Protection and mail server
In this configuration, both the Email Protection and the mail server are located on the local network.
DirectQuarantine Server is installed on the Email Protection server, and end-users’ (client) machines are configured to communicate directly with DirectQuarantine Server using their email address and network login password.
Email Protection and Mail Server on the same LAN
7
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Application overview
Hosted Email Protection server
Illustrated in the figures below, the mail server is housed on the client’s own network, and connects to the hosted
Email Protection server through a firewall.
1: High level view of a hosted network
2: Close-up view of hosted network with remote Active Directory lookup
8
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Application overview
Requirements for supporting this environment include the following:
•• Each client network should have its own Active Directory/Domain Controller server.
NOTE
It is possible to deploy the program without AD: please contact support for details.
•• Communication between Email Protection and the Active Directory server is handled through port 389
(LDAP) or 3268 (the Global Catalog).
•• The client must open the following ports on the local firewall to accept communication from Email
Protection:
—— Inbound Port 389 or 3268 (accordingly): for Active Directory authentication requests
—— Port 9000 (or a custom port number): for communication between the client machines and
DirectQuarantine Server (for details, see “Verify the Email Protection server configuration” on page
12).
•• The DirectQuarantine client can either be pushed to the end-users machines using a GPO, or by manually
installing the file on the individual machines.
NOTE
In a Email Protection blockade configuration, DirectQuarantine must be installed on each Email Protection server.
Hosted email service provider network
In this scenario, the Email Service Provider hosts both the Email Protection and the Mail Server. The clients
communicate with the Mail Server through a firewall.
Hosted Email Protection and Mail Server with remote AD/DC Server
9
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Application overview
Requirements for supporting this environment include the following:
•• Each client network should have its own Active Directory/Domain Controller server.
Note
It is possible to deploy the program without AD: please contact support for details.
•• Communication between Email Protection and the Active Directory server is handled through port 389
(LDAP) or 3268 (the Global Catalog).
•• The client must open the following ports on the local firewall to accept communication from Email
Protection:
—— Inbound Port 389 or 3268 (accordingly): for Active Directory authentication requests
—— Port 9000 (or a custom port number): for communication between the client machines and
DirectQuarantine Server (for details, see “Verify the Email Protection server configuration” on page
12).
•• The DirectQuarantine client file can be installed manually on the individual machines.
10
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Installation
Installation
Installing the application
Overview
The DirectQuarantine installation is composed of two parts: the server and client applications.
•• The server application is an installation option with Email Protection 5.1 or greater, and is installed by default.
•• The client application must be installed and configured separately using the instructions below.
Software requirements
The minimum software requirements for installing the DirectQuarantine application are depicted in the following table. These requirements are for the server and client applications:
Applicable to
Software
Description
Server
Email Protection
Must have version 5.1 or greater installed on the server.
.NET Framework
Both .NET Framework versions 3.5 SP1 and 4.0 Extended
must be installed on the Email Protection server.
DirectQuarantine
Configured to use SQL server version 2005, 2008, 2008
R2, 2012 or SQL Server 2005 Express Edition. The SQL
server can either be installed on the Email Protection
server or separately.
Active Directory/
Domain Controller
Configured on the local or the client network.
Microsoft Outlook
2003, 2007, 2010, 2013
Outlook versions 2003 SP3, 2007 SP2, 2010 SP1, 2013
(32-bit and 64-bit) are supported.
.NET Framework
Both .NET Framework versions 3.5 SP1 and 4.0 Extended
must be installed on the users’ computers where
DirectQuarantine is to be installed.
Client
11
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Installation
Installing DirectQuarantine
Verify the Email Protection server configuration
Follow the directions below to ensure that your Email Protection server is properly configured to communicate
with the client machines.
9 Open your Email Protection Administration Console to System > Quarantine Reports.
10 In the WebQuarantine URL field, enter http://127.0.0.1/quarantine (or
http://localhost/quarantine if your Network Interface Card is only configured for IPv4 formatted IPs)
• Click Test URL to verify that the connection tests successfully
• If connection is successful click Apply.
• You may instead replace ‘localhost’ with the web server’s IP, or enter an actual web address according to your configuration in IIS. Examples: http://10.10.10.10/quarantine, or
http://www.mycompany.com/quarantine.
—— This operation is required to support the WebQuarantine link provided in the DirectQuarantine toolbar in Outlook.
11 DirectQuarantine server service uses a dedicated port number. By default port 9000 is used. If you must
change the port number, follow the remaining steps below. If no change is required, go to the next section,
Client install prerequisites.
12 To change the port, use Windows Notepad or another text editor to open the following file, located on your C:
drive.
C:\ProgramFiles\Norman\DirectQuarantine Server\DirectQuarantine Server.exe.config
13 Replace 9000 in the line below with the port number that you want to use:
<add baseAddress=”http://localhost:9000/modusquarantine”/>
14 Replace 9000 in the line below with the port number that you want to use:
<add baseAddress=”http://localhost:9000/authenticate”/>
15 Save the changes and close the file.
• Make note of the port number used: it will be required in the following steps.
16 Open the Email Protection Administration Console to System > Services, stop and restart MODUSDQ.
12
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Installation
Client install prerequisites
Before beginning the client install, you must configure the following prerequisite settings:
1 These steps must be completed before installing the client file - whether it will be done manually or by GPO.
2 Ensure that both .NET 3.5 SP1 and .NET Framework 4.0 Extended are installed on the users’ computers
where DirectQuarantine is to be installed.
• These applications are not included in the DirectQuarantine client installation package.
3 Create a shared folder on your network that can be accessed by all client machines.
4 Go to Start > (All) Programs > Norman > Email Protection > DirectQuarantine Client
Install, locate the dQ Client.msi file and copy it to the shared folder created in Step 3.
5 Log in to the Domain Controller Server to create a DirectQuarantineServer ‘user’ account.
This account is required to store the Email Protection server IP and the port number for the
DirectQuarantine service.
• To add this new user to the Users group, continue with the steps below.
• After completing the setup, you may optionally create a new Organizational Unit (OU) to store this special
user account. For these instructions, see Optional: Create an OU for the DirectQuarantineServer account.
6 Click Start > Programs > Administrative Tools > Active Directory Users and Computers.
7 Expand the domain name to which you want to install the program.
8 Right-click Users and select New > User.
NOTE
On SBS Server, the new user account will be added to the Users> SBS Users folder.
9 Enter the following information using the exact names and syntax as given:
• Enter DirectQuarantineServer in First Name
• Copy and paste it to User Logon Name and click Next.
10 Enter a password of your choice and click Next through the remaining screens to finish the setup.
13
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Installation
11 Right-click the DirectQuarantineServer user and select Properties > Telephones.
12 Enter the IP address of the Email Protection server and the port number to be used by the DirectQuarantine
service in IP phone. For example, 192.168.30.131:9000.
• If you had modified the port number, replace 9000 with your new port number.
• Optional: you can enter additional text in Notes.
NOTE
It is possible to deploy the client program without AD: please contact support for details.
14
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Installation
Optional: Create an OU for the DirectQuarantineServer account
If you wish to isolate DirectQuarantineServer from the main Users group, you can create a new Organizational
Unit and move the account into the OU. Follow the procedures below:
1 While still in Active Directory Users and Computers, right-click the domain name and select New >
Organizational Unit.
2 Enter ExternalApplicationsRepository in Name and click OK.
• You must enter the name and syntax as specified.
3 Do the following:
• Right-click the DirectQuarantineServer user account
• Select Move > ExternalApplicationsRepository
• Click OK.
Firewall configuration
If your are configuring DirectQuarantine in a Service Provider or hosted environment, the following ports must
be open on the firewall:
•• Port 9000 (or your custom port number: for remote access to DirectQuarantine Server.
•• Port 389/3268 (as applicable): for remote access to the Active Directory/Domain Controller Server.
15
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Installation
Install DirectQuarantine client via a GPO
Follow the procedure below to create a Group Policy Object (GPO) for installing the DirectQuarantine client.
It is recommended to deploy the DirectQuarantine client on a single machine in order to test the installation and
connectivity. Once it is successful, deploy it to multiple machines.
1 On the Domain Controller Server, open Active Directory > Users and Computers.
2 You may optionally deploy DirectQuarantine to the domain as a whole, or use an Organizational Unit (OU)
that contains the names of the specific users where DirectQuarantine will be installed.
To deploy to the domain, continue at Step 3 below.
To create a new OU for DirectQuarantine users, do the following:
• Right-click the domain name and select New > Organizational Unit.
• Enter a name, e.g. DirectQuarantine, and click OK.
• Right-click the DirectQuarantine OU, add the user names and click OK.
3 Click Start > Programs > Administrative Tools > Group Policy Management.
4 Right-click the domain name or the DirectQuarantine OU, select Create and Link a GPO here and click
New.
5 Enter a name in New GPO. For example, enter Norman Addin Client, and click OK.
6 Click the Norman Addin Client and then click Edit to open the Group Policy Object Editor.
7 Expand User Configuration > Software Settings.
8 Right-click Software Installation > New > Package.
9 Enter the full network path to the dQ Client.msi file. For example, enter
\\servername\sharedpath\dQ Client.msi.
10 Select Advanced in Deploy Software and click OK.
11 Click Properties > Deployment and click to select all of the following settings:
• Assigned in Deployment Type
• Install this application at logon in Deployment options
• Basic in Installation user interface options
Click OK to proceed.
16
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Installation
12 Click OK to close the Group Policy Object Editor.
• The GPO will execute immediately to push the files to the specified user(s).
Test client-server connectivity
Deploying the client GPO on a single machine provides a setup to test the client-server connectivity. If you experience such a problem, then it is recommended to uninstall the client GPO and then reinstall it again.
17
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Installation
Install DirectQuarantine client manually
An alternate method to using a GPO deployment is to install the DirectQuarantine client manually on the users’
computers. To do this:
1 Complete the prerequisite configuration outlined in Client install prerequisites.
2 On the client machine, log in with an account that has Administrator privileges.
3 Locate the shared folder containing the dQ Client.msi file.
4 Ensure that Outlook is closed and click the dQ Client.msi file to launch the install. Click Next through the
remaining screens to finish the install.
NOTE
If using a Terminal Server, the client file must be installed manually.
18
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Getting Started
Getting Started
Using DirectQuarantine
Initial login
After DirectQuarantine is installed, users will be prompted to enter their email address and network login password to establish the connection for their email account. The system will auto-display the first email address detected, but if users have multiple email accounts on the local network, they can specify which account to use here.
Quarantine client interface
The DirectQuarantine application for Outlook enables users to manage their quarantined messages directly from
Outlook. The Norman folder is a mailbox that connects to the Email Protection quarantine database.
About quarantine mailbox
The DirectQuarantine client creates a new mailbox PST file that communicates directly with the Email
Protection quarantine database. The Norman root folder connects to a web page that contains the How-To Guide.
The DirectQuarantine sub folder contains the list of quarantined messages. The message list is automatically
synchronized and refreshed in the background.
NOTE
We recommend disabling Microsoft Outlook’s native Junk email feature on the client machines to avoid conflicting
filter behavior and potential confusion.
19
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Getting Started
Viewing message content
Message content can be viewed in the preview pane (if enabled) or by double-clicking the message to open it.
Potentially dangerous content such as viruses, phishing, URL links, images and attachments are blocked from
view.
When a message contains attachments, the filenames can be seen by clicking on
Click here to see attachment information.htm and then the Preview file button.
Deleting messages
Messages can be deleted using the <Delete> key on the keyboard, by using Outlook’s Delete button in the
toolbar or the context menu. Deleted messages are moved to the custom Deleted Items folder within the Norman
mailbox. This folder is cleaned automatically during the synchronization process, at which point messages are
permanently removed.
NOTE
Messages in Deleted Items cannot be undeleted or moved back into the DirectQuarantine folder. The entire (current) message list can be emptied manually by right-clicking the DirectQuarantine folder and selecting Empty
‘DirectQuarantine’ (Outlook 2007) or Delete All (Outlook 2010, 2013). This function is not supported in Outlook
2003.
Message types
Messages inside the DirectQuarantine folder are categorized by the following list of types. The type value determines which messages can be released using the Outlook interface:
Type
Behavior
Spam
User is able to release a Spam message.
Phishing
User is not able to release a Phishing message.
The release option is disabled.
Virus
User is not able to release a Virus message.
The release option is disabled.
Forbidden Attachment
User is not able to release Forbidden Attachment message.
The release option is disabled.
Blocked Sender
This is a black-listed email address.
User is not able to release Blocked Sender message.
The release option is disabled.
Blocked by Rules
This is a custom filter created by the administrator.
User is not able to release Blocked by Rules message.
The release option is disabled.
Users with special permission to release Phishing or Forbidden Attachment types of messages must either
use the Quarantine Report or the ‘Go to WebQuarantine’ shield icon in the toolbar.
20
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Getting Started
Probability sort order
Messages are visually divided into 2 groups based on the probability of spam content: Low and High. The High
group contains typical spam content and is displayed using the default text color (usually black). The Low group,
however, is highlighted by the use of blue text to draw users’ attention: this group may contain some false positives.
NOTE
Due to limitations with Outlook 2003, the Low/High grouping and blue-highlighted text are not supported. However,
the messages are labelled by probability to help users pinpoint items that need attention.
Users can easily release messages from either group by using the release options in the toolbar or the context
menu, depending on the type category outlined above.
21
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Getting Started
Managing event logs
Manage quarantine events
The DirectQuarantine events are logged in text files. Logs are set to report trouble events generated by the client
machines and the Email Protection server. The file types are categorized by:
• Server logs
• Client logs
• Audit logs
Server logs
The server log file name is composed of the following format: DQ<yyyymmdd>.log, where <yyyymmdd> represent the date when the log file is created. The DQ<yyyymmdd>.log is stored at the following directory:
C:\Program Files\Norman\DirectQuarantine Server\log
By default, the log files are configured with the following properties:
• The maximum size of the file is set at 40 MB. A new log file is created when limit is reached.
• A maximum of 10 logs are reported at one time. This limit is set to preserve disk space.
The server log records the following events by default:.
Type
Description
Server
Service start and stop
Database connection
Connection or synchronization issues with the Email Protection Quarantine
database
Client connection
Communication and connection issues with the client machines.
Client authentication
Client authentication issues.
Message action
Client message action issues.
Action event
Client or server failed action request.
Client logs
The client log file is stored on each client machine, and records only the DirectQuarantine error events. The
Norman.dQ.Client.log is stored in the user’s machine, at the following directory:
C:\Users\<username>\App Data\Local\Norman\DirectQuarantine\Norman.dQ.Client.log
NOTE
User directories are hidden by default in Windows Explorer. To reveal them disable the Hide extensions for
known file types feature in Tools > Folder Options then click View and Select the Show hidden files
and folders option.
View audit logs
Audit logs are recorded only if the auditing trail is set in the Email Protection server. Events of messages released
by client requests are then recorded as an audit trail. See the Email Protection Administration Guide.
22
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Getting Started
Troubleshooting DirectQuarantine
Troubleshooting techniques
The DirectQuarantine application is designed to log events initiated from the server, the client, the database and
the network connections. These logs provide a tracking method to troubleshoot common problems.
Set log level option
Logs are set to record at Error level by default. For troubleshooting scenarios, you might want to track more
events. You can do that by setting the log level to All or Debug to allow more details to be recorded.
Follow the procedure below to temporarily set a different log level.
1 Go to C:\Program Files\Norman\DirectQuarantine Server.
2 Locate the log4net.config file and open it with Notepad or another text editor.
3 Locate the section marked Level, and change it from Error to either All or Debug, and save the change.
4 Stop and restart the MODUSDQ service after changing the level: open the Email Protection
Administration Console > System > Services.
5 All or Debug logging must be used only temporarily to investigate a specific issue. These settings will record
all transactions on the server and client machines, and may cause performance issues while running.
After resolving the issue, you must reset the log to Error level and stop / restart the MODUSDQ service to
register the change.
Disable the DirectQuarantine client
As part of the troubleshooting process, the DirectQuarantine application can be disabled on a client machine.
Follow the procedure to disable the DirectQuarantine application.
1 On a client machine, open Microsoft Outlook.
2 Do the following:
• For Outlook 2007, click Tools > Trust Centre > Add-ins.
• For Outlook 2010, 2013, click File> Options > Add-ins.
• For Outlook 2003, click Tools > Options > Other > Avanced Options > COM Add-ins
3 Make sure that COM Add-ins appears in Manage. Click Go....
23
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Getting Started
4 Uncheck DirectQuarantine in the list under Add-Ins available:,and click OK.
The Norman and DirectQuarantine folders will become hidden.
5 If prompted to do so, restart Outlook.
24
Copyright © 1990-2014 Norman Safeground AS
Administrator’s Guide: DirectQuarantine
|
NEP Version: 5.51
|
Getting Started
Uninstall the application
The following procedure uninstalls the DirectQuarantine application from the client computers:
1 Log in to the Domain Controller Server.
2 Click Start > Programs > Administrative Tools > Group Policy Management.
3 Expand the domain name where the program was installed.
4 Right-click the Norman Addin Client and select Edit to open the Group Policy Object editor.
5 Expand User Configuration > Software Settings and select Software Installation.
6 Right-click Norman Addin Client and select All Tasks > Remove.
7 Click to select Immediately uninstall the software from users and computers and click OK.
Contact Support
If you require assistance with any issue, regarding DirectQuarantine, please contact our technical support via
email to [email protected], or see more contact details at www.norman.com.
25
Copyright © 1990-2014 Norman Safeground AS
Headquarter
Norway www.norman.com
Offices
Denmark www.norman.com/dk
France www.norman.com/fr
Germany www.norman.com/de
Italy www.norman.com/it
Netherlands www.norman.com/nl
Norway www.norman.com/no
Spain www.norman.com/es
Sweden www.norman.com/sv
Switzerland www.norman.com/ch
United Kingdom www.norman.com/uk
International
Switzerland www.norman.com/ch
norman contact details
Norman Safeground AS | PO box 43, 1324 Lysaker, Norway | Office address: Strandveien 37, Lysaker
Tel: 67 10 97 00 | E-mail: [email protected] | www.norman.com
Norman Safeground AS is a wholly owned subsidiary of Norway’s only IT security company – Norman AS - established in 1984.
Norman Safeground is a global company and has customers in more than 180 countries. Our mission is to offer businesses and
home users premium protection from Internet threats through easy to use software – offering you peace of mind while we take care
of your security. We strive to understand and solve our customers’ and partners’ challenges and are passionate about providing
high quality personal service.
Copyright © 1990-2014 Norman Safeground AS