This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Exchange and SharePoint Protection

This Article Applies to:

  • Avast Business On-Premise Console

Supported Exchange/SharePoint Servers

Microsoft Exchange/SharePoint Server versions 2010 and later are supported.

Prerequisites

For Exchange/SharePoint Server to be detected by Avast Business Antivirus and the plugin installed, it should be installed prior to installing Antivirus. If it is installed afterward, the Exchange/SharePoint component would need to be added manually.

Recommended Antivirus Components

When installing servers in a business environment, please follow our guidelines in Recommended Components for Servers and Workstations.

Configuring Exchange Protection

The Exchange component for Windows Servers is specifically meant to protect your Exchange Server from threats without interfering in its function. It scans and filters emails for viruses at the Exchange server level to help stop potential attacks before they spread to the network.

To access Exchange settings:

  1. Go to the Policies page
  2. Open the desired policy
  3. Select Windows Server
  4. Go to the Active protection tab
  5. Click the Customize link next to Exchange

The available configuration options are grouped as follows:

  • Scanning
  • Actions
  • Blocking

Scanning

Here, you can configure basic scanning parameters:

  • Scan messages on-access: On-access scanner scans messages upon downloading, and remains active even if scanning messages in the background and proactive scanning options are off.
  • Scan messages in the background (Exchange 2010 only): Background scanning works when an item that has not been scanned with the latest Avast virus definitions is encountered in the users’ mailbox folders. Scanning and searching for not examined objects runs in parallel. A specific low priority thread is used for each database, which guarantees other tasks (e.g. email messages storage in the Microsoft Exchange database) are always carried out preferentially.
  • Enable proactive scanning (Exchange 2010 only): Proactive scanning works when an item is delivered to a folder, but a request has not been made by a client. As messages are submitted to the Exchange store, they enter the global scanning queue as low priority (maximum of 30 items). They are scanned on the first in, first out (FIFO) basis. If an item is accessed while still in the queue, it is changed to high priority.
  • Scan at transport level: Enables scanning of emails at the Exchange Hub Transport level.
  • Scan RTF message bodies: Enables scanning of messages in rich text format.
  • Try to clean infected objects: infected objects will be cleaned (e.g. remove malicious code only); if unsuccessful, they will be removed.

Actions

The Actions settings allow you to configure how untestable and infected items are handled. In both cases, you can choose to allow full access to the item, overwrite the item with a warning, or delete the whole message.

You can also change the infected object's icon (if possible).

Blocking

Use these settings to block attachments with specified filename masks (characters and wildcards used to match folder and file names) that are found in messages coming through Exchange.

To configure attachment blocking, tick the Enable attachment blocking by name checkbox, then enter the desired filename mask and click the Add button (or hit Enter). Repeat the process for each mask you want to add to the list.

The list will then get populated with your entries, which you can edit/delete anytime if needed.

At the bottom of the settings, you can also choose what the file's name is replaced with, and the content of the .txt file that will replace the blocked file.

Configuring SharePoint Protection

The SharePoint component for Windows Servers is specifically meant to protect your SharePoint Server from threats without interfering in its function. It is a security plugin that you install on your SharePoint Server. The component will scan all uploaded and downloaded files to help prevent malicious documents from infecting your business data, and it can help block ransomware attacks. If the plugin discovers a harmful document, it will quarantine it and alert the user.

SharePoint Shield has no customization options in the On-Premise Console, but can be configured locally if needed (see SharePoint Protection).

Exchange Protection FAQ

No, only on-premise Exchange.

No, only viruses/malicious content.

This is because VSAPI support was discontinued by Microsoft since Exchange 2013. Therefore, those features became unavailable.

No, Mail Shield is only for workstation OS, only the Exchange component is required.

 

Other Articles In This Section:

Real Site

Webcam Shield

Data Shredder

Sandbox

Components Without Customization Options in On-Premise Console

Related Articles:

Managing Policies

Configuring Antivirus Exclusions