eTrust Antivirus Administrator Guide

Transcription

e Trust Antivirus
®
Administrator Guide
r8
This documentation and related computer software program (hereinafter referred to as the "Documentation") is for
the end user's informational purposes only and is subject to change or withdrawal by Computer Associates
International, Inc. ("CA") at any time.
This documentation may not be copied, transferred, reproduced, disclosed or duplicated, in whole or in part,
without the prior written consent of CA. This documentation is proprietary information of CA and protected by the
copyright laws of the United States and international treaties.
Notwithstanding the foregoing, licensed users may print a reasonable number of copies of this documentation for
their own internal use, provided that all CA copyright notices and legends are affixed to each reproduced copy.
Only authorized employees, consultants, or agents of the user who are bound by the confidentiality provisions of
the license for the software are permitted to have access to such copies.
This right to print copies is limited to the period during which the license for the product remains in full force and
effect. Should the license terminate for any reason, it shall be the user's responsibility to return to CA the
reproduced copies or to certify to CA that same have been destroyed.
To the extent permitted by applicable law, CA provides this documentation "as is" without warranty of any kind,
including without limitation, any implied warranties of merchantability, fitness for a particular purpose or
noninfringement. In no event will CA be liable to the end user or any third party for any loss or damage, direct or
indirect, from the use of this documentation, including without limitation, lost profits, business interruption,
goodwill, or lost data, even if CA is expressly advised of such loss or damage.
The use of any product referenced in this documentation and this documentation is governed by the end user's
applicable license agreement.
The manufacturer of this documentation is Computer Associates International, Inc.
Provided with "Restricted Rights" as set forth in 48 C.F.R. Section 12.212, 48 C.F.R. Sections 52.227-19(c)(1) and
(2) or DFARS Section 252.227-7013(c)(1)(ii) or applicable successor provisions.
© 2005 Computer Associates International, Inc.
All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.
Contents
Chapter 1: Introduction
9
Product Components ........................................................................................................... 10
Available Methods of Protection ............................................................................................. 13
How eTrust Antivirus Protects Against Viruses ......................................................................... 14
Suggestions for Staying Infection-Free ................................................................................... 15
Content Updates ................................................................................................................. 15
Signature Files .............................................................................................................. 16
Availability of Signature File Updates ................................................................................ 16
For More Information........................................................................................................... 17
Chapter 2: The eTrust Threat Management Console
19
Controlling Access to the eTrust Threat Management Console .................................................... 20
Navigating the eTrust Threat Management Console .................................................................. 20
Accessing CA Security Advisor ......................................................................................... 21
Getting Help ................................................................................................................. 22
Starting the eTrust Threat Management Console...................................................................... 23
Java Plug-in .................................................................................................................. 24
Enable Active Content in Internet Explorer ........................................................................ 25
Enable Animations in Internet Explorer ............................................................................. 26
Add a Trusted Site to Internet Explorer ............................................................................. 27
Set Session Time-out Value............................................................................................. 28
Chapter 3: Understanding the Dashboard
29
Using the Dashboard Tab ..................................................................................................... 29
Top 10 Detections.......................................................................................................... 29
License Information (Dashboard tab)................................................................................ 30
Product Information ....................................................................................................... 30
Restarting the Threat Management Server ........................................................................ 30
Chapter 4: Discovering Subnets
31
How Discovery Works .......................................................................................................... 31
Default Organization for Subnet Discovery .............................................................................. 32
Changing Default Organization After Installation ................................................................ 32
Discovering Computers Outside Local Subnet .......................................................................... 33
Using the Discovery Tab....................................................................................................... 34
Contents iii
Specifying Subnet Information......................................................................................... 35
Specifying Discovery Configuration................................................................................... 35
Viewing Discovered Computers ........................................................................................ 35
Locating a Computer on a Subnet .................................................................................... 36
Adding a Computer to a Branch ....................................................................................... 36
Modifying Subnets ......................................................................................................... 36
Deleting Subnets ........................................................................................................... 36
Chapter 5: Organizing Your Security Network
37
Organization Tree ............................................................................................................... 37
Managing Branches........................................................................................................ 37
Adding a Computer to a Branch ....................................................................................... 38
Using the Organization Tab................................................................................................... 38
Creating Branches ......................................................................................................... 39
Viewing Client Information .............................................................................................. 40
Working with Branch Properties ....................................................................................... 40
Using Policy Proxy Servers .............................................................................................. 41
Chapter 6: Managing Policies
43
Policy Enforcement.............................................................................................................. 43
Policy Locking..................................................................................................................... 44
Policy Precedence................................................................................................................ 44
eTrust Antivirus Policy Types ................................................................................................ 45
Realtime Monitor Policy .................................................................................................. 46
Scheduled Jobs Policy..................................................................................................... 52
Legacy Signature Distribution Policy ................................................................................. 55
Send for Analysis Policy .................................................................................................. 56
Email Policies ................................................................................................................ 57
Common Policy Types .......................................................................................................... 60
Alert Subtabs ................................................................................................................ 60
Content Updates Policy................................................................................................... 61
Phone Home Policy ........................................................................................................ 65
Using the Policy Management Tab ......................................................................................... 66
Creating Policies ............................................................................................................ 66
Assigning Policies .......................................................................................................... 66
Viewing Assigned Policies................................................................................................ 67
Viewing Scheduled Job Policy Logs ................................................................................... 67
Chapter 7: Working with Clients
69
Managing Individual Computers ............................................................................................ 69
iv Administrator Guide
Using the Clients Tab........................................................................................................... 70
Assigning a Computer to a Branch.................................................................................... 70
Assigning Policies to a Computer...................................................................................... 70
Managing Services ......................................................................................................... 71
Viewing Logs................................................................................................................. 72
Purging Logs ................................................................................................................. 74
Chapter 8: Managing User Access
75
Threat Management Server Access Considerations ................................................................... 76
Operating System Administrator Account .......................................................................... 77
Threat Management Server Installer Account..................................................................... 77
Authorized Administrator Accounts ................................................................................... 78
Guest Accounts ............................................................................................................. 79
Types of Access .................................................................................................................. 79
User Rights Characteristics.............................................................................................. 80
Access Example for Different Accounts.............................................................................. 81
Using the User Management Tab ........................................................................................... 81
Chapter 9: Generating and Viewing Reports
83
Reports ............................................................................................................................. 83
Discovery Statistics Reports ............................................................................................ 84
Managed Machine Reports .............................................................................................. 85
Scheduled Job Reports ................................................................................................... 86
Top 10 Reports ............................................................................................................. 86
Categorized Reports....................................................................................................... 87
Mail Option Reports........................................................................................................ 88
Forwarding Log Information.................................................................................................. 89
Using the Reports Tab ......................................................................................................... 90
Chapter 10: Managing Licenses
91
How Licensing Works ........................................................................................................... 91
Using the Licensing Tab ....................................................................................................... 92
Checking Product Usage ................................................................................................. 92
Chapter 11: Using the Alert Manager
93
Alert Features..................................................................................................................... 93
Basic Components............................................................................................................... 93
Alert Forwarding Policy ........................................................................................................ 94
Alert Manager..................................................................................................................... 96
Contents v
Sending Alert Emails ........................................................................................................... 97
Sending Alerts to Unicenter and eTrust Security Command Center ............................................. 97
Running the Alert Manager ................................................................................................... 98
Alert Manager Tree.............................................................................................................. 98
Configuring Communication Ports .................................................................................... 99
Configuring Alert Settings ............................................................................................... 99
Local Alert Manager for UNIX and OS X Systems.....................................................................103
Appendix A: Using the Command Line Scanner Inocmd32
105
Scanner Options for Inocmd32 .............................................................................................106
Appendix B: Creating Custom Reports
111
Set Up the ODBC Data Source .............................................................................................113
Install the InfoReports Interface...........................................................................................116
Name Server Database .......................................................................................................117
Database Structure .......................................................................................................119
Appendix C: Integrating with Unicenter NSM
131
Preparing for Unicenter NSM Integration................................................................................131
Using TRIX to Import to the Repository............................................................................132
Using InoUpTNG to Populate the View..............................................................................133
Managing Antivirus Options in WorldView ..............................................................................133
Integrating with WorldView ............................................................................................134
Remote Scan View .............................................................................................................135
Appendix D: Managing NetApp
137
Managing the Scanner ........................................................................................................137
Add Another Filer to a Scanner .......................................................................................138
View Scanner Statistics .................................................................................................140
Managing Custom Move and Copy Directories ...................................................................140
View the Virus Detection Log ..........................................................................................142
Manage the Scanner Remotely .......................................................................................142
Managing the Filer..............................................................................................................142
Enable and Disable Virus Scanning ..................................................................................142
Specify File Extensions to Scan Using vscan......................................................................143
Specifying Shares to Scan Using CIFS..............................................................................144
Appendix E: Using the ETRUSTAV Console Program
147
ETRUSTAV Menu ................................................................................................................148
vi Administrator Guide
Appendix F: Messages and Codes
153
Messages..........................................................................................................................153
Appendix G: Computer Viruses
157
Computer Infection Symptoms.............................................................................................158
Effects of a Computer Infection ............................................................................................159
Characteristics of Viruses ....................................................................................................159
Computer Virus Terms ........................................................................................................160
Appendix H: Acknowledgements
165
Apache Tomcat ..................................................................................................................166
CURL................................................................................................................................168
gSOAP..............................................................................................................................169
JRE ..................................................................................................................................181
HP JRE 1.4.2.08.................................................................................................................190
IBM Developer Kit for Linux .................................................................................................195
Jakarta .............................................................................................................................214
Open SSL .........................................................................................................................216
PCRE................................................................................................................................220
Struts...............................................................................................................................222
Sun JDK ...........................................................................................................................224
Third Party Licenses Related to JDK.................................................................................232
Sun JRE 1.5 ......................................................................................................................237
Sun JRE............................................................................................................................241
XERCES ............................................................................................................................242
XMLSEC............................................................................................................................247
zlib ..................................................................................................................................251
Index
253
Contents vii
Chapter 1: Introduction
The eTrust Antivirus software is a powerful antivirus solution for your
enterprise network or your individual workstation. It protects workstations
running Windows, UNIX/Linux, Macintosh OS X, and NetWare. At the time of
this writing, eTrust Antivirus is certified by the International Computer
Security Association (ICSA) to detect 100 percent of viruses in the wild.
Introduction 9
Product Components
Product Components
eTrust Antivirus includes a set of components that provide maximum
protection for your computing environment, whether it is a single computer or
a large-scale enterprise. The main components are as follows:
Threat Management Server
The software that tracks all instances of eTrust Antivirus running in your
network. The server is installed on any computer you want to use as a
Threat Management Server. Once installed, authorized users can perform
remote management functions based upon the automated discovery
information using the eTrust Threat Management Console.
Threat Agent
The software that enables scanning on the local computer. The agent is
installed on all desktops and servers in your security network. The agent
includes a realtime scanner to scan files as they pass through the device
and a local scanner for on-demand scanning. You can initiate scans,
download updates, and review logs stored locally on the computer.
Agents are available for most operating systems and can be centrally
managed from the eTrust Threat Management Console. With the exception
of NetWare platform, they can also be managed locally using the eTrust
Threat Management Agent interface. The Threat Agent on NetWare is
managed using a console application called ETRUSTAV or centrally using
the eTrust Threat Management Console.
eTrust Threat Management Console
A Java-based interface that runs on the computer hosting the Threat
Management Server. Security administrators can use the console to
manage all computers discovered by the Threat Management Server
remotely, propagate configurations, and set and enforce security policy.
The administrator can create and apply various policies to ensure the
following:

Clients have the proper protection against malicious code

Distribution of virus signature updates occurs in a timely manner

Alerts are defined and handled properly

Remote client scans provide a backup for the realtime scanning
process
Using the eTrust Threat Management Console, an authorized administrator
can manage the organization of all computers in the network that are
running instances of eTrust Antivirus using an organizational structure
similar to a directory tree, the Organization tree.
eTrust Threat Management Agent interface
A web-based interface that lets end-users scan their local computers for
viruses and apply the latest signature and product updates to them.
10 Administrator Guide
Product Components
Realtime Monitor
An automatic, intercept driven scanner that checks a local computer for
virus infections each time a file is executed, accessed, or opened. You can
configure realtime monitoring to detect known and suspect infections, and
the action to be taken when an infection is detected. Administrators can
propagate realtime settings throughout the network, and enforce policy for
this option. If an infected file is found, the policy-defined action is taken
and an alert message is sent, displaying the name of the infected file and
the virus.
Local Scanner
A scanner that checks a local computer for virus infections at the user's
request. Using the eTrust Threat Management Agent interface, scans can
be manually initiated or scheduled to run at a specific date and time or at
repeated intervals.
Note: An authorized administrator can schedule scans to automate
scanning on both remote and local computers.
Heuristic Scanner
A scanning method that uses heuristic analysis, an artificial intelligence
technique used to scan files for viruses whose signatures have not yet
been isolated and documented. Rather than use a fixed algorithm to scan
for specific virus signatures, heuristic analysis uses alternative methods to
detect virus-like patterns of behavior.
Note: To avoid overhead and an increased false detection rate, you should
not use the heuristic scanner for realtime scanning. It is usually used only
for local and scheduled scans. Furthermore, it is best to use heuristics only
when doing a reviewer scan (safety level), as running it is resource
intensive and may result in degraded performance.
Shell Scanner
A scanner that integrates with your Microsoft Windows operating system
so you can conveniently right-click on any item on the desktop or in
Windows Explorer and run a scan.
Alert Manager
A feature that lets you send messages from eTrust Antivirus and other
Computer Associates products to individuals in your organization, using
different methods of communication. There are two basic components to
the Alert Manager: the Alert Manager service, which is responsible for the
reception, processing, and distribution of Alert messages, and the Alert
Manager interface, where you configure how Alert should send its
messages.
Introduction 11
Product Components
Note: The Alert Manager is not available in any form on NetWare. On
UNIX- or Macintosh OS X-based systems, the Alert Manager is also
unavailable. However, through user-defined scripts and syslog, an
equivalent level of notification flexibility can be achieved on these
platforms, making it possible to forward alerts to the Alert Manager
running on Windows. From that point all alert handling features of the
Alert Manager can be used to process the event.
CA-InfoReports
A reporting tool that allows access into various areas of the eTrust
Antivirus database. To enable the reporting tool, an ODBC connection to
the Threat Management Server must be created. Additional standard
reports on virus activity and antivirus-protected computers are provided
out-of-the-box on the Reports tab of the eTrust Threat Management
Console.
Remote Install Utility
A utility that enables automated remote client installations. It provides a
graphical user interface that you can use to deploy the product to
Microsoft Windows computers throughout the enterprise.
Note: For non-Windows platforms, different methods are provided for
performing remote installation. For example, on NetWare, the standard
installation program serves as a remote installation tool and, on Macintosh
OS X, a customizable script lets you perform remote installation.
Installation Configuration File (ICF)
A file you use to configure initial policy settings during the installation
process before the eTrust Threat Management Console is available. This
file also contains additional configuration settings that you cannot specify
in the eTrust Threat Management Console. As there is no Local Scanner
policy, you must specify any changes you want to make to the local
scanner settings in the ICF file prior to installation.
The ICF file defines the options for the various available modules. You can
modify the ICF file using a text editor or, on Microsoft Windows, the
Remote Install Utility interface. If available, it is easier to navigate and
modify settings using the Remote Install Utility interface.
Additional Utilities and Programs
A set of task-specific utilities and programs, such as SETUP.EXE (a setup
program for updating Windows 9.x computers through a login script when
users log into a domain), Inocmd32 (a Command Line Scanner interface
for use with all operating systems), Inocucmd (a Command Line Scanner
only for use with the Rescue Disk feature for Windows 95/98), Examine (a
utility to recover for operating systems Windows 95/98), and ETRUSTAV (a
NetWare program to control many Threat Agent operations from a
NetWare server console).
Available Methods of Protection
Available Methods of Protection
eTrust Antivirus provides several scanning methods to protect your network
from all types of infections. The following types of scans are supported:
Realtime Monitor Scan
Checks for viruses are performed automatically, each time a file is
executed, accessed, or opened. You can create Realtime Monitor policies
using the eTrust Threat Management Console to enforce settings for
realtime scanning on client computers.
Scheduled Scan
Performs scans at a specific time or interval. You can create Scheduled
Jobs policies using the eTrust Threat Management Console to enforce
settings for scheduled scans on client computers.
Command Line Scan
Performs scans from the command line. Scan results are displayed on the
screen during the course of the scan.
Manual Scan
Lets end-users initiate interactive scans on their local computer using the
eTrust Threat Management Agent interface.
Introduction 13
How eTrust Antivirus Protects Against Viruses
How eTrust Antivirus Protects Against Viruses
The eTrust Antivirus Realtime Monitor runs in the background and
automatically examines files as they are accessed. Virus scans can run
manually or be scheduled to run automatically. In addition, you can scan
initiate manual virus scan, or schedule them to run automatically.
Regardless of the method you use to initiate a scan, eTrust Antivirus uses the
following techniques to detect computer viruses:
Integrity Check
Examines the program’s file size to see if it has increased, which may be
indicative of a virus. This method is used primarily to check the integrity of
the Critical Disk Area information.
Rules-based Polymorphic Detection
Observes the actions of programs, such as call functions, to detect
suspicious program behavior. Polymorphic viruses disguise themselves
with each infection in an attempt to defeat antivirus scanners, but rulesbased polymorphic detection can expose these kinds of viruses.
Interrupt Monitoring
Monitors all program system calls in an attempt to detect and thwart the
sequence of system calls indicative of virus activity.
Signature Scanning
Looks for a unique pattern, determined by the Computer Associates Threat
Research Team, that serves as a sign that a given virus is present. With
the knowledge of what to look for and where to look for it, eTrust Antivirus
automatically locates and deals with the virus.
When eTrust Antivirus identifies a virus, you are given multiple options for how
to deal with that virus, including deleting the associated file, renaming it,
moving it to a quarantined area, or curing it.
Suggestions for Staying Infection-Free
Suggestions for Staying Infection-Free
Here are some general suggestions to help keep your computer virus-free:

Set all of your DLLs, executables, and other related files as read-only. This
reduces the chance of executable files becoming infected.

To protect critical files, such as those used in database applications,
schedule a scan job to scan these files during off-peak hours.

Scan floppy disks, CDs, and other removable media for viruses before you
copy any files from them.

Keep your environment current with the latest content updates.

Manage your shared directories by setting access rights and permissions
so that users have the appropriate level of authority for the directory, such
as read-only, rather than full control.

On Windows, UNIX, and OS X systems, if the Heuristic Scanner engine
finds a file that you suspect is infected and you want to send it to
Computer Associates for analysis, use the automated Send for Analysis
feature. If handling the file manually, always rename it with an extension
of AVB, and use a compression utility before sending the sample to
Computer Associates.
Content Updates
Content updates contain the latest version of signature files, scan engines, and
program updates, and are available for all supported versions and platforms.
An important and differentiating capability of eTrust Antivirus is that no
downtime or protection interruption is required to apply content updates.
You can create a Content Update policy that automates the process of
downloading updates and distributing them to computers throughout your
network. The update process can operate transparently and not interfere or
interrupt normal network activity. The eTrust Threat Management Console's
Policy Management tab provides the necessary options and simplifies the
process of creating a Content Update policy. A Content Update policy with
enforced standards is one of the important factors to ensuring your network is
protected from infection.
For information on how updates work, see the Content Updates Policy (see
page 61) section.
Introduction 15
Content Updates
Signature Files
Keeping your signature files up to date is vital to protecting your network.
Signature file updates enable eTrust Antivirus to recognize new viruses and
provide protection agains them. The best way to keep signature files current is
to create a Content Update policy with a regularly scheduled time and interval,
so that your systems are automatically kept up-to-date. In addition, signature
file updates may be manually downloaded from our Customer Support website
at:
http://www3.ca.com/support/vicdownload/
This website also provides information on newly detected viruses and other
malicious software, and valuable information on protecting your environment.
You can also find information on how to subscribe to our newsletter and
receive alerts about new threats by e-mail.
Note: For your protection, Computer Associates does not send out unsolicited
executable files, nor use e-mail attachments as a standard method to
distribute maintenance or product updates. However, Computer Associates
does send out alerts that contain links that you can use to initiate the request
for updates. This prevents the possibility of malicious code masquerading as
an update from Computer Associates.
Availability of Signature File Updates
Regularly-scheduled signature updates are provided several times each week,
typically on a daily basis. The Computer Associates research team makes
updates available whenever significant threats appear in the wild. The updates
provide the latest detection and protection capability.
Note that while all virus infections can be detected, not all of the infections can
be cured. Additional detection and protection information is made available on
the CA Security Advisor website. As cures are discovered, they are added to
the signature file updates.
For More Information
For More Information
There are numerous resources for additional information. Your product media
contains the following useful instructional documents that provide detailed
explanations about the product’s comprehensive, feature-rich components:
Readme File
See this file for last-minute information about the product. The readme
includes sections about operating system support, system requirements,
installation, and known issues.
Implementation Guide
See this guide for detailed instructions about planning the roll-out of the
product on your network. It provides complete installation and deployment
instructions for all supported platforms.
Administrator Guide
See this guide for information relevant to the administration of the
product.
Online Help
The help offers procedural information, field descriptions, and overview
topics optimized for quick access and use. To access help, you can click
the help icon from any page of the eTrust Threat Management Console.
Most help topics also provide access to subject matter on related topics.
Release Summary
See the Release Summary for a list of new features and enhancements to
existing features provided in the current release of the product.
CA Security Advisor Web Site
This website (http://www3.ca.com/securityadvisor) reports current
security threats and tells you how to arm yourself against them.
To view or download product documentation, go to the Computer Associates
SupportConnect website (http://supportconnect.ca.com/).
Introduction 17
Chapter 2: The eTrust Threat
Management Console
The eTrust Threat Management Console enables you to remotely manage all
computers running eTrust Threat Management products on your network from
a single console. With its web-based interface you can easily connect to any
system hosting the Threat Management Server on your network and use it to
manage client computers.
As an authorized administrator, you can use the console to perform the
following management functions:

Discover and manage the configuration of eTrust Threat Management
products running on computers in your network

Create and enforce policies for virus and pest scanning

Distribute scanning policies throughout your network

Download and distribute product and signature file updates

Configure distribution proxies to increase network traffic efficiency

Grant other users permissions to use the eTrust Threat Management
Console

View logs of remote computers and scheduled scan jobs

Schedule and view numerous reports that provide detailed information
about the health of your network
The eTrust Threat Management Console 19
Controlling Access to the eTrust Threat Management Console
Controlling Access to the eTrust Threat Management
Console
You can control user access the eTrust Threat Management Console from the
User Management tab. From here, you can view the current users, known as
authorized administrators, that have access to the eTrust Threat Management
Console. You can also add or remove authorized administrators, and add, edit,
or remove a user's permissions. The eTrust Threat Management Console
provides a wide range of permissions, from read-only access, to full control
over your subnets, Organization tree, and policy assignment and
management.
Note: While these authorized administrators have special rights within the
eTrust Threat Management Console, they do not acquire any special rights to
the operating system or other applications.
When adding a user and granting permissions to use the eTrust Threat
Management Console, you can use any valid operating system account on the
computer hosting the Threat Management Server. These accounts will retain
their existing operating system permissions.
Navigating the eTrust Threat Management Console
Navigating the eTrust Threat Management Console is both simple and intuitive.
Simply click a tab along the top of the page to access the different functional
areas of the console. Each tab contains a group of subtabs that let you specify
options for a particular task. The following table describes the purpose of each
major tab:
Tab
Features and Options
Dashboard
Provides at-a-glance product status, license
information, and Top 10 detections network-wide. From
here, you can also manage the Threat Management
Server.
Discovery
Lets you discover and manage subnets of the
computers running eTrust Threat Management products
on your network.
Policy Management
Provides access to all options and settings for creating,
managing, and assigning policies throughout your
network.
Tab
Features and Options
Organization
Lets you organize computers running eTrust Threat
Management products into logical containers, or
branches, in an Organization tree. You can then assign
policies to the various branches of the tree.
Client
Provides access to properties, policies, and logs for a
specific client computer. You can assign, modify, and
remove policies; modify branch assignments, start or
stop client services, and view and manage client logs.
User Management
Lets you grant users access to the eTrust Threat
Management Console and assign the permissions you
deem necessary.
Report
Displays a wide variety of reports and graphs for eTrust
Threat Management products. Lets you schedule how
frequently reports are generated.
Licensing
Provides detailed license information for your network,
and allows you to enter or update license key and
registration information.
Accessing CA Security Advisor
Clicking the Security Advisor link at the top of the console displays the
Computer Associates Security Advisor website. This website provides up to the
minute information on current and emerging security threats and is
maintained by a network of Computer Associates rapid response centers from
around the world. It delivers:

The most comprehensive validated spyware, virus and vulnerability
database in the industry

Clean-up utilities, detection signature files, and remediation instructions

Valuable documentation on implementing complete threat protection and
Security Management Solutions
Check this website frequently to find out about new and emerging threats.
Getting Help
Click the help button at any time to get complete descriptions of the options
for the currently active tab or subtab. All help topics contain links to related
information that will assist you in performing tasks on a tab or subtab.
The help button, displayed below, is located in the upper right corner of the
console:
Starting the eTrust Threat Management Console
You can open the eTrust Threat Management Console from the local computer
hosting the Threat Management Server or from a remote computer using a
web browser.
To access the eTrust Threat Management Console follow these steps:
1.
Choose one of the following:
a.
From the local computer hosting the Threat Management Server, click
Start, Programs, Computer Associates, eTrust, eTrust ITM, eTrust ITM
Console.
Note: On OS X, choose /Applications/CA/eTrustITM and double click
eTrust ITM Console.
b.
Open a web browser, enter the following URL in the address bar, and
then click Go:
https://[servername]:6688/AdminGUI/
where [servername] is the computer name or the IP address of the Threat
Management Server. If you want to use an unencrypted connection over
http (not recommended), use port 6689 instead.
2.
When you try to open the eTrust Threat Management Console on a
computer for the first time, you may see a Security Alert Dialog. Click View
Certificate, then click Install Certificate and follow the wizard to avoid
seeing the dialog in the future.
3.
When the login dialog displays, enter the Username and Password of the
local administrator in the appropriate fields and click Log in.
Note: If you have to input a domain user, remember to add the domain
name, a backslash (\), and then the user name.
Note: You can obtain additional information for error codes using the
Windows net helpmsg <msg id> command.
The eTrust Threat Management Console appears:
Java Plug-in
If the eTrust Threat Management Console exhibits odd behavior or appearance
when displayed, this is typically caused by a problem in the underlying Java
plug-in that your web browser is using. Installing an updated Java plug-in is a
simple way to correct this. Go to the Java Sun website
(http://java.sun.com/products/plugin) to download the plug-in that you
require. The eTrust Threat Management Console supports plug-in versions 1.4
or later.
If you install a plug-in, then you should access the eTrust Threat Management
Console using http://[nodename]:6688/ino/inoplug.html, instead of the URL
specified in Open the Management Console for the Threat Management Server.
Enable Active Content in Internet Explorer
To view graphs, reports, or use the active content provided in the eTrust
Threat Management Console or its locally-stored help systems on Windows,
the active content option must be enabled for your web browser.
To enable active content in Microsoft Internet Explorer, follow these steps:
1.
Select Tools, Internet Options.
The Internet Options dialog appears.
2.
Select the Advanced tab.
3.
Select the Allow active content to run in files on My Computer check box,
as shown below.
4.
Click OK.
You can now view all active content in the web-based interface, as well as
the locally-stored help systems for Shell Scanner or Groupware Options.
Enable Animations in Internet Explorer
To view animations provided in the eTrust Threat Management Console or its
locally-stored help systems on Windows, the animations option must be
enabled for your web browser. To enable animations in Microsoft Internet
Explorer, follow these steps:
1.
Select Tools, Internet Options.
2.
Select the Advanced tab.
3.
Scroll down to the Multimedia section, then select the Play animations in
web pages check box.
4.
Click OK.
Add a Trusted Site to Internet Explorer
When performing certain actions, such as adding a new download source for
content updates, a Microsoft Internet Explorer security prompt may appear
and ask you to add the new source to your list of trusted zones. If you receive
this prompt and want to the add the source as a trusted site, follow these
steps to add the site:
1.
In the Internet Explorer window, select Tools, Internet Options.
2.
Click the Security tab.
3.
Select the Trusted sites content zone, and then click Sites.
The Trusted sites dialog appears.
4.
Enter the new download source in the Add this Web site to the zone field.
For example, to add the default Computer Associates content update
distribution site, enter the following:
5.
Click Add, and then OK.
For more information about trusted sites, see the Microsoft Internet Explorer
documentation.
Set Session Time-out Value
The eTrust Threat Management Console session expires after 120 minutes.
You can specify a different time-out value by editing the SessionTimeout
parameter located in the following file:
Drive:\Program Files\CA\SharedComponents\ThirdParty\Tomcat
5.5\webapps\AdminGUI\WEB-INF\web.xml
Chapter 3: Understanding the
Dashboard
This chapter contains information on understanding the information presented
on the Dashboard and using it to manage the Threat Management Server. For
procedures on using the Dashboard tab, see the eTrust Threat Management
Console online help.
Using the Dashboard Tab
The Dashboard tab provides quick access to important information about your
eTrust Threat Management products. You can view the following information
from the dashboard:

Over-all health of your network via the Top 10 detection list

Current license status
Note: You can view detailed license information on the Licensing tab.

Product and Threat Management Server information

View eTrust Threat Management products administrator contact
information
In addition you can use the dashboard to perform the following tasks:

Restart the Threat Management Server

Edit eTrust Threat Management products administrator contact information
Top 10 Detections
The Threat Management Server collects and collates the logs of computers
that are running the eTrust Threat Management Agent and displays the Top 10
detection information on the Dashboard tab. This provides a quick review of
the most common detections on your network. For detailed information on
these detections, and other detailed reports, use the Reports tab.
Understanding the Dashboard 29
Using the Dashboard Tab
License Information (Dashboard tab)
The License Information area shows the current state of licensing. If the
Managed Node Count is higher than the Licensed Node Count, a license
warning is displayed. A more detailed account can be found on the Licensing
tab.
Product Information
The Product Information area displays the operating system version of the
system hosting the Threat Management Server, the eTrust Threat
Management products version information, the date and time of the last
discovery, and the date and time the Threat Management Server started
running.
You can restart the Threat Management Server at any time by clicking the
Restart button.
Restarting the Threat Management Server
The Threat Management Server tracks all instances of eTrust Threat
Management products running on your network. You can view the status of the
Threat Management Server in the Product Information area, which displays the
date and time the server was last started.
To restart the Threat Management Server, click the Dashboard tab, then click
the Restart button located in the Product Information area.
Chapter 4: Discovering Subnets
This chapter contains information on the discovery process, the Default
Organization, and the Discovery tab. For detailed descriptions for each
discovery option and procedures for performing discovery tasks, see the
eTrust Threat Management Console online help.
How Discovery Works
The discovery process works as follows:
1.
An authorized administrator specifies subnets for the Threat Management
Server to query. The administrator also specifies a discovery frequency
that sets how often the subnet is polled.
Note: Once a subnet is queried, this frequency dictates how often the
discovery information for each client is refreshed.
2.
When the subnet definition is saved, an IP-directed broadcast, a UDP
multicast, or a UDP unicast is sent (using UDP port 42508) to the defined
subnet depending on the election method selected.
3.
Through a transparent election process, a computer in that subnet is
elected to reply to the Threat Management Server.
4.
The elected computer returns response packets to the Threat Management
Server (using TCP port 42509). These packets contain information about
computers in the subnet that are running eTrust Threat Management
products. This information includes: hostname, IP Address, MAC Address,
virus signature or DAT file version information, product version
information, policy settings, and other general data. The packets also
include updates for any changes since the previous discovery.
5.
The Threat Management Server stores the discovered data in its database.
From this information, the Threat Management Server takes an inventory
of the available computers in the security network.
6.
This inventory appears on the Discovery tab of the eTrust Threat
Management Console. If specified in the subnet definition, each computer
also appears on the Organization tab and is automatically associated with
a branch of the Organization tree.
The discovery process automatically maintains current information about the
status of the eTrust Threat Management products running on each computer
on the subnet.
Discovering Subnets 31
Default Organization for Subnet Discovery
Default Organization for Subnet Discovery
The Default Organization is the name of an existing branch in the Organization
tree where a discovered computer can be assigned if an approved Threat
Management Server is specified for the computer at installation time. You can
specify an approved Threat Management Server for a client computer using
the inoc6.icf configuration file.
By using this method, the discovered computer is placed in the branch
indicated by the Default Organization option. If an approved Threat
Management Server is not specified for a computer, it is available in the list of
computers for the subnet, but you have to manually add it to a branch.
On OS X, you can also approve servers in the eTrust Antivirus Preferences
Options panel that is available under System Preferences panel.
On NetWare, you can set an approved Threat Management Server using
ETRUSTAV. In addition, the NetWare install uses inoc6.icf that can be preset to
use an approved Threat Management Server, as under Windows.
Changing Default Organization After Installation
To change the approved Threat Management Server after the installation on a
Windows client computer, simply use regedit to change the client's registry to
specify the new server:
Key:
\HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\eTrustITM\CurrentV
ersion\NameCli
Item: ServerList
On UNIX and OS X systems, you can use the InoSetApproved script, which is
located in the $CAIGLBL0000/ino/scripts directory. Do this by specifying the IP
address or list of addresses of the approved servers as the arguments to the
script. Separate a each IP address with a blank space. For example:
InoSetApproved 172.16.0.0 172.31.255.255
Discovering Computers Outside Local Subnet
Discovering Computers Outside Local Subnet
If you perform a discovery and it does not find computers that you know are
running instances of eTrust Antivirus, one possible cause is that your current
network router configuration is blocking the discovery process from
discovering those computers.
During the discovery process, using the default setting of Free Election, the
Threat Management Server sends an IP-directed broadcast to the subnet being
discovered. If the routers on the network do not allow these packets to pass,
the discovery process will be unable to query the subnets on the other side of
the router.
To correct this problem, you can do the following:

Use the Specified Election method instead of the Free Election method.
Note: You can also use the Sweep Poll method, but it takes longer so you
will need to extend the timeout value. It also increases the work of the
Threat Management Server, as it is polling each computer individually, so
you will see an increase in CPU utilization by InoRPC.

Configure the network routers to allow IP-directed broadcasts over UDP
port 42508.
Another way of troubleshooting UDP traffic issues is to use the eavdisc.exe
utility (on UNIX and OS X system, the utility is called eavdisc). This utility is
provided as an alternative to Free Election, and rather than rely on UDP
broadcast to trigger the discovery, eavdisc limits traffic to TCP only.
The eavdisc.exe program is located on the installation media in the
/ITM/Common/Bin/Win32/Utility directory. To use eavdisc.exe, copy it to you
local machine, open a command line window and run the utility supplying the
IP address of the Threat Management Server as a parameter. The discovery is
triggered and the computer should now show up in the subnet on the eTrust
Threat Management Console.
Using the Discovery Tab
Use the Discovery tab to perform the following subnet management tasks:

Add (discover) a new subnet. The discovery process queries the subnet for
clients running eTrust PestPatrol.

Modify the configuration options of an existing subnet

Delete one or more subnets

Perform an immediate refresh of a subnet using the Discover Now option

View product and organizational information for each computer on a
subnet
When you first click the Discovery tab, no subnets are listed in the Networks
area, unless you are using the eTrust Threat Management Console on the
computer that hosts the Threat Management Server. If so, the subnet of the
Threat Management Server is automatically displayed.
The Discovery tab provides several subtabs and buttons for performing subnet
management tasks. For example, the Subnet Information and Discovery
Configuration subtabs let you specify new subnets and modify the options of
previously discovered subnets.
Once a subnet is discovered, the product-specific and organization subtabs,
located at the bottom of the page, are populated with information about the
discovered client computers. Once populated, you can use the Organization
subtab to add or remove a computer to or from a branch in your Organization
tree.
Note: You do not need special access permissions, such as an operating
system account, to discover a subnet. However, to place a discovered
computer into a branch in the Organization tree, you must have operating
system administrative authority over that computer.
Specifying Subnet Information
Use the Subnet Information subtab to specify a subnet you want to discover.
This tab allows you to enter a descriptive name for the subnet. If you do not
enter a name, the default description is the IP address followed by the port
number used for discovery. You then specify an IP address of a computer on
the subnet, and the subnet mask.
The IP address that you specify depends on the type of discovery, or polling
method you specify on the Discovery Configuration subtab. If you choose the
Free Election or Sweep Poll method, you can enter the IP address of any
computer on the subnet. If you choose the Biased Election or Specified
Election method, you must specify the IP address of the computer that you
want to respond to the Threat Management Server. The computer must be
running an eTrust Threat Management product.
You may choose to verify the IP address using the Test button. You may also
choose to change the default Organization for the discovered computers, by
specifying a new organization in the Organization area of the subtab.
Note: If another Threat Management Server has already discovered the
specified subnet, the IP Address of the conflicting Threat Management Server
is displayed. You should contact the administrator of this Threat Management
Server to avoid the possibility of conflicting policies for this subnet.
Note: You can create multiple instances of a subnet.
Specifying Discovery Configuration
Use the Discovery Configuration subtab to configure the policy settings for the
subnet, the frequency the discovery is repeated, and the polling method used
to perform the discovery.
Once you have discovered a subnet, you do not need to specify these options
again. The Repeat Every option automatically retrieves your subnet definition
information and uses it to re-discover the subnet and refresh client
information.
Viewing Discovered Computers
After the computers are discovered, select the instance of the subnet in the
Networks group on the Discovery tab. The list of discovered computers
appears on the product-specific and organization subtabs, located at the
bottom of the page. These tabs display detailed information about the eTrust
Antivirus running on the computer. You can use the Organization Details tab to
assign a computer to branch in your Organization tree.
Locating a Computer on a Subnet
Once you have discovered one or more subnets, you can quickly locate a
computer on any of the discovered subnets. In the Networks area of the
Discovery tab, enter the computer name in the textbox and click the Find node
in subnets button. When the computer is found, the Antivirus Details,
PestPatrol Details, and Organization Details subtabs, located at the bottom of
the page, display detailed information about the computer.
Adding a Computer to a Branch
Use the Organization Details subtab, located at the bottom of the Discovery
tab, to add a computer to a branch in your Organization tree. Once you click
the Assign button you will be prompted to enter a username and password.
The username and password you enter must have operating system
administrative privileges on the client computer that you want to add to the
branch.
Note: You can also use the Client tab to add a computer to a branch. For more
information, see Working with Clients (see page 69).
Modifying Subnets
The Discovery tab allows you to modify a single subnet, or a modify all
discovered subnets. To modify a single subnet, you select the subnet in the
Networks area. When you select the subnet, the specified options for that
subnet appear in the subtabs to the right. Edit the options as needed, and click
the Apply button to save the modifications. To modify all previously discovered
subnets, click Edit All, modify the options as needed, and click the Apply
button to save the modifications.
Deleting Subnets
You can also use the Delete and Delete All buttons on the Discovery tab to
delete a single subnet or to delete all subnets. The eTrust Threat Management
Console prompts you to verify the deletion. Use these buttons carefully, as you
cannot undo the deletion of a subnet. If you accidentally delete a subnet, you
must re-enter the subnet definition and configuration information to discover
the subnet again.
Chapter 5: Organizing Your Security
Network
This chapter contains information on using the Organization tab to create and
manage your Organization tree. For detailed procedures on performing
organization tasks, see the eTrust Threat Management Console online help.
Organization Tree
The Organization tree is a hierarchical representation of your security network.
You use the tree to apply policies to groups of computers that require the
same protection settings against malicious programs or code.
Using the Organization tab, you create an Organization tree with containers,
called branches. These branches are typically organized to mirror the physical
locations of computers on your network. The organization of the tree is
completely flexible and is often organized to segment computers into various
categories by department, function, type of user, or any other arrangement
that suits your business needs.
Each branch in the tree is analogous to a file-system directory or folder, which
also contains subdirectories or sub-folders. Your Organization tree can contain
as many sub-branches as necessary. Finally, you add computers to the
branches and sub-branches, and then assign policies to the branches. All
computers in the branch inherit the policy from the branch, unless you apply a
policy to a specific computer in that branch. For more information, see Policy
Precedence.
Note: A computer can only be a member of one branch at a time.
Managing Branches
The features of the Organization tab provide you with complete flexibility in
managing the branches and sub-branches of your Organization tree. From this
tab you can view a list of computers in each branch, create new branches,
rename branches, and delete branches. In addition, you can assign and
remove policies from specific branches, view a list of users that have
permissions to manage a branch, and assign policy proxy computers to a
branch. A policy proxy computer shares the load of distributing policies to the
computers in a branch or sub-branch, so that policy can be rapidly distributed
throughout the network, and the Threat Management Server is not responsible
for the delivery of policy to each individual computer.
Organizing Your Security Network 37
Using the Organization Tab
Adding a Computer to a Branch
Use the Organization Details subtab, located at the bottom of the Discovery
tab, to add a computer to a branch in your Organization tree. Once you click
the Assign button you will be prompted to enter a username and password.
The username and password you enter must have operating system
administrative privileges on the client computer that you want to add to the
branch.
Note: You can also use the Client tab to add a computer to a branch. For more
information, see Working with Clients (see page 69).
Use the Organization tab to perform the following tasks:

Create branches and sub-branches

View the computers contained in a branch

View, assign and remove policies and scheduled jobs to or from branches
and sub-branches

View the users who have permissions for managing a branch or subbranch

Configure policy proxy servers and assign them to branches
The Organization tab provides the Clients and Properties subtabs, which you
use to perform these tasks.
Creating Branches
Use the Add button on the Organization tab to create the branches and subbranches you will use to organize the computers on your network into logical
groupings for policy management purposes. Your organization tree can contain
as many branches and sub-branches as necessary. Once defined, you can
easily add computers to each branch and sub-branch.
The following example Organization tree has a branch called Accounting.
Under that branch, there are sub-branches of every office that has an
accounting department, such as Office A, Office B, and Office C. Under each
sub-branch representing an office, you could then arrange the computers from
each of the accounting departments.
You can also use this tab to rename a branch by clicking Edit, refresh the
Organization tree by clicking Refresh, and delete branches or sub-branches by
clicking Delete.
Viewing Client Information
Using the Client subtab you can view a list of computers that reside in the
selected branch. The subtab displays the following information for each
computer:

Name of client computer

Version of the eTrust Antivirus application and engine

Version of signature files
The subtab provides at-a-glance information for each computer. However, for
detailed information you can click the computer name and view the detailed
information that appears in the pop-up dialog for that computer.
Note: To perform management tasks on a particular computer, you can use
the Client tab. For more information, see Working with Clients (see page 69).
Working with Branch Properties
The Properties tab lets you assign or remove policies and schedule scan jobs,
view the eTrust Threat Management Console users that are permitted to
manage the branch, and add or remove policy proxy servers. With a branch of
the Organization tree selected, you can perform any of these tasks by
selecting the appropriate item from the drop-down list. Detailed procedures for
performing these tasks are provided in the eTrust Threat Management Console
online help.
Note: If you have multiple Threat Management Servers on your network, the
Organization tree under each Threat Management Server must be managed
separately. To preserve policy management integrity, you cannot apply a
policy from one Threat Management Server to a computer that is managed by
another Threat Management Server.
Using Policy Proxy Servers
From the Properties subtab you can designate one or more policy proxy
servers. The policy proxy server improves network efficiency by sharing the
workload of policy distribution with the Threat Management Server.
When the Threat Management Server distributes policies, it goes down the list
of computers in the Organization tree. When it finds a policy proxy server it
enlists the help of that computer to distribute policies. Since the proxy
distributes the policies to the other computers in its branch, the Threat
Management Server can skip the rest of the computers in that branch and find
the next proxy server. It then passes the policies to that proxy, and so on
through the network.
For example, if a branch has ten computers, and one computer is designated
as the proxy server, the Threat Management Server sends the information
once—to that one proxy server. The proxy then passes the information to the
nine remaining computers in its branch. This minimizes the number of times
that the Threat Management Server has to send the commands, thereby
improving the performance of the Threat Management Server and the network
in general, and reducing the amount of time necessary to distribute policies
throughout the network.
Note: The role of the policy proxy server is distinct from the role of the
signature redistribution server. The policy proxy server is used to distribute
policy settings throughout the network. The signature redistribution server
makes the signature update files available to other computers. Further, the
policy proxy server should not be confused with an Internet proxy server.
To assign a proxy server from the Properties subtab, select Proxy from the
drop-down list and complete the Please Select Proxy dialog.
Using Proxy Servers in Sub-Branches
The policy proxy server distributes updates on behalf of the Threat
Management Server to the computers in its branch and any subordinate subbranches. However, if the sub-branch contains its own policy proxy server, the
first proxy server detects this and enlists the help of the subordinate proxy
server to distribute updates to computers in its sub-branch and any other
subordinate sub-branches.
Proxy Override Option
The override option specifies what should happen if a policy proxy server for a
given branch is currently unavailable and there are policies that must be
distributed. By setting the override option, the proxy server located above the
disabled proxy in the Organization tree assumes the responsibility of
distributing the updates to the computers ordinarily served by the proxy that
is unavailable. If you do not specify this option and the policy proxy server is
unavailable, the policy updates are not distributed to the computers normally
served by that proxy server, until it becomes available again.
Proxy Server Considerations
When determining if a computer should be a policy proxy server, consider the
following items:

You can designate any number of computers as proxy servers.

You can designate any computer in a branch or sub-branch as a proxy
server, except for computers running Windows 95 or Windows 98.
Chapter 6: Managing Policies
This chapter contains information on creating and managing policies from the
eTrust Threat Management Console's Policy Management tab. For detailed
information on policy management options and procedures, see the eTrust
Threat Management Console online help.
Policy Enforcement
A policy contains the settings that you want to apply to multiple computers to
safeguard them against malicious programs or code. As an eTrust Threat
Management products administrator, you can create and enforce policy
settings and assign them to branches in your Organization tree to ensure that
all computers are equally protected.
Policies that you apply to a branch always take precedence over settings that
an end user may have applied to his or her computer locally. If a user changes
an assigned policy setting, the Threat Management Server detects the change
and automatically returns the settings to those defined by the administrator,
thereby enforcing the policy.
When the Threat Management Server discovers a new subnet, or refreshes its
database of existing subnets, it receives information on all policies for each
client, along with the product version, signature information, and operating
system information, such as the computer name, IP address, OS version and
MAC address. The Threat Management Server updates its database and
examines the information. If it finds that a policy setting on the client
computer does not match the policy setting assigned to the branch the
computer resides in, it flags the discrepancy and resets the policy.
Note: You can prevent end-users from changing policy settings on their local
computers by locking the policy. The following section describes policy locking.
Managing Policies 43
Policy Locking
Policy Locking
When you create or modify a policy, you can choose the Lock Settings option
on the Policy subtab. This setting prevents end users from changing policy
settings on their local computers. During the discovery process, the Threat
Management Server pushes the locked policy to the computers that reside in
within the branch.
If you do not use the Lock Settings option, the Threat Management Server will
continue to distribute policies to the computers in the branch where the policy
is assigned; however, the end user can change those policy settings on their
local computer. Should the end user changes the settings, the Threat
Management Server will automatically reset the policy settings during the next
subnet discovery or refresh; however, there will be period of time when the
client computer's policies are not the same as those defined for it in the Threat
Management database.
Note: The Threat Management Server refreshes its database based on the
interval that you specify in the Repeat Every option on the Discovery
Configuration subtab.
Policy Precedence
A policy's precedence can be either inherited or specified.
Inherited
An inherited policy is one that is inherited from a higher level branch in
your Organization tree. For example, if you apply a policy to a particular
branch, that policy applies to all sub-branches and client computers that
reside beneath that branch of the tree. The sub-branches and client
computers inherit the policy from the higher-level branch.
Specified
A specified policy is one that is applied to a specified branch, sub-branch
or computer. This type of policy overrides the inherited policy from the
branch above it.
When the Threat Management Server performs a discovery, it looks at the
lowest level branch in your Organization tree (a branch that does not have
another branch beneath it). It then checks the policies that are applied to that
branch. If a policy is applied to the branch, it is kept, and not changed by a
policy that would otherwise be inherited from the branch above it. The
discovery process then continues up the Organization tree to the next branch
level. If no policy is applied at the next branch level, the Threat Management
Server uses the policy applied at the branch level above, and so on.
eTrust Antivirus Policy Types
Use the Policy Management tab to create and manage the following eTrust
Antivirus policies:
Realtime Monitor
Scans a file before they it is accessed to ensure the file is not infected.
Scheduled Jobs
Determines when and how scheduled scans occur.
Legacy Signature Distribution
Enables the distribution of content updates to prior versions of eTrust
Antivirus using a r8 Threat Management Server or redistribution server.
Send for Analysis
Specifies detailed contact information that is included whenever you
submit a virus to Computer Associates for further analysis.
Lotus Notes Email Policies
Manages eTrust Antivirus policies on your Lotus Notes e-mail server.
Note: Email polices are only for computers running Windows.
MS Exchange Email Policies
Manages eTrust Antivirus policies on your Microsoft Exchange e-mail
server.
Note: Email polices are only for computers running Windows.
The following sections contain additional information for each policy type. For
policy procedures, see the eTrust Threat Management Console online help.
Realtime Monitor Policy
The Realtime Monitor automatically performs a file scan each time a file is
executed, written to, or opened. When an infection is found and a treatment
action is unsuccessful, file access is denied, which prevents the infection being
spread further. You can monitor for known and unknown viruses, specify
detection methods, and manage infected files.
Using the realtime settings available, you can block access to certain groups of
files (based on file extension) or all files, so that potentially dangerous files are
not opened, copied, or executed by a user or the system. On Windows
systems, by enabling the quarantine feature, users who are detected
attempting to copy infected files to a server can be automatically suspended
from any further access to that server, thereby helping to isolate the infected
user and prevent the spread of the infection.
On Windows and OS X systems, if an infection is found, a window is displayed
with the name of the infected file and the name of the infection.
On NetWare systems, if an infection is found, a message is displayed on either
the Console Screen or the Logger Screen, depending on the version of
Netware. If the infected file was accessed from a client computer, a window is
displayed on that client with the name of the infected file and the name of the
infection.
Note: Remember, the settings you choose for the Realtime Monitor settings
apply only to the realtime scan.
How Realtime Monitor Works
The Realtime Monitor offers automatic virus protection by intercepting
attempts to access files and scanning them to ensure they are not infected. On
Windows systems, the interception is accomplished by using a VxD (Virtual
Device Driver).
Under UNIX, this interception is accomplished through integration of the
Realtime Monitor and the Computer Associates Event Notification Facility
(CAIENF) to provide antivirus protection.
Under NetWare, the Realtime Monitor uses the NetWare FSHOOKS subsystem.
Under OS X, the Realtime Monitor uses a kernel extension (KEXT).
Realtime Policy Subtabs
You create Realtime Monitor policies by selecting Realtime Monitor from the
Type drop-down list on the Policy Management tab. When you select this
option, several subtabs appear on the right side of the Policy Management
page. The following subtabs allow you to specify the scan options for this
policy:
Policy
Specifies a descriptive name for the policy and lets you lock the policy.
Scan
Lets you specify the scanning options for Realtime Monitor, such as the
scanning direction, the thoroughness of the scan, and the action to
perform if an infection is detected.
Selection
Lets you specify the scanning engine to use during the scan, the file
extensions to scan, and whether to scan compressed files.
Filters
Lets you specify the processes and directories to exclude from scanning
and block all access to specified files.
Advanced
Manages settings for protected areas and advanced protection options for
different types of drive devices. For example, on Windows systems, you
can specify protected drive areas for monitoring, while on UNIX, these
options would not be applicable, as all drive types are always protected.
Quarantine
Available on Windows systems only. Suspends users from accessing a
server if they attempt to copy an infected file to the server, thereby
isolating the user and preventing the spread of the infection.
For complete option descriptions for each of these tabs, see the eTrust Threat
Management Console online help.
Quarantined Users
This feature is available on Windows only. By enabling the quarantine feature,
users who are detected attempting to copy infected files to a server can have
their access to the server automatically suspended for a specified period of
time. The user is blocked from any further access to the server for the length
of time specified by the Quarantine time, up to 24 hours. During the
quarantine time, you have the opportunity to determine what the problem file
is, isolate it, and clean the infected computer.
In addition, messages can be sent, listing the name of the user who tried to
move an infected file, so that the appropriate administrator is notified. Further,
the name of a quarantined user is listed on the Quarantine tab when a
particular computer is selected in the list of computers. An Authorized
administrator can easily restore the quarantined user access again by
removing the name of the user from the Quarantine tab.
Note: Because the quarantine blocks server access based on user name, the
quarantine affects any users signed on with the same name. This is
particularly important if a network has many people sharing the same user
name, such as GUEST. If one user is signed on as GUEST and is quarantined
because of a detected attempt to copy an infected file, all other users named
GUEST are quarantined also.
Note: The Administrator account on a Windows NT or Windows 2000 computer
cannot be quarantined. A user with administrator rights, however, can and will
be quarantined when necessary.
Automatic Activation of the Realtime Monitor
Once you have configured the Realtime Monitor on Windows systems, it is
automatically activated each time the computer is started and the Realtime
Monitor icon is displayed in the Windows system tray.
Note: If the Realtime Monitor icon is not displayed, you can activate it from
the Windows Start menu.
When selecting whether to install ENF during the eTrust Antivirus installation
on UNIX systems, you can determine if you want the Realtime Monitor to
activate automatically when you start the computer. If you choose not to
install ENF, realtime will not be available at all on your system. There is no
system tray or Realtime Monitor icon.
When you install eTrust Antivirus on OS X systems, the Realtime Monitor is
configured to automatically activate when your start the computer. You can
disable the Realtime Monitor using the Realtime Monitor Options dialog. There
is no icon that indicates the status of the Realtime Monitor.
When you install eTrust Antivirus on Netware systems, the Realtime Monitor is
configured to automatically activate when you start the computer. You can
disable the Realtime Monitor using the ETRUSTAV console application. There
is no system tray or Realtime Monitor icon.
Realtime Monitor Icon Options
On Windows systems, you can access all the Realtime Monitor settings and
manage the monitoring of files from the Realtime Monitor icon in the system
tray. On OS X, you can access these settings from the Realtime Monitor icon
on the menu bar.
The following options are available:
Realtime Options
Starts eTrust Threat Management Agent interface and displays the
Settings tab, where you can modify your realtime scan settings.
Disable Realtime
Temporarily disables realtime scanning. This option suspends the activity
of the Realtime Monitor, but does not remove it from memory or shut it
down.
Monitor Outgoing Files
Monitors files sent out from a local drive. Outgoing files are files being
copied from a local drive and files that are executed from a local drive.
Outgoing files are scanned when they are opened. If the file is infected,
you are denied access to it
Monitor Outgoing and Incoming Files
Monitors both incoming files and outgoing files. Incoming files are files
received by your local machine. Incoming files are scanned only when they
are closed.
Snooze
Disable the Realtime Monitor for a specified number of minutes only.
Animated Icon
Toggles the animation of the Realtime Monitor icon in the system tray on
or off. This option is not available on OS X.
Display Logo
Lets you hide or show the splash screen that is displayed when you start
the eTrust Threat Management Agent interface from the Realtime Monitor
icon. This option is not available on OS X.
Policy Job Delay Settings
Lets you choose whether to run a policy update now or postpone it a
specified number of hours. This option is not available on OS X.
Launch eTrust ITM
Starts eTrust Threat Management Agent interface and displays the Scan
tab.
Download Updates Now
Opens the eTrust ITM Download Progress window, runs a content update
for the local computer, and displays the progress of the update in the
window.
About
Starts the eTrust Threat Management Agent interface and displays the
Dashboard tab.
License and Registration
Starts eTrust Threat Management Agent interface and displays the
Advanced tab, where you can register licenses.
Exit
Removes the Realtime Monitor icon from the system tray. Realtime
monitoring remains active.
Realtime Messaging
On Windows systems, if the Alert option is configured and active, messages
can be sent by Broadcast, Microsoft Mail, Microsoft Exchange, SMTP, SNMP,
Trouble Ticket, and Pager, whenever an action is taken. The messages also
appear in the realtime scan log and the Windows NT Event Log or Windows
2000 Event Viewer. For more information, see the Alert online help.
Messages also can be sent when Quarantine is invoked.
While Alert is not available on UNIX and OS X systems, the hooks to userdefined scripts and syslog provide an equivalent level of notification flexibility.
Accordingly, Windows systems can be configured to receive alerts forwarded
from UNIX and OS X agents to the Threat Management Server as the Alert
Manager sends these alerts to the email server.
Alert is not available in any capacity for the Netware platform.
On UNIX and OS X systems, eTrust Antivirus events will be directed to syslog,
as specified in the UNIX and OS X configuration file, /etc/syslog.conf. For
more information, see Using Alert Manager in UNIX and OS X Systems.
Scheduled Jobs Policy
You can create Scheduled Jobs policies to perform regularly scheduled
scanning on multiple computers. You should perform scheduled scans on a
regular basis, typically during off-peak usage times. The use of scheduled
scans is especially encouraged for those user with defined exclusions in the
Realtime Monitor policy. You should avoid scheduling scans during scheduled
backups, as those scans could have an effect on the performance of the
backup.
When setting schedule scan options, the CPU utilization setting has no direct
numeric value to CPU usage. Rather, it correlates to CPU resource availability.
For example, you might select Low for scans scheduled to take place during
normal work hours when CPU resources are likely required for other work
related tasks and should not be consumed by scanning activities. For scans
scheduled during evenings and weekends, when resource requirements are
normally lower, the Normal or High CPU setting would be more appropriate.
Note: The options available for scheduled scans are the same as those
available from the Local Scanner on a client computer.
The following tabs are available:
Policy
Scan
Specifies the objects to scan and the action to perform on detected pests.
Schedule
Specifies the time, date, and interval for the scan, and CPU usage level.
Directories
Specifies directories to scan.
Scheduled Jobs Subtabs
You create Scheduled Job policies by selecting Scheduled Jobs from the Type
drop-down list on the Policy Management tab. When you select this option,
several subtabs appear on the right side of the Policy Management page. The
following subtabs allow you to specify the scan options for this policy:
Policy
Scan
Lets you specify the scanning options for the scheduled scan, such as the
scanning direction, the thoroughness of the scan, and the action to
perform on detected infections.
Selection
Lets you specify the file extensions to scan, and whether to scan
compressed files or files migrated to external storage.
Schedule
Specify the time, date, and interval for the scan. On Windows systems,
lets you specify the CPU usage level.
Directories
Lets you specify directories to scan.
Exclude
Lets you specify directories to exclude from the scheduled scan.
Log
Lets you view the summary information and detailed logs for scheduled
scans.
Considerations for Scanning Network Drives
On Windows, you can map to a network drive from a local computer and
perform a scan. Similarly, on UNIX and OS X, you can mount and scan a
remote file system. This might be useful occasionally for scanning a specific
file, but it is not the preferred method for managing network drives as
significant network overhead is incurred when a local computer scans a
network drive.
The preferred method for scanning a network drive is for a remote
administrator to schedule a scan job on the network computer, using the
eTrust Threat Management Console. An instance of eTrust Antivirus must
reside on the computer to be scanned. Once scheduled, the scan will be
performed locally on the network computer. This method is significantly more
efficient when compared to running a scan from one computer against network
mapped drives that physically reside on another computer.
Legacy Signature Distribution Policy
Create Legacy Signature Distribution policies to distribute product and
signature updates to computers running legacy versions of Computer
Associates antivirus software. Legacy versions include r6, r7, and r7.1. You
can choose to download update signatures immediately, on a specific day, or
on a regularly repeated basis. In addition, you can specify the download
source and configure redistribution servers. A redistribution server makes the
signature updates available to other legacy computers.
Note: On NetWare systems running eTrust Antivirus r8, you must use the
Legacy Signature Distribution Policy to download signature and product
updates.
The Legacy Signature Distribution policy provides the following subtabs:
Policy
Schedule
Enable scheduled updates and specifies the date, time, and frequency of
the updates. Also lets you start an immediate download of updates.
Incoming
Lets you perform incremental updates, when appropriate, and add,
modify, or delete download sources.
Outgoing
Specifies a computer as a Redistribution Server and manages the
signatures to download for redistribution.
Send for Analysis Policy
The Send for Analysis policy enables you to specify detailed contact
information to be included with the information sent from your company
whenever a virus is submitted to Computer Associates for further analysis.
After you create a Send for Analysis policy, you may want to place it on the
Organization tree root folder, as it is typically the same for all computers.
You may also choose to change the default location for submitting an infected
file to specify an internal address in your organization. For example, multiple
infections of the same type can strike a large organization. By sending every
problem file to an internal administrator, you can monitor the occurrence of
infections and if you have already received a solution from Computer
Associates, there may be no need to pass the infected file any further.
Note: This policy type does not apply to NetWare.
The Send for Analysis policy provides the following subtab:
Policy
Virus Analysis Contact Information
Specified your company's contact information.
Email Policies
Create e-mail policies to specify how realtime components will protect your
Lotus Notes or Microsoft Exchange e-mail server.
The Notes Option integrates with eTrust Antivirus to scan for infections in
documents and email file attachments. Infected Lotus Notes attachments can
be automatically detected. This option also notifies the users through the host
messaging system whenever an infection is found.
Before you install the Notes Option, review the Readme file to verify that you
have the required software and hardware. You must also ensure that your
Lotus Notes Domino account has its user rights configured properly.
The Exchange Option integrates with eTrust Antivirus to scan for infections in
documents attached to email messages and folders. Use this option, to
automatically cure infected Microsoft Exchange attachments. The Exchange
Option scans all mail passing through the server.
The Exchange Option runs on the server where the Microsoft Exchange Server
resides. It can detect, cure, or block infected email attachments and prevent
them from spreading throughout your enterprise.
Before you install the Exchange Option, review the Readme file to verify that
you have the required software and hardware. You must also ensure that your
Microsoft Exchange account has its user rights configured properly and meet
the Exchange Full Administrator requirement.
Lotus Notes Email Policy Subtabs
You create Lotus Notes email policies by selecting Lotus Notes Email Policies
from the Type drop-down list on the Policy Management tab. When you select
this option, several subtabs appear on the right side of the Policy Management
page. The following subtabs allow you to specify the scan options for this
policy:
Policy
Scan
Lets you specify the scan engine, scanning direction, the thoroughness of
the scan, and the action to perform on detected infections.
Selection
Specifies files to include or exclude from scanning, and whether to scan
compressed files.
Notification
Lets you send an email notification when a detection occurs.
Microsoft Exchange Email Policy Subtabs
You create Microsoft Exchange email policies by selecting Microsoft Exchange
Email Policies from the Type drop-down list on the Policy Management tab.
When you select this option, several subtabs appear on the right side of the
Policy Management page. The following subtabs allow you to specify the scan
options for this policy:
Policy
Scan
Lets you specify the scan engine, scanning direction, the thoroughness of
the scan, and the action to perform on detected infections.
Selection
Specifies files to include or exclude from scanning, and whether to scan
compressed files.
Notification
Lets you send an email notification when a detection occurs.
Options
Specifies special scanning options and a timeout value for scanning your
Microsoft Exchange server.
Misc
Specifies log options, timeout value, and background scanning options.
Common Policy Types
Common Policy Types
Use the Policy Management tab to create and manage the following policies
that are common to eTrust Antivirus and eTrust PestPatrol:
Alert Forwarding
Creates customized alerts for multiple computers, reduces message traffic,
and minimizes the dissemination of notifications that are not critical.
Content Update
Specifies how and when you want to download program updates and
signature files.
Phone Home
Enables client computers to send their information to a specific Threat
Management Server, enabling that server to automatically update its
database with current information about the client.
The following sections contain additional information for each policy. For policy
procedures, see the eTrust Threat Management Console online help.
Alert Subtabs
The Alert Forwarding policy allows you to create customized Alerts for multiple
computers. Alert policies can help cut down on message traffic and minimize
the dissemination of notifications that are not critical. Alert policies may differ
for client computers and servers, depending on your organization's needs.
Note: Alert Forwarding is not available on Unix or OS X. On these platforms,
alerts can be sent to a user-defined shell script for further processing.
The Alert Fowarding policy provides the following subtabs:
Policy
Alert
Specifies where to send notification information and how frequently to
send it.
Alert Filter
Lets you manage notification severity levels, customize sets of notification
messages to be reported for different service components, and determine
the types of messages should be passed to the Alert Manager.
Common Policy Types
Content Updates Policy
The eTrust Threat Management Console lets you create a content update
policy that automatically downloads both product updates and signature files
for your eTrust Threat Management products. The download method for
gathering the updates is HTTP.
Note: If your eTrust Antivirus license expires you will be unable to download
content updates, which include the latest signature and DAT files, as well as
other program updates.
The Content Updates policy provides the following tabs:
Policy
Update Scheduler
Schedules the date, time, interval, and frequency updates occur.
Components
Lets you choose the product components and signatures you want to
update.
Download Settings
Specifies the source from which to collect the updates.
Redistribution Option
Enables a computer on your network to act as a redistribution server for
updates. This reduces network traffic by allowing other computers on your
network to collect their updates directly from the redistribution server and
can significantly reduce the amount of time that would otherwise be
required to update computers throughout the enterprise.
Note: Before a computer can act as a redistribution server, you must first
install the Redistribution Server option from the product media onto that
computer.
Legacy Redistribution
Enables computers running legacy versions of eTrust Antivirus to collect
their updates from a redistribution server running eTrust Antivirus r8.
Common
Specifies common communication settings.
Common Policy Types
How the Content Updates Work
When a scheduled content update job runs, your computer connects to the
first download source specified in Source list on the Server subtab. The update
job attempts to collect all of the components specified on the Components
subtab. If the connection cannot be established for some reason, such as
heavy network traffic, a connection failure, or a timeout, your system will go
to the next source on the list.
The content update job collects all the requested components that are
available from the first source before it connects to another source. If all of the
requested components are collected from the first source, the job finishes. If a
component is not available from the first source, your computer queries the
next source in the Source list. This process continues until all of the requisite
component updates have been retrieved for the different versions and
platforms of the components specified on the Components subtab.
If an update is not found, the computer automatically attempts the update
process five additional times at 5 minute intervals. If, after the fifth attempt,
the computer is still unable to get the updates, it waits until the next
scheduled update job, at which point it will automatically attempt to retrieve
updates again.
Note: Internet Explorer may prompt you to add the download source to your
list of trusted sites. For information on how to add a trusted site to your
Internet options, see Add a Trusted Site to Internet Explorer (see page 27).
Common Policy Types
How Redistribution Servers Work
You can use multiple computers, called redistribution servers, to distribute
content updates in an efficient manner. To make a computer a redistribution
server, you must first install the Redistribution Server from the product media,
then enable the Redistribution Server checkbox on the Redistribution Option
subtab.
Note: The redistribution server can only distribute policies for the eTrust
Threat Management products installed on that computer. This means if the
hosting machine only contains eTrust Antivirus, it can only distribute policies
for eTrust Antivirus and no other eTrust Threat Management products.
For example, one computer in your network can collect the updates from the
Computer Associates website. Other computers in different locations
throughout your network can connect to that computer to get the latest
updates. Those computers, in turn, can make the updates available to other
computers in their subnets.
In this scenario, the first source on the Source list could be a departmental
network server. The second source could be a server in a different
department. The third source could be an internal distribution server. Each of
these source computers must be designated as a redistribution server on the
Redistribution Option subtab.
Note: The role of the redistribution server is distinct from the role of the policy
proxy server. The redistribution server makes the content update available to
other computers. The policy proxy server distributes policy settings throughout
the network.
Common Policy Types
Considerations for Using UNIX and OS X Systems as a Redistribution Server
A UNIX system can serve as a Redistribution server both for other UNIX
systems and for Windows systems. To do this, the UNIX system must have
Samba installed. (Samba is a free third-party software package that enables
UNIX systems to interact with Windows systems using the UNC method. It is
distributed as part of some versions of UNIX, and it can also be obtained at
www.samba.org.) The Samba daemon (smbd) must be running, and INOUPD$
must be defined as a share in the Samba configuration file (smb.conf).
An OS X system can serve as a Redistribution Server for other OS X, UNIX,
and Windows systems. To do this, a share named INOUPD$ must be defined in
the Samba configuration file (/etc/smb.conf). The INOUPD$ share cannot be
password-protected. Here is a sample entry:
[INOUPD$]
path = /Library/Application Support/eTrustAntivirus/ino/Outgoing
guest ok = yes
browseable = no
read only = yes
Note: There is a space between the words Application and Support.
Common Policy Types
Phone Home Policy
The Phone Home feature enables a client computer to report information to a
specified Threat Management Server. It provides reverse discovery or "selfintroduction" functionality, where the client computer informs the server that it
is now present and active.
You can configure which Threat Management Server a given client computer
reports to and the frequency with which it reports to the server. The server
identifies the client and updates its database with the necessary client
information, such as the host name and the polling and broadcasting port
numbers.
Each time the client phones home, the Threat Management Server examines
the client and, if necessary, enforces policy and licensing checks. For example,
if any settings have been changed on the client computer so that they conflict
with the policies defined on the Threat Management Server, the values are
automatically reset on the client computer.
To use this feature, you do not need to know in which subnet a client resides.
If the subnet for a client does not already exist on the server, upon phoning
home, it is automatically added.
The Phone Home Policy provides the following subtabs:
Policy
Schedule
Specifies when and how often a computer will phone home to a specified
Threat Management Server. You can set up the client computer to report
to the server on a regular basis.
Additional
Specifies communication settings.
Using the Policy Management Tab
Use the Policy Management tab to perform the following tasks:

Create, modify, and delete policies

Assign or remove policies to or from a branch
The Policy Management tab provides the following subtabs:
Policy
Policy type subtabs
Specifies the policy settings for each type of policy. The subtabs displayed
change based on the type of policy you want to create.
Creating Policies
The policy options you specify from the eTrust Threat Management Console
can be applied to any computers in the branches of your Organization tree. In
addition, you can control whether the end user can change the options.
To access these policy options, select eTrust Antivirus from as the Application
drop-down list, and then the option you want from the Type drop-down list.
Subtabs appear on the right side of the tab for each policy type.
After you specify policy settings, the policy instance appears in the Policies list
area. When you select the policy instance, the settings for that policy appear
in the subtab on the right side of the tab. With the settings displayed, you
have the option to edit the settings.
For information about policy options, see the online help.
Assigning Policies
After you create a policy instance, you can apply the policy to a branch in the
Organization tree. To assign policy, select it from the Policies list area and click
Assign in the Assigned To area. In the Assign Branch dialog, select a branch
and click the right arrow. Repeat this process to assign the policy to more than
one branch. When all the branches appear in the right column of the Assign
branch dialog, click Assign Branches.
When you apply a policy to a branch, the policy applies to all the sub-branches
in that branch, and to all the computers in the branch.
Note: You can also assign policies using the Organization tab.
Viewing Assigned Policies
To see where a policy instance is applied, highlight the policy name in the
Policies list area. The branches to which this policy is applied will appear in the
Assign To area. You can remove a policy from a branch by selecting the branch
name in the Assigned To list, and clicking Remove.
If the policy is applied at the branch level, the branch name is listed. If the
policy is applied to a sub-branch, but not to the parent branch, the path of the
sub-branch is listed, in the form of branch/sub-branch.
Viewing Scheduled Job Policy Logs
When you select Scheduled Jobs from the policy type drop-down list, the Log
subtab appears in the lower portion of the Policy Management tab. Using this
subtab, you can view log result statistics for scheduled jobs.
For each scheduled job dispatch time, a log entry will be created for every
time the job ran. The log entry shows summary statistics on the number of
computers on which the job was run, along with success and error count
statistics. To get more detailed information for what transpired on a given
computer, click the log for each computer on which the job was run. Statistics
for scans on each computer include the total number of files scanned, the total
number of infections found, and the number of files cured.
Chapter 7: Working with Clients
This chapter contains information on managing individual computers using the
Client tab. You can find detailed descriptions for each option and procedures
for performing client-related tasks in the eTrust Threat Management Console
online help.
Managing Individual Computers
In many large enterprises there may be a need for a specific computer to
require a special set of policies that are different from the policies used to
manage other computers. Using the Client tab you can specify the special
policies that should be applied to an individual computer. Policies applied to a
specific computer using this method temporarily override any policies that you
apply to the branch in which the computer resides. However, the next time the
Threat Management Server discovers the computer, it will reset the policies
back to those applied to the parent branch.
If you have the need to define a permanent, special policy for a given
computer (one that the Threat Management Server will not reset), you can use
the following process to maintain policy control over that computer:

Create a special branch or sub-branch in the Organization

Place the computer(s) into the branch or sub-branch

Create the special policy

Assign the policy to the branch or sub-branch
The Client tab also lets you view the properties and logs for a specific
computer, and allows you to start, restart, or stop services.
Working with Clients 69
Using the Clients Tab
Use the Clients tab to perform the following tasks on a specific computer:

View client properties

Assign a computer to a branch

View scanning, distribution, and general events logs

View, assign, and modify policies

Start, restart, and stop eTrust Antivirus services

Purge logs
The Client tab provides the following tabs:
Properties
Lets you view information about a specific computer, assign policies to the
computer, and start, stop, or restart services.
Logs
Lets you view the logs of a specific computer.
Assigning a Computer to a Branch
You can use the Client tab to assign a computer to a branch by clicking Assign,
which is located on the Properties subtab. When you click Assign, the
Organization dialog appears and allows you to drill down to the branch or subbranch of the tree where you want to add the computer.
Assigning Policies to a Computer
Use the Properties subtab to apply policies to a specific computer. With the
computer displayed on the Properties subtab, click the Assign button for the
policy type you want to assign. A dialog appears listing all of the current
policies for that type. You can select a policy from the list and click OK. For
more information, see Managing Individual Computers (see page 69).
Managing Services
The Services Control area on the Properties subtab provides a convenient way
to access the Computer Associates eTrust Threat Management products
services running on the client computer. It is similar to the Windows NT
Services feature and can be used for managing background processes on the
Windows 9x operating system or for managing daemons under UNIX.
After finding a computer on the Client tab, click the Properties subtab to view,
start, and stop services.
The following services can be managed from the Services Control area:
eTrust ITM Job Service
Schedules background tasks such as scan jobs and content update
downloads. On Windows, this agent is InoTask.exe.
eTrust ITM Realtime Service
Provides realtime, on-access scanning. On Windows, this agent is
InoRT.exe.
eTrust iGateway Service
Provides the host service for the eTrust Threat Management Agent
interface.
eTrust ITM RPC Service
Listens for the administrative server's discovery and policy requests. On
Windows, this agent is InoRPC.exe.
eTrust ITM Server Service
Discovers clients and enforces policy throughout the network.
Note: This service only appears if the eTrust Integrated Threat
Management server component is installed on this computer.
eTrust ITM Web Access Service
Handles communication between the Java GUI layer and the native
function interfaces. On Windows, this agent is InoWeb.exe.
Note: This service only appears if the eTrust Integrated Threat
Management server component is installed on this computer.
Note: On UNIX and OS X, the agent names do not use the .EXE extension.
Viewing Logs
Use the Logs subtab to view the logs for a specific computer. You can locate
the computer whose logs you want to view by entering the name of the
computer in the Node Name field and clicking Find. Once the client is found,
click the Logs subtab and select the type of log you want to view from the
drop-down list. You can view the following types of logs:
eTrust Antivirus - Shell Scanner
Contains scanning logs for the client computer for scans initiated through
the Windows only Shell dialog, available from the Scan for Viruses option
of the right-click pop-up menu in Windows Explorer.
eTrust Antivirus - Realtime Scanner
Displays the Realtime Monitor scanning logs for the client computer.
Realtime scanning information is appended to the existing log, so there is
only one log entry for each day.
eTrust Antivirus - Scan Jobs
Shows a list of logs that contain the results of the scan jobs that have run
on your local computer. This includes both local and scheduled scans. For
each job, there is a scan log that contains the results for each time that
the job has run, listed by the date and time. If a job only runs one time,
you have one result log. If the job runs periodically, there is a unique
result log for each scan job. You can view the scan job logs for the local
computer, both locally initiated and remotely initiated. An authorized
administrator can view scan job logs for multiple computers, using the
eTrust Threat Management Console.
General Events
Displays logging information of general events for each day. You can also
see operating system error codes here. This category displays the
following types of messages:
Critical Message
This is the highest level message. It requires immediate attention once
logged. This message could mean there is a serious threat was
detected, or there is a problem with the service, such as an error
loading an engine.
Warning Message
This second priority message provides non-critical warning
information.
Informational Message
This type of message provides information on events such as a service
starting or stopping.
Distribution Events
Displays logging information of content distribution events for each
day. Events are recorded for any actions that occur during the content
update and distribution process. This includes details about connecting
to a distribution source, starting and stopping a download, and
information about whether the content has been downloaded
successfully.
Logs Stored in Standard Database Format
All log information is stored in a DB directory, in a file format that is accessible
by standard database tools that support the ODBC (Open DataBase
Connectivity) standards. This log file is named by the month, day, year, and
time of day that it is created and has an extension of .DBF (.dbf on UNIX and
OS X systems).
Collecting System Metrics Information
On Windows systems, the system metrics features let you collect information
about antivirus activity to analyze the impact of this activity across your
enterprise. The collection methods and features are as follows:

Command line utility for login scripts or schedulers

Monitoring realtime statistics with the Performance Monitor

Purging collected records
All log information is stored in a file format that can be accessed by standard
database tools, using the ODBC (Open Database Connectivity) standards.
Performance Monitor
Through the standard Windows NT, Windows 2000, and Windows Server 2003
Performance Monitor application, PERFMON, you can monitor realtime antivirus
activity.
The Performance Monitor, using counters, can monitor the following realtime
information:

Boot Virus Infections

Cure Errors

Cured Boot Virus Infections

Cured Files

Deleted Files

Found Virus

Infected Files

Moved Files

Renamed Files

Scan Error

Scanned computer

Scanned Files

Scanned Files in Archives
For more information about monitoring activity, see the appropriate Windows
Performance Monitor documentation.
Purging Logs
For each client computer, you can determine whether you want to save all logs
or delete them after a certain number of days. From the Client tab, you can
click the Assign next to Purging Logs in the Policies area of the Properties
subtab.
Chapter 8: Managing User Access
This chapter contains information on managing user permissions using the
User Management tab. For detailed information on user management options
and procedures, see the eTrust Threat Management Console online help.
Managing User Access 75
Threat Management Server Access Considerations
Administrators and users can be granted access to the Threat Management
Server and eTrust Threat Management Console based on existing user
accounts on the computer where the Threat Management Server resides or
elsewhere on the network.
Note: These access permissions apply to the Threat Management Server and
not to the management of the operating system of the computer where the
Threat Management Server resides.
The following types of accounts can have access to the Threat Management
Server:

The operating system administrator or root account on the computer
where the Threat Management Server resides

The account used to install the Threat Management Server (root user in
UNIX systems, a user with administrative privilege on OS X)

Authorized administrator accounts
The eTrust Threat Management Console's built-in security features let you
grant control to personnel charged with managing eTrust Antivirus in your
enterprise as needed, including providing a generic guest account, without
compromising operating system security. The access permissions for
authorized administrator accounts on the Threat Management Server are
independent of the authority granted to the account by the operating system.
Only valid, authorized administrator user accounts can access the eTrust
Threat Management Console to manage eTrust Antivirus. The management
functions the authorized administrator can perform are based upon the
permissions granted to that user account. Authorized administrator accounts
can, in turn, grant permissions to other accounts.
The authorized administrator defines a user's privileges in the eTrust Threat
Management Console by setting access permissions for that user. These
permissions are applied to the subnets and branches in the Organization tree.
When a user attempts to log onto the Threat Management Server, the server
examines these settings to determine if the user is valid and what permissions
he or she has. To do so, the Threat Management Server component consults
its own internal security table.
Operating System Administrator Account
The operating system administrator or root account on the computer where
the Threat Management Server resides is automatically granted full control of
the root categories of the Subnets and the Organization tree. This account,
therefore, has administrative control over both the Threat Management Server
computer and the features available from the eTrust Threat Management
Console. For Windows, this is the Administrator account. For UNIX and OS X
systems, this is an administrator account with root privileges. This
administrator account on the Threat Management Server can in turn assign a
user with a valid account on the Threat Management Server to an authorized
administrator account.
Threat Management Server Installer Account
Similar to the privileges that are automatically assigned to the operating
system administrator account, the account that installs the Threat
Management Server is also automatically granted full control of the root
categories of the subnets and the Organization tree.
If the account used to install the Threat Management Server is different from
the operating system administrator account, when you display the access
permissions, you will also see the separate installer account appear in the list
of user accounts. If the operating system administrator account is used to
install the Threat Management Server, then a separate installer account will
not be created.
Note: UNIX systems do not use a separate account to install eTrust Threat
Management products. The root user installs the product.
Granting Administrator Rights at Installation Time
In some cases, to manage computers in a large network, you might want to
grant administrator rights over many computers to the administrator of the
Threat Management Server. A Threat Management Server administrator is
automatically given administrative privileges on a client computer if the IP
address of the Threat Management Server is specified to the client computer
when the Threat Agents are installed. This can be accomplished by
customizing the inoc6.icf configuration file. This creates a trusted relationship
that lets an administrator put computers in branches without requiring
separate login and password information for each computer. For more
information, refer to the sample inoc6.icf file provided with the product.
On NetWare, you can set an approved Threat Management Server using
ETRUSTAV. In addition, the NetWare installation uses the INOC6.ICF settings,
which can be preset to use an approved Threat Management Server, as under
Windows.
Authorized Administrator Accounts
The operating system administrator account can grant access permissions to
other users that have valid operating system accounts on the computer where
the Threat Management Server resides, or to existing accounts on the
network. Users that are given these rights are referred to as authorized
administrators for the security network.
To connect to the Threat Management Server computer, a user must have a
valid account on the computer where the Threat Management Server resides.
Before a user can manage branch policies in the Organization tree, an
authorized administrator must first set access permissions for that user's
account. These permissions determine the user's ability to change policy
settings and perform other management tasks. Note that if the user wants to
add a computer to a branch, he or she must have administrative authority for
that computer.
Authorized administrator accounts do not have any special permission on the
operating system where the Threat Management Server resides. They can be
granted different levels of permissions within the eTrust Threat Management
Console; from full access to all features of the eTrust Threat Management
Console, to read-only access. You can set permission levels based upon the
needs of your enterprise. An authorized administrator has great flexibility in
assigning these access permissions.
Types of Access
Guest Accounts
You can create a guest account on the Threat Management Server for other
users to sign on to the Threat Management Server and use the eTrust Threat
Management Console. For example, on Windows NT or Windows 2000, you can
use the Guest account on the computer where the Threat Management Server
resides to create an account for authorized users to log onto the Threat
Management Server as needed. By copying the Guest account to a new
account and giving it a name of InoAdmin, for example. Then use the eTrust
Threat Management Console access permissions options to grant Full Control
to this new account. Users who then log onto the Threat Management Server
with this account are granted full control of the eTrust Threat Management
Console and its features, but have very limited access to the Windows
operating system on which the Threat Management Server is running installed.
Note: Whatever account you use as a model for a guest account will retain
any operating system permissions that it already has.
This method of using a guest account lets you provide access to the eTrust
Threat Management Console as needed, without the need to create a separate
account for each remote administrator who wants to access the Threat
Management Server. You may also create different types of generic accounts
with different levels of access, and make them available to administrators as
needed.
Types of Access
When a user connects to the computer that hosts the Threat Management
Server, the system first checks to see that the user has a valid account on the
computer. If it is valid, then access is granted to the eTrust Threat
Management Console, based on the permissions set for that user by an
authorized administrator.
Access rights Organization tree, policy, and subnet management. The following
table lists the types of access and the associated permissions:
Type of Access Permissions
None
User has no access.
Read
User has read access to the Organization and Discovery
tabs.
Access to view an object in the list and its associated
properties, but no access to make changes or move a
computer to a different category.
Types of Access
Type of Access Permissions
Change
User has change access to the Organization and the
Discovery tabs.
Access to see an object and its properties in the list, access
to make changes to the policy settings applied to a branch,
and ability to move a computer to a different branch.
Delete
User has access rights to delete the selected item.
Includes Change Permissions. Cannot add users.
Full Control
User has full control.
Can add users and grant access for managing access
permissions to other accounts.
Note: Permissions are cumulative. For example, a user with Change
permissions also has Read permissions. A user with Delete permissions also
has Change and Read permissions, and so on.
User Rights Characteristics
After access rights are applied for a user, these rights have the following
characteristics:
User
Identifies the user with access to the selected branch, including the
domain the user is in.
Rights
Indicates the access rights that the user has for that branch.
Reason
User rights can be inherited or specified:

Inherited indicates that the user rights applied to the branch have
been inherited from user rights applied at a higher level in the
hierarchy, such as the root of the Organization tree.
Specified indicates that the user rights applied to the branch have
been applied to this particular level of the hierarchy, such as the root
of the Organization tree.
Using the User Management Tab
Access Example for Different Accounts
The following table shows how different access rights can be assigned to
different accounts:
Authorized
Administrator
User 1
User 2
Organization tree
(root object)
Full Control
Change
Read
Accounting
Full Control
Change
Read
Sales
Full Control
Change
Read
Travel
Full Control
Change
Read
Branch
All the accounts in the example have access to the Organization tree. The
authorized administrator has full control. This account can manage all the
branches in the tree and can set policy for all the computers in the branches.
User 1 has change access, and User 2 only has read access. These rights
would apply to the policy and subnet management, as well.
Using the User Management Tab
Use the User Management tab to perform the following tasks:

View current users and their permissions

Add users and permissions

Remove users and permissions

Modify user permissions
The User Management tab lists current users in the Current Users area, and
provides options for adding new users in the Add user area. In addition, you
can delete existing users from the Current Users area by selecting a user and
clicking Delete. To modify an existing user, select the checkbox next to the
user's name, and click Edit.
Note: You can also view user permissions on the Organization tab by selecting
Permissions from the drop-down list.
Chapter 9: Generating and Viewing
Reports
This chapter contains information for generating and viewing reports from the
Reports tab of the eTrust Threat Management Console. For detailed
descriptions for each report option and report procedures, see the eTrust
Reports
The Reports tab provides access to a wide variety of reports. From this tab you
can generate and view reports for discovery statistics, managed machines,
scheduled jobs, Top 10 threats, categorized reports, and mail option reports.
Many reports provide color graphs, augmented by summary and detailed
information, as well. You can also view domain reports for computers in your
network that are grouped into domains that were discovered by the Threat
Management Server, whether they are running eTrust Threat Management
products or not.
The Threat Management Server generates the reports based on the
information collected from each client computer. You determine the start date
for the reports, and how often they are generated by using the Report
Scheduler options located on the Report tab.
Generating and Viewing Reports 83
Reports
Discovery Statistics Reports
The Discovery Statistics reports provide statistical information from the Threat
Management Server for all discovered computers, as well as those that have
expired. Expired computers are those that missed being discovered beyond the
number specified in Max Missed Discoveries option on the Discovery tab. You
can view these reports by clicking the Machine Information Report folder,
which contains the following reports:
Deployment
Displays a list of all eTrust Threat Management products currently
installed, grouped by operating system. If a Windows XP computer has
both eTrust Antivirus and eTrust PestPatrol installed, the report increments
both Antivirus and PestPatrol numbers by 1 for that operating system. If
the computer has only eTrust Antivirus, only Antivirus is incremented by 1
for that operating system.
Load Per Server
Displays the load on the downloads sources assigned for content update
download in the top three preferences. The report shows the number of
computers that have each server listed as a primary or a secondary
distribution source.
Load Per Policy
Displays the distribution load on a per policy basis. The report shows the
number of computers that have each policy listed.
Signatures
Displays the number of computers that have the virus and pest scanning
engines installed. It includes the engine name, number of computers with
the engine installed, as well as the counts for each signature or DAT file
version detected in the subnets.
Signature Exception
Displays the current version of the signature or DAT file versions for this
Threat Management Server, and using this information as a benchmark,
shows up to three out-dated signature versions detected for each engine
on discovered computers. Note that the most recent, not the oldest,
outdated version is shown.
Signature Exception Details
Displays the details of all computers with any of the three outdated
signature versions detected in the Signature Exception report. The
computer's name, IP address, and MAC address is shown, as well as the
Threat Management Server and branch to which the computer belongs.
Reports
Managed Machine Reports
The Managed Machines reports display information about managed and
unmanaged machines. Computers that have eTrust Threat Management
products installed and are being managed by this Threat Management Server
are considered managed machines. Computers that do not match this criteria
are considered unmanaged machines. The Threat Management Server must
have a discovery definition for the subnet where a computer resides in order to
manage it. The reports are generated by enumerating and comparing all
domains in a network to the discovered computers in the Threat Management
Server database. A match indicates a managed machine; otherwise, the
machine is unmanaged.
Domain Summary
Displays every domain detected, and the number of managed and
unmanaged machines for each domain.
Protected Machines Total
Displays information about the computers that have eTrust Threat
Management products installed, with details including domain name, IP
address, branch name, and product version.
Unprotected Machines Total
Displays information about the computers that do not have eTrust Threat
Management products installed, with details including associated computer
name and domain name.
Microsoft Windows Network
Displays managed and unmanaged machines, by domain name.
Reports
Scheduled Job Reports
The Scheduled Job reports displays summary information about the scheduled
virus and pest scanning jobs. The report contains the following information:
Machine Name
Name of the computer the job is pushed to by the Threat Management
Server.
Report Time
The time that the scan job reports back to the Threat Management Server
as completed.
Error
The number of errors encountered by the scan job.
Files Scanned
The number of files scanned by the scan job.
Files Cured
The number of files cured by the scan job.
Top 10 Reports
The Top 10 reports display the most widely detected threats on your network,
grouped into various time-frames. The time frame is calculated based on the
local time zone where Threat Management Server is located.
You can also view this information by computers and users. The following
reports are available:
Top 10 Virus Report
Displays a top-ten virus summary and a list of all viruses detected grouped
into time-frames.
Top 10 Pests Report
Displays a top-ten pest summary and a list of all pests detected grouped
into time-frames.
Top 10 Machines Report
Displays discovered computers most often infected by viruses and pests,
grouped into time-frames.
Top 10 Users Report
Displays user most often infected by viruses and pests, grouped into timeframes.
Reports
Categorized Reports
These reports are broken down into categories by subnet, branch, user,
computer, and by the action taken on the threat. The following reports are
available:
Per Virus Reports / Per Pest Report
Virus report displays detailed information for each virus detected. Pest
report displays detailed information for each pest detected. You can get
specific information about a particular virus or pest by clicking the virus or
pest name.
These two reports provide the following subdivisions:
By Subnet
Displays detailed information about the detected virus or pest using
the subnet category.
By Branch
the branch category.
By User
the user category.
By Computer
the computer.
By Action
the action category.
Per Pest Category Report
Displays detailed information about detected pests by pest category.
Note: When you view pest reports, such as the Per Pest Report, the
number of pest detections may appear as an alarmingly high number. This
is because a pest is typically made up of many different items (several
files, several key registries, etc.) and the total number of detected items
for each pest is reflected in the report.
Per Machine Reports
Displays summary information for each virus or pest found, categorized by
computer name.
Per User Reports
Displays summary information for each virus or pest found, categorized by
user name.
Reports
Mail Option Reports
The following reports are available for the Lotus Notes and MS Exchange mail
servers:
Per Virus Reports
Displays every virus detected on your email servers.
Per Machine Reports
Displays detailed information for every email server that has reported
viruses in emails.
Per User Reports
Shows detailed information for every email user that has reported a virus
or pest.
Forwarding Log Information
Forwarding Log Information
The reports you view on the Reports tab are generated by the Threat
Management Server. The threat detection reports are based on data that must
be collected from client computers. The following steps describe the
configuration process for collecting this data and generating reports:
1.
Configure the subnet definitions for your security network.
2.
Add the discovered client computers to the branches in your Organization
tree.
3.
Set up log forwarding, as follows:
Forward Logs from Client to Threat Management Server
On a client computer, set the Alert options to forward logs to the
Threat Management Server (or the policy proxy server if your network
is setup to forward in an escalation hierarchy level). If you plan on
generating reports per discovered threat, make sure to forward logs to
the Threat Management Server and set the Custom Notification to the
Malware Detection Report category on the Alert Filter tab. In addition,
select the service module from the specific messages you want
reported.
Forward Logs from Threat Management Server to Threat
Management Server
On a computer hosting a Threat Management Server, set the Alert
options to forward logs to itself. For generating reports per discovered
threat, make sure to forward logs to the Threat Management Server
and set the Custom Notification to the Malware Detection Report
category on the Alert Filter tab. In addition, select the service module
from the specific messages you want reported.
For more information about setting Report Alert options, see Using the
Alert Manager (see page 93).
4.
Use the Report Scheduler on the Reports tab to schedule the generation of
reports.
Using the Reports Tab
Using the Reports Tab
Use the options available on the Reports tab to do the following:

View reports, summaries, and graphs

Schedule the date, time, and frequency of report generation
When you first access the Report tab, you see the Application and Domain
Report Frequency options on the right side of the page. You can use these
options to schedule the generation and frequency of your reports.
The Reports tree that appears on the left side of this window helps you to
quickly browse through the available reports to select the report you want to
view. When you select a report, it appears on the right side of the page. Use
the Details and Graph subtabs at the top of the page to go from the report
data to the report graph. If you want to return to the Application and Domain
Report Frequency options, simply click the Report Scheduler link at the top of
the Reports tree.
Note: If you are unable to view report graphs, check the active content
setting in your web browser. For more information, see Enable Active Content
in Internet Explorer (see page 25).
Chapter 10: Managing Licenses
This chapter contains conceptual information for managing licenses for your
eTrust Threat Management products. For detailed descriptions for each
licensing option and procedures for performing licensing tasks, see the eTrust
How Licensing Works
The Threat Management Server acts as a license cache for the client
computers that it manages. The eTrust Threat Management products installed
on those clients are therefore relieved of having to directly interface with the
Computer Associates license servers to check licenses. The Threat
Management Server performs a daily verification of its licensing information
with the Computer Associates Licensing Server (over the Internet using a
secure SSL connection) and periodically examines the licenses in its cache to
ensure the information is current. Client computers can then validate their
license credentials through a simple, local RPC call to the Threat Management
Server.
If your company requires the use of a proxy server to access the Internet, you
can click the Proxy Server button at the bottom of the Licensing tab so the
Threat Management Server is aware of your Internet proxy server. This button
invokes the Proxy Server Configuration dialog, where you can easily specify
your server configuration.
Note: If your eTrust Antivirus license expires you will be unable to download
content updates, which include the latest signature and DAT files, as well as
other program updates.
Managing Licenses 91
Using the Licensing Tab
Using the Licensing Tab
Use the Licensing tab to perform the following tasks:

Activate or import license keys

Enter or modify registration information

View current license information and usage

Set up a license proxy server
The Licensing tab provides two methods for activating a license. You can use
the Activate a Key or Import License File buttons to use either method.
The Activate a Key method lets you enter both your registration and licensing
key manually. The Import License File method lets you browse to and select a
license file.
Until you activate your first key, the fields on the Licensing tab are empty.
Once you have entered a key and your registration information, the
information appears on the tab each time you access it. If you need to change
your license or registration information at later time, you will be prompted for
a password, which you specify when you enter your first license.
Checking Product Usage
The Product Usage area of the Licensing tab displays a graph that shows the
number of purchased licenses and their current status. The number along the
left of the graph indicates the total number of purchased licenses. The colored
bars indicate the following:

Green indicates licenses are valid for 30 days or more before there is a
licensing shortage.

Yellow indicates there are less than 30 days before there is a licensing
shortage.

Red indicates there are not enough licenses to protect all computers on
your network.
You can use this graph to check product and license usage. You can also get
summary information about licensing on the Dashboard tab.
Chapter 11: Using the Alert Manager
This chapter describes the use of the Alert Manager component. It contains
information about the alert settings that are integrated into the eTrust
Antivirus interface. Alert runs on Windows NT, Windows XP, Windows 2000,
and Windows 2003 systems. This chapter also describes the use of the Local
Alert Manager settings on UNIX and OS X systems.
Alert Features
The following Alert features let you receive information and messages from
client computers:

Remote management and configuration of Alert Service

Clients can send alerts using IP, in addition to the standard IPX protocol

Messages contain full paths of any virus-infected files
Basic Components
The basic components of Alert include the following:
Alert Service
Service that receives, processes, and distributes Alert messages.
ALBUILD.DLL
DLL that acts as the channel between Alert and other applications. This
should be located in the home directory where the software is installed.
Alert Manager
User interface you use to configure how Alert sends its messages.
Using the Alert Manager 93
Alert Forwarding Policy
You can create alert policies that match to your systems and their uses. A
policy for a workstation may be configured differently than one for a server,
and another may be configured for the Threat Management Server, based on
the roles each of these device types. You can send critical, warning, and
informational alerts.
An Alert Forwarding policy should be created to forward all alerts to the Threat
Management Server. Additionally, a policy should be defined so that the Threat
Management Server forwards alerts to itself. This forces the alert to be written
to the Threat Management Server’s alert database. On the Threat
Management Server, you should further specify policies pertaining to missed
polls and discovery timeouts.
Additionally, you should establish an alert policy to send realtime alerts to the
Alert Manager for handling. By default, each connected client will get a
notification message when malicious code is found, even though only one of
the clients triggered the alert. To minimize confusion, it is good practice to
disable the Realtime Pop-up Messages option on the Advanced subtab in the
Realtime Monitor policy and instead have the realtime alerts sent to the Alert
Manager for handling. This ensures that the alerts will be directed to the right
location where they can be handled most efficiently.
Note: If you are using the eTrust Security Command Center Integration Kit,
you must have a policy on the Threat Management Server to forward all
events to itself and policies on the client machines to forward all their events
to the Threat Management Server.
You set Alert Forwarding policy using the following settings:
Alert Subtab
The Report To options found under the Alert subtab define where the alert
messages should be sent. Alerts will be sent based on the configuration of
the Alert Manager. Choosing Local Alert Manager requires that the Alert
Manager is installed locally on the desktop or server. Choosing Event Log
lets you use the Windows Event Logs to review the alerts. On the server
running the Alert Manager, you must have a policy in place to send all
received alerts to the Local Alert Manager.
You need to send alerts to either a server acting as an event queue or
directly to a server running the Alert Manager service. Enter the
appropriate server name in the Machine Name field. The Forward to client
name field is used to forward the alerts to another computer.
The Queue Up value is used to queue alert messages before forwarding.
For testing the installation, it is recommended that the Queue Up value of
10 be decreased to 0 or 1. By reducing this value, messages are delivered
more quickly, reducing testing time. Set the value at 1 to provide a
immediate issuance of alerts. Time Out values specify the amount of time
after which messages are sent regardless of whether the Queue Up value
has been reached. For example, if the Queue Up value is set to 10, after 5
minutes, any messages in the queue are forwarded even if the queue is
not full.
The last value is the Skip Older Than value, which removes any message
in the queue older than the value indicated.
Alert Filter Subtab
The Alert Filter subtab offers you the option of receiving all informational,
warning, and/or critical alert messages generated. Alternately, you can
select specific alerts in the custom notification options. By selecting only
those alerts you require, you reduce excessive and unnecessary alerts
thus improving the signal to noise ratio that administrators will be working
with.
For example, you may want to send critical alerts only. This can easily be
accomplished using the Alert Filter Subtab. If you select custom alerts,
you can further customize your policies and choose from a list of alerts.
At a minimum, it is recommended that you always send critical alerts. The
following is a suggested list of alerts to select:
Workstations:

Malware Detection Report

Local Scanner

Realtime Scanner

Job Server
Servers:

Malware Detection Report

Local Scanner

Realtime Scanner

Job Server
–

Information - Scheduled Scan Job (%s) has been cancelled
ITM Server
–
Critical – Select the database errors
–
Information – The Threat Management Server has stopped
–
Critical – A poll to subnet %1 timed-out
Alert Manager
Note: Alert policies must be defined for in order for several of the reports
provided with the product to function. Without the data provided by these
alerts, there will be no data to report against.
For more information about creating Alert Forwarding policy, see the Alert
online help.
Alert Manager
The Alert Manager is a centralized management component that sends alerts
generated by the client computers and servers running eTrust Threat
Management products to other destinations. The Alert Manager receives alerts
based on the Alert Forwarding policies that you deploy. The following graphics
shows the Alert Manager interface:
Sending Alert Emails
Sending Alert Emails
There are a number of settings available when configuring the Alert Manager.
The following three options are available for sending alert messages by email:

Lotus Notes

Microsoft Exchange

SMTP
Use the SMTP option if you are not running Lotus Notes or Microsoft Exchange,
or you do not want to configure those options within the Alert Manager. The
SMTP options only require an email address and a valid user's name. Once an
alert is received, it will be sent to the specified email address.
Alternately, you can configure the Lotus Notes and Microsoft Exchange
options. There must be a Microsoft Outlook (MAPI) client installed on the
computer running the Alert Manager. The credentials used to log into the client
should be those of a member of the mail administrator’s group with the
appropriate service rights. Contact your mail administrator for assistance in
setting up the MAPI client with the appropriate credentials.
You can send alerts through a broadcast message to a user's screen, a printer,
or an event log. Numeric and alphanumeric paging is also offered using dialup
or email. To do this, you need a modem in the computer and a telephone line.
If you know how to alert someone using a pager, you can take advantage of
SMTP also.
Sending Alerts to Unicenter and eTrust Security Command
Center
You can also integrate the Alert Manager with Unicenter, eTrust Security
Command Center, and/or eTrust Audit. Unicenter provides enterprise network
management, offering a centralized console and automated actions that can
be performed in response to the event being detected. Activating the Alert
integration to eTrust Security Command Center or eTrust Audit enables the
alerts to be sent to the eTrust Audit collectors. Once received by eTrust Audit,
the eTrust Audit facilities can be used to further filter and relate these
messages with other events, initiating specific actions, including the sending of
other alerts.
Additional integration can be achieved with eTrust Audit and eTrust Security
Command Center using the Product Integration Kits (PIKs), which are included
with eTrust Security Command Center. For more information about integrating
with eTrust Audit or eTrust Security Command Center, see the appropriate
product’s documentation.
Running the Alert Manager
Running the Alert Manager
You can use the Alert Manager to select a remote computer to manage alert
messages. Before you start Alert, you must establish a Service Account
connection and select a remote computer.
Alert Manager Tree
The Alert Manager tree has two main branches: Activity and Configuration.
Under Activity, a historical listing of alerts (Activity Log) is accessible. When
you select the Alert Summary option, the current status of Alert is shown.
Every message generated by Alert is stored in the Event Log. You can view,
print, or clear these logs. For directions, see the Alert online help. You can
configure the Event Log destination so that Alert will put an event for a
selected server in the Event Log of that computer.
Under Configuration, the Ports object lets you configure communication ports.
The Default object lets you configure default settings used by all applications
that use the Alert service. You can also enter configuration information
specifically for an individual application, which will override the default Alert
configuration. eTrust Antivirus, a third object, is packaged with the Alert
Manager and is an instance of this.
All applications calling Alert specify one of the following Event Priorities:

Critical

Warning

Informational
Alert Manager Tree
Configuring Communication Ports
The Ports object, located under the Configuration branch, contains
communication port profiles. The following port configurations are used by the
Pager and any function that utilizes serial port access:
Port
The name of the communications port you want the pager message to be
broadcast from.
Baud Rate
The baud rate being used by your modem.
Parity
The parity setting, none, odd, or even, of your modem.
Data Bits
The number of data bits, 7 or 8, that your modem uses.
Stop Bits
The number of stop bits, 1 or 2, that your modem uses.
Configuring Alert Settings
You can configure various methods for sending your alert messages.
Broadcast Option
The Broadcast option is located under the eITM object in the Configuration
branch. Alert broadcasts can be sent to specific network users or groups. To
learn about adding broadcast recipients, see the Alert online help.
Unicenter TNG Option
The Unicenter TNG option is available from the CA Unicenter object, located
under the eITM object in the Configuration branch. The Unicenter TNG option
makes it possible to send a message to the Unicenter TNG console or the
Unicenter TNG WorldView repository, or both, when an alert is generated.
Note: The Alert application must run on both the Event Management machine
as well as the Unicenter TNG WorldView machine.
For information about how to send a message to the Unicenter TNG Console,
or to the Unicenter WorldView repository, or both, refer the Alert online help.
Alert Manager Tree
Sample TNG Alert Scenarios
Sample scenarios of tailoring Alert messages sent to the Unicenter TNG
Console are described in the subsequent topics.
Example 1
If you want to send informational alerts to the Unicenter TNG Console using
blue text, for example, configure a recipient as follows:
Option
Setting
Application Event Priority
Informational (display-only)
Severity
Informational
Color
Blue
Send to console
Selected
In the TNG WorldView group:
Selected
Update object status in
WorldView repository
Example 2
If you want to send error alerts to the Unicenter TNG Console using red text,
and have the object status in the WorldView repository updated, configure
another recipient as follows:
Event Priority
Description
Application Event Priority
Critical (display-only)
Severity
Error
Color
Red
Send to console
Selected
In the TNG WorldView group:
Selected
Update object status in
WorldView repository
Alert Manager Tree
eTrust Audit Option
The eTrust Audit option is located under the eITM object in the Configuration
branch. Use the eTrust Audit option to send a message to the eTrust Audit
Viewer or Security Monitor when an alert is generated. Use the Recipients
(Routers) dialog box to add a domain or an individual server to the recipient
list.
Email Option
The email option is available as either the Lotus Notes or the Microsoft
Exchange option, located under the eITM object in the Configuration branch.
The email option is used to send email messages to specific users.
Important! The Microsoft Exchange or Lotus Notes Client must first be installed
on your computer in order to be able to send messages or enter configuration
data on this screen. Consult the appropriate Windows documentation for
instructions about how to set up your email account.
Pager Option
The Pager option is located under the eTrust Antivirus object in the
Configuration branch. The Pager option is used to a send a numeric or
alphanumeric pager message. When you highlight the Pager option, the
current list of recipients appears. To learn how to add pager recipients, refer to
the Alert online help.
Note: Before you can add pager recipients, you need to configure your
communications ports.
Note: When sending an alphanumeric page, consult your pager manual for
proper modem settings.
Interpreting the Pager Message
There are several messages similar to the ones below that can be sent to an
alphanumeric pager. Words that appear in italics are filled with an actual user
name, workstation address, path and file name, virus name, or server name.

Boot Virus Detected (username at workstation address)

Manager Detected a Virus [virusname] in [path] (username at workstation
address)

Infected File [servername/path] Detected

Infected File [path] Accessed by username at workstation address
Alert Manager Tree
SMTP Option
The SMTP option is located under the eITM object in the Configuration branch.
Use the SMTP option to provide information for Alert to send messages using
SMTP (Simple Mail Transfer Protocol). You can enter an email address for a
recipient and send the message over the Internet.
SNMP Option
The SNMP option is located under the eITM object in the Configuration branch.
You can use the SNMP option to send an SNMP ‘trap’ (message) to an SNMP
manager. Examples of SNMP managers include Unicenter, NetWare
Management System (NMS), HP OpenView, and IBM Netview.
The Alert online help explains the fields on the SNMP Configuration window
and how to use them.
Trouble Ticket Option
The Trouble Ticket option is located under the eTrust Antivirus object in the
Configuration branch. Trouble Ticket is used to alert users through a printed
document.
Testing the Recipients
You can click Test on the toolbar to test any of the Alert messaging functions
without an actual “alarm” condition. For more information about this, see the
Alert online help.
Note: You must test any features after the configuration is completed. Be sure
to inform any Alert recipients that a test is taking place.
Local Alert Manager for UNIX and OS X Systems
Local Alert Manager for UNIX and OS X Systems
Under UNIX and OS X, you may use the Local Alert Manager setting to send
notification information to a shell script that you write yourself. The script then
takes any action you indicate, such as sending an email to a specified address
when the eTrust Antivirus detects a virus.
Use the script InoSetAlert to specify the name of the script that you want to
run when an alert is generated. For example, the command below causes
/home/myfiles/myscript to be used as the alert script:
InoSetAlert /home/myfiles/myscript
The following command turns the feature off:
InoSetAlert -delete
Under OS X, you can also indicate an alert script to be run in the eTrust
Antivirus Preference Options panel that can be run from System Preferences
panel.
eTrust Antivirus sends specific information, which it receives as standard script
arguments such as $1, $2, and so on, to the script. These arguments, in
order, are:
1.
Time of the event (as a string, such as "10:15:20 AM 22-Jan-2001").
2.
Code number for the event. The code number for a virus detection by
Realtime is 26.
3.
The severity of the event: 1=Information, 2=Warning, 3=Error.
4.
The name of the node on which the event occurred.
5.
The text of the message generated by eTrust Antivirus.
Appendix A: Using the Command Line
Scanner Inocmd32
Command line scanners are provided for most of the platforms supported by
eTrust Antivirus.
On Windows systems, use the INOCMD32.EXE Command Line Scanner to
perform scans from the command line. Scan results are displayed on the
screen during the course of the scan, and are also saved in the scan log for
viewing or printing at a later time.
On UNIX systems, which are case-sensitive, and on OS X systems, use the
command inocmd32.
Note: On eTrust Antivirus 7.0 or 7.1 for NetWare, use the ETRUSTAV console
application to perform scanning. For more information, see Using the
ETRUSTAV Console Program (see page 147).
The command syntax for INOCMD32 is:
inocmd32 [-options] file|directory|drive
Each option is preceded by a dash -. Some options have associated action
choices.
Specify at least one file or directory to scan. On Windows systems, you can
specify a drive to scan.
Examples:
inocmd32 -ACT cure -SCA mf -LIS:myscan.txt c:\temp
This command invokes the INOCMD32 Command Line Scanner to scan the
drive and directory c:\temp, sets the file action ACT to Cure, sets the special
cure action SCA to Move File if Cure Fails, and sends the scan results to a file
named myscan.txt.
inocmd32 -NEX -ARC /home/myfiles
This command invokes inocmd32 to scan the UNIX directory /home/myfiles
and all its subdirectories, and to scan archive files, which are identified by
their contents rather than their names.
Using the Command Line Scanner Inocmd32 105
Scanner Options for Inocmd32
The following scanner options are available for Inocmd32:
ENG engine
The type of engine to use:
Ino
The InoculateIT engine.
Vet
The Vet engine.
MOD mod
Scan mode. Use MOD to set the scan Safety Level.
Secure
Use the Secure mode as the standard method for scanning files
completely.
Reviewer
If you suspect you have an infection that is not being detected by the
Secure mode, you can use the Reviewer mode.
Default: Secure
ACT action
Infected file action. Specify what to do with an infected file. Use one of the
following action options:
Cure
Attempt to cure an infected file automatically. Even if the infected file
is cured, we recommend that you delete the infected file and then
restore the original file from a backup.
Rename
Automatically rename an infected file. With this option, an infected file
is renamed with an AVB extension. Infected files with the same name
are given incremental extensions in the form AV#. For example,
FILE.AV0, FILE.AV1, and so on. After a file is renamed with an AVBtype of extension, it is not scanned subsequently.
Delete
Delete an infected file.
Move
Move an infected file from its current directory to the Move folder.
Default: Report Only
EXE
Scan specified files only. The list of file extensions indicated by the
Specified Extensions Only option for regular files in the interface
determines which files are scanned.
EXC
Exclude files from scanning. The list of file extensions indicated by the All
Except the Specified Extensions option for regular files in the GUI
determines which files are excluded from the scan.
ARC
Scan archive files. Use this option to scan compressed files.
ARF
Apply extension filter to the contents of archived files.
NEX
Detect compressed files by content, not by file extension.
NOR
On Unix, skip remotely mounted file systems.
NOS
No subdirectory traverse. Use this option to exclude from the scan the
subdirectories in the specified directory.
FIL:pattern
Only scan files that match pattern. Use shell wildcard patterns to select
files to scan.
Example: The pattern *.doc will scan only files with a .doc extension.
SCA action
Special Cure Action. Use this option when the ACT action is set to Cure.
Use one of the following SCA actions.
CB - Copy Before
A copy of the original file is made, and the copy is moved to the Move
folder before the cure is attempted.
RF - Rename if Cure Fails
If a file cannot be cured, it is renamed with an AVB extension.
MF - Move if Cure Fails
If a cure fails, the infected file is moved from its current directory to
the Move folder.
MCA action
Macro Cure Action. Use one of the following action options.
RA - Remove All
All macros are removed from the infected file.
RI - Remove Infected.
Only the macros that contain infected code are removed from the
infected file.
SPM mode
Special Mode. Use this option to run a scan with one of the following
modes:
H
Specifies the Heuristic engine to scan for unknown viruses.
P
Applies actions set by the ACT switch to archived files.
SFI
Stop at first infection in archive. If this option is in effect and an infected
file is found as files are extracted from a compressed file, no additional
files in the archive are scanned.
SMF
Scan migrated files on Windows and NetWare systems. Use this option to
scan files that have been migrated to external storage. With this option in
effect, files that have been backed up are restored to the local drive and
scanned. If this option is not in effect, and there is an entry in a directory
for a file that has been backed up and moved off the local drive, the file is
not scanned.
SRF
Skip regular file scanning of archives. If you use this option, compressed
files are not scanned.
BOO
Windows system boot sector scan. The default setting is to Report Only.
Use the ACT option to set this option to cure boot sector infections.
MEM
On Windows systems, scan memory. Scan for infections in programs
currently running in memory.
LIS:file
Use this option when you run a scan and send the scan result list to a
specified file.
APP:file
Append scan report to file. Use this option when you run a scan and
append the scan result list to an existing specified file.
SYS
On Windows systems, enable system cure. Use this option to invoke the
system cure facility for any infected file(s) that are found and which have a
system cure associated with them. Please refer to the virus encyclopedia
on the Computer Associates web site for current information about viruses
and associated system cures. Note that in some cases, you must reboot
your computer for a system cure to take effect.
VER
Verbose mode. Use this option to display detailed scan information.
COU
Activates the file counter. Use this option to return a message after 1000
files have been scanned. The message is repeated each time 1000 files are
scanned.
COU:number
Activates the file counter and sets it to the value indicated. Use this option
to return a message after the indicated number of files has been scanned.
The message is repeated after the indicated number of files has been
scanned.
SIG
Signature. Use this option to display signature version numbers.
SIG:dir
Signature directory. Use this option to display signature version numbers
of engines in the specified directory.
HEL or ?
Display command line help.
Appendix B: Creating Custom Reports
Note: The information in this Appendix applies only to Windows.
The reports available from the Report tab in the eTrust Threat Management
Console are XML files and are stored in the \Program Files\CA\eTrust
Antivirus\Avreports directory. You can customize the output of these reports
by editing the sample XSL stylesheet, also contained in the \Avreports
directory. To set up a schedule for reports, you can use the CfgReport.exe
utility, located in the eTrust Antivirus directory. The default report schedule is
daily for virus reports and every other day for domain reports.
You may also use the CA-InfoReports utility to create reports from various
areas of the eTrust Antivirus database. This utility functions in a similar
manner to other available reporting solutions.
You can install CA-InfoReports from the product media from the
\bin\support\report\CA InfoReports directory. We recommend that you install
CA-InfoReports on your desktop for ease of access and use.
Note: You must copy the \Program Files\CA\eTrust Antivirus\DB directory to
your local drive before generating reports. This ensures that the hash store
protecting the database does not become corrupted. Should it become
corrupted, you can restore the database from a previous tape copy or create a
clean database and rebuild your policies and hierarchical structure.
You should copy the database to the same directory, as you will have to create
an ODBC connection for access by the CA-InfoReports solution.
The following reports are included:
AdminClient.rep
Reports all computers configured with the eTrust Antivirus Admin Client.
AdminServer.rep
Reports all computers configured with the eTrust Antivirus Admin Server.
InoculateITEngine&Signature.rep
Reports all computers with their current version information for the
antivirus engine and signature for the InoculateIT signature update.
InoculateITSignature.rep
antivirus signature for the InoculateIT signature update.
Creating Custom Reports 111
Misspoll.rep
Reports those computers that have missed their discovery poll. Discovery
is the polling process that obtains computer and signature version
information for management in the Threat Management Server.
Policy Violation.rep
Reports those computers that have performed policy violations in relation
to the policies currently configured on the computer.
VetEngine&Signature.rep
antivirus engine and signature for the VET signature update.
VetEngineSignatureVersion.rep
antivirus signature for the VET signature update.
Additionally, a program called Report Builder.exe is included in
\bin\support\report, which can be used to create custom reports from the data
within the database.
If you want to create custom reports, they can be generated out of the Threat
Management Server database. This is accessed through an ODBC connector.
The schema of the database is described in Name Server Database (see
page 117).
Set Up the ODBC Data Source
To set up the ODBC data source, follow these steps:
1.
Choose Settings, Control Panel from your Windows Start menu. In the
Control Panel, choose Administrative Tools and then Data Sources (ODBC).
The ODBC Data Source Administrator dialog displays:
2.
Click the System DSN tab and then click Add.
The Create New Data Source dialog displays:
3.
Select Driver do Microsoft dBase(*.dbf) and click Finish.
The ODBC dBase Setup dialog displays:
4.
Enter a descriptive name, such as eTrust Antivirus Database, in the Data
Source Name field. Click to deselect the Use Current Directory check box,
and then click Select Directory.
The Select Directory dialog displays:
5.
Browse to the C:\Program Files\CA\eTrust Antivirus\DB\Tree directory and
click OK.
6.
Click OK in the ODBC dBase Setup dialog.
7.
Your ODBC Data Source Administrator dialog displays as follows:
Install the InfoReports Interface
8.
Click OK.
The ODBC connector is now set up.
Install the InfoReports Interface
CA InfoReports is on the product media in the \bin\support\report directory.
To install the InfoReports interface, follow these steps:
1.
When you are prompted to install the InfoSuite and the Threat
Management Server, click OK to both.
2.
Select the pieces you want to install. You must install InfoReports at a
minimum. You can install InfoReports Administrator, Sample Reports, and
On-Line Documentation.
3.
Copy the sample reports to the InfoReports working directory so you do
not have to browse for them, which makes reporting easier.
Note: When you open a sample report to create a new report, remember to
select your new DSN as the data source. To view a report, you can choose
File, Print Preview in the interface.
Name Server Database
This section explains the meaning of DBF files used in the Name Server
database. It discusses the fields and their meanings, and their referential
integrity. It is designed to give users a better understanding of the database
so that they can retrieve information that cannot be viewed from the user
interface. Users can build reports according to their specific interests to query
information from the Name Server database.
The Name Server database is made of 11 DBF files. Each DBF file contains a
table in the Name Server database.
User can use Computer Associates’ InfoReport Builder to build a report. Other
vendors’ software can also open the DBF file as long as they support ODBC
source type and dBase files.
Nine example reports build on InfoReport Builder:

AdminClient Report: Gives details about all the AdminClient of InoculateIT.

AdminServer Report: Gives details about all the AdminServer of
InoculateIT.

InoculateITEngine&Signature Report: Gives details about all computers
have the engine and signature version specifies by the user.

InoculateIT Signature Report: Gives details about all the computers have
signature version specified by the user.

Misspolls Report: Gives the total and details of the computers miss the poll
x times. The user specifies X.

PolicyViolation Report: Gives details about all computers violate the policy
specified by the user.

VetEngine&Signature Report: Gives details about all the computers having
the Vet Engine Version and Signature specified by the user.

VetEngineVersion 1 Report: Gives details about all the computers having
signature version higher than the version specified by the user.

VetEngineVersion 2 Report: Gives details about all the computers having
signature version lower than the version specified by the user.
Note: It is very important to copy your database files reside in the directory of
InoculateIT into the working directory of CA InfoReport. Otherwise, no report
can be generated from the examples.
InoculateIT database path (default): C:\Program Files\Computer
Associates\InoculateIT\DB\Tree
CA InfoReport working path (default): C:\infosuite\working
The Leaves.dbf file is needed for the nine report examples to work. Leaves.dbf
can be found in the path C:\Program Files\Computer
Associates\InoculateIT\DB\Tree\leaves.dbf.
To use the examples, follow these steps:
1.
Run CA InfoReport.
2.
Open the examples using CA InfoReport.
3.
Choose File, Print Preview to view the result of the report.
Example files:

AdminClient.rep

AdminServer.rep

InoculateITEngine&Signature.rep

InoculateIT Signature.rep

Misspoll.rep

PolicyViolation.rep

VetEngine&Signature.rep

VetEngineVersion 1.rep

VetEngineVersion 2.rep
Database Structure
The following is the structure of the Name Server database.
Note: The following diagram illustrates the structure of the database and is an
accurate representation of how eTrust Antivirus data is organized. It does
constitute a thorough representation of how data is accessed or manipulated
by the product software implementation level proper. What follows is accurate,
illustrative description that helps explain the overall organization of the
database.
ANALYSIS.DBF
This file contains the analysis policy records.
Field
Type
Description
KEY
Character
Uniquely identifies the analysis policy record.
SENDADDR
Character
E-mail address of the receiver.
SUBJECT
Character
Subject of the e-mail.
AUTOSEND
Integer
Indicates auto status.
RPLYADDR
Character
Reply e-mail address.
COMPANY
Character
Company name of the sender.
COMPADDR
Character
Company address of the sender.
PHONE
Character
Phone number of the sender.
SITE
Character
Site ID of the sender.
CONTACT
Character
Contact Name.
computer
Logical
computer Name.
IPADDR
Logical
IP Address.
Field
Type
Description
USERNAME
Logical
User Name.
UPDATE
Integer
Last Update.
DESC
Character
Description of the policy.
ENFORCED
Logical
If this bit is set, then the entire
SENDFORANALYSIS field is cared about.
LOCKED
Logical
If this bit is set, then the analysis settings should
be locked down.
SMTP
Character
The name of the SMTP server to send to.
Integrity: None
AUTH.DBF
This file contains the rights that have been given to users. The local
administrators and domain administrators will not appear in this DBF, since
their access cannot be altered. There must be only one record for each
USER/ID combination.
Fields:
Field
Type
Description
USER
Character
Contains the SID in NT, or the user ID in Unix.
ALLOW
Integer
A bitmap with each set bit granting the user a right.
DENY
Integer
A bitmap with each set bit revoking a right for the
user. If a right is both granted and denied, the right
is denied.
ID
Character
A GUID that identifies the object the object applies
to. Currently, this may be a branch ID, a hardcoded GUID that identifies all subnet objects, or the
null branch ID, which does not grant or deny access
to anything, but is used to allow a user to be
contained in the user database.
Integrity:
Field
Description
USER
Must contain a valid SID or user ID for the local system.
Field
Description
ID
Must contain a branch ID, the all-subnets ID, or the null branch
ID.
BRANCHES.DBF
This file contains the branches within the Name Server’s database.
Fields:
Field
Type
Description
KEY
Character
Contains the unique ID of the branch.
NAME
Character
The display name of the branch.
PARENT
Character
Contains the ID of the parent branch. If and only
if the branch is the root branch, PARENT will be
the same as KEY.
UPDATE
Integer
Last Update.
FLAGS
Integer
Currently always 0.
Integrity:
Field
Description
PARENT
Must be a valid branch ID.
GENERIC.DBF
This file contains the data common to all variable length policies. Currently,
these are the real-time and distribution policies. This DBF makes it easy to
use structures that actually control the application as policies.
Fields:
Field
Type
Description
KEY
Character
Contains the unique ID of the policy.
DESC
Character
The description of the policy.
UPDATE
Integer
Last update.
CARE
Character
Contains the care bits of the policy.
TYPE
Integer
The type of policy pointed to by KEY.
Integrity: A policy file must exist for every key, and the type of the policy
must be the same as the TYPE field.
JOBS.DBF
This file contains a record for each scheduled scan job.
Fields:
Field
Type
Description
KEY
Character
Contains the unique ID of the job.
NAME
Character
The description of the policy.
UPDATED
Integer
Last update.
JOB
Integer
Contains the ID of the job in the job queue.
Integrity: None
JOBITEMS.DBF
This is a file contains the responses from the computers for the particular run
of the scheduled scan job.
Indexes: None
Fields:
Field
Type
Description
LEAF
Character
Contains ID of the computer that responded.
BOOTINF
Integer
BootVirusInfections field.
BOOTINFC
Integer
BootInfectionsCured field.
SCANNED
Integer
FilesScanned field.
FOUND
Integer
VirusFound field.
INFECT
Integer
FilesInfected field.
CURED
Integer
FilesCured field.
DELETED
Integer
FilesDeleted field.
MOVED
Integer
FilesMoved field.
RENAMED
Integer
FilesRenamed field.
ARCSCAN
Integer
ArchiveScanned field.
Field
Type
Description
FINARC
Integer
FilesInArcScanned field.
SERROR
Integer
ScanErrorFiles field.
CERROR
Integer
CureErrorFiles field.
ELAPSED
Integer
The number of seconds that it took for the computer to perform the
scan.
TIME
Character
The FILETIME that the computer started the scan, encoded as a date.
ERROR
Integer
The error code obtained when submitting the job on the computer. If
the error code is -1, then the computer accepted the job, but never
responded back.
Integrity:
Field
Description
LEAF
Must contain a valid computer ID.
LEAVES.DBF
This file contains a record for each computer in the Name Server database.
Note:
For field OSCODE the corresponding number is:

Windows 9x:
1

Windows NT/2000: 2

Solaris:
125

Linux:
126
The bit mask for VIOLATION field :
Real-time Policy Violation:
Ox0001

Distribution Policy Violation:
Ox0002

Analysis Policy Violation:
Ox0004

Alert Policy Violation:
Ox0080
Fields:
Field
Type
Description
KEY
Character
Contains the unique ID of the computer.
BUILD
Integer
Build number of eTrust Antivirus found on this computer.
EVIOLATION
Integer
For each set bit, the leaf violates some setting policy of the tree, but it
does because when the policy was established, the RPC call to change
the settings of the computer failed.
HOST
Character
Host name.
VIOLATION
Integer
For each set bit, the leaf violates some setting policy of the tree.
IPADDR
Character
IP address.
MISSED
Integer
The number of polls this computer has missed since the last time it
responded to a poll.
NAME
Character
Name of the computer.
OSCODE
Integer
The code of the operating system of the computer.
OSVER
Integer
Version of the operating system.
PORT
Integer
The port number used by eTrust Antivirus.
SIGCNT
Integer
The number of valid signatures.
Field
Type
Description
SIG1
Character
eTrust Antivirus engine version.
SIG2
Character
eTrust Antivirus signature version.
SIG3
Character
Vet engine version.
SIG4
Character
Vet signature version.
SIG5
Character
SIG6
Character
SIG7
Character
SIG8
Character
SIG9
Character
SIG10
Character
SUBNET
Character
Contains the ID of the subnet that this computer last appeared in a
poll of. If the computer never appeared in a poll, the ID is all 0’s.
VERSION
Integer
The eTrust Antivirus version.
RESPOND
Character
The date of the last time the computer responded to a name server
poll. The time fields of SYSTEMTIME are not used.
UPDATE
Integer
Last update.
BRANCH
Character
Corresponds to the branch ID.
APPS
Character
A bit mask indicating the installed on the box.
LICENSES
Character
A bit mask indicating the licensed software on the box.
EXPIRED
Logical
The leaf is expired, which means that the leaf has missed too many
polls.
TIMEOFF
Integer
Add this number of minutes to the UTC time to get the computer’s
local time. This is a signed 16-bit value, but will always appear in the
database as a positive integer.
MAC
Character
Contains the MAC address of the client.
FLAGS
Integer
Currently will be set to 1 if the computer was the one to respond to
the last poll, or 0 if not.
Integrity:
Field
Description
BRANCH
Must contain a valid branch ID, or contain the null branch ID.
Field
Description
VERSION
If < 0x600, then a corresponding record in legacy.dbf must exist. Otherwise, a
corresponding record in legacy.dbf must not exist.
SUBNET
Must contain a valid subnet ID, or contain all zeros.
LEGACY.DBF
This file contains a record for each computer in the Name Server database that
has an InoculateIT version less than 6.0. It contains information essential to
remotely manage these legacy computers.
Fields:
Field
Type
Description
KEY
Character
Contains the unique ID of the computer.
NAME
Character
The computer name.
DOMAIN
Character
Contains the eTrust Antivirus domain of the
computer.
MASTER
Character
Contains the eTrust Antivirus master of the
computer.
UPDATE
Character
Last update.
Integrity:
Field
Description
KEY
Must contain a valid leaf ID, of a computer with a version less
than 6.0.
POLICY.DBF
This file links branches with their policies and jobs.
Fields:
Field
Type
Description
KEY
Character
Contains the ID of the branch.
TYPE
Integer
The type of the policy, which is the bit that is set if
the computer violates the policy.
Field
Type
Description
POLICY
Character
Contains the ID of the policy.
INHERIT
Logical
If true, then the branch inherits this policy from its
parent.
Integrity:
Field
Description
POLICY
Must contain a valid policy ID of the type specified by TYPE.
KEY
Must contain a valid branch ID.
RPCMAST.DBF
This file links RPC Masters with their branches.
Fields:
Field
Type
Description
BRANCH
Character
Contains the ID of the branch.
LEAF
Character
Contains the ID of the leaf that is the RPC Master of the branch.
OVERRIDE
Logical
If true, then if communication with the RPC Master fails, the RPC
Master of the parent branch is used.
Integrity:
Field
Description
BRANCH
LEAF
Must contain a valid leaf ID.
SUBNET.DBF
This file determines which subnets are to be polled, and when they are to be
polled.
Fields:
Field
Type
Description
KEY
Character
Contains the unique ID of the subnet.
Field
Type
Description
IPADDR
Character
IP address.
IPMASK
Character
The subnet mask for the subnet.
PORT
Integer
Port number, which used by eTrust Antivirus.
FREQ
Integer
The port that polls to this subnet should broadcast
to.
TIMEOUT
Integer
The number of seconds between the start of a poll
and the timeout.
LASTPOLL
Character
The last time this subnet was polled.
MISSED
Integer
The number of polls that a computer may miss
before it is automatically purged from the tree. A
value of 0 means that the computer is never
purged.
PLFLAGS
Integer
The flags to use with the poll.
POLLSTRT
Integer
The number of seconds from 24:00 when polling
may start on a subnet.
POLLSTOP
Integer
The number of seconds from 24:00 when polling
of the subnet stops.
STRTDAY
Integer
The number of days since Sunday when polling
may start.
STOPDAY
Integer
The number of days since Sunday when polling
will end.
BRANCH
Character
The branch that any new computers from this
subnet are placed in if they are not already in the
tree.
UPDATE
Integer
Last update.
SHARADDR Character
The IP address of the other name server that was.
DESC
Character
Description of the policy.
FLAGS
Integer
The flags of the subnet record.
LASTRESP
Character
The last time that a response to a poll was
received. It is encoded in the format
YYYY/MM/DD HH:MM:SS.
JOBID
Integer
The ID of job in the queue of polls.
Integrity:
Field
Description
BRANCH
Appendix C: Integrating with Unicenter
NSM
The following topics describe the integration of eTrust Antivirus with Unicenter
NSM on Windows platforms, and also describe the scanning options available
for managing a computer from a Unicenter NSM Business Process View in
WorldView.
eTrust Antivirus works with Unicenter NSM on the Enterprise, Local, and
Workgroup Servers. The Unicenter NSM platform required is determined by the
operating system of the server:

Unicenter NSM for Windows NT, 2000, or 2003 must be installed on all
Windows NT- or 2000-based Enterprise, Local, and Workgroup Servers.

The Unicenter NSM that corresponds to the hardware and operating
system of the UNIX-based Enterprise, Local, or Workgroup Local Server
must be installed on those servers.
Preparing for Unicenter NSM Integration
Integrating eTrust Antivirus with Unicenter Network and Systems Management
(NSM), is a simple matter of importing the results of the eTrust ITM discovery
process into the Unicenter NSM repository and creating appropriate Unicenter
Business Process Views. The Unicenter NSM platform required is determined
by the operating system of the server.
Important! To enable this integration, the Threat Management Server must be
installed on same system as the Unicenter NSM.
Integrating with Unicenter NSM 131
Preparing for Unicenter NSM Integration
Using TRIX to Import to the Repository
Use the Repository Import/Export program (TRIX) to invoke the import script
that is provided with eTrust Antivirus. This creates an Antivirus class.
You can access the TRIX program from the Start menu, Unicenter, NSM,
WorldView program group. Choose Repository Import/Export to launch the
TRIX interface. Then, use TRIX to open the script file, TRIX0.TNG, and import
it into the repository. This import script file is located in the directory where
eTrust Antivirus is installed.
You must know the name of the repository to which you wish to connect, and
use a valid User ID and Password to sign on to the repository.
TRIX can also be invoked by entering the following at the command prompt.
trix
This executes TRIX.EXE.
For more information about TRIX, refer to the Unicenter NSM documentation.
Managing Antivirus Options in WorldView
Using InoUpTNG to Populate the View
After completing the import to the repository, use the InoUpTNG utility to
create the antivirus Business Process View and populate it with a display of the
computers in your antivirus network.
InoUpTNG discovers computers in your network based on the computer
information in the Unicenter NSM database, and the subnet discovery
information in the Admin Server database. The utility uses the information
from both of these sources to populate the WorldView repository.
The Unicenter NSM network must have been discovered and a computer must
already exist in the Unicenter NSM repository before you run InoUpTNG. The
subnet discovery for the Threat Management Server must also have been
completed. Based on the computer information in the Threat Management
Server database, InoUpTNG searches the Unicenter NSM repository for
matching computer objects.
If InoUpTNG finds a matching computer in the Unicenter NSM database, it
creates an Antivirus object and links it to the computer. Then the object is
displayed in the Business Process View. This provides the view of all the
computers that are running instances of eTrust Antivirus in your network. If
there are multiple Threat Management Server in your network, the utility
discovers them.
Conversely, if the computer is not already in the Unicenter NSM database,
then an object will not be created for it, and it will not be displayed in the
view.
After you have a Business Process View of your antivirus network, you can
manage the scanning options for the computers in the view.
Integrating with WorldView
When you right-click on a computer in the view, the standard Unicenter
options for managing objects are available. In addition, the following options
are available for managing the antivirus software on computers in the view:
Configure Realtime
Use Configure Realtime to set the Realtime Monitor options for the
selected machine. This displays the same options that are available for
managing the Realtime Monitor on a local machine.
For more information about using the realtime monitor options, see Using
the Realtime Monitor.
Configure Distribution
Use Configure Distribution to set Signature Update options for the selected
machine. This displays the same option that is available for managing
signature updates on a local machine.
Schedule Job
Use Schedule Job to set Schedule Scan Job options. This displays the
Remote Scan View, which provides access to the same option that is
available for managing scheduled scan jobs on a local machine. You can
create a new scheduled scan job or modify an existing job. For more
information, see Remote Scan View (see page 135).
Display Logs
Use Display Logs to view and manage log information for the selected
machine. This displays the same view and option that is available from the
Log Viewer on a local machine.
For more information about using the Log Viewer, see Viewing and
Managing Logs.
Configure Contact
Use Configure Contact to set the Contact Information options for the selected
machine. This displays the same option that is available for managing the
contact information options on a local machine.
For more information about using the contact options, see Using the Local
Scanner.
Display Summary (for legacy computers)
This is available for legacy machines only. Use Display Summary to display
summary information for a selected machine that is running a 4.x version
of the eTrust Antivirus.
Remote Scan View
Broadcast Configuration (for legacy computers)
This is available for legacy machines only. Use Broadcast Configuration to
manage broadcast configuration information for a selected machine that is
running a 4.x version of the eTrust Antivirus.
Configure Service (for legacy computers)
This is available for legacy machines only. Use Configure Service to
manage antivirus services for a selected machine that is running a 4.x
version of the eTrust Antivirus.
These options enable you to set scanning options for the selected computer in
the same way that a user sets the options on a local computer. To view and
modify options on a computer, you must have a valid user ID and password
for the Admin Server that manages the computer.
Note: When you select a legacy computer and right-click on it, you can select
legacy options to manage that computer. These options display the dialogs for
the older versions of the product. To manage options on a computer, you need
a valid user ID and password on that computer.
Remote Scan View
From the Remote Scan View, you can add a new scheduled scan job, edit an
existing job, or delete a selected job. These are the same options that are
available for managing scheduled scan jobs on a local computer.
These options are available from the Options menu, and the toolbar buttons.
You can also access these options by right-clicking on a job in the list on the
left. In addition, when you highlight a job in the list on the left, you can rightclick anywhere in the summary on the right to display the available options.
The Remote Scan View displays the selected computer on the left side of the
window. You can expand the computer to display jobs that are scheduled to
run on the computer, if any.
When you highlight a job in the list on the left side of the window, summary
information about the job is displayed on the right. This displays the properties
used for the job.
For more information about using the schedule scan job options, see Using the
Scheduled Scanner.
Appendix D: Managing NetApp
This appendix describes how to use the eTrust Antivirus Network Appliance
Filer Scanner with a filer from Network Appliance™ (NetApp®). For installation
information, refer to the eTrust Antivirus Implementation Guide.
Managing the Scanner
This section describes how to control the scanner and its antivirus settings. A
Microsoft Management Console (MMC) snap-in controls the scanner. You can
use the MMC to configure which filers are registered to scanners and to
manage the scanners remotely.
Managing NetApp 137
Add Another Filer to a Scanner
The installation wizard let you configure one filer with a scanner. To add
another filer to a scanner (register a filer with a scanner), follow these steps:
1.
From the product program folder, launch Scanner Management (MMC
snap-in). The console window opens.
2.
In the left pane, expand Console Root, eTrust Antivirus NetApp Scanner.
The AV Machines node displays:
3.
Select AV Machines.
The list of managed scanner machines appears in the right pane. If
your machine is not in the list, you need to add the machine to the
MMC. To do so, right-click the AV Machines node and select
Administrator AV Machine. You can also add a remote scanner this
way, as long as the local machine has the required privileges.
4.
Double-click the machine.
The Properties dialog displays:
5.
Enter the name of the filer or click the browse button to locate and select
the filer.
6.
Click Add to add any additional filers.
Managing NetApp 139
View Scanner Statistics
To view scanner statistics, click the Statistics tab on the Properties dialog.
For more information, see the eTrust Antivirus NetApp Filer Scanner online
help.
Managing Custom Move and Copy Directories
The installation process creates the following registry values and sets these
values to the location of the eTrust Antivirus Move directory.
HKLM = HKEY_LOCAL_MACHINE.
HKLM\SOFTWARE\ComputerAssociates\eTrustITM\CurrentVersion\NetApp Scanner
CopyDir
MoveDir
Change Infected File Destination to the Filer
On the Cure Action Options dialog, if you specify Move File or Copy File, then
the scanner, by default, moves infected files from the filer to the eTrust
Antivirus Move directory on the local scanner machine (usually Program
Files\CA\eTrustITM\Move). You can change this setting.
To move infected files to the filer instead of the scanner, use Regedit to
manually change the registry configuration values on the scanner machine.
The new values override the Move and Copy directories of the Realtime
Monitor.
Directories must not have a trailing backslash and can point to local drives or
mapped drives, or be specified as universal naming convention (UNC) paths.
Example:
HKLM\SOFTWARE\ComputerAssociates\eTrustITM\CurrentVersion\NetApp
Scanner\MoveDir=\\f760\vol1\move
Manage Files in a Custom Move Directory
Once you specify a custom Move directory, you cannot use the eTrust Antivirus
interface to manage its files. Instead, you must use the RestMove command
line utility. It is in the installation directory of the scanner machine and has
these characteristics:

Displays original file names and their infections

Supports standard DOS wildcards: * and ?
To display information about all files in the Move directory, enter the following
command, pointing to the moved files, and specify the -i switch:
RestMove \\f760\vol1\move\*.* -i
Result:
\\f760\vol1\move\31ed8c4e-b930-45f0-8c1e-35e1d3570cd6
Original file name: \\F760\VSCAN_ADMIN$\vol\vol1\sabra01\eicar2.com
Infection name: EICAR test file
Detected by engine 23.61.00, signature 23.61.50 on 6/16/2003, 1:06:11 PM
To restore the files to their original location, enter the RestMove command and
do not use the -i switch.
You can provide single paths for both the MoveDir and the CopyDir because
the values are stored in single registry keys. Therefore, a scanner serving
multiple filers can store moved and copied files in different locations.
Managing NetApp 141
Managing the Filer
View the Virus Detection Log
The scanner adds an entry to the Realtime Scanner log whenever it receives a
file request for a file with a virus. The scanner also sends a message to the
filer’s system console that notifies the filer administrator of the virus infection.
To view the Realtime Scanner log, go to the Logs tab of the eTrust Threat
Management Agent interface.
Manage the Scanner Remotely
To manage scanner antivirus settings remotely with the Administrators View,
follow these steps:
1.
Initiate the Threat Management Server to discover all of the scanners.
2.
Put the scanners into a group.
Note: Be careful when choosing settings, because the software applies the
settings to both the eTrust Antivirus engine and the scanner running on
the machine, and some of the realtime settings do not fit with both.
3.
Set realtime antivirus settings for the group.
4.
Push the policy to the selected filer’s scanner.
Managing the Filer
This section provides procedures to manage the filer and its environment.
Common Internet file system (CIFS) virus protection is a feature of the filer's
operating system, Data ONTAP, which gives CIFS clients on-access virus
scanning of files on a filer. On-access virus scanning is the scanning of a file
before a CIFS client is allowed to open it. For more information about the filer,
go to the Netwrok Appliance Antivirus Scanning website
(http://www.netapp.com/tech_library/3107.html).
Enable and Disable Virus Scanning
To enable and disable virus scanning, enter the following command:
vscan on [-f][on|off]
where -f forces virus scanning to be enabled even if no virus scanning clients
are available to scan files.
Note: Turning on virus scanning when no clients are available to scan files
causes the CIFS clients not to be able to access filer files.
Managing the Filer
Specify File Extensions to Scan Using vscan
A default list of file extensions is available when you enable vscan. Up to 255
file extensions can exist in the file extensions list.
Note: The extension list on the filer processes before the extension list on the
scanner machine that you establish through realtime scanner configuration.
For example, if *.vbs is not configured on the filer for scanning, VBS-files do
not pass to the scanner. Therefore, even if VBS files are configured for
scanning on the scanner, they do not reach the scanner for processing. Also, if
an extension is in the extension list on the filer but not specified in the
realtime scanner configuration, the filer passes the corresponding files to the
scanner, but the scanner ignores these scan requests.
To control which files to scan, there are commands you can use to change the
default list of file extensions.
To display the default list of file extensions for the filer to scan, enter the
following command:
vscan extensions
To add to the default list of file extensions for the filer to scan, enter the
following command:
vscan extensions add ext[,ext...]
where ext is the extension to add.
Example:
vscan extensions add txt
To replace the default list of file extensions with a new list, enter the following
command:
vscan extensions set ext[,ext...]
where ext is the extension to set.
To remove file types from the default list of file extensions, enter the
following command:
vscan extensions remove ext[,ext...]
where ext is the extension to remove.
To reset the file extensions list to the default list, enter the following
command:
vscan extensions reset
Managing NetApp 143
Managing the Filer
Specifying Shares to Scan Using CIFS
You may want to indicate whether your virus-scanning application performs a
virus scan when clients open files on a specified share. You can turn scanning
on or off for shares that you specify, either for any access or for read-only
access.
Turn Scanning Off for Files in a Share
The default state of a share has virus scanning turned on. You can turn virus
scanning off for files in a share. Reasons to do this may include: the users are
restricted to trusted users, the files are restricted to read-only mode, or speed
of access is more important than safety.
To turn virus scanning off for files in a specified share, enter the following
command:
cifs shares -change share_name -novscan
where share_name is the name of the share for which you want to turn off
virus scanning.
The setting is persistent after rebooting.
Turn Scanning Off for Read-Only Access in a Share
You can turn virus scanning off in a share for users who open files for readonly access to increase the speed of file access. The default state of a share
has virus scanning turned on.
To turn virus scanning off for read-only access to files in a specified share,
enter the following command:
cifs shares -change share_name -novscanread
where share_name is the name of the share for which you want to turn off
virus scanning.
Managing the Filer
Turn Scanning On for Read-Only Access in a Share
To turn virus scanning on for read-only access to files in a specified share,
enter the following command:
cifs shares -change share_name -vscanread
where share_name is the name of the share for which you want to turn on
virus scanning.
Add a Share With Scanning Off
You can create a share with virus scanning turned off. The default state of a
share has virus scanning turned on.
To add a share that has virus scanning turned off, enter the following
command:
cifs shares -add share_name /path -novscan
where share_name is the name of the share that you want to create with virus
scanning turned off and path specifies where you want the share created.
Data ONTAP creates the share with virus scanning turned off.
Managing NetApp 145
Appendix E: Using the ETRUSTAV
Console Program
This appendix describes how to use the ETRUSTAV Console Program. After
installing eTrust Antivirus for NetWare on a NetWare server, use the
ETRUSTAV console program to take advantage of its features. The ETRUSTAV
program invokes a menu from which you can control many eTrust Antivirus
operations on the server. From the NetWare command line, entering
ETRUSTAV starts the program. To start all the eTrust Antivirus services at the
same time as starting ETRUSTAV, you must instead enter ETRUSTAV
AUTOSTART.
Note: eTrust Antivirus r8 does not support NetWare 4.x.
Using the ETRUSTAV Console Program 147
ETRUSTAV Menu
ETRUSTAV Menu
Use the keyboard Up and Down arrow keys to navigate the ETRUSTAV menu
items. The Enter key activates the selected menu option. You can exit the
ETRUSTAV program and pop-up option screens by pressing the Escape key.
Note: The default options for the ETRUSTAV program are set by the
inoc6_nw.icf file during installation. For more information about the
inoc6_nw.icf settings, see Installation Configuration File.
The following list contains the ETRUSTAV menu selections:
Start All Services
Loads and starts all eTrust Antivirus services.
Stop All Services
Stops and unloads all eTrust Antivirus services.
Start Selected Service
Starts an individual eTrust Antivirus service. If there are any services not
already running, a pop-up menu appears from which you can select the
service to start.
Stop Selected Service
Stops and unloads an individual eTrust Antivirus service. If there are any
services currently running, a pop-up menu appears from which you can
select the service to stop.
Configure Local Scanner
Opens a pop-up menu from which you can modify Local Scanner Settings.
From the Local Scanner Settings pop-up menu, you can view or modify
Scanning Options or Selection Options.
Scanning Options:
Safety level
Specifies the scan safety level.
Secure - Use as the standard method for scanning files completely.
Reviewer - Use if you suspect you have an infection that Secure
mode is not detecting.
Scanning engine
Specify the antivirus engine to use in the scan:
Inoculate IT - The Inoculate engine.
Vet - The Vet engine
ETRUSTAV Menu
Heuristic Scanner
Specify whether to use the Heuristic Scanner to scan for unknown
viruses:
No - Do not use the Heuristic Scanner.
Yes - Use the Heuristic Scanner.
File Action
Specify an action option for infected file:
Cure - Attempt to cure an infected file automatically. Even if the file is
cured, it is recommended that you delete the infected file and restore
the original file.
Delete - Delete an infected file.
Move - Move an infected file from its current directory to the Move
folder.
Rename - Automatically rename an infected file with an AVB
extension. Assigns incremental extensions in the form #.AVB to
infected files with the same name, for example, File.0.AVB, File.1.AVB,
and so on. After a file is renamed with an AVB-type of extension, it is
not subsequently scanned.
Report Only - Report an infected file.
Cure Options
If Cure Fails Specify the cure fail option when File Action is set to Cure:
Copy File Before Cure - Make a copy of the original file and put it in
the Move folder before attempting the cure.
Move File - Move an infected file from its current directory to the
Move folder if a cure fails.
No Action - Do nothing if cure fails.
Rename File - Rename a file with an AVB extension if a cure fails.
Macro Virus Treatment - Specify a removal option for an infected
file.
Remove Infected Macros - Remove only the macros that contain
infected code from the infected file.
Remove All Macros - Remove all macros from the infected file.
Selection Options:
Do not scan migrated files
Specify whether to scan files that have been migrated to external
storage:
Yes - Do not scan migrated files.
ETRUSTAV Menu
No - Scan migrated files.
Scan Files With Extensions
Specify scanning of files with filename extensions:
All Extensions - Scan all files.
All Except the Specified Extensions - Scan all files except the files
that have extensions specified in the Available Extensions list. The
Available Extensions list is specified with the Edit Extensions List
option.
Specified Extensions Only - Scan only the files that have extensions
specified in the Available Extensions list. The Available Extensions list
is specified with the Edit Extensions List option.
Edit Extensions List
Use to specify the existing set of filename extensions.
Note: You can view or modify the list only when the All Except the
Specified Extensions or Specified Extensions Only selections are made
from the Scan Files With Extensions option.
You can edit extensions in the Available Extensions list by selecting an
extension and using the F5, Delete, or Insert key.
Delete key - Use to delete a selected extension from the list:
Yes - Deletes the selected filename extension(s) from the list.
No - Keeps the filename extension(s) in the list.
F5 key - You can use the F5 key to mark extensions for deletion from
the list with the Delete key.
Insert key - Use to add an extension to the list. Enter a filename
extension in the Enter Extension field.
Scan Compressed Files
Specify scanning of archived files:
Yes - Scan compressed files.
Note: Options for the type of archive file scanning and compressed file
types are specified with the Compressed File and Archive types to
support options.
No - Do not scan compressed files.
Compressed File Options
Use to specify the options for scanning archived files.
Note: You can view or modify the types of archived files only when the
Scan Compressed Files option is set to Yes.
Specify whether to filter files inside archives by extension.
ETRUSTAV Menu
Specify whether to stop scanning an archive file when an infection is
found.
Determine a file's compression by its filename extension or contents.
The default setting is by filename extension.
Archive types to support
Specify which types of archived files:
Note: You can view or modify the types of archived files only when the
Scan Compressed Files option is set to Yes.
In the Compressed File Options List, specify the type of archived files
for scanning. You can select Yes to include the file type or No to
exclude the archived file type.
Run Local Scanner
Opens a pop-up menu from which you can specify a full pathname to
scan.
Check Status of Scheduled Jobs
Displays the status of any scheduled scan job that is currently running.
Information displayed is refreshed every second as the job progresses.
Check Status of Realtime Scanning
Displays the status of realtime scanning from the time the Realtime
Monitor was started. Information displayed is refreshed every second.
Display signature versions
Displays the current scan engine and signature versions for the eTrust
Antivirus engines installed on the server.
Advanced:
Check status of services
Displays the status of all eTrust Antivirus services.
Set discovery ports
Display and specify the current port numbers that the discovery
procedure uses for listening to broadcast messages. In the pop-up
field:
Select the Enter key to display the current port numbers that the
discovery procedure uses for listening to broadcast messages.
Enter POLL and specify a port value to set the port number on which
the eTrust Antivirus client listens for polls from the Admin Server.
Enter SUBNET and specify a port value to set the port number that
eTrust Antivirus clients use to communicate within a subnet.
ETRUSTAV Menu
Enter BOTH and specify a port value to use the same value for the port
number on which the eTrust Antivirus clients listen for polls from the
Admin Server and the port number that eTrust Antivirus clients use to
communicate in a subnet.
Restore infected files in Move folder
Restores an infected file from the Move directory to its original
location. After the command is entered, follow the onscreen
instructions.
Set approved Admin Servers
Display and specify the current set of approved eTrust Antivirus Admin
Servers. In the IP address field pop-up:
Select the Enter key to display the current set of approved eTrust
Admin Servers.
Set the eTrust Antivirus Admin Servers at the specified IP addresses as
approved for the NetWare server on which the command is run. Enter
IP addresses in the format <ip-address-1> <ip-address-n> separated
by a space. For example, entering IP addresses 192.168.130.2
192.168.130.10 causes the Admin Servers at those IP addresses to be
set as approved eTrust Antivirus Admin Servers.
Set eTrust Antivirus environment variable
Specify an environment variable for eTrust Antivirus. For example,
entering AV_VAR1=1 would set the value of a hypothetical
environment variable AV_VAR1 to 1.
Note: eTrust Antivirus environment variables are only used inside
eTrust Antivirus. They have no effect on other programs running on
your server.
Appendix F: Messages and Codes
This appendix contains messages and codes that may appear when using
eTrust Antivirus.
Messages
Error 2
The system cannot find the file specified
Reason:
The file does not exist.
Action:
Verify the correct name and spelling of the file.
Error 3
The system cannot find the path specified
Reason:
The directory is incorrect.
Action:
Verify the correct directory.
Error 5
Access denied
Reason:
You do not have access to an object or file.
Action:
Contact your system administrator for access to the object or file.
Messages and Codes 153
Messages
Error 120
This function is not supported in this system
Reason:
A mismatched policy decoder is installed on a client system.
Action:
Contact Computer Associates Customer Support.
Error 258 (0x102)
wait operation timed out
Reason:
A synchronization object timed out. This is generic synchronization error which
is usually reported in a debug log file. The action that was to take place before
the timeout will be reattempted on the next cycle.
Action:
Stop and restart the eTrust ITM Services.
Error 1331
Logon failure: account currently disabled.
Reason:
A user with disabled account tried to log on to the eTrust Threat Management
Console.
Action:
Use a valid account to log on to the eTrust Threat Management Console.
Messages
Error 1717
Unknown interface
Reason:
A Management-Server request was made to a machine that is not a
management server.
A request was made after the RPC service was started, but the RPC service
was not fully initialized.
Action:
Make sure requests are sent only to Management Servers.
Retry the request later.
Error 1722
The server cannot be contacted
Reason:
The RPC service on the server is down.
The client cannot resolve the name of the server.
A firewall is preventing a connection between the client and the server.
Action:
Start the RPC service on the server.
Make sure the client is using the correct server name.
Configure the firewall to allow a connection between the client and the server.
Error 1722
The RPC server is too busy to complete the operation.
Reason:
The proxy is busy handling other requests, and it cannot accept new requests.
Action:
Retry the request later.
Messages and Codes 155
Messages
Error 1726
General RPC error
Reason:
The connection to the server was lost.
Action:
Restore the connection to the server.
Error 1789
The trust relationship between this workstation and the primary domain failed.
Reason:
A domain account was used to log in to the eTrust Threat Management
Console, but the workstation was not a member of that domain, or the account
was not valid.
Action:
Ensure the workstation and the account are on the correct domain before
logging into the eTrust Threat Management Console, or ensure that the
account is valid.
Appendix G: Computer Viruses
The threat of computer viruses and infections is a major security consideration
for any computer user. A computer virus is a computer program that can
destroy information on your workstation. Similar to a biological virus, a
computer virus can reproduce itself by attaching to other files, usually
executable programs. When unexecuted in a compressed file, computer
viruses are not dangerous, but when they are executed, they can create
havoc.
To classify as a virus, a suspicious file must have the ability to:

Replicate

Attach to other executables
There are many types of infections, including the file infections, macro viruses,
worms, and trojan infections.
Computer Viruses 157
Computer Infection Symptoms
Computer Infection Symptoms
Symptoms of infection vary depending upon the particular virus infecting your
system. The following list contains some of the more common symptoms you
are likely to encounter:

Screen displays a message such as “Your PC is a turtle!”

Screen displays strange graphic patterns, such as bouncing balls.

File size increases. Sometimes this is dramatic, causes the files to become
too big to load in the memory. Frequently the change in size is small.

The timestamp on a file is changed. You might notice a *.com or *.exe file
with a timestamp more recent than when you loaded it.

Error message about writing to a write-protected disk, even though your
application is not attempting a write operation.

Long time to load programs and the configuration of your computer is not
changed.

Computer running slower than normal.

Computer has less memory available than normal.

The same problems occur on several computers.

Screen displays an error “Bad command or file name” even when you
know the file should be on the disk.

Unable to access an existing drive.

CHKDSK suddenly discovers bad sectors on more than one computer.

Problems like difficulty in copying files on your computer.

Computer locks up frequently.
If your computer displays one or more of these symptoms, it could have an
infection. Since it is difficult to determine if these symptoms are infectionrelated, the Computer Associates antivirus software helps you to confirm
whether or not your workstation is infected.
Effects of a Computer Infection
Effects of a Computer Infection
Not all infections damage your computer. Some are just nuisances, continually
reproducing themselves or displaying strange graphics or messages on your
screen. Most viruses are stealthy, remaining hidden until they start running.
If an infection does cause damage, the damage varies depending upon the
particular infection in your system. In general, viruses can do the following
damage to your computer:

Hang your computer

Erase, modify, and hide your files

Scramble data on your hard disk

Attack and scramble the File Allocation Table (FAT)

Attack and scramble the Partition Table

Format your hard disk
Characteristics of Viruses
The different types of viruses may exhibit different behavioral characteristics,
based on how they function.
Virus Type
Behavior
Memory resident Loads in memory and takes over control of the operating
system. Memory resident viruses attach themselves to
executable files (such as *.exe, *.com, and *.sys files).
These viruses often change the file attribute information
and the file size, time, and date information.
Stealth
Hides their presence. While all viruses try to conceal
themselves in some way, stealth viruses make a greater
effort at concealment. For example, a stealth virus can
infect a program, adding bytes to the infected file. It then
subtracts the directory entry of the infected file by the
same number of bytes, giving the impression that the size
of the file has not changed.
Polymorphic
Modifies their appearance and change their signature (their
identifiable code) periodically. For example, they inserts
garbage code into the middle of a file execution, or change
the order of execution. This allows the virus to escape
signature scanning detection methods.
Computer Virus Terms
The following list contains common computer virus terms:
Armored Virus
A virus uses special tricks to make tracing, disassembling, and
understanding of their code more difficult.
Boot Record
The program recorded in the Boot Sector. All floppy disk have a boot
record, whether or not the disk is actually bootable. Whenever you start or
reset your computer with a disk in the A: drive, DOS (on some older
Windows systems) reads the boot record from that diskette. If a boot virus
infects the disk, the computer first reads the boot sector where virus code
resides, and then jumps to the sector where the virus has stored the
original boot record.
Boot Sector
The first logical sector of a drive. On a floppy disk, this is located on side 0
(the top), cylinder 0 (the outside), sector 1 (the first sector.) On a hard
disk, it is the first sector of a logical drive, such as C: or D:. This sector
contains the Boot Record, which is created by FORMAT (with or without the
/S switch). The sector can also be created by the DOS SYS command.
Boot Sector Infector
Every logical drive for both hard and floppy disks, contains a boot sector.
It is true even for the non-bootable disk. This boot sector contains specific
information relating to the formatting of the disk, the data stored, and
contains a boot program (which, on some older Windows operating
systems, loads the DOS system files). The boot program displays the
familiar “Non-system Disk or Disk Error” message if the DOS system file is
not present. It is also the program that is infected by viruses. A boot
sector virus can arise by leaving an infected diskette in a drive and
restarting the computer. When the program in the boot sector is read and
executed, the virus goes into memory and infects your hard drive. Because
every disk has a boot sector, it is common to infect a computer from a
data disk. All “boot viruses” infect the boot sector of floppy disks; some of
them, such as Form, also infect the boot sector of hard disks. Other boot
viruses infect the master boot sector of hard disks.
Boot Sector or Master Boot Sector Virus
A term that describes a virus that places its starting code in the boot
sector of floppy disks, and either the boot sector or master boot sector of
hard disks. This virus is difficult to detect because many disk examination
tools do not let you see the partition sector, which is the first sector on a
hard drive. This virus is called a multipartite virus.
CMOS — Complementary Metal Oxide Semiconductor
A memory area used in AT and higher class PCs for storage of system
information. CMOS is battery backed RAM, originally used to maintain date
and time information while the PC was turned off. CMOS memory is not in
the usual CPU address space and cannot be executed. While a virus can
store and corrupt data in the CMOS, it cannot hide there.
Cavity Virus
A virus overwrites a part of the host file filled with a constant (usually
nulls), without increasing the length of the file, but preserving its
functionality.
Companion Virus
Creates a new program, which (unknown to the user) is executed by the
command-line interpreter instead of the intended program. On exit, the
new program executes the original program so those things appear okay.
The only way this has been accomplished is by creating an infected .COM
file with the same name as an existing .EXE file.
Dropper
A program, modified to “install” a virus on the target system. A dropper
contains the virus code so that it is not detected. A dropper is effectively a
Trojan Horse.
False Positive, False Negative
A false positive (or Type-I) error is one, the anti-virus software claims that
a file, infected by a virus when in reality the file is clean. A false negative
(or Type-II) error is one in which the software fails to indicate when a file
is infected. False negatives are more serious than false positives, although
both are undesirable.
Fast Infector
A typical file infector, for example the Jerusalem virus, copies itself to
memory when a program infected by it is executed, and then infects other
programs when they are executed. When a fast infector virus is active in
memory, it infects not only executed programs, but any file opened.
Running a scanner or integrity checker can result in all or many programs
becoming infected at once.
File Virus
Attaches to or replaces *.COM and *.EXE files, although in some cases, it
can infect files with .SYS, .DRV, .BIN, .OVL, and .OVY extensions. The
most common file virus is a resident virus. It resides in the memory of
your computer at the time the first copy is run, and takes clandestine
control of the computer. This virus commonly infects additional programs
as you run them. However, a non-resident virus infects one or more files
whenever an infected file is run. This virus often changes the file attribute
information and the file size, time, and date information.
In the Wild
A term that indicates a virus detected in several organizations in the
world. It contrasts with a virus that has only been reported by researchers.
Despite popular hype, most viruses are “in the wild” and differ only in
prevalence. Some are new and rare. Others are old, but do not spread
well, and therefore are extremely rare.
Macro Virus
Written in the macro language of specific computer programs, such as a
word processor or spreadsheet. A macro virus infects files (not the boot
sector or partition table), and resides in the memory when executed. It
can run when you access a program document, or triggered by user
actions, such as certain keystrokes or menu choices. A macro virus can be
stored in files with any extension and is spread through file transfers, or
email.
Master Boot Record
The 340-byte program located in the Master Boot Sector. This program
begins the boot process. It reads the partition table, determines what
partition to boot from (usually C:), and transfers control to the Boot
Sector. The Master Boot Record is often called the MBR, and often called
the “master boot sector” or “partition table”. The master boot record is
created when FDISK or FDISK /MBR is run.
Master Boot Sector
Reads the first sector of the hard disk. This sector is located on the top
side (“side 0”), outside cylinder (“cylinder 0”), first sector (“sector 1”). The
sector contains the Master Boot Record.
Multipartite Virus
Combines the characteristics of memory resident, file, and boot sector
virus.
Partition Table
A 64-byte data structure that defines the way a PC’s hard disk is divided
into logical sections known as partitions. The most important one is stored
in the Master Boot Record (MBR).
Polymorphic Virus
Produces varied (yet fully operational) copies of itself so virus scanners
cannot detect all instances of the virus.
RAM — Random Access Memory
A place where the program is loaded to execute. The significance for a
virus is to grab memory to be active. Some virus scanners declare a virus
active whenever it is detected in RAM, even though it may be inactive in a
buffer area of RAM.
Resident
A property of most common computer viruses. A virus that loads into
memory, hooks one or more interrupts, and remains inactive in memory
until some trigger event. When the trigger event occurs, the virus
becomes active, either infecting something or displaying a message or
object. All boot viruses are resident viruses, as are the most common file
viruses.
Script Virus (VBScript, JavaScript, HTML)
Written in script programming language, such as VBScript (Visual Basic
Script) and JavaScript. These script viruses make use of Microsoft’s
Windows Scripting Host (WHS) to activate themselves and infect other
files. Since WHS is available on Windows 98 and Windows 2000, the
viruses can be activated simply by double clicking the *.vbs or *.js file
from the Windows Explorer.
Slow Infector
A virus that only infects when you create or modify a file.
Sparse Infector
A virus that infects occasionally; for example, every 10th executed file, or
only files whose lengths fall within a narrow range. By infecting less often,
such viruses minimize the probability of being discovered.
Stealth Virus
Hides the modifications it makes in the file or boot record. Usually, by
monitoring the system functions used by programs to read files or physical
blocks from storage media, and forging the results of such system
functions so that programs which try to read these areas see the original
uninfected form of the file instead of the actual infected form. To do this,
the virus must be resident in memory when the antivirus program is
executed.
Trojan Horse
Performs unauthorized and malicious actions, such as displaying
messages, erasing files, or formatting a disk. A Trojan horse does not
infect other host files.
Trigger condititon or date
Indicates the condition or date that the virus payload is triggered. A dateactivated virus can infect your computer 365 days a year. This virus can
also infect your computer prior to the specified date.
Tunneling Virus
A virus that finds the original interrupt handlers in DOS and the BIOS and
calls them directly, thus bypassing any activity monitoring programs.
TSR — Terminate but Stay Resident
The PC programs that stay in memory while you use the computer for
other purposes; they include pop-up utilities, network software, and the
great majority of viruses. They use utilities, such as MEM, MAPMEM, PMAP,
F-MMAP, and INFOPLUS.
Worm Virus
Makes copies of itself, but does not need to attach to particular files or
sectors. Once a worm is executed, it seeks other systems and copies its
code to them.
Appendix H: Acknowledgements
This appendix contains third-party licensing information. Copyright information
for each component is included.
Acknowledgements 165
Apache Tomcat
Apache Tomcat
Licenses
The Apache Software Foundation uses various licenses to distribute software
and documentation, to accept regular contributions from individuals and
corporations, and to accept larger grants of existing software products. We are
also in the process of updating the Apache licenses to reflect changes in the
community regarding patents and contributing.
These licenses help us achieve our goal of providing reliable and long-lived
software products through collaborative open source software development. In
all cases, contributors retain full rights to use their original contributions for
any other purpose outside of Apache while providing the ASF and its projects
the right to distribute and build upon their work within Apache.
Licensing of Distributions
All software produced by The Apache Software Foundation or any of its
projects or subjects is licensed according to the terms of the documents listed
below.
Apache License, Version 2.0 (current)
http://www.apache.org/licenses/LICENSE-2.0 (TXT or HTML)
The 2.0 version of the Apache License was approved by the ASF in 2004. The
goals of this license revision have been to reduce the number of frequently
asked questions, to allow the license to be reusable without modification by
any project (including non-ASF projects), to allow the license to be included by
reference instead of listed in every file, to clarify the license on submission of
contributions, to require a patent license on contributions that necessarily
infringe the contributor's own patents, and to move comments regarding
Apache and other inherited attribution notices to a location outside the license
terms (the NOTICE file).
The result is a license that is supposed to be compatible with other open
source licenses while remaining true to the original goals of the Apache Group
and supportive of collaborative development across both nonprofit and
commercial organizations. The Apache Software Foundation is still trying to
determine if this version of the Apache License is compatible with the GPL.
All packages produced by the ASF are implicitly licensed under the Apache
License, Version 2.0, unless otherwise explicitly stated. More developer
documentation on how to apply the Apache License to your work can be found
in Applying the Apache License, Version 2.0.
Apache License, Version 1.1 (historic)
Apache Tomcat
http://www.apache.org/licenses/LICENSE-1.1
primary change from the 1.0 license is in the 'advertising clause' (section 3 of
the 1.0 license); derived products are no longer required to include attribution
in their advertising materials, but only in their documentation.
Individual packages licensed under the 1.1 version may use different wording
due to varying requirements for attribution or mark identification, but the
binding terms were all the same.
This is the original Apache License which applies only to older versions of
Apache packages (such as version 1.2 of the Web server).
Contributor License Agreements
The ASF desires that all contributors of ideas, code, or documentation to the
Apache projects complete, sign, and submit (via snailmail or fax) a Individual
Contributor License Agreement (CLA) [PDF form]. The purpose of this
agreement is to clearly define the terms under which intellectual property has
been contributed to the ASF and thereby allow us to defend the project should
there be a legal dispute regarding the software at some future time. A signed
CLA is required to be on file before an individual is given commit rights to an
ASF project.
For a corporation that has assigned employees to work on an Apache project,
a Corporate CLA (CCLA) is available for contributing intellectual property via
the corporation that may have been assigned as part of an employment
agreement. Note that a Corporate CLA does not remove the need for every
developer to sign their own CLA as an individual, to cover their contributions
that are not owned by the corporation signing the CCLA.
Note: If you choose to send this document via fax, rather than via traditional
postal mail, then be absolutely sure that you have sent it correctly. Often
faxes are received back-to-front, blank, or totally illegible.
Software Grants
When an individual or corporation decides to donate a body of existing
software or documentation to one of the Apache projects, they need to
execute a formal Software Grant agreement with the ASF. Typically, this is
done after negotiating approval with the ASF Incubator or one of the PMCs,
since the ASF will not accept software unless there is a viable community
available to support a collaborative project.
CURL
CURL
COPYRIGHT AND PERMISSION NOTICE
Copyright (c) 1996 - 2005, Daniel Stenberg, <daniel@haxx.se>.
All rights reserved.
Permission to use, copy, modify, and distribute this software for any purpose
with or without fee is hereby granted, provided that the above copyright
notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of a copyright holder shall not be
used in advertising or otherwise to promote the sale, use or other dealings in
this Software without prior written authorization of the copyright holder.
gSOAP
gSOAP
gSOAP is distributed under:

The gSOAP public open source license (which is based on the Mozilla public
license 1.1). See the section below further details.

GPL (GNU Public License). Some parts of gSOAP are strictly distributed
under the GPL (see below). Most parts are distributed under the gSOAP
license and GPL. For those parts, you can choose the gSOAP license or GPL
based on your needs.
The gSOAP public license allows for commercial use of gSOAP. It allows
products to be built on top and distributed under any license (including
commercial). Products developed with gSOAP should include a notice of
copyright and a disclaimer of warranty in the product's documentation (License
Exhibit B). Please refer to the README files and/or header information in
source code files for the appropriate licensing specific to that part of the souce
code.
The parts of the code that are strictly distributed under the GPL (i.e. the code
that is distributed under GPL only) cannot always be used for commercial
purposes. These parts are:

The wsdl2h WSDL parser source code and the code generated by it.

The examples included in the gSOAP distribution package, including the
Web server and UDDI applications.
A license for commercial use is available (this license replaces the GPL
restrictions). Please refer to the license details at Genivia Inc licensing and
support for further details.
Genivia Inc Licensing and Support
URL http://www.genivia.com/Products/gsoap/GeniviaGSoapLicense.pdf
Content
GENIVIA, INC., SOURCE CODE LICENSE AGREEMENT FOR COMMERCIAL
USE
Rationale: This source code license for commercial use shall replace the gSOAP
public license and GPL license for Customer's use of the Software, thereby
rendering the terms and conditions imposed by the gSOAP public license and
GPL license on Customer inactive during the term of this commercial license as
set forth in this Agreement. This license covers the entire gSOAP source
distribution, including, but not limited to, the runtime library, compiler, WSDL
importer, example applications, and documentation.
gSOAP
THIS SOURCE CODE LICENSE AGREEMENT ("Agreement") is made and
entered into as of the last date executed by the parties below (the "Effective
Date") by and between GENIVIA, INC., a Florida corporation having a principal
place of business at 3178 Shamrock East, Tallahassee, Florida 32309, USA,
("Genivia"), and ______________________________________, a
__________________________________ corporation having a principal place
of business at
__________________________________ ("Customer").
The parties agree as follows:
1. DEFINITIONS.
"Original Code" means Source Code of computer software code which is
described in the Source Code notice required by Exhibit A as Original Code.
"Modifications" means any addition to or deletion from the substance or
structure of either the Original Code or any previous Modifications. When
Covered Code is released as a series of files, a Modification is: (i) any addition
to or deletion from the contents of a file containing Original Code or previous
Modifications; (ii) any new file that contains any part of the Original Code, or
previous Modifications.
"Covered Code" means the Original Code, or Modifications or the combination
of the Original Code, and Modifications, in each case including portions
thereof.
"Software" means the Covered Code and accompanying documentation and
support files referenced in section 1 of Exhibit A, including Updates (if any).
"Updates" means any patches, bug fixes, upgrades, and new versions of the
Software made generally available by Genivia during the term of this
Agreement.
"Source Code" means computer programming code in human readable form
that is not suitable for machine execution without the intervening steps of
interpretation or compilation, meaning the preferred form of the Covered Code
for making modifications to it, including all modules it contains, plus any
associated interface definition files, scripts used to control compilation and
installation of an Executable Object Code, or source code differential
comparisons against the Original Code. The Source Code can be in a
compressed or archival form, provided the appropriate decompression or dearchiving software is widely available for no charge.
"Executable Object Code" means the computer programming code in any other
form than Source Code that is not readily perceivable by humans and suitable
for machine execution without the intervening steps of interpretation or
compilation.
gSOAP
"Authorized Site" means the specific address of Customer’s facility consisting
of a single building or multiple buildings on a contiguous campus as specified
in Exhibit A.
"Project" means a concerted undertaking by an identified Customer
development team to design or produce a Target Application.
"Run-Time Module" means the Executable Object Code derived from compiling
the Software to be incorporated into a Target Application as inseparably
embedded code.
"Target Application" means an end-user item, such as a software product that
is possibly replicated in identical form and offered for sale or licensed to third
parties, or a device or system developed by Customer pursuant to a Project
that contains a Run-Time Module, or any portion thereof, as specified in
Exhibit A and any Updates made during the term of this Agreement.
2. SOURCE CODE LICENSE.
Subject to Customer’s compliance with the terms and conditions of this
Agreement and payment of any applicable fees, Genivia hereby grants to
Customer a non-transferable, nonexclusive, worldwide, royalty-free, paid-up
license: (i) to reproduce and use the Software, solely at the Authorized Site in
connection with the Project; (ii) to create Modifications and other derivative
works of the Software, solely to the extent necessary to support the
development of the Target Application; (iii) to compile the Software, including
any Modifications and derivative works thereof, into Run-Time Modules; (iv) to
reproduce an unlimited number of Run-Time Modules for physical incorporation
into the Target Application; and (v) to market and distribute the Target
Application.
3. RESTRICTIONS.
Customer shall reproduce and include any and all copyright notices and
proprietary rights legends, as such notices and legends appear in the original
Software, on any copy of the Software, or portion thereof, with the exception
of the gSOAP public license and GPL license notices.
The Software shall be handled, used and stored, solely at the Authorized Site
identified in Exhibit A. The Software may be used from a single machine, a set
of machines, or a network file server, but there shall be no access to the
Software from any external network not located at the Authorized Site.
A function of the Software is to create Run-Time Modules for incorporation into
Target Applications. Except as set forth in Section 2 above, no license is
granted hereunder to reproduce or distribute the gSOAP soapcpp2 compiler
and wsdl2h importer as part of such Target Application.
4. OWNERSHIP.
gSOAP
Genivia represents and warrants to Customer that Genivia has all rights in the
Software necessary to grant the rights and license granted to Customer in this
Agreement. Without limiting the foregoing, Genivia represents and warrants
that Genivia acquires an assignment of all intellectual property rights in and to
all portions of the Software delivered to Customer under this Agreement,
including any Modifications made by GPL or gSOAP Public License licensees.
Customer shall not have any obligation to provide, assign, or disclose to
Genivia or any other party any Modifications. Notwithstanding the foregoing,
Genivia and its licensors shall retain exclusive ownership of all worldwide
Intellectual Property Rights in and to the Software.
Customer acknowledges that this Agreement does not grant to Customer any
Intellectual Property Rights in or to the Software other than the limited rights
with respect to the Software as set forth in Section 2. Customer hereby agrees
to assign to Genivia all Intellectual Property Rights it may have or obtain in
and to the Modifications that Customer makes to the Software.
If Customer has or obtains any rights to the foregoing that cannot be assigned
to Genivia, Customer unconditionally and irrevocably waives the enforcement
of such rights, and if such rights cannot be waived, Customer hereby grants to
Genivia an exclusive, irrevocable, perpetual, worldwide, fully paid and royaltyfree license, with rights to sublicense through one or more levels of
sublicensees, to reproduce, create derivative works of, distribute, publicly
perform, publicly display, make, use, sell and import such Modifications and
other intellectual property noted above by all means now known or later
developed. All rights in and to the Software not expressly granted to Customer
in this Agreement are expressly reserved for Genivia and its licensors.
5. DELIVERY AND PAYMENT.
Immediately following the Effective Date, Genivia grants Customer the right to
download the Software from the Approved Software Download Site specified in
Exhibit A, and install the Software at the Authorized Site and use the Software
as set forth in Section 2 subject to the restrictions listed in Section 3.
Notwithstanding any terms or other agreements posted on the Approved
Software Download Site, this Agreement shall be the sole and exclusive
agreement governing Customer's use of the Software.
Customer shall pay to Genivia the Software license fee set forth in Exhibit A.
License fees will be invoiced with shipment of this License Agreement.
Payment of all amounts invoiced shall be due sixty (60) days after receipt of
the invoice.
gSOAP
All payments and amounts shall be paid without deduction, set-off or counter
claim, free and clear of any restrictions or conditions, and without deduction
for any taxes, levies, imposts, duties, fees, deductions, withholdings or other
governmental charges. If any deduction is required to be made by law,
Customer shall pay in the manner and at the same time such additional
amounts as will result in receipt by Genivia of such amount as would have
been received by Genivia had no such amount been required to be deducted.
If Customer is claiming sales or use tax exemption, a certified Tax Exempt
Certificate must be attached to this Agreement or applicable purchase order
submitted by Customer.
6. TERM AND TERMINATION.
This Agreement shall commence upon the Effective Date and is granted in
perpetuity, but may be terminated without notice in the following
circumstances: if you breach any term of this agreement, unless such breach
is curable and is cured by Customer within thirty (30) days after notice of such
breach is provided by Genivia; if you become the subject of insolvency
proceedings; if you, being a firm or partnership, are dissolved; or if you
destroy the Software for any reason. Upon termination, you or your
representative shall destroy any remaining copies of the Software or otherwise
return or dispose of such material. Termination pursuant to this clause shall
not affect any rights or remedies, which Genivia may have otherwise under
this license or at law.
The following Sections shall survive any termination of this Agreement:
Sections 1, 4, 6, and 8. Termination of this Agreement, if any, shall not affect
any licenses or other grants of any rights, titles, or interests of Customer in or
to any Run-Time Modules or the Target Application.
7. LIMITED WARRANTY.
Genivia warrants that the Software, installation scripts, and future Updates will
be provided to Customer. Customer assumes full responsibility for: (i) the
selection, download, and installation of the Software from the Approved
Software Download Site specified in Exhibit A; (ii) the proper use of the
Software; (iii) verifying the results obtained from the use of the Software; and
(iv) taking appropriate measures to prevent loss of data. Genivia does not
warrant that the operation of the Software will meet Customer’s requirements
or that Customer will be able to achieve any particular results from use or
modification of the Software or that the Software will operate free from error.
gSOAP
EXCEPT AS EXPRESSLY SET FORTH IN SECTIONS 7 AND 8 OF THIS
AGREEMENT, GENIVIA AND ITS LICENSORS DISCLAIM ALL WARRANTIES,
WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING, WITHOUT
LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, OF FITNESS
FOR A PARTICULAR PURPOSE, NONINFRINGEMENT OF THIRD PARTY
INTELLECTUAL PROPERTY RIGHTS, AND ANY WARRANTY THAT MAY ARISE BY
REASON OF TRADE USAGE, CUSTOM, OR COURSE OF DEALING. WITHOUT
LIMITING THE FOREGOING, CUSTOMER ACKNOWLEDGES THAT THE
SOFTWARE IS PROVIDED "AS IS" AND THAT GENIVIA DOES NOT WARRANT
THE SOFTWARE WILL RUN UNINTERRUPTED OR ERROR FREE. THE ENTIRE
RISK AS TO RESULTS AND PERFORMANCE OF THE SOFTWARE IS ASSUMED BY
CUSTOMER.
UNDER NO CIRCUMSTANCES WILL GENIVIA BE LIABLE FOR ANY SPECIAL,
INDIRECT, INCIDENTAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES OF ANY
KIND OR NATURE WHATSOEVER, WHETHER BASED ON CONTRACT,
WARRANTY, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR
OTHERWISE, ARISING OUT OF OR IN ANY WAY RELATED TO THE SOFTWARE,
EVEN IF GENIVIA HAS BEEN ADVISED ON THE POSSIBILITY OF SUCH
DAMAGE OR IF SUCH DAMAGE COULD HAVE BEEN REASONABLY FORESEEN,
AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY
EXCLUSIVE REMEDY PROVIDED. SUCH LIMITATION ON DAMAGES INCLUDES,
BUT IS NOT LIMITED TO, DAMAGES FOR LOSS OF GOODWILL, LOST PROFITS,
LOSS OF DATA OR SOFTWARE, WORK STOPPAGE, COMPUTER FAILURE OR
MALFUNCTION OR IMPAIRMENT OF OTHER GOODS. IN NO EVENT WILL
GENIVIA BE LIABLE FOR THE COSTS OF PROCUREMENT OF SUBSTITUTE
SOFTWARE OR SERVICES. CUSTOMER ACKNOWLEDGE THAT THIS SOFTWARE
IS NOT DESIGNED FOR USE IN ON-LINE EQUIPMENT IN HAZARDOUS
ENVIRONMENTS SUCH AS OPERATION OF NUCLEAR FACILITIES, AIRCRAFT
NAVIGATION OR CONTROL, OR LIFE-CRITICAL APPLICATIONS. GENIVIA
EXPRESSLY DISCLAIM ANY LIABILITY RESULTING FROM USE OF THE
SOFTWARE IN ANY SUCH ON-LINE EQUIPMENT IN HAZARDOUS
ENVIRONMENTS AND ACCEPTS NO LIABILITY IN RESPECT OF ANY ACTIONS
OR CLAIMS BASED ON THE USE OF THE SOFTWARE IN ANY SUCH ON-LINE
EQUIPMENT IN HAZARDOUS ENVIRONMENTS BY CUSTOMER. FOR PURPOSES
OF THIS PARAGRAPH, THE TERM "LIFE-CRITICAL APPLICATION" MEANS AN
APPLICATION IN WHICH THE FUNCTIONING OR MALFUNCTIONING OF THE
SOFTWARE MAY RESULT DIRECTLY OR INDIRECTLY IN PHYSICAL INJURY OR
LOSS OF HUMAN LIFE. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN
ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED CODE IS
AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER.
8. INFRINGEMENT INDEMNITY.
gSOAP
Genivia will defend at its expense any suit brought against Customer and will
pay all damages finally awarded in such suit insofar as such suit is based on a
claim that the Software as provided to Customer infringes a previously issued
patent or copyright, provided that Genivia is notified promptly of such claim
and is given full and complete authority (including settlement authority
consistent with the other terms and conditions of this Agreement), information
and assistance by Customer for such defense. In the event that the Software
is held in any such suit to infringe such a right and its use is enjoined, or if in
the opinion of Genivia the Software is likely to become the subject of such a
claim, Genivia at its own election and expense will either (i) procure for
Customer the right to continue using the Software or (ii) modify or replace the
Software so that it becomes non-infringing while giving substantially
equivalent performance. In the event that (i) or (ii) above are not, in Genivia’s
sole determination, obtainable using reasonable commercial efforts, then
Genivia may terminate this Agreement and refund amount Customer paid
Genivia under this Agreement for the Software which is the subject of such
claim. The indemnification obligation shall not apply to infringement actions or
claims to the extent that such actions or claims are caused solely by: (i)
modifications made to the Software by a party other than Genivia; and (ii) the
combination of the Software with items not supplied or approved by Genivia.
9. GENERAL.
Neither party shall be liable hereunder by reason of any failure or delay in the
performance of its obligations hereunder (except for the payment of money)
on account of strikes, shortages, riots, insurrection, fires, flood, storm,
explosions, acts of God, war, governmental action, labor conditions,
earthquakes, material shortages or any other cause which is beyond the
reasonable control of such party.
The Software is a "commercial item" as that term is defined at 48 C.F.R.
2.101, consisting of "commercial computer software" and "commercial
computer software documentation" as such terms are used in 48 C.F.R.
12.212. Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through
227.7202-4, Customer will provide the Software to U.S. Government End
Users only pursuant to the terms and conditions therein. Customer may not
delegate, assign or transfer this Agreement, the license(s) granted or any of
Customer’s rights or duties hereunder without Genivia's express prior written
consent, except by way of merger or acquisition of the business of Customer,
and any attempt to do so shall be void. Genivia may assign this Agreement,
and its rights and obligations hereunder, in its sole discretion.
All Software and technical information delivered under this Agreement are
subject to U.S. export control laws and may be subject to export or import
regulations in other countries. Customer agrees to strictly comply with all such
laws and regulations.
gSOAP
This Agreement is governed by California law, excluding any principle or
provision that would call for the application of the law of any jurisdiction other
than California. Any action regarding this Agreement shall be brought in a
court of competent jurisdiction, federal or state, in the County of Santa Clara,
California, and Genivia consents to venue and jurisdiction in and service of
process from such court.
EXHIBIT A
1. Genivia gSOAP Source Code Products.
Original Source Code files suitable for compilation into Run-Time Modules for
integration into a Target Application:
dom.h
dom++.h
dom.c
dom++.cpp
dom.cpp
soapdoc2.pdf
soapdoc2.html
stdsoap2.h
stdsoap2.c
stdsoap2.cpp
stl.h
stldeque.h
stllist.h
stlvector.h
stlset.h
samples/* (all example files included in the package under 'samples')
uddi2/* (all of the UDDI v2 support files included in the package under 'uddi2')
WS/* (all of the files included included in the package under 'WS' )
Updates to any of the Original Source Code files listed above and distributed
by Genivia are also covered under this Agreement.
Original Source Code files of the Software with development functionality not
suitable for compilation and integration into Target Applications:
src/error2.c
src/error2.h
src/init2.c
src/soapcpp2.c
src/soapcpp2.h
src/soapcpp2_lex.l
src/soapcpp2_yacc.y
src/symbol2.c
wsdl/dime.h
wsdl/gwsdl.h
wsdl/http.h
gSOAP
wsdl/imports.h
wsdl/includes.h
wsdl/mime.h
wsdl/schema.cpp
wsdl/schema.h
wsdl/service.cpp
wsdl/service.h
wsdl/soap.cpp
wsdl/soap.h
wsdl/typemap.dat
wsdl/types.cpp
wsdl/types.h
wsdl/wsdl.cpp
wsdl/wsdl.h
wsdl/wsdl2h.cpp
The source codes above are part of the software development toolkit. The
development toolkit generates source code that is suitable for compilation and
integration into the Target Application as set forth by Sections 2 and 3.
2. Approved Software Download Site
http://sourceforge.net/projects/gsoap2
3. Description of the Customer's Project and the Intended
Functionality of the Target
Application.
______________________________________________________________
_________
License Fee: $195.00 USD
Authorized Site (address and building identification):
______________________________
IN WITNESS WHEREOF, the parties’ authorized representatives have executed
this
Agreement and Exhibit as of the Effective Date.
GENIVIA
By: Robert van Engelen
Title: President
Date: __________
gSOAP
CUSTOMER __________
By: __________
Title: __________
Date: __________
This form must be completed, signed, and returned by email, mail, or fax to
the following
address to ensure prompt completion of the order. A copy can be send by
email to expedite
the execution of the Agreement.
Genivia, Inc., Sales Department
3178 Shamrock East
Tallahassee, FL32309, USA
Email: sales@genivia.com
Voice: +1 (850) 264 2676
Fax: +1 (850) 893 1426
Genivia, Inc., Source Code License Agreement
Jan 1, 2004, revised June 27, Aug 1, Aug 14, Oct 19, 2004; Mar 31, 2005,
May 10, 2005.
The gSOAP Public License
The gSOAP Public License 1.3 is based on MPL1.1 (Mozilla Public License 1.1).
The license allows for commercial use of gSOAP. It also allows products to be
built on top and distributed under any license (including commercial). Products
developed with gSOAP should include a notice of copyright and a disclaimer of
warranty in the product's documentation (License Exhibit B).
gSOAP source code modifications that are distributed part of an open source
product should be submitted back to us for quality control. Please note that
modifications to the gSOAP runtime source codes are not required to build
applications so this requirement should not prohibit (commercial) product
development in any way.
gSOAP
We also encourage suggestions for modifications to be submitted to the gSOAP
mailing list for consideration in future releases.
TERMS AND CONDITIONS OF USE
gSOAP is copyrighted by Robert A. van Engelen, Genivia inc.
Copyright (C) 2000-2003 Robert A. van Engelen, Genivia inc. All Rights
Reserved.
USE RESTRICTIONS
You may not: (i) transfer rights to gSOAP or claim authorship; or (ii) remove
any product identification, copyright, proprietary notices or labels from gSOAP.
MAINTENANCE, SUPPORT AND UPDATES
There is no obligation to maintain or support or update the Software in any
way, or to provide updates or error corrections.
WARRANTY
THE AUTHORS EXPRESSLY DISCLAIM ALL WARRANTIES, WHETHER EXPRESS,
IMPLIED OR STATUTORY, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
WARRANTIES OF MERCHANTABILITY, OF FITNESS FOR A PARTICULAR
PURPOSE, NONINFRINGEMENT OF THIRD PARTY INTELLECTUAL PROPERTY
RIGHTS, AND ANY WARRANTY THAT MAY ARISE BY REASON OF TRADE
USAGE, CUSTOM, OR COURSE OF DEALING. WITHOUT LIMITING THE
FOREGOING, YOU ACKNOWLEDGE THAT THE SOFTWARE IS PROVIDED "AS
IS" AND THAT THE AUTHORS DO NOT WARRANT THE SOFTWARE WILL RUN
UNINTERRUPTED OR ERROR FREE.
gSOAP
LIMITED LIABILITY THE ENTIRE RISK AS TO RESULTS AND PERFORMANCE OF
THE SOFTWARE IS ASSUMED BY YOU. UNDER NO CIRCUMSTANCES WILL THE
AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL, EXEMPLARY
OR CONSEQUENTIAL DAMAGES OF ANY KIND OR NATURE WHATSOEVER,
WHETHER BASED ON CONTRACT, WARRANTY, TORT (INCLUDING
NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, ARISING OUT OF OR IN
ANY WAY RELATED TO THE SOFTWARE, EVEN IF THE AUTHORS HAVE BEEN
ADVISED ON THE POSSIBILITY OF SUCH DAMAGE OR IF SUCH DAMAGE
COULD HAVE BEEN REASONABLY FORESEEN, AND NOTWITHSTANDING ANY
FAILURE OF ESSENTIAL PURPOSE OF ANY EXCLUSIVE REMEDY PROVIDED.
SUCH LIMITATION ON DAMAGES INCLUDES, BUT IS NOT LIMITED TO,
DAMAGES FOR LOSS OF GOODWILL, LOST PROFITS, LOSS OF DATA OR
SOFTWARE, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION OR
IMPAIRMENT OF OTHER GOODS. IN NO EVENT WILL THE AUTHORS BE
LIABLE FOR THE COSTS OF PROCUREMENT OF SUBSTITUTE SOFTWARE OR
SERVICES. YOU ACKNOWLEDGE THAT THIS SOFTWARE IS NOT DESIGNED
FOR USE IN ON-LINE EQUIPMENT IN HAZARDOUS ENVIRONMENTS SUCH AS
OPERATION OF NUCLEAR FACILITIES, AIRCRAFT NAVIGATION OR CONTROL,
OR LIFE-CRITICAL APPLICATIONS. THE AUTHORS EXPRESSLY DISCLAIM ANY
LIABILITY RESULTING FROM USE OF THE SOFTWARE IN ANY SUCH ON-LINE
EQUIPMENT IN HAZARDOUS ENVIRONMENTS AND ACCEPTS NO LIABILITY IN
RESPECT OF ANY ACTIONS OR CLAIMS BASED ON THE USE OF THE
SOFTWARE IN ANY SUCH ON-LINE EQUIPMENT IN HAZARDOUS
ENVIRONMENTS BY YOU. FOR PURPOSES OF THIS PARAGRAPH, THE TERM
"LIFE-CRITICAL APPLICATION" MEANS AN APPLICATION IN WHICH THE
FUNCTIONING OR MALFUNCTIONING OF THE SOFTWARE MAY RESULT
DIRECTLY OR INDIRECTLY IN PHYSICAL INJURY OR LOSS OF HUMAN LIFE.
JRE
JRE
To download and install the software, follow the steps below.
LEGAL NOTICE - READ BEFORE DOWNLOADING OR OTHERWISE USING THIS
SOFTWARE.
ATTENTION: USE OF THE SOFTWARE IS SUBJECT TO THE HP SOFTWARE
LICENSE TERMS, AND SUPPLEMENTAL RESTRICTIONS SET FORTH BELOW
AND THE HP WARRANTY DISCLAIMER ATTACHED.CLICK ON THE "I ACCEPT"
BOX BELOW TO INDICATE YOUR ACCEPTANCE OF THESE TERMS. IF YOU DO
NOT ACCEPT THESE TERMS FULLY, YOU MAY NOT INSTALL OR OTHERWISE
USE THE SOFTWARE. NOTWITHSTANDING ANYTHING TO THE CONTRARY IN
THIS NOTICE, INSTALLING OR OTHERWISE USING THE SOFTWARE
INDICATES YOUR ACCEPTANCE OF THESE LICENSE TERMS.
The following terms govern your use of the Software unless you have a
separate written agreement with HP.
License grant
HP grants you a license to Use one copy of the Software. "Use" means storing,
loading, installing, executing or displaying the Software. You may not modify
the Software or disable any licensing or control features of the Software. If the
Software is licensed for "concurrent use", you may not allow more than the
maximum number of authorized users to Use the Software concurrently.
Ownership
The Software is owned and copyrighted by HP or its third party suppliers. Your
license confers no title or ownership in the Software and is not a sale of any
rights in the Software. HP's third party suppliers may protect their rights in the
event of any violation of these License Terms.
Copies and Adaptations
You may only make copies or adaptations of the Software for archival
purposes or when copying or adaptation is an essential step in the authorized
Use of the Software. You must reproduce all copyright notices in the original
Software on all copies or adaptations. You may not copy the Software onto
any bulletin board or similar system.
No disassembly or decryption
JRE
You may not disassemble or decompile the Software unless HP's prior written
consent is obtained. In some jurisdictions, HP's consent may not be required
for disassembly or decompilation. Upon request, you will provide HP with
reasonably detailed information regarding any disassembly or decompilation.
You may not decrypt the Software unless decryption is a necessary part of the
operation of the Software.
Transfer
Your license will automatically terminate upon any transfer of the Software.
Upon transfer, you must deliver the Software, including any copies and related
documentation, to the transferee. The transferee must accept these License
Terms as a condition to the transfer.
Termination
HP may terminate your license upon notice for failure to comply with any of
these License Terms. Upon termination, you must immediately destroy the
Software, together with all copies, adaptations and merged portions in any
form.
Export requirements
The software you are about to download contains cryptography technology.
Some countries regulate the import, use and/or export of certain products with
cryptography. HP makes no claims as to the applicability of local country
import, use and/or export regulations in relation to the download of this
product. If you are located outside the U.S. and Canada you are advised to
consult your local country regulations to insure compliance.
You may not export or re-export this software or any copy or adaptation in
violation of any applicable laws or regulations.
Without limiting the generality of the foregoing, hardware, software,
technology or services provided under this license agreement may not be
exported, reexported, transferred or downloaded to or within (or to a national
resident of) countries under U.S. economic embargo including the following
countries:
Cuba, Iran, Iraq, Libya, North Korea, Sudan and Syria.
This list is subject to change.
JRE
Hardware, software, technology or services may not be exported, reexported,
transferred or downloaded to persons or entities listed on the U.S. Department
of Commerce Denied Persons List, Entity List of proliferation concern or on any
U.S. Treasury Department Designated Nationals exclusion list, or to parties
directly or indirectly involved in the development or production of nuclear,
chemical, biological weapons or in missile technology programs as specified in
the U.S. Export Administration Regulations (15 CFR 744).
By accepting this license agreement you confirm that you are not located in
(or a national resident of) any country under U.S. economic embargo, not
identified on any U.S. Department of Commerce Denied Persons List, Entity
List or Treasury Department Designated Nationals exclusion list, and not
the U.S. Export Administration Regulations.
U.S. government restricted rights
The Software and any accompanying documentation have been developed
entirely at private expense. They are delivered and licensed as "commercial
computer software" as defined in DFARS 252.227-7013 (Oct 1988), DFARS
252.211-7015 (May 1991) or DFARS 252.227-7014 (Jun 1995), as a
"commercial item" as defined in FAR2.101(a), or as "Restricted computer
software" as defined in FAR 52.227-19 (Jun 1987)(or any equivalent agency
regulation or contract clause), whichever is applicable. You have only those
rights provided for such Software and any accompanying documentation by
the applicable FAR or DFARS clause or the HP standard software agreement for
the product involved.
Supplemental restrictions
You acknowledge the Software is not designed or intended for use in on-line
control of aircraft, air traffic, aircraft navigation, or aircraft communications; or
in the design, construction, operation or maintenance of any nuclear facility.
HP disclaims any express or implied warranty of fitness for such uses.
Warranty at Download:
HP warranty statement
Duration of limited warranty: 90 days
HP warrants to you, the end customer, that HP hardware, accessories, and
supplies will be free from defects in materials and workmanship after the date
of purchase for the period specified above. If HP receives notice of such
defects during the warranty period, HP will, at its option, either repair or
replace products which prove to be defective. Replacement products may be
either new or equivalent in performance to new.
JRE
HP warrants to you that HP Software will not fail to execute its programming
instructions after the date of purchase, for the period specified above, due to
defects in materials and workmanship when properly installed and used. If HP
receives notice of such defects during the warranty period, HP will replace
Software which does not execute its programming instructions due to such
defects.
HP does not warrant that the operation of HP products will be uninterrupted or
error free. If HP is unable, within a reasonable time, to repair or replace any
product to a condition warranted, you will be entitled to a refund of the
purchase price upon prompt return of the product. Alternatively, in the case of
HP Software, you will be entitled to a refund of the purchase price upon
prompt delivery to HP of written notice from you confirming destruction of the
HP Software, together with all copies, adaptations, and merged portions in any
form.
HP products may contain remanufactured parts equivalent to new in
performance or may have been subject to incidental use.
Warranty does not apply to defects resulting from:
a. Improper or inadequate maintenance or calibration;
b. Software, interfacing, parts or supplies not supplied by HP,
c. Unauthorized modification or misuse;
d. Operation outside of the published environmental specifications for the
product, or
e. Improper site preparation or maintenance.
TO THE EXTENT ALLOWED BY LOCAL LAW, THE ABOVE WARRANTIES ARE
EXCLUSIVE AND NO OTHER WARRANTY OR CONDITION, WHETHER WRITTEN
OR ORAL, IS EXPRESSED OR IMPLIED AND HP SPECIFICALLY DISCLAIMS ANY
IMPLIED WARRANTIES OR CONDITIONS OF MERCHANTABILITY,
SATISFACTORY QUALITY, AND FITNESS FOR A PARTICULAR PURPOSE. Some
countries, states, or provinces do not allow limitations on the duration of an
implied warranty, so the above limitation or exclusion may not apply to you.
This warranty gives you specific legal rights and you might also have other
rights that vary from country to country, state to state, or province to
province.
JRE
TO THE EXTENT ALLOWED BY LOCAL LAW, THE REMEDIES IN THIS
WARRANTY STATEMENT ARE YOUR SOLE AND EXCLUSIVE REMEDIES. EXCEPT
AS INDICATED ABOVE, IN NO EVENT WILL HP OR ITS SUPPLIERS BE LIABLE
FOR LOSS OF DATA OR FOR DIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL
(INCLUDING LOST PROFIT OR DATA), OR OTHER DAMAGE, WHETHER BASED
IN CONTRACT, TORT, OR OTHERWISE. Some countries, states, or provinces do
not allow the exclusion or limitation of incidental or consequential damages, so
the above limitation may not apply to you.
License Installed with Software:
HP-UX Runtime Environment, for the Java(tm) 2 Platform
ATTENTION: USE OF THE SOFTWARE IS SUBJECT TO THE HP SOFTWARE
LICENSE TERMS AND SUPPLEMENTAL RESTRICTIONS SET FORTH BELOW AND
THE WARRANTY DISCLAIMER ATTACHED. IF YOU DO NOT ACCEPT THESE
TERMS FULLY, YOU MAY NOT INSTALL OR OTHERWISE USE THE SOFTWARE.
NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS NOTICE,
INSTALLING OR OTHERWISE USING THE SOFTWARE INDICATES YOUR
ACCEPTANCE OF THESE LICENSE TERMS.
HP SOFTWARE LICENSE TERMS
separate written agreement with HP. HP has the right to change these terms
and conditions at any time, with or without notice.
License Grant
Ownership
JRE
No Disassembly or Decryption
Transfer
Termination
form.
Export Requirements
You may not export or re-export the Software or any copy or adaptation in
This software or any copy or adaptation may not be exported, reexported or
transferred to or within countries under U.S. economic embargo including the
following countries: Afghanistan (Taliban-controlled areas), Cuba, Iran, Iraq,
Libya, North Korea, Serbia, Sudan and Syria.
This software or any copy or adaptation may not be exported, reexported or
transferred to persons or entities listed on the U.S. Department of Commerce
Denied Parties List or on any U.S. Treasury Department Designated Nationals
exclusion list, or to any party directly or indirectly involved in the development
or production of nuclear, chemical, biological weapons or related missile
technology programs as specified in the U.S. Export Administration
Regulations (15 CFR 730).
U.S. Government Restricted Rights
JRE
the product involved.
SUPPLEMENTAL RESTRICTIONS
ADDITIONAL SUPPLEMENTAL RESTRICTIONS FOR HP-UX RUNTIME
ENVIRONMENT,
FOR THE JAVA(TM) 2 PLATFORM
* License to Distribute HP-UX Runtime Environment, for the Java(tm) 2
Platform. You are granted a royalty-free right to reproduce and distribute the
HP-UX Runtime Environment, for Java provided that you distribute the HP-UX
Runtime Environment, for the Java 2 Platform complete and unmodified, only
as a part of, and for the sole purpose of running your Java compatible applet
or application ("Program") into which the HP-UX Runtime Environment, for the
Java 2 Platform is incorporated.
* Java Platform Interface. Licensee may not modify the Java Platform
Interface ("JPI", identified as classes contained within the "java" package or
any subpackages of the "java" package), by creating additional classes within
the JPI or otherwise causing the addition to or modification of the classes in
the JPI. In the event that Licensee creates any Java-related API and
distributes such API to others for applet or application development, Licensee
must promptly publish broadly, an accurate specification for such API for free
use by all developers of Java-based software.
* You may make the HP-UX Runtime Environment, for the Java 2 Platform
accessible to application programs developed by you provided that the
programs allow such access only through the Invocation Interface specified
and provided that you shall not expose or document other interfaces that
permit access to such HP-UX Runtime Environment, for the Java 2 Platform.
You shall not be restricted hereunder from exposing or documenting interfaces
to software components that use or access the HP-UX Runtime Environment,
for the Java 2 Platform.
JRE
HP WARRANTY STATEMENT
DURATION OF LIMITED WARRANTY: 90 DAYS
supplies will be free from defects in materials and workmanship after the date
of purchase for the period specified above. If HP receives notice of such
defects during the warranty period, HP will, at its option, either repair or
replace products which prove to be defective. Replacement products may be
either new or equivalent in performance to new.
HP warrants to you that HP Software will not fail to execute its programming
instructions after the date of purchase, for the period specified above, due to
defects in materials and workmanship when properly installed and used. If HP
receives notice of such defects during the warranty period, HP will replace
Software which does not execute its programming instructions due to such
defects.
HP does not warrant that the operation of HP products will be uninterrupted or
error free. If HP is unable, within a reasonable time, to repair or replace any
product to a condition warranted, you will be entitled to a refund of the
purchase price upon prompt return of the product. Alternatively, in the case of
HP Software, you will be entitled to a refund of the purchase price upon
prompt delivery to HP of written notice from you confirming destruction of the
HP Software, together with all copies, adaptations, and merged portions in any
form.
(a) improper or inadequate maintenance or calibration;
(b) software,interfacing, parts or supplies not supplied by HP,
(c) unauthorized modification or misuse;
(d) operation outside of the published environmental specifications for the
product,
(e) improper site preparation or maintenance, or
(f) the presence of code from HP suppliers embedded in or bundled with any
HP product.
JRE
EXCLUSIVE AND NO OTHER WARRANTY OR CONDITION, WHETHER WRITTEN
OR ORAL, IS EXPRESSED OR IMPLIED AND HP SPECIFICALLY DISCLAIMS ANY
IMPLIED WARRANTIES OR CONDITIONS OF MERCHANTABILITY,
SATISFACTORY QUALITY, AND FITNESS FOR A PARTICULAR PURPOSE. Some
countries, states, or provinces do not allow limitations on the duration of an
implied warranty, so the above limitation or exclusion may not apply to you.
This warranty gives you specific legal rights and you might also have other
rights that vary from country to country, state to state, or province to
province.
WARRANTY STATEMENT ARE YOUR SOLE AND EXCLUSIVE REMEDIES. EXCEPT
AS INDICATED ABOVE, IN NO EVENT WILL HP OR ITS SUPPLIERS BE LIABLE
FOR LOSS OF DATA OR FOR DIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL
(INCLUDING LOST PROFIT OR DATA), OR OTHER DAMAGE, WHETHER BASED
IN CONTRACT, TORT, OR OTHERWISE. Some countries, states, or provinces do
not allow the exclusion or limitation of incidental or consequential damages, so
the above limitation may not apply to you.
HP JRE 1.4.2.08
HP JRE 1.4.2.08
License RTE version 1.4.2.08
PA-RISC
ATTENTION: ATTENTION: USE OF THE SOFTWARE IS SUBJECT TO THE HP
SOFTWARE LICENSE TERMS AND SUPPLEMENTAL RESTRICTIONS SET FORTH
BELOW, THIRD PARTY SOFTWARE LICENSE TERMS FOUND IN THE
THIRDPARTYLICENSEREADME.TXT FILE AND THE WARRANTY DISCLAIMER
ATTACHED. IF YOU DO NOT ACCEPT THESE TERMS FULLY, YOU MAY NOT
INSTALL OR OTHERWISE USE THE SOFTWARE. NOTWITHSTANDING
ANYTHING TO THE CONTRARY IN THIS NOTICE, INSTALLING OR OTHERWISE
USING THE SOFTWARE INDICATES YOUR ACCEPTANCE OF THESE LICENSE
TERMS.
HP software license terms
separate written agreement with HP. HP has the right to change these terms
and conditions at any time, with or without notice.
License grant
Ownership
Third Party Code
Some third-party code embedded or bundled with the Software is licensed to
you under different terms and conditions as set forth in the
THIRDPARTYLICENSEREADME.txt file. In addition to any terms and conditions
of any third party license identified in the THIRDPARTYLICENSEREADME.txt
file, the disclaimer of warranty and limitation of liability provisions in this
license shall apply to all code distributed as part of or bundled with the
Software.
Source Code
HP JRE 1.4.2.08
Software may contain source code that, unless expressly licensed for other
purposes, is provided solely for reference purposes pursuant to the terms of
this license. Source code may not be redistributed unless expressly provided
for in these License Terms.
No disassembly or decryption
Transfer
Termination
form.
Export requirements
The software you are about to download contains cryptography technology.
Some countries regulate the import, use and/or export of certain products with
cryptography. HP makes no claims as to the applicability of local country
import, use and/or export regulations in relation to the download of this
product. If you are located outside the U.S. and Canada you are advised to
consult your local country regulations to insure compliance.
You may not export or re-export this software or any copy or adaptation in
HP JRE 1.4.2.08
Without limiting the generality of the foregoing, hardware, software,
technology or services provided under this license agreement may not be
exported, reexported, transferred or downloaded to or within (or to a national
resident of) countries under U.S. economic embargo including the following
countries:
Cuba, Iran, Iraq, Libya, North Korea, Sudan and Syria.
Hardware, software, technology or services may not be exported, reexported,
transferred or downloaded to persons or entities listed on the U.S. Department
of Commerce Denied Persons List, Entity List of proliferation concern or on any
U.S. Treasury Department Designated Nationals exclusion list, or to parties
the U.S. Export Administration Regulations (15 CFR 744).
By accepting this license agreement you confirm that you are not located in
(or a national resident of) any country under U.S. economic embargo, not
identified on any U.S. Department of Commerce Denied Persons List, Entity
List or Treasury Department Designated Nationals exclusion list, and not
the U.S. Export Administration Regulations.
U.S. government restricted rights
the product involved. The owner is Hewlett-Packard Company, 3000 Hanover
Street, Palo Alto, California 94304.
Supplemental restrictions
ADDITIONAL SUPPLEMENTAL RESTRICTIONS FOR HP-UX RUNTIME
ENVIRONMENT, FOR THE JAVA™ 2 PLATFORM
HP JRE 1.4.2.08

License to Distribute HP-UX Runtime Environment, for the Java™ 2
Platform. You are granted a royalty-free right to reproduce and distribute
the HP-UX Runtime Environment, for Java provided that you distribute the
HP-UX Runtime Environment, for the Java 2 Platform complete and
unmodified, only as a part of, and for the sole purpose of running your
Java compatible applet or application ("Program") into which the HP-UX
Runtime Environment, for the Java 2 Platform is incorporated.

Java Platform Interface. Licensee may not modify the Java Platform
Interface ("JPI", identified as classes contained within the "java" package
or any subpackages of the "java" package), by creating additional classes
within the JPI or otherwise causing the addition to or modification of the
classes in the JPI. In the event that Licensee creates any Java-related API
and distributes such API to others for applet or application development,
Licensee must promptly publish broadly, an accurate specification for such
API for free use by all developers of Java-based software.

You may make the HP-UX Runtime Environment, for the Java 2 Platform
accessible to application programs developed by you provided that the
programs allow such access only through the Invocation Interface
specified and provided that you shall not expose or document other
interfaces that permit access to such HP-UX Runtime Environment, for the
Java 2 Platform. You shall not be restricted hereunder from exposing or
documenting interfaces to software components that use or access the HPUX Runtime Environment, for the Java 2 Platform.
________________________________________
HP warranty statement
Duration of limited warranty: 90 days

supplies will be free from defects in materials and workmanship after the
date of purchase for the period specified above. If HP receives notice of
such defects during the warranty period, HP will, at its option, either repair
or replace products which prove to be defective. Replacement products
may be either new or equivalent in performance to new.

HP warrants to you that HP Software will not fail to execute its
programming instructions after the date of purchase, for the period
specified above, due to defects in materials and workmanship when
properly installed and used. If HP receives notice of such defects during
the warranty period, HP will replace Software which does not execute its
programming instructions due to such defects.
HP JRE 1.4.2.08

HP does not warrant that the operation of HP products will be
uninterrupted or error free. If HP is unable, within a reasonable time, to
repair or replace any product to a condition warranted, you will be entitled
to a refund of the purchase price upon prompt return of the product.
Alternatively, in the case of HP Software, you will be entitled to a refund of
the purchase price upon prompt delivery to HP of written notice from you
confirming destruction of the HP Software, together with all copies,
adaptations, and merged portions in any form.

a. Improper or inadequate maintenance or calibration;
b. Software, interfacing, parts or supplies not supplied by HP,
c. Unauthorized modification or misuse;
d. Operation outside of the published environmental specifications for
the product, or
e. Improper site preparation or maintenance.

EXCLUSIVE AND NO OTHER WARRANTY OR CONDITION, WHETHER
WRITTEN OR ORAL, IS EXPRESSED OR IMPLIED AND HP SPECIFICALLY
DISCLAIMS ANY IMPLIED WARRANTIES OR CONDITIONS OF
MERCHANTABILITY, SATISFACTORY QUALITY, AND FITNESS FOR A
PARTICULAR PURPOSE. Some countries, states, or provinces do not allow
limitations on the duration of an implied warranty, so the above limitation
or exclusion may not apply to you. This warranty gives you specific legal
rights and you might also have other rights that vary from country to
country, state to state, or province to province.
WARRANTY STATEMENT ARE YOUR SOLE AND EXCLUSIVE REMEDIES.
EXCEPT AS INDICATED ABOVE, IN NO EVENT WILL HP OR ITS SUPPLIERS
BE LIABLE FOR LOSS OF DATA OR FOR DIRECT, SPECIAL, INCIDENTAL,
CONSEQUENTIAL (INCLUDING LOST PROFIT OR DATA), OR OTHER
DAMAGE, WHETHER BASED IN CONTRACT, TORT, OR OTHERWISE. Some
countries, states, or provinces do not allow the exclusion or limitation of
incidental or consequential damages, so the above limitation may not
apply to you.
IBM Developer Kit for Linux
IBM Developer Kit for Linux, Java 2 Technology Edition
International License Agreement for Non-Warranted Programs
Part 1 - General Terms
BY DOWNLOADING, INSTALLING, COPYING, ACCESSING, OR USING THE
PROGRAM YOU AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU ARE
ACCEPTING THESE TERMS ON BEHALF OF ANOTHER PERSON OR A COMPANY
OR OTHER LEGAL ENTITY, YOU REPRESENT AND WARRANT THAT YOU HAVE
FULL AUTHORITY TO BIND THAT PERSON, COMPANY, OR LEGAL ENTITY TO
THESE TERMS. IF YOU DO NOT AGREE TO THESE TERMS,
- DO NOT DOWNLOAD, INSTALL, COPY, ACCESS, OR USE THE PROGRAM; AND
- PROMPTLY RETURN THE PROGRAM AND PROOF OF ENTITLEMENT TO THE
PARTY FROM WHOM YOU ACQUIRED IT TO OBTAIN A REFUND OF THE
AMOUNT YOU PAID. IF YOU DOWNLOADED THE PROGRAM, CONTACT THE
PARTY FROM WHOM YOU ACQUIRED IT.
"IBM" is International Business Machines Corporation or one of its subsidiaries.
"License Information" ("LI") is a document that provides information specific to
a Program. The Program's LI is available at http://www.ibm.com/software/sla/
. The LI may also be found in a file in the Program's directory, by the use of a
system command, or as a booklet which accompanies the Program.
"Program" is the following, including the original and all whole or partial
copies: 1) machine-readable instructions and data, 2) components, 3) audiovisual content (such as images, text, recordings, or pictures), 4) related
licensed materials, and 5) license use documents or keys, and documentation.
A "Proof of Entitlement" ("PoE") is evidence of Your authorization to use a
Program at a specified level. That level may be measured, for example, by the
number of processors or users. The PoE is also evidence of Your eligibility for
future upgrade prices, if any, and potential special or promotional
opportunities. If IBM does not provide You with a PoE, then IBM may accept
the original paid sales receipt or other sales record from the party (either IBM
or its reseller) from whom You acquired the Program, provided that it specifies
the name of the Program and the usage level acquired.
"You" and "Your" refer either to an individual person or to a single legal entity.
This Agreement includes Part 1 - General Terms, Part 2 - Country-unique
Terms (if any), License Information, and Proof of Entitlement and is the
complete agreement between You and IBM regarding the use of the Program.
It replaces any prior oral or written communications between You and IBM
concerning Your use of the Program. The terms of Part 2 and License
Information may replace or modify those of Part 1. To the extent there is a
conflict between the terms of this Agreement and those of the IBM
International Passport Advantage Agreement, the terms of the latter
agreement prevail.
1. Entitlement
License
The Program is owned by IBM or an IBM supplier, and is copyrighted and
licensed, not sold.
IBM grants You a nonexclusive license to use the Program when You lawfully
acquire it.
You may 1) use the Program up to the level of use specified in the PoE and 2)
make and install copies, including a backup copy, to support such use. The
terms of this license apply to each copy You make. You will reproduce all
copyright notices and all other legends of ownership on each copy, or partial
copy, of the Program.
If You acquire the Program as a program upgrade, after You install the
upgrade You may not use the Program from which You upgraded or transfer it
to another party.
You will ensure that anyone who uses the Program (accessed either locally or
remotely) does so only for Your authorized use and complies with the terms of
this Agreement.
You may not 1) use, copy, modify, or distribute the Program except as
provided in this Agreement; 2) reverse assemble, reverse compile, or
otherwise translate the Program except as specifically permitted by law
without the possibility of contractual waiver; or 3) sublicense, rent, or lease
the Program.
IBM may terminate Your license if You fail to comply with the terms of this
Agreement. If IBM does so, You must destroy all copies of the Program and its
PoE.
Money-back Guarantee
If for any reason You are dissatisfied with the Program and You are the
original licensee, You may obtain a refund of the amount You paid for it, if
within 30 days of Your invoice date You return the Program and its PoE to the
party from whom You obtained it. If You downloaded the Program, You may
contact the party from whom You acquired it for instructions on how to obtain
the refund.
Program Transfer
You may transfer a Program and all of Your license rights and obligations to
another party only if that party agrees to the terms of this Agreement. When
You transfer the Program, You must also transfer a copy of this Agreement,
including the Program's PoE. After the transfer, You may not use the Program.
2. Charges
The amount payable for a Program license is a one-time charge.
One-time charges are based on the level of use acquired which is specified in
the PoE. IBM does not give credits or refunds for charges already due or paid,
except as specified elsewhere in this Agreement.
If You wish to increase the level of use, notify IBM or the party from whom
You acquired it and pay any applicable charges.
If any authority imposes a duty, tax, levy or fee, excluding those based on
IBM's net income, upon the Program, then You agree to pay the amount
specified or supply exemption documentation. You are responsible for any
personal property taxes for the Program from the date that You acquire it.
3. No Warranty
SUBJECT TO ANY STATUTORY WARRANTIES WHICH CAN NOT BE EXCLUDED,
IBM MAKES NO WARRANTIES OR CONDITIONS EITHER EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OR
CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
AND NON-INFRINGEMENT, REGARDING THE PROGRAM OR TECHNICAL
SUPPORT, IF ANY.
The exclusion also applies to any of IBM's Program developers and suppliers.
Manufacturers, suppliers, or publishers of non-IBM Programs may provide their
own warranties.
IBM does not provide technical support, unless IBM specifies otherwise.
4. Limitation of Liability
Circumstances may arise where, because of a default on IBM's part or other
liability, You are entitled to recover damages from IBM. In each such instance,
regardless of the basis on which You may be entitled to claim damages from
IBM, (including fundamental breach, negligence, misrepresentation, or other
contract or tort claim), IBM is liable for no more than 1) damages for bodily
injury (including death) and damage to real property and tangible personal
property and 2) the amount of any other actual direct damages up to the
charges for the Program that is the subject of the claim.
This limitation of liability also applies to IBM's Program developers and
suppliers. It is the maximum for which they and IBM are collectively
responsible.
UNDER NO CIRCUMSTANCES IS IBM, ITS PROGRAM DEVELOPERS OR
SUPPLIERS LIABLE FOR ANY OF THE FOLLOWING, EVEN IF INFORMED OF
THEIR POSSIBILITY:
1. LOSS OF, OR DAMAGE TO, DATA;
2. SPECIAL, INCIDENTAL, OR INDIRECT DAMAGES, OR FOR ANY
ECONOMIC CONSEQUENTIAL DAMAGES; OR
3. LOST PROFITS, BUSINESS, REVENUE, GOODWILL, OR ANTICIPATED
SAVINGS.
SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF
INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR
EXCLUSION MAY NOT APPLY TO YOU.
5. General
1. Nothing in this Agreement affects any statutory rights of consumers
that cannot be waived or limited by contract.
2. In the event that any provision of this Agreement is held to be
invalid or unenforceable, the remaining provisions of this Agreement remain in
full force and effect.
3. You agree to comply with all applicable export and import laws and
regulations.
4. You agree to allow IBM to store and use Your contact information,
including names, phone numbers, and e-mail addresses, anywhere they do
business. Such information will be processed and used in connection with our
business relationship, and may be provided to contractors, Business Partners,
and assignees of IBM for uses consistent with their collective business
activities, including communicating with You (for example, for processing
orders, for promotions, and for market research).
5. Neither You nor IBM will bring a legal action under this Agreement
more than two years after the cause of action arose unless otherwise provided
by local law without the possibility of contractual waiver or limitation.
6. Neither You nor IBM is responsible for failure to fulfill any
obligations due to causes beyond its control.
7. This Agreement will not create any right or cause of action for any
third party, nor will IBM be responsible for any third party claims against You
except, as permitted by the Limitation of Liability section above, for bodily
injury (including death) or damage to real or tangible personal property for
which IBM is legally liable.
6. Governing Law, Jurisdiction, and Arbitration
Governing Law
Both You and IBM consent to the application of the laws of the country in
which You acquired the Program license to govern, interpret, and enforce all of
Your and IBM's rights, duties, and obligations arising from, or relating in any
manner to, the subject matter of this Agreement, without regard to conflict of
law principles.
The United Nations Convention on Contracts for the International Sale of
Goods does not apply.
Jurisdiction
All of our rights, duties, and obligations are subject to the courts of the
country in which You acquired the Program license.
Part 2 - Country-unique Terms
AMERICAS
ARGENTINA: Governing Law, Jurisdiction, and Arbitration (Section 6): The
following exception is added to this section:
Any litigation arising from this Agreement will be settled exclusively by the
Ordinary Commercial Court of the city of Buenos Aires.
BRAZIL: Governing Law, Jurisdiction, and Arbitration (Section 6): The
following exception is added to this section:
Any litigation arising from this Agreement will be settled exclusively by the
court of Rio de Janeiro, RJ.
CANADA: General (Section 5): The following replaces item 7:
7. This Agreement will not create any right or cause of action for any third
party, nor will IBM be responsible for any third party claims against You except
as permitted by the Limitation of Liability section above for bodily injury
(including death) or physical harm to real or tangible personal property caused
by IBM's negligence for which IBM is legally liable."
Governing Law, Jurisdiction, and Arbitration (Section 6): The phrase "the laws
of the country in which You acquired the Program license" in the Governing
Law subsection is replaced by the following:
the laws in the Province of Ontario"
PERU: Limitation of Liability (Section 4): The following is added at the end of
this section:
In accordance with Article 1328 of the Peruvian Civil Code, the limitations and
exclusions specified in this section will not apply to damages caused by IBM's
willful misconduct ("dolo") or gross negligence ("culpa inexcusable").
UNITED STATES OF AMERICA: General (Section 5): The following is added to
this section:
U.S. Government Users Restricted Rights - Use, duplication or disclosure
restricted by the GSA ADP Schedule Contract with the IBM Corporation.
the laws of the State of New York, United States of America
ASIA PACIFIC
AUSTRALIA: No Warranty (Section 3): The following is added:
Although IBM specifies that there are no warranties, You may have certain
rights under the Trade Practices Act 1974 or other legislation and are only
limited to the extent permitted by the applicable legislation.
Limitation of Liability (Section 4): The following is added:
Where IBM is in breach of a condition or warranty implied by the Trade
Practices Act 1974, IBM's liability is limited to the repair or replacement of the
goods, or the supply of equivalent goods. Where that condition or warranty
relates to right to sell, quiet possession or clear title, or the goods are of a
kind ordinarily acquired for personal, domestic or household use or
consumption, then none of the limitations in this paragraph apply.
the laws of the State or Territory in which You acquired the Program license
CAMBODIA, LAOS, and VIETNAM: Governing Law, Jurisdiction, and Arbitration
(Section 6): The phrase "the laws of the country in which You acquired the
Program license" in the Governing Law subsection is replaced by the following:
the laws of the State of New York, United States of America
The following is added to this section:
Arbitration
Disputes arising out of or in connection with this Agreement shall be finally
settled by arbitration which shall be held in Singapore in accordance with the
Arbitration Rules of Singapore International Arbitration Center ("SIAC Rules")
then in effect. The arbitration award shall be final and binding for the parties
without appeal and shall be in writing and set forth the findings of fact and the
conclusions of law.
The number of arbitrators shall be three, with each side to the dispute being
entitled to appoint one arbitrator. The two arbitrators appointed by the parties
shall appoint a third arbitrator who shall act as chairman of the proceedings.
Vacancies in the post of chairman shall be filled by the president of the SIAC.
Other vacancies shall be filled by the respective nominating party. Proceedings
shall continue from the stage they were at when the vacancy occurred.
If one of the parties refuses or otherwise fails to appoint an arbitrator within
30 days of the date the other party appoints its, the first appointed arbitrator
shall be the sole arbitrator, provided that the arbitrator was validly and
properly appointed.
All proceedings shall be conducted, including all documents presented in such
proceedings, in the English language. The English language version of this
Agreement prevails over any other language version.
HONG KONG S.A.R. and MACAU S.A.R. of China: Governing Law, Jurisdiction,
and Arbitration (Section 6): The phrase "the laws of the country in which You
acquired the Program license" in the Governing Law subsection is replaced by
the following:
the laws of Hong Kong Special Administrative Region of China
INDIA: Limitation of Liability (Section 4): The following replaces the terms of
items 1 and 2 of the first paragraph:
1) liability for bodily injury (including death) or damage to real property and
tangible personal property will be limited to that caused by IBM's negligence;
and 2) as to any other actual damage arising in any situation involving
nonperformance by IBM pursuant to, or in any way related to the subject of
this Agreement, IBM's liability will be limited to the charge paid by You for the
individual Program that is the subject of the claim.
General (Section 5): The following replaces the terms of item 5:
If no suit or other legal action is brought, within three years after the cause of
action arose, in respect of any claim that either party may have against the
other, the rights of the concerned party in respect of such claim will be
forfeited and the other party will stand released from its obligations in respect
of such claim.
Governing Law, Jurisdiction, and Arbitration (Section 6): The following is
added to this section:
Arbitration
settled by arbitration which shall be held in Bangalore, India in accordance
with the laws of India then in effect. The arbitration award shall be final and
binding for the parties without appeal and shall be in writing and set forth the
findings of fact and the conclusions of law.
Vacancies in the post of chairman shall be filled by the president of the Bar
Council of India. Other vacancies shall be filled by the respective nominating
party. Proceedings shall continue from the stage they were at when the
vacancy occurred.
properly appointed.
JAPAN: General (Section 5): The following is inserted after item 5:
Any doubts concerning this Agreement will be initially resolved between us in
good faith and in accordance with the principle of mutual trust.
MALAYSIA: Limitation of Liability (Section 4): The word "SPECIAL" in item 2 of
the third paragraph is deleted:
NEW ZEALAND: No Warranty (Section 3): The following is added:
Although IBM specifies that there are no warranties, You may have certain
rights under the Consumer Guarantees Act 1993 or other legislation which
cannot be excluded or limited. The Consumer Guarantees Act 1993 will not
apply in respect of any goods which IBM provides, if You require the goods for
the purposes of a business as defined in that Act.
Limitation of Liability (Section 4): The following is added:
Where Programs are not acquired for the purposes of a business as defined in
the Consumer Guarantees Act 1993, the limitations in this Section are subject
to the limitations in that Act.
PEOPLE'S REPUBLIC OF CHINA: Charges (Section 2): The following is added:
All banking charges incurred in the People's Republic of China will be borne by
You and those incurred outside the People's Republic of China will be borne by
IBM.
the laws of the State of New York, United States of America (except when local
law requires otherwise)
PHILIPPINES: Limitation of Liability (Section 4): The following replaces the
terms of item 2 of the third paragraph:
2. special (including nominal and exemplary damages), moral, incidental, or
indirect damages or for any economic consequential damages; or
Governing Law, Jurisdiction, and Arbitration (Section 6): The following is
added to this section:
Arbitration
settled by arbitration which shall be held in Metro Manila, Philippines in
accordance with the laws of the Philippines then in effect. The arbitration
award shall be final and binding for the parties without appeal and shall be in
writing and set forth the findings of fact and the conclusions of law.
Vacancies in the post of chairman shall be filled by the president of the
Philippine Dispute Resolution Center, Inc. Other vacancies shall be filled by the
respective nominating party. Proceedings shall continue from the stage they
were at when the vacancy occurred.
properly appointed.
SINGAPORE: Limitation of Liability (Section 4): The words "SPECIAL" and
"ECONOMIC" are deleted from item 2 of the third paragraph.
Subject to the rights provided to IBM's suppliers and Program developers as
provided in Section 4 above (Limitation of Liability), a person who is not a
party to this Agreement shall have no right under the Contracts (Right of Third
Parties) Act to enforce any of its terms.
EUROPE, MIDDLE EAST, AFRICA (EMEA)
No Warranty (Section 3): In the European Union, the following is added at the
beginning of this section:
In the European Union, consumers have legal rights under applicable national
legislation governing the sale of consumer goods. Such rights are not affected
by the provisions of this Section 3.
Limitation of Liability (Section 4): In Austria, Denmark, Finland, Greece, Italy,
Netherlands, Norway, Portugal, Spain, Sweden and Switzerland, the following
replaces the terms of this section in its entirety:
Except as otherwise provided by mandatory law:
1. IBM's liability for any damages and losses that may arise as a consequence
of the fulfillment of its obligations under or in connection with this agreement
or due to any other cause related to this agreement is limited to the
compensation of only those damages and losses proved and actually arising as
an immediate and direct consequence of the non-fulfillment of such obligations
(if IBM is at fault) or of such cause, for a maximum amount equal to the
charges You paid for the Program.
The above limitation shall not apply to damages for bodily injuries (including
death) and damages to real property and tangible personal property for which
IBM is legally liable.
2. UNDER NO CIRCUMSTANCES IS IBM, OR ANY OF ITS PROGRAM
DEVELOPERS, LIABLE FOR ANY OF THE FOLLOWING, EVEN IF INFORMED OF
THEIR POSSIBILITY: 1) LOSS OF, OR DAMAGE TO, DATA; 2) INCIDENTAL OR
INDIRECT DAMAGES, OR FOR ANY ECONOMIC CONSEQUENTIAL DAMAGES; 3)
LOST PROFITS, EVEN IF THEY ARISE AS AN IMMEDIATE CONSEQUENCE OF
THE EVENT THAT GENERATED THE DAMAGES; OR 4) LOSS OF BUSINESS,
REVENUE, GOODWILL, OR ANTICIPATED SAVINGS.
3. The limitation and exclusion of liability herein agreed applies not only to the
activities performed by IBM but also to the activities performed by its suppliers
and Program developers, and represents the maximum amount for which IBM
as well as its suppliers and Program developers, are collectively responsible.
Limitation of Liability (Section 4): In France and Belgium, the following
replaces the terms of this section in its entirety:
Except as otherwise provided by mandatory law:
1. IBM's liability for any damages and losses that may arise as a consequence
of the fulfillment of its obligations under or in connection with this agreement
is limited to the compensation of only those damages and losses proved and
actually arising as an immediate and direct consequence of the non-fulfillment
of such obligations (if IBM is at fault), for a maximum amount equal to the
charges You paid for the Program that has caused the damages.
The above limitation shall not apply to damages for bodily injuries (including
death) and damages to real property and tangible personal property for which
IBM is legally liable.
2. UNDER NO CIRCUMSTANCES IS IBM, OR ANY OF ITS PROGRAM
DEVELOPERS, LIABLE FOR ANY OF THE FOLLOWING, EVEN IF INFORMED OF
THEIR POSSIBILITY: 1) LOSS OF, OR DAMAGE TO, DATA; 2) INCIDENTAL OR
INDIRECT DAMAGES, OR FOR ANY ECONOMIC CONSEQUENTIAL DAMAGES; 3)
LOST PROFITS, EVEN IF THEY ARISE AS AN IMMEDIATE CONSEQUENCE OF
THE EVENT THAT GENERATED THE DAMAGES; OR 4) LOSS OF BUSINESS,
REVENUE, GOODWILL, OR ANTICIPATED SAVINGS.
3. The limitation and exclusion of liability herein agreed applies not only to the
activities performed by IBM but also to the activities performed by its suppliers
and Program developers, and represents the maximum amount for which IBM
as well as its suppliers and Program developers, are collectively responsible.
Governing Law, Jurisdiction, and Arbitration (Section 6)
Governing Law
The phrase "the laws of the country in which You acquired the Program
license" is replaced by:
1) "the laws of Austria" in Albania, Armenia, Azerbeijan, Belarus, BosniaHerzegovina, Bulgaria, Croatia, Georgia, Hungary, Kazakhstan, Kyrgyzstan,
FYR Macedonia, Moldavia, Poland, Romania, Russia, Slovakia, Slovenia,
Tajikistan, Turkmenistan, Ukraine, Uzbekistan, and FR Yugoslavia;
2) "the laws of France" in Algeria, Benin, Burkina Faso, Cameroon, Cape
Verde, Central African Republic, Chad, Comoros, Congo Republic, Djibouti,
Democratic Republic of Congo, Equatorial Guinea, French Guiana, French
Polynesia, Gabon, Gambia, Guinea, Guinea-Bissau, Ivory Coast, Lebanon,
Madagascar, Mali, Mauritania, Mauritius, Mayotte, Morocco, New Caledonia,
Niger, Reunion, Senegal, Seychelles, Togo, Tunisia, Vanuatu, and Wallis &
Futuna;
3) "the laws of Finland" in Estonia, Latvia, and Lithuania;
4) "the laws of England" in Angola, Bahrain, Botswana, Burundi, Egypt,
Eritrea, Ethiopia, Ghana, Jordan, Kenya, Kuwait, Liberia, Malawi, Malta,
Mozambique, Nigeria, Oman, Pakistan, Qatar, Rwanda, Sao Tome, Saudi
Arabia, Sierra Leone, Somalia, Tanzania, Uganda, United Arab Emirates, the
United Kingdom, West Bank/Gaza, Yemen, Zambia, and Zimbabwe; and
5) "the laws of South Africa" in South Africa, Namibia, Lesotho and Swaziland.
Jurisdiction
The following exceptions are added to this section:
1) In Austria the choice of jurisdiction for all disputes arising out of this
Agreement and relating thereto, including its existence, will be the competent
court of law in Vienna, Austria (Inner-City);
2) in Angola, Bahrain, Botswana, Burundi, Egypt, Eritrea, Ethiopia, Ghana,
Jordan, Kenya, Kuwait, Liberia, Malawi, Malta, Mozambique, Nigeria, Oman,
Pakistan, Qatar, Rwanda, Sao Tome, Saudi Arabia, Sierra Leone, Somalia,
Tanzania, Uganda, United Arab Emirates, West Bank/Gaza, Yemen, Zambia,
and Zimbabwe all disputes arising out of this Agreement or related to its
execution, including summary proceedings, will be submitted to the exclusive
jurisdiction of the English courts;
3) in Belgium and Luxembourg, all disputes arising out of this Agreement or
related to its interpretation or its execution, the law, and the courts of the
capital city, of the country of Your registered office and/or commercial site
location only are competent;
4) in France, Algeria, Benin, Burkina Faso, Cameroon, Cape Verde, Central
African Republic, Chad, Comoros, Congo Republic, Djibouti, Democratic
Republic of Congo, Equatorial Guinea, French Guiana, French Polynesia,
Gabon, Gambia, Guinea, Guinea-Bissau, Ivory Coast, Lebanon, Madagascar,
Mali, Mauritania, Mauritius, Mayotte, Morocco, New Caledonia, Niger, Reunion,
Senegal, Seychelles, Togo, Tunisia, Vanuatu, and Wallis & Futuna all disputes
arising out of this Agreement or related to its violation or execution, including
summary proceedings, will be settled exclusively by the Commercial Court of
Paris;
5) in Russia, all disputes arising out of or in relation to the interpretation, the
violation, the termination, the nullity of the execution of this Agreement shall
be settled by Arbitration Court of Moscow;
6) in South Africa, Namibia, Lesotho and Swaziland, both of us agree to submit
all disputes relating to this Agreement to the jurisdiction of the High Court in
Johannesburg;
7) in Turkey all disputes arising out of or in connection with this Agreement
shall be resolved by the Istanbul Central (Sultanahmet) Courts and Execution
Directorates of Istanbul, the Republic of Turkey;
8) in each of the following specified countries, any legal claim arising out of
this Agreement will be brought before, and settled exclusively by, the
competent court of a) Athens for Greece, b) Tel Aviv-Jaffa for Israel, c) Milan
for Italy, d) Lisbon for Portugal, and e) Madrid for Spain; and
9) in the United Kingdom, both of us agree to submit all disputes relating to
this Agreement to the jurisdiction of the English courts.
Arbitration
In Albania, Armenia, Azerbeijan, Belarus, Bosnia-Herzegovina, Bulgaria,
Croatia, Georgia, Hungary, Kazakhstan, Kyrgyzstan, FYR Macedonia, Moldavia,
Poland, Romania, Russia, Slovakia, Slovenia, Tajikistan, Turkmenistan,
Ukraine, Uzbekistan, and FR Yugoslavia all disputes arising out of this
Agreement or related to its violation, termination or nullity will be finally
settled under the Rules of Arbitration and Conciliation of the International
Arbitral Center of the Federal Economic Chamber in Vienna (Vienna Rules) by
three arbitrators appointed in accordance with these rules.
The arbitration will be held in Vienna, Austria, and the official language of the
proceedings will be English. The decision of the arbitrators will be final and
binding upon both parties. Therefore, pursuant to paragraph 598 (2) of the
Austrian Code of Civil Procedure, the parties expressly waive the application of
paragraph 595 (1) figure 7 of the Code. IBM may, however, institute
proceedings in a competent court in the country of installation.
In Estonia, Latvia and Lithuania all disputes arising in connection with this
Agreement will be finally settled in arbitration that will be held in Helsinki,
Finland in accordance with the arbitration laws of Finland then in effect. Each
party will appoint one arbitrator. The arbitrators will then jointly appoint the
chairman. If arbitrators cannot agree on the chairman, then the Central
Chamber of Commerce in Helsinki will appoint the chairman.
AUSTRIA: No Warranty (Section 3): The terms of this section are completely
replaced by the following:
The following limited warranty applies if You have paid a charge to obtain the
Program:
The warranty period is twelve months from the date of delivery. The limitation
period for consumers in action for breach of warranty is the statutory period as
a minimum.
The warranty for an IBM Program covers the functionality of the Program for
its normal use and the Program's conformity to its specifications.
IBM warrants that when the Program is used in the specified operating
environment it will conform to its specifications. IBM does not warrant
uninterrupted or error-free operation of the Program or that IBM will correct all
Program defects. You are responsible for the results obtained from the use of
the Program.
The warranty applies only to the unmodified portion of the Program.
If the Program does not function as warranted during the warranty period and
the problem cannot be resolved with information available. You may return the
Program to the party from whom You acquired it and receive a refund in the
amount You paid. If You downloaded the Program, You may contact the party
from whom You acquired it to obtain the refund.
This is our sole obligation to You, except as otherwise required by applicable
statutory law.
General (Section 5): The following is added to item 4:
For purposes of this clause, contact information will also include information
about You as a legal entity, for example revenue data and other transactional
information.
GERMANY: No Warranty (Section 3): The same changes apply as those in No
Warranty (Section 3) under Austria above.
Limitation of Liability (Section 4): The following paragraph is added to this
Section:
The limitations and exclusions specified in this Section will not apply to
damages caused by IBM intentionally or by gross negligence.
Any claims resulting from this Agreement are subject to a statute of limitation
of three years, except as stated in Section 3 (No Warranty) of this Agreement.
HUNGARY: Limitation of Liability (Section 4): The following is added at the end
of this section:
The limitation and exclusion specified herein shall not apply to liability for a
breach of contract damaging life, physical well-being, or health that has been
caused intentionally, by gross negligence, or by a criminal act.
The parties accept the limitations of liability as valid provisions and state that
the Section 314.(2) of the Hungarian Civil Code applies as the acquisition price
as well as other advantages arising out of the present Agreement balance this
limitation of liability.
IRELAND: No Warranty (Section 3): The following is added to this section:
Except as expressly provided in these terms and conditions, or section 12 of
the Sale of Goods Act 1893 (as amended by the Sale of Goods and Supply of
Services Act 1980 ("the 1980 Act")), all conditions and warranties (express or
implied, statutory or otherwise) are hereby excluded including, without
limitation, any warranties implied by the Sale of Goods Act 1893 as amended
by the 1980 Act (including, for the avoidance of doubt, section 39 of the 1980
Act).
Limitation of Liability (Section 4): The following replaces the terms of this
section in its entirety:
For the purposes of this section, a "Default" means any act, statement,
omission, or negligence on the part of IBM in connection with, or in relation to,
the subject matter of an Agreement in respect of which IBM is legally liable to
You whether in contract or tort. A number of Defaults which together result in,
or contribute to, substantially the same loss or damage will be treated as one
Default occurring on the date of occurrence of the last such Default.
Circumstances may arise where, because of a Default, You are entitled to
recover damages from IBM. This section sets out the extent of IBM's liability
and Your sole remedy.
1. IBM will accept unlimited liability for (a) death or personal injury caused by
the negligence of IBM, and (b) subject always to the Items for Which IBM is
Not Liable below, for physical damage to Your tangible property resulting from
the negligence of IBM.
2. Except as provided in item 1 above, IBM's entire liability for actual damages
for any one Default will not in any event exceed the greater of 1) EUR
125,000, or 2) 125% of the amount You paid for the Program directly relating
to the Default. These limits also apply to any of IBM's suppliers and Program
developers. They state the maximum for which IBM and such suppliers and
Program developers are collectively responsible.
Items for Which IBM is Not Liable
Save with respect to any liability referred to in item 1 above, under no
circumstances is IBM or any of its suppliers or Program developers liable for
any of the following, even if IBM or they were informed of the possibility of
such losses:
1. loss of, or damage to, data;
2. special, indirect, or consequential loss; or
3. loss of profits, business, revenue, goodwill, or anticipated savings.
ITALY: General (Section 5): The following is added to this section:
IBM and Customer (hereinafter, individually, "Party") shall comply with all the
obligations of the applicable provisions of law and/or regulation on personal
data protection. Each of the Parties will indemnify and keep the other Party
harmless from any damage, claim, cost or expense incurred by the latter,
directly and or indirectly, as a consequence of an infringement of the other
Party of the mentioned provisions of law and/or regulations.
SLOVAKIA: Limitation of Liability (Section 4): The following is added to the
end of the last paragraph:
The limitations apply to the extent they are not prohibited under §§ 373-386
of the Slovak Commercial Code.
General (Section 5): The terms of item 5 are replaced with the following:
THE PARTIES AGREE THAT, AS DEFINED BY APPLICABLE LOCAL LAW, ANY
LEGAL OR OTHER ACTION RELATED TO A BREACH OF THIS AGREEMENT MUST
BE COMMENCED NO LATER THAN FOUR YEARS FROM THE DATE ON WHICH
THE CAUSE OF ACTION AROSE.
SWITZERLAND: General (Section 5): The following is added to item 4:
For purposes of this clause, contact information will also include information
about You as a legal entity, for example revenue data and other transactional
information.
UNITED KINGDOM: No Warranty (Section 3): The following replaces the first
sentence in the first paragraph of this section:
SUBJECT TO ANY STATUTORY WARRANTIES WHICH CANNOT BE EXCLUDED,
IBM MAKES NO WARRANTY OR CONDITION EITHER EXPRESS OR IMPLIED,
INCLUDING (WITHOUT LIMITATION) THE IMPLIED WARRANTIES OF
SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT, REGARDING THE PROGRAM.
Limitation of Liability (Section 4): The following replaces the terms of this
section in its entirety:
For the purposes of this section, a "Default" means any act, statement,
omission, or negligence on the part of IBM in connection with, or in relation to,
the subject matter of an Agreement in respect of which IBM is legally liable to
You, whether in contract or tort. A number of Defaults which together result
in, or contribute to, substantially the same loss or damage will be treated as
one Default.
Circumstances may arise where, because of a Default, You are entitled to
recover damages from IBM. This section sets out the extent of IBM's liability
and Your sole remedy.
1. IBM will accept unlimited liability for:
a. death or personal injury caused by the negligence of IBM;
b. any breach of its obligations implied by Section 12 of the Sale of Goods Act
1979 or Section 2 of the Supply of Goods and Services Act 1982, or any
statutory modification or re-enactment of either such Section; and
c. subject always to the Items for Which IBM is Not Liable below, for physical
damage to Your tangible property resulting from the negligence of IBM.
2. IBM's entire liability for actual damages for any one Default will not in any
event, except as provided in item 1 above, exceed the greater of 1) £75,000,
or 2) 125% of the amount You paid for the Program directly relating to the
Default. These limits also apply to IBM's suppliers and Program developers.
They state the maximum for which IBM and such suppliers and Program
developers are collectively responsible.
Items for Which IBM is Not Liable
Save with respect to any liability referred to in item 1 above, under no
circumstances is IBM or any of its suppliers or Program developers liable for
any of the following, even if IBM or they were informed of the possibility of
such losses:
1. loss of, or damage to, data;
2. special, indirect, or consequential loss; or
3. loss of profits, business, revenue, goodwill, or anticipated savings.
Z125-5589-03 (11/2002)
LICENSE INFORMATION
The Programs listed below are licensed under the following terms and
conditions in addition to those of the International License Agreement for NonWarranted Programs.
Program Name: IBM(R) 31-bit Runtime Environment for Linux(R) on
zSeries(TM), Java(TM) 2 Technology Edition, Version 1.4
Program Number: 5648-C98
Authorization for Use on Home/Portable Computer: 1
EXPLANATIONS OF TERMS:
Authorization for Use on Home/Portable Computer:
"1" means that the Program may be stored on the primary machine and
another machine, provided that the Program is not in active use on both
machines at the same time.
"2" means that You may not copy and use this Program on another computer
without paying additional license fees.
Specified Operating Environment
The Program's specifications and specified operating environment information
may be found in documentation accompanying the Program, if available, such
as a read-me file, or other information published by IBM, such as an
announcement letter.
Program-unique Terms
1. GENERAL
To the extent of any conflict between the terms of the International License
Agreement for Non-Warranted Programs and this License Information, the
terms of this License Information shall prevail.
WHERE THE PROGRAM HAS BEEN PROVIDED TO YOU SEPARATELY BY IBM, IT
IS PROVIDED AT NO CHARGE.
The Program consists of binary code that executes on the operating system(s)
specified in Readme files that accompany the Program.
3. TRADEMARKS AND COPYRIGHT: YOUR RESPONSIBILITIES
a) You shall not modify, delete, suppress, or obscure any copyright, trademark
or other legal notice (whether from IBM or any third party) which may be
displayed by or included within the Program.
b) Java and all Java-based Trademarks are trademarks of Sun Microsystems,
Inc. in the United States, other countries, or both.
c) You recognize IBM's and Sun Microsystems, Inc.'s ownership and title to
their respective trademarks and of any goodwill attaching thereto, including
goodwill resulting from use. You will not use or attempt to register any
trademark which is confusingly similar to such IBM or Sun trademarks.
3. PROOF OF ENTITLEMENT
This License Agreement constitutes your Proof of Entitlement.
D/N: L-ADAN-5YWF2Z
P/N: L-ADAN-5YWF2Z
Jakarta
Jakarta
Licenses
below.
Jakarta
ASF project.
Software Grants
Open SSL
Open SSL
LICENSE ISSUES
==============
The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the
OpenSSL License and the original SSLeay license apply to the toolkit. See
below for the actual license texts. Actually both licenses are BSD-style Open
Source licenses. In case of any license issues related to OpenSSL please
contact openssl-core@openssl.org.
OpenSSL License
--------------/*
================================================
====================
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software must
display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project for use
in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
Open SSL
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used
to endorse or promote products derived from this software without prior
written permission. For written permission, please contact opensslcore@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL" nor
may "OpenSSL" appear in their names without prior written permission of the
OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
acknowledgment:
* "This product includes software developed by the OpenSSL Project for use
in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT `ÀS IS'' AND
ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL
PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
================================================
====================
*
* This product includes cryptographic software written by Eric Young
(eay@cryptsoft.com). This product includes software written by Tim Hudson
(tjh@cryptsoft.com).
*
*/
Original SSLeay License
Open SSL
----------------------/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written by Eric Young
(eay@cryptsoft.com). The implementation was written so as to conform with
Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as the
following conditions are aheared to. The following conditions apply to all code
found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
included with this distribution is covered by the same copyright terms except
that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in the
code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or in
documentation (online or textual) provided with the package.
*
* 1. Redistributions of source code must retain the copyright notice, this list
of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* 3. All advertising materials mentioning features or use of this software must
display the following acknowledgement:
Open SSL
* "This product includes cryptographic software written by Eric Young
(eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson
(tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG `ÀS IS'' AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR
OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
derivative of this code cannot be changed. i.e. this code cannot simply be
copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
PCRE
PCRE
PCRE LICENCE
-----------PCRE is a library of functions to support regular expressions whose syntax and
semantics are as close as possible to those of the Perl 5 language.
Release 5 of PCRE is distributed under the terms of the "BSD" licence, as
specified below. The documentation for PCRE, supplied in the "doc" directory,
is distributed under the same terms as the software itself.
Written by: Philip Hazel <ph10@cam.ac.uk>
University of Cambridge Computing Service,
Cambridge, England. Phone: +44 1223 334714.
Copyright (c) 1997-2004 University of Cambridge
All rights reserved.
Redistribution and use in source and binary forms, with or without
* Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation and/or
other materials provided with the distribution.
* Neither the name of the University of Cambridge nor the names of its
contributors may be used to endorse or promote products derived from this
software without specific prior written permission.
PCRE
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
End
Struts
Struts
Licenses
below.
Struts
ASF project.
Software Grants
Sun JDK
Sun JDK
Sun Microsystems, Inc.
Binary Code License Agreement
for the JAVATM 2 SOFTWARE DEVELOPMENT KIT (J2SDK), STANDARD
EDITION, VERSION 1.4.2_X
SUN MICROSYSTEMS, INC. ("SUN") IS WILLING TO LICENSE THE SOFTWARE
IDENTIFIED BELOW TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT
ALL OF THE TERMS CONTAINED IN THIS BINARY CODE LICENSE AGREEMENT
AND SUPPLEMENTAL LICENSE TERMS (COLLECTIVELY "AGREEMENT").
PLEASE READ THE AGREEMENT CAREFULLY. BY DOWNLOADING OR
INSTALLING THIS SOFTWARE, YOU ACCEPT THE TERMS OF THE AGREEMENT.
INDICATE ACCEPTANCE BY SELECTING THE "ACCEPT" BUTTON AT THE
BOTTOM OF THE AGREEMENT. IF YOU ARE NOT WILLING TO BE BOUND BY
ALL THE TERMS, SELECT THE "DECLINE" BUTTON AT THE BOTTOM OF THE
AGREEMENT AND THE DOWNLOAD OR INSTALL PROCESS WILL NOT
CONTINUE.
1.DEFINITIONS. "Software" means the identified above in binary form, any
other machine readable materials (including, but not limited to, libraries,
source files, header files, and data files), any updates or error corrections
provided by Sun, and any user manuals, programming guides and other
documentation provided to you by Sun under this Agreement. "Programs"
mean Java applets and applications intended to run on the Java 2 Platform,
Standard Edition (J2SETM platform) platform on Java-enabled general purpose
desktop computers and servers.
2.LICENSE TO USE. Subject to the terms and conditions of this Agreement,
including, but not limited to the Java Technology Restrictions of the
Supplemental License Terms, Sun grants you a non-exclusive, nontransferable, limited license without license fees to reproduce and use
internally Software complete and unmodified for the sole purpose of running
Programs. Additional licenses for developers and/or publishers are granted in
the Supplemental License Terms.
Sun JDK
3.RESTRICTIONS. Software is confidential and copyrighted. Title to Software
and all associated intellectual property rights is retained by Sun and/or its
licensors. Unless enforcement is prohibited by applicable law, you may not
modify, decompile, or reverse engineer Software. You acknowledge that
Licensed Software is not designed or intended for use in the design,
construction, operation or maintenance of any nuclear facility. Sun
Microsystems, Inc. disclaims any express or implied warranty of fitness for
such uses. No right, title or interest in or to any trademark, service mark, logo
or trade name of Sun or its licensors is granted under this Agreement.
Additional restrictions for developers and/or publishers licenses are set forth in
4.LIMITED WARRANTY. Sun warrants to you that for a period of ninety (90)
days from the date of purchase, as evidenced by a copy of the receipt, the
media on which Software is furnished (if any) will be free of defects in
materials and workmanship under normal use. Except for the foregoing,
Software is provided "AS IS". Your exclusive remedy and Sun's entire liability
under this limited warranty will be at Sun's option to replace Software media
or refund the fee paid for Software. Any implied warranties on the Software
are limited to 90 days. Some states do not allow limitations on duration of an
implied warranty, so the above may not apply to you. This limited warranty
gives you specific legal rights. You may have others, which vary from state to
state.
5.DISCLAIMER OF WARRANTY. UNLESS SPECIFIED IN THIS AGREEMENT, ALL
EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES,
INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A
PARTICULAR PURPOSE OR NON-INFRINGEMENT ARE DISCLAIMED, EXCEPT TO
THE EXTENT THAT THESE DISCLAIMERS ARE HELD TO BE LEGALLY INVALID.
6.LIMITATION OF LIABILITY. TO THE EXTENT NOT PROHIBITED BY LAW, IN
NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE,
PROFIT OR DATA, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL,
INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED REGARDLESS OF
THE THEORY OF LIABILITY, ARISING OUT OF OR RELATED TO THE USE OF OR
INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. In no event will Sun's liability to you,
whether in contract, tort (including negligence), or otherwise, exceed the
amount paid by you for Software under this Agreement. The foregoing
limitations will apply even if the above stated warranty fails of its essential
purpose. Some states do not allow the exclusion of incidental or consequential
damages, so some of the terms above may not be applicable to you.
Sun JDK
7.SOFTWARE UPDATES FROM SUN. You acknowledge that at your request or
consent optional features of the Software may download, install, and execute
applets, applications, software extensions, and updated versions of the
Software from Sun ("Software Updates"), which may require you to accept
updated terms and conditions for installation. If additional terms and
conditions are not presented on installation, the Software Updates will be
considered part of the Software and subject to the terms and conditions of the
Agreement.
8.SOFTWARE FROM SOURCES OTHER THAN SUN. You acknowledge that, by
your use of optional features of the Software and/or by requesting services
that require use of the optional features of the Software, the Software may
automatically download, install, and execute software applications from
sources other than Sun ("Other Software"). Sun makes no representations of a
relationship of any kind to licensors of Other Software. TO THE EXTENT NOT
PROHIBITED BY LAW, IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR SPECIAL, INDIRECT,
CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED
REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF OR RELATED
TO THE USE OF OR INABILITY TO USE OTHER SOFTWARE, EVEN IF SUN HAS
BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Some states do not
allow the exclusion of incidental or consequential damages, so some of the
terms above may not be applicable to you.
9.TERMINATION. This Agreement is effective until terminated. You may
terminate this Agreement at any time by destroying all copies of Software.
This Agreement will terminate immediately without notice from Sun if you fail
to comply with any provision of this Agreement. Either party may terminate
this Agreement immediately should any Software become, or in either party's
opinion be likely to become, the subject of a claim of infringement of any
intellectual property right. Upon Termination, you must destroy all copies of
Software.
10.EXPORT REGULATIONS. All Software and technical data delivered under
this Agreement are subject to US export control laws and may be subject to
export or import regulations in other countries. You agree to comply strictly
with all such laws and regulations and acknowledge that you have the
responsibility to obtain such licenses to export, re-export, or import as may be
required after delivery to you.
11.TRADEMARKS AND LOGOS. You acknowledge and agree as between you
and Sun that Sun owns the SUN, SOLARIS, JAVA, JINI, FORTE, and iPLANET
trademarks and all SUN, SOLARIS, JAVA, JINI, FORTE, and iPLANET-related
trademarks, service marks, logos and other brand designations ("Sun Marks"),
and you agree to comply with the Sun Trademark and Logo Usage
Requirements currently located at http://www.sun.com/policies/trademarks.
Any use you make of the Sun Marks inures to Sun's benefit.
Sun JDK
12.U.S. GOVERNMENT RESTRICTED RIGHTS. If Software is being acquired by
or on behalf of the U.S. Government or by a U.S. Government prime
contractor or subcontractor (at any tier), then the Government's rights in
Software and accompanying documentation will be only as set forth in this
Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4
(for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and
12.212 (for non-DOD acquisitions).
13.GOVERNING LAW. Any action related to this Agreement will be governed
by California law and controlling U.S. federal law. No choice of law rules of
any jurisdiction will apply.
14.SEVERABILITY. If any provision of this Agreement is held to be
unenforceable, this Agreement will remain in effect with the provision omitted,
unless omission would frustrate the intent of the parties, in which case this
Agreement will immediately terminate.
15.INTEGRATION. This Agreement is the entire agreement between you and
Sun relating to its subject matter. It supersedes all prior or contemporaneous
oral or written communications, proposals, representations and warranties and
prevails over any conflicting or additional terms of any quote, order,
acknowledgment, or other communication between the parties relating to its
subject matter during the term of this Agreement. No modification of this
Agreement will be binding, unless in writing and signed by an authorized
representative of each party.
SUPPLEMENTAL LICENSE TERMS
These Supplemental License Terms add to or modify the terms of the Binary
Code License Agreement. Capitalized terms not defined in these Supplemental
Terms shall have the same meanings ascribed to them in the Binary Code
License Agreement . These Supplemental Terms shall supersede any
inconsistent or conflicting terms in the Binary Code License Agreement, or in
any license contained within the Software.
A.Software Internal Use and Development License Grant. Subject to the terms
and conditions of this Agreement, including, but not limited to the Java
Technology Restrictions of these Supplemental Terms, Sun grants you a nonexclusive, non-transferable, limited license without fees to reproduce internally
and use internally the Software complete and unmodified (unless otherwise
specified in the applicable README file) for the purpose of designing,
developing, and testing your Programs.
Sun JDK
B.License to Distribute Software. Subject to the terms and conditions of this
Agreement, including, but not limited to the Java Technology Restrictions of
these Supplemental Terms, Sun grants you a non-exclusive, non-transferable,
limited license without fees to reproduce and distribute the Software, provided
that (i) you distribute the Software complete and unmodified (unless otherwise
specified in the applicable README file) and only bundled as part of, and for
the sole purpose of running, your Programs, (ii) the Programs add significant
and primary functionality to the Software, (iii) you do not distribute additional
software intended to replace any component(s) of the Software (unless
otherwise specified in the applicable README file), (iv) you do not remove or
alter any proprietary legends or notices contained in the Software, (v) you
only distribute the Software subject to a license agreement that protects Sun's
interests consistent with the terms contained in this Agreement, and (vi) you
agree to defend and indemnify Sun and its licensors from and against any
damages, costs, liabilities, settlement amounts and/or expenses (including
attorneys' fees) incurred in connection with any claim, lawsuit or action by any
third party that arises or results from the use or distribution of any and all
Programs and/or Software.
C.License to Distribute Redistributables. Subject to the terms and conditions of
this Agreement, including but not limited to the Java Technology Restrictions
of these Supplemental Terms, Sun grants you a non-exclusive, nontransferable, limited license without fees to reproduce and distribute those files
specifically identified as redistributable in the Software "README" file
("Redistributables") provided that: (i) you distribute the Redistributables
complete and unmodified (unless otherwise specified in the applicable README
file), and only bundled as part of Programs, (ii) you do not distribute additional
software intended to supersede any component(s) of the Redistributables
(unless otherwise specified in the applicable README file), (iii) you do not
remove or alter any proprietary legends or notices contained in or on the
Redistributables, (iv) you only distribute the Redistributables pursuant to a
license agreement that protects Sun's interests consistent with the terms
contained in the Agreement, (v) you agree to defend and indemnify Sun and
its licensors from and against any damages, costs, liabilities, settlement
amounts and/or expenses (including attorneys' fees) incurred in connection
with any claim, lawsuit or action by any third party that arises or results from
the use or distribution of any and all Programs and/or Software.
Sun JDK
D.Java Technology Restrictions. You may not modify the Java Platform
Interface ("JPI", identified as classes contained within the "java" package or
any subpackages of the "java" package), by creating additional classes within
the JPI or otherwise causing the addition to or modification of the classes in
the JPI. In the event that you create an additional class and associated API(s)
which (i) extends the functionality of the Java platform, and (ii) is exposed to
third party software developers for the purpose of developing additional
software which invokes such additional API, you must promptly publish
broadly an accurate specification for such API for free use by all developers.
You may not create, or authorize your licensees to create, additional classes,
interfaces, or subpackages that are in any way identified as "java", "javax",
"sun" or similar convention as specified by Sun in any naming convention
designation.
Sun JDK
E.Distribution by Publishers. This section pertains to your distribution of the
Software with your printed book or magazine (as those terms are commonly
used in the industry) relating to Java technology ("Publication"). Subject to
and conditioned upon your compliance with the restrictions and obligations
contained in the Agreement, in addition to the license granted in Paragraph 1
above, Sun hereby grants to you a non-exclusive, nontransferable limited right
to reproduce complete and unmodified copies of the Software on electronic
media (the "Media") for the sole purpose of inclusion and distribution with your
Publication(s), subject to the following terms: (i) You may not distribute the
Software on a stand-alone basis; it must be distributed with your
Publication(s); (ii) You are responsible for downloading the Software from the
applicable Sun web site; (iii) You must refer to the Software as JavaTM 2
Software Development Kit, Standard Edition, Version 1.4.2; (iv) The Software
must be reproduced in its entirety and without any modification whatsoever
(including, without limitation, the Binary Code License and Supplemental
License Terms accompanying the Software and proprietary rights notices
contained in the Software); (v) The Media label shall include the following
information: Copyright 2003, Sun Microsystems, Inc. All rights reserved. Use
is subject to license terms. Sun, Sun Microsystems, the Sun logo, Solaris,
Java, the Java Coffee Cup logo, J2SE , and all trademarks and logos based on
Java are trademarks or registered trademarks of Sun Microsystems, Inc. in the
U.S. and other countries. This information must be placed on the Media label
in such a manner as to only apply to the Sun Software; (vi) You must clearly
identify the Software as Sun's product on the Media holder or Media label, and
you may not state or imply that Sun is responsible for any third-party software
contained on the Media; (vii) You may not include any third party software on
the Media which is intended to be a replacement or substitute for the
Software; (viii) You shall indemnify Sun for all damages arising from your
failure to comply with the requirements of this Agreement. In addition, you
shall defend, at your expense, any and all claims brought against Sun by third
parties, and shall pay all damages awarded by a court of competent
jurisdiction, or such settlement amount negotiated by you, arising out of or in
connection with your use, reproduction or distribution of the Software and/or
the Publication. Your obligation to provide indemnification under this section
shall arise provided that Sun: (i) provides you prompt notice of the claim; (ii)
gives you sole control of the defense and settlement of the claim; (iii) provides
you, at your expense, with all available information, assistance and authority
to defend; and (iv) has not compromised or settled such claim without your
prior written consent; and (ix) You shall provide Sun with a written notice for
each Publication; such notice shall include the following information: (1) title
of Publication, (2) author(s), (3) date of Publication, and (4) ISBN or ISSN
numbers. Such notice shall be sent to Sun Microsystems, Inc., 4150 Network
Circle, M/S USCA12-110, Santa Clara, California 95054, U.S.A , Attention:
Contracts Administration.
F.Source Code. Software may contain source code that, unless expressly
licensed for other purposes, is provided solely for reference purposes pursuant
to the terms of this Agreement. Source code may not be redistributed unless
expressly provided for in this Agreement.
Sun JDK
G.Third Party Code. Additional copyright notices and license terms applicable
to portions of the Software are set forth in the
of any third party opensource/freeware license identified in the
THIRDPARTYLICENSEREADME.txt file, the disclaimer of warranty and
limitation of liability provisions in paragraphs 5 and 6 of the Binary Code
License Agreement shall apply to all Software in this distribution.
For inquiries please contact: Sun Microsystems, Inc., 4150 Network Circle,
Santa Clara, California 95054, U.S.A.
(LFI#141496/Form ID#011801)
Sun JDK
Third Party Licenses Related to JDK
A) The following software may be included in this product:
CS CodeViewer v1.0; Use of any of this software is governed by the terms of
the license below:
Copyright 1999 by CoolServlets.com.
Any errors or suggested improvements to this class can be reported as
instructed on CoolServlets.com. We hope you enjoy this program... your
comments will encourage further development! This software is distributed
under the terms of the BSD License. Redistribution and use in source and
binary forms, with or without modification, are permitted provided that the
following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
2. Redistributions in binary form must reproduce the above copyright notice,
Neither name of CoolServlets.com nor the names of its contributors may be
used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY COOLSERVLETS.COM AND CONTRIBUTORS
`ÀS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT
NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE."
B) The following software may be included in this product: DES and 3xDES ;
Use of any of this software is governed by the terms of the license below:
"Copyright 2000 by Jef Poskanzer <jef@acme.com>. All rights reserved.
Sun JDK
1. Redistributions of source code must retain the above copyright notice, this
2. Redistributions in binary form must reproduce the above copyright notice,
THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS `ÀS
IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE."
C) The following software may be included in this product:
Crimson v1.1.1 ; Use of any of this software is governed by the terms of the
license below:
/*
* The Apache Software License, Version 1.1
* Copyright (c) 1999-2000 The Apache Software Foundation. All rights
reserved.
*
* 1. Redistributions of source code must retain the above copyright notice, this
* 2. Redistributions in binary form must reproduce the above copyright notice,
* 3. The end-user documentation included with the redistribution, if any, must
include the following acknowledgment:
* "This product includes software developed by the Apache Software
Foundation (http://www.apache.org/)."
Sun JDK
* Alternately, this acknowledgment may appear in the software itself, if and
wherever such third-party acknowledgments normally appear.
* 4. The names "Crimson" and "Apache Software Foundation" must not be
used to endorse or promote products derived from this software without prior
written permission. For written permission, please contact
apache@apache.org.
* 5. Products derived from this software may not be called "Apache", nor may
"Apache" appear in their name, without prior written permission of the Apache
Software Foundation.
* THIS SOFTWARE IS PROVIDED `ÀS IS'' AND ANY EXPRESSED OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
*
================================================
====================
* This software consists of voluntary contributions made by many individuals
on behalf of the Apache Software Foundation and was originally based on
software copyright (c) 1999, International Business Machines, Inc.,
http://www.ibm.com. For more information on the Apache Software
Foundation, please see <http://www.apache.org/>.
*/
D) The following software may be included in this product: Xalan J2; Use of
any of this software is governed by the terms of the license below:
/*
* The Apache Software License, Version 1.1
* Copyright (c) 1999-2000 The Apache Software Foundation. All rights
reserved.
*
Sun JDK
* 1. Redistributions of source code must retain the above copyright notice, this
* 2. Redistributions in binary form must reproduce the above copyright notice,
* 3. The end-user documentation included with the redistribution, if any, must
include the following acknowledgment:
* "This product includes software developed by the Apache Software
Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself, if and
wherever such third-party acknowledgments normally appear.
* 4. The names "Xalan" and "Apache Software Foundation" must not be used
to endorse or promote products derived from this software without prior
written permission. For written permission, please contact
apache@apache.org.
* 5. Products derived from this software may not be called "Apache", nor may
"Apache" appear in their name, without prior written permission of the Apache
Software Foundation.
* THIS SOFTWARE IS PROVIDED `ÀS IS'' AND ANY EXPRESSED OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
*
================================================
====================
Sun JDK
* This software consists of voluntary contributions made by many individuals
on behalf of the Apache Software Foundation and was originally based on
software copyright (c) 1999, International Business Machines, Inc.,
http://www.ibm.com. For more information on the Apache Software
Foundation, please see <http://www.apache.org/>.
*/
E) The following software may be included in this product: NSIS 1.0j; Use of
any of this software is governed by the terms of the license below:
Copyright (C) 1999-2000 Nullsoft, Inc.
This software is provided 'as-is', without any express or implied warranty. In
no event will the authors be held liable for any damages arising from the use
of this software. Permission is granted to anyone to use this software for any
purpose, including commercial applications, and to alter it and redistribute it
freely, subject to the following restrictions:
1. The origin of this software must not be misrepresented; you must not claim
that you wrote the original software. If you use this software in a product, an
acknowledgment in the product documentation would be appreciated but is not
required.
2. Altered source versions must be plainly marked as such, and must not be
misrepresented as being the original software.
3. This notice may not be removed or altered from any source distribution.
Justin Frankel justin@nullsoft.com"
F) Some Portions licensed from IBM are available at:
http://oss.software.ibm.com/icu4j/
G) Portions Copyright Eastman Kodak Company 1992
H) Lucida is a registered trademark or trademakr of Bigelow & Holmes in the
U.S. and other countries.
I) Portions licensed from Taligent, Inc.
Sun JRE 1.5
Sun JRE 1.5
Sun Microsystems, Inc. Binary Code License Agreement for the JAVA 2
PLATFORM STANDARD EDITION RUNTIME ENVIRONMENT 5.0
SUN MICROSYSTEMS, INC. ("SUN") IS WILLING TO LICENSE THE SOFTWARE
IDENTIFIED BELOW TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT
ALL OF THE TERMS CONTAINED IN THIS BINARY CODE LICENSE AGREEMENT
AND SUPPLEMENTAL LICENSE TERMS (COLLECTIVELY "AGREEMENT").
PLEASE READ THE AGREEMENT CAREFULLY. BY DOWNLOADING OR
INSTALLING THIS SOFTWARE, YOU ACCEPT THE TERMS OF THE AGREEMENT.
INDICATE ACCEPTANCE BY SELECTING THE "ACCEPT" BUTTON AT THE
BOTTOM OF THE AGREEMENT. IF YOU ARE NOT WILLING TO BE BOUND BY
ALL THE TERMS, SELECT THE "DECLINE" BUTTON AT THE BOTTOM OF THE
AGREEMENT AND THE DOWNLOAD OR INSTALL PROCESS WILL NOT
CONTINUE.
1. DEFINITIONS. "Software" means the identified above in binary form, any
other machine readable materials (including, but not limited to, libraries,
source files, header files, and data files), any updates or error corrections
provided by Sun, and any user manuals, programming guides and other
documentation provided to you by Sun under this Agreement. "Programs"
mean Java applets and applications intended to run on the Java 2 Platform
Standard Edition (J2SE platform) platform on Java-enabled general purpose
desktop computers and servers.
2. LICENSE TO USE. Subject to the terms and conditions of this Agreement,
including, but not limited to the Java Technology Restrictions of the
Supplemental License Terms, Sun grants you a non-exclusive, nontransferable, limited license without license fees to reproduce and use
internally Software complete and unmodified for the sole purpose of running
Programs. Additional licenses for developers and/or publishers are granted in
3. RESTRICTIONS. Software is confidential and copyrighted. Title to Software
and all associated intellectual property rights is retained by Sun and/or its
licensors. Unless enforcement is prohibited by applicable law, you may not
modify, decompile, or reverse engineer Software. You acknowledge that
Licensed Software is not designed or intended for use in the design,
construction, operation or maintenance of any nuclear facility. Sun
Microsystems, Inc. disclaims any express or implied warranty of fitness for
such uses. No right, title or interest in or to any trademark, service mark, logo
or trade name of Sun or its licensors is granted under this Agreement.
Additional restrictions for developers and/or publishers licenses are set forth in
Sun JRE 1.5
4. LIMITED WARRANTY. Sun warrants to you that for a period of ninety (90)
days from the date of purchase, as evidenced by a copy of the receipt, the
media on which Software is furnished (if any) will be free of defects in
materials and workmanship under normal use. Except for the foregoing,
Software is provided "AS IS". Your exclusive remedy and Sun's entire liability
under this limited warranty will be at Sun's option to replace Software media
or refund the fee paid for Software. Any implied warranties on the Software
are limited to 90 days. Some states do not allow limitations on duration of an
implied warranty, so the above may not apply to you. This limited warranty
gives you specific legal rights. You may have others, which vary from state to
state.
5. DISCLAIMER OF WARRANTY. UNLESS SPECIFIED IN THIS AGREEMENT, ALL
PARTICULAR PURPOSE OR NON-INFRINGEMENT ARE DISCLAIMED, EXCEPT TO
THE EXTENT THAT THESE DISCLAIMERS ARE HELD TO BE LEGALLY INVALID.
6. LIMITATION OF LIABILITY. TO THE EXTENT NOT PROHIBITED BY LAW, IN
NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE,
PROFIT OR DATA, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL,
INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED REGARDLESS OF
THE THEORY OF LIABILITY, ARISING OUT OF OR RELATED TO THE USE OF OR
INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. In no event will Sun's liability to you,
whether in contract, tort (including negligence), or otherwise, exceed the
amount paid by you for Software under this Agreement. The foregoing
limitations will apply even if the above stated warranty fails of its essential
purpose. Some states do not allow the exclusion of incidental or consequential
damages, so some of the terms above may not be applicable to you.
7. TERMINATION. This Agreement is effective until terminated. You may
terminate this Agreement at any time by destroying all copies of Software.
This Agreement will terminate immediately without notice from Sun if you fail
to comply with any provision of this Agreement. Either party may terminate
this Agreement immediately should any Software become, or in either party's
opinion be likely to become, the subject of a claim of infringement of any
intellectual property right. Upon Termination, you must destroy all copies of
Software.
8. EXPORT REGULATIONS. All Software and technical data will be governed by
California law and controlling U.S. federal law. No choice of law rules of any
jurisdiction will apply.
Sun JRE 1.5
9. TRADEMARKS AND LOGOS. You acknowledge and agree as between you
and Sun that Sun owns the SUN, SOLARIS, JAVA, JINI, FORTE, and iPLANET
trademarks and all SUN, SOLARIS, JAVA, JINI, FORTE, and iPLANET-related
trademarks, service marks, logos and other brand designations ("Sun Marks"),
and you agree to comply with the Sun Trademark and Logo Usage
Requirements currently located at http://www.sun.com/policies/trademarks.
Any use you make of the Sun Marks inures to Sun's benefit.
10. U.S. GOVERNMENT RESTRICTED RIGHTS. If Software is being acquired by
or on behalf of the U.S. Government or by a U.S. Government prime
contractor or subcontractor (at any tier), then the Government's rights in
Software and accompanying documentation will be only as set forth in this
Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4
(for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and
12.212 (for non-DOD acquisitions).
11. GOVERNING LAW. Any action related to this Agreement will be governed
by California law and controlling U.S. federal law. No choice of law rules of
any jurisdiction will apply.
12. SEVERABILITY. If any provision of this Agreement is held to be
unenforceable, this Agreement will remain in effect with the provision omitted,
unless omission would frustrate the intent of the parties, in which case this
Agreement will immediately terminate.
13. INTEGRATION. This Agreement is the entire agreement between you and
Sun relating to its subject matter. It supersedes all prior or contemporaneous
oral or written communications, proposals, representations and warranties and
prevails over any conflicting or additional terms of any quote, order,
acknowledgment, or other communication between the parties relating to its
subject matter during the term of this Agreement. No modification of this
Agreement will be binding, unless in writing and signed by an authorized
representative of each party.
SUPPLEMENTAL LICENSE TERMS
These Supplemental License Terms add to or modify the terms of the Binary
Code License Agreement. Capitalized terms not defined in these Supplemental
Terms shall have the same meanings ascribed to them in the Binary Code
License Agreement . These Supplemental Terms shall supersede any
inconsistent or conflicting terms in the Binary Code License Agreement, or in
any license contained within the Software.
Sun JRE 1.5
A. Software Internal Use and Development License Grant. Subject to the terms
and conditions of this Agreement and restrictions and exceptions set forth in
the Software "README" file, including, but not limited to the Java Technology
Restrictions of these Supplemental Terms, Sun grants you a non-exclusive,
non-transferable, limited license without fees to reproduce internally and use
internally the Software complete and unmodified for the purpose of designing,
developing, and testing your Programs.
B. License to Distribute Software. Subject to the terms and conditions of this
Agreement and restrictions and exceptions set forth in the Software README
file, including, but not limited to the Java Technology Restrictions of these
Supplemental Terms, Sun grants you a non-exclusive, non-transferable,
limited license without fees to reproduce and distribute the Software, provided
that (i) you distribute the Software complete and unmodified and only bundled
as part of, and for the sole purpose of running, your Programs, (ii) the
Programs add significant and primary functionality to the Software, (iii) you do
not distribute additional software intended to replace any component(s) of the
Software, (iv) you do not remove or alter any proprietary legends or notices
contained in the Software, (v) you only distribute the Software subject to a
license agreement that protects Sun's interests consistent with the terms
contained in this Agreement, and (vi) you agree to defend and indemnify Sun
and its licensors from and against any damages, costs, liabilities, settlement
amounts and/or expenses (including attorneys' fees) incurred in connection
with any claim, lawsuit or action by any third party that arises or results from
the use or distribution of any and all Programs and/or Software.
C. Java Technology Restrictions. You may not create, modify, or change the
behavior of, or authorize your licensees to create, modify, or change the
behavior of, classes, interfaces, or subpackages that are in any way identified
as "java", "javax", "sun" or similar convention as specified by Sun in any
naming convention designation.
D. Source Code. Software may contain source code that, unless expressly
licensed for other purposes, is provided solely for reference purposes pursuant
to the terms of this Agreement. Source code may not be redistributed unless
expressly provided for in this Agreement.
E. Third Party Code. Additional copyright notices and license terms applicable
to portions of the Software are set forth in the
of any third party opensource/freeware license identified in the
THIRDPARTYLICENSEREADME.txt file, the disclaimer of warranty and limitation
of liability provisions in paragraphs 5 and 6 of the Binary Code License
Agreement shall apply to all Software in this distribution.
For inquiries please contact: Sun Microsystems, Inc., 4150 Network Circle,
Santa Clara, California 95054, U.S.A.
(LFI#141623/Form ID#011801)
Sun JRE
Sun JRE
Copyright 1994-2005 Sun Microsystems, Inc. All Rights Reserved.
Redistribution of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
Redistribution in binary form must reproduce the above copyright
Neither the name of Sun Microsystems, Inc. or the names of contributors may
be used to endorse or promote products derived from this software without
specific prior written permission.
This software is provided "AS IS," without a warranty of any kind. ALL
PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED.
SUN MICROSYSTEMS, INC. ("SUN") AND ITS LICENSORS SHALL NOT BE
LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING,
MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES. IN NO
EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE,
PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS
OF THE THEORY OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY
TO USE THIS SOFTWARE, EVEN IF SUN HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
You acknowledge that this software is not designed, licensed or intended for
use in the design, construction, operation or maintenance of any nuclear
facility.
XERCES
XERCES
The Apache Software License, Version 2.0
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction, and
distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by the
copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all other
entities that control, are controlled by, or are under common control with that
entity. For the purposes of this definition, "control" means (i) the power, direct
or indirect, to cause the direction or management of such entity, whether by
contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity exercising
permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation source, and
configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but not limited to
compiled object code, generated documentation, and conversions to other
media types.
"Work" shall mean the work of authorship, whether in Source or Object
form, made available under the License, as indicated by a copyright notice that
is included in or attached to the work (an example is provided in the Appendix
below).
XERCES
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the editorial
revisions, annotations, elaborations, or other modifications represent, as a
whole, an original work of authorship. For the purposes of this License,
Derivative Works shall not include works that remain separable from, or
merely link (or bind by name) to the interfaces of, the Work and Derivative
Works thereof.
"Contribution" shall mean any work of authorship, including the original
version of the Work and any modifications or additions to that Work or
Derivative Works thereof, that is intentionally submitted to Licensor for
inclusion in the Work by the copyright owner or by an individual or Legal Entity
authorized to submit on behalf of the copyright owner. For the purposes of this
definition, "submitted" means any form of electronic, verbal, or written
communication sent to the Licensor or its representatives, including but not
limited to communication on electronic mailing lists, source code control
systems, and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but excluding
communication that is conspicuously marked or otherwise designated in
writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity on
behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of this
License, each Contributor hereby grants to You a perpetual, worldwide, nonexclusive, no-charge, royalty-free, irrevocable copyright license to reproduce,
prepare Derivative Works of, publicly display, publicly perform, sublicense, and
distribute the Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of this License,
each Contributor hereby grants to You a perpetual, worldwide, non-exclusive,
no-charge, royalty-free, irrevocable (except as stated in this section) patent
license to make, have made, use, offer to sell, sell, import, and otherwise
transfer the Work, where such license applies only to those patent claims
licensable by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s) with the Work
to which such Contribution(s) was submitted. If You institute patent litigation
against any entity (including a cross-claim or counterclaim in a lawsuit)
alleging that the Work or a Contribution incorporated within the Work
constitutes direct or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate as of the date
such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the Work or
Derivative Works thereof in any medium, with or without modifications, and in
Source or Object form, provided that You meet the following conditions:
XERCES
(a) You must give any other recipients of the Work or Derivative Works a
copy of this License; and
(b) You must cause any modified files to carry prominent notices stating
that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works that You
distribute, all copyright, patent, trademark, and attribution notices from the
Source form of the Work, excluding those notices that do not pertain to any
part of the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its distribution,
then any Derivative Works that You distribute must include a readable copy of
the attribution notices contained within such NOTICE file, excluding those
notices that do not pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed as part of the
Derivative Works; within the Source form or documentation, if provided along
with the Derivative Works; or, within a display generated by the Derivative
Works, if and wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and do not modify the
License. You may add Your own attribution notices within Derivative Works
that You distribute, alongside or as an addendum to the NOTICE text from the
Work, provided that such additional attribution notices cannot be construed as
modifying the License.
You may add Your own copyright statement to Your modifications and may
provide additional or different license terms and conditions for use,
reproduction, or distribution of Your modifications, or for any such Derivative
Works as a whole, provided Your use, reproduction, and distribution of the
Work otherwise complies with the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise, any
Contribution intentionally submitted for inclusion in the Work by You to the
Licensor shall be under the terms and conditions of this License, without any
additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify the
terms of any separate license agreement you may have executed with Licensor
regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor, except
as required for reasonable and customary use in describing the origin of the
Work and reproducing the content of the NOTICE file.
XERCES
7. Disclaimer of Warranty. Unless required by applicable law or agreed to in
writing, Licensor provides the Work (and each Contributor provides its
Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
OF ANY KIND, either express or implied, including, without limitation, any
warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY,
or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for
determining the appropriateness of using or redistributing the Work and
assume any risks associated with Your exercise of permissions under this
License.
8. Limitation of Liability. In no event and under no legal theory, whether in
tort (including negligence), contract, or otherwise, unless required by
applicable law (such as deliberate and grossly negligent acts) or agreed to in
writing, shall any Contributor be liable to You for damages, including any
direct, indirect, special, incidental, or consequential damages of any character
arising as a result of this License or out of the use or inability to use the Work
(including but not limited to damages for loss of goodwill, work stoppage,
computer failure or malfunction, or any and all other commercial damages or
losses), even if such Contributor has been advised of the possibility of such
damages.
9. Accepting Warranty or Additional Liability. While redistributing the Work or
Derivative Works thereof, You may choose to offer, and charge a fee for,
acceptance of support, warranty, indemnity, or other liability obligations
and/or rights consistent with this License. However, in accepting such
obligations, You may act only on Your own behalf and on Your sole
responsibility, not on behalf of any other Contributor, and only if You agree to
indemnify, defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason of your
accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following boilerplate
notice, with the fields enclosed by brackets "[]" replaced with your own
identifying information. (Don't include the brackets!) The text should be
enclosed in the appropriate comment syntax for the file format. We also
recommend that a file or class name and description of purpose be included on
the same "printed page" as the copyright notice for easier identification within
third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License"); you may not
use this file except in compliance with the License.
XERCES
You may obtain a copy of the License at
Unless required by applicable law or agreed to in writing, software distributed
under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES
OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
XMLSEC
XMLSEC
The Apache Software License, Version 2.0
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction, and
distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by the
copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all other
entities that control, are controlled by, or are under common control with that
entity. For the purposes of this definition, "control" means (i) the power, direct
or indirect, to cause the direction or management of such entity, whether by
contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity exercising
permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation source, and
configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but not limited to
compiled object code, generated documentation, and conversions to other
media types.
"Work" shall mean the work of authorship, whether in Source or Object
form, made available under the License, as indicated by a copyright notice that
is included in or attached to the work (an example is provided in the Appendix
below).
XMLSEC
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the editorial
revisions, annotations, elaborations, or other modifications represent, as a
whole, an original work of authorship. For the purposes of this License,
Derivative Works shall not include works that remain separable from, or
merely link (or bind by name) to the interfaces of, the Work and Derivative
Works thereof.
"Contribution" shall mean any work of authorship, including the original
version of the Work and any modifications or additions to that Work or
Derivative Works thereof, that is intentionally submitted to Licensor for
inclusion in the Work by the copyright owner or by an individual or Legal Entity
authorized to submit on behalf of the copyright owner. For the purposes of this
definition, "submitted" means any form of electronic, verbal, or written
communication sent to the Licensor or its representatives, including but not
limited to communication on electronic mailing lists, source code control
systems, and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but excluding
communication that is conspicuously marked or otherwise designated in
writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity on
behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of this
License, each Contributor hereby grants to You a perpetual, worldwide, nonexclusive, no-charge, royalty-free, irrevocable copyright license to reproduce,
prepare Derivative Works of, publicly display, publicly perform, sublicense, and
distribute the Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of this License,
each Contributor hereby grants to You a perpetual, worldwide, non-exclusive,
no-charge, royalty-free, irrevocable (except as stated in this section) patent
license to make, have made, use, offer to sell, sell, import, and otherwise
transfer the Work, where such license applies only to those patent claims
licensable by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s) with the Work
to which such Contribution(s) was submitted. If You institute patent litigation
against any entity (including a cross-claim or counterclaim in a lawsuit)
alleging that the Work or a Contribution incorporated within the Work
constitutes direct or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate as of the date
such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the Work or
Derivative Works thereof in any medium, with or without modifications, and in
Source or Object form, provided that You meet the following conditions:
XMLSEC
(a) You must give any other recipients of the Work or Derivative Works a
copy of this License; and
(b) You must cause any modified files to carry prominent notices stating
that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works that You
distribute, all copyright, patent, trademark, and attribution notices from the
Source form of the Work, excluding those notices that do not pertain to any
part of the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its distribution,
then any Derivative Works that You distribute must include a readable copy of
the attribution notices contained within such NOTICE file, excluding those
notices that do not pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed as part of the
Derivative Works; within the Source form or documentation, if provided along
with the Derivative Works; or, within a display generated by the Derivative
Works, if and wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and do not modify the
License. You may add Your own attribution notices within Derivative Works
that You distribute, alongside or as an addendum to the NOTICE text from the
Work, provided that such additional attribution notices cannot be construed as
modifying the License.
You may add Your own copyright statement to Your modifications and may
provide additional or different license terms and conditions for use,
reproduction, or distribution of Your modifications, or for any such Derivative
Works as a whole, provided Your use, reproduction, and distribution of the
Work otherwise complies with the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise, any
Contribution intentionally submitted for inclusion in the Work by You to the
Licensor shall be under the terms and conditions of this License, without any
additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify the
terms of any separate license agreement you may have executed with Licensor
regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor, except
as required for reasonable and customary use in describing the origin of the
Work and reproducing the content of the NOTICE file.
XMLSEC
7. Disclaimer of Warranty. Unless required by applicable law or agreed to in
writing, Licensor provides the Work (and each Contributor provides its
Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
OF ANY KIND, either express or implied, including, without limitation, any
warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY,
or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for
determining the appropriateness of using or redistributing the Work and
assume any risks associated with Your exercise of permissions under this
License.
8. Limitation of Liability. In no event and under no legal theory, whether in
tort (including negligence), contract, or otherwise, unless required by
applicable law (such as deliberate and grossly negligent acts) or agreed to in
writing, shall any Contributor be liable to You for damages, including any
direct, indirect, special, incidental, or consequential damages of any character
arising as a result of this License or out of the use or inability to use the Work
(including but not limited to damages for loss of goodwill, work stoppage,
computer failure or malfunction, or any and all other commercial damages or
losses), even if such Contributor has been advised of the possibility of such
damages.
9. Accepting Warranty or Additional Liability. While redistributing the Work or
Derivative Works thereof, You may choose to offer, and charge a fee for,
acceptance of support, warranty, indemnity, or other liability obligations
and/or rights consistent with this License. However, in accepting such
obligations, You may act only on Your own behalf and on Your sole
responsibility, not on behalf of any other Contributor, and only if You agree to
indemnify, defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason of your
accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following boilerplate
notice, with the fields enclosed by brackets "[]" replaced with your own
identifying information. (Don't include the brackets!) The text should be
enclosed in the appropriate comment syntax for the file format. We also
recommend that a file or class name and description of purpose be included on
the same "printed page" as the copyright notice for easier identification within
third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License"); you may not
use this file except in compliance with the License.
zlib
You may obtain a copy of the License at
Unless required by applicable law or agreed to in writing, software distributed
under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES
OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
zlib
/* zlib.h -- interface of the 'zlib' general purpose compression library version
1.2.2, October 3rd, 2004
Copyright (C) 1995-2004 Jean-loup Gailly and Mark Adler
This software is provided 'as-is', without any express or implied warranty. In
no event will the authors be held liable for any damages arising from the use
of this software.
Permission is granted to anyone to use this software for any purpose, including
commercial applications, and to alter it and redistribute it freely, subject to the
following restrictions:
1. The origin of this software must not be misrepresented; you must not claim
that you wrote the original software. If you use this software in a product, an
acknowledgment in the product documentation would be appreciated but is not
required.
2. Altered source versions must be plainly marked as such, and must not be
misrepresented as being the original software.
3. This notice may not be removed or altered from any source distribution.
Jean-loup Gailly
jloup@gzip.org
Mark Adler
madler@alumni.caltech.edu
The data format used by the zlib library is described by RFCs (Request for
Comments) 1950 to 1952 in the files http://www.ietf.org/rfc/rfc1950.txt (zlib
format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format)
Index
A
D
access permissions
admin server • 76
administrator view • 75
acknowledgements • 165
admin server • See user accounts, See guest
account, See discovering machines, See
defined, See administrator accounts, See
access rights
administrator rights at installation • 77
Alert
basic components • 93
broadcast option • 99
configuring • 98
email option • 101
eTrust Audit option • 101
pager option • 101
policy • 94
sample TNG scenarios • 100
SMTP option • 102
SNMP option • 102
trouble ticket option • 102
Unicenter TNG option • 99
Alert Manager • 96, 98
alert policy • 94
default organization
defined • 32
discovery
for machines outside local subnet • 33
how it works • 31
distribution
of configuration changes • 41
download signatures list
how it works • 62
B
G
branches
management • 37
guest account on admin server • 79
C
characteristics of viruses • 159
collecting system metrics • 73
command line scanner • 105
components of eTrust Antivirus • 10
computer infection symptoms • 158
configuration
communication ports • 99
of Alert • 98
of machines in security network • 20
proxy • 41
settings • 43
content updates
getting • 15
E
editing Alert port configurations • 99
effects of computer viruses • 159
email option (Alert) • 101
email policies • 57
eTrust Audit option (Alert) • 101
eTrust Threat Management Console
access • 75
configuration settings • 43
e-mail policies • 57
Organization tree • 37
viewing logs • 67
window • 20
ETRUSTAV console • 147
I
ICF files
granting administrator rights at installation
time • 77
inherited user rights • 80
INOC6.ICF
administrator rights at installation • 77
Inocmd32 • 105
InoSetAlert script • 103
InoSetApproved script • 32, 77
integrating with Unicenter NSM • 131
interpreting pager messages • 101
J
Java plug-in • 24
Index 253
L
local alert manager • 103
local scanner
service manager • 71
logs
collecting system metrics • 73
scheduled job policy • 67
using with ODBC • 73
M
managing
daemons • 71
NetApp filers • 142
NetApp scanners • 137
N
network drives • 54
O
ODBC (using with logs) • 73
organization tree • 37
branch management • 37
computer management • 69
OS X menu bar • 50
P
pager recipients testing • 102
PERFMON • 74
Performance Monitor • 74
policies
alert forwarding • 94
email • 57
enforcement of • 43
legacy signature distribution • 55
locking settings • 44
precedence • 44
scheduled jobs • 52
scheduled scanner • 52
send for analysis • 56
port configuration • 99
product components • 10
proxy server
configuration • 41
considerations • 42
override option • 42
R
realtime monitor
on UNIX • 46
snooze option • 50
system tray options • 50
recipient pager testing • 102
remote management
eTrust Threat Management Console • 20
reports
reports tab • 83
rights
administrator • 77
running Alert Manager • 98
S
scan settings
using the command line scanner Inocmd32
• 105
scanning
network drives • 54
scheduled jobs
viewing logs for multiple machines • 67
security
authorized administrator accounts • 78
service manager • 71
snooze option • 50
specified user rights • 80
subnets
discovering • 31
suggestions for staying infection-free • 15
symptoms of a computer infection • 158
system metrics information • 73
T
Threat Management Server
access rights • 76
administrator accounts • 78
defined • 10
discovering machines • 31
guest account • 79
user accounts • 79
trouble ticket option • 102
types of viruses • 157
U
Unicenter Network and Systems Management
(integration with) • 131
Unicenter TNG (using with Alert) • 99
UNIX
access permissions • 76
alert notification • 103
approved server • 32, 77
CAIENF • 46
InoSetApproved • 32, 77
managing daemons • 71
notification facility • 103
realtime monitor • 46
root user • 76
root user installation • 77
subnets • 32
user rights
characteristics • 80
V
viruses
characteristics of • 159
effects of • 159
signature updates for • 15
symptoms of • 158
types of • 157
W
windows
Windows system tray • 50
WorldView • 134
Index 255