cposint

OfficeScan Integration

OfficeScan client periodically passes the Virus Pattern number and Virus Scan Engine number to SecureClient for verification. SecureClient then compares these values with values in the client local.scv file.

This is what the local.scv file looks like if you open it in a text editor:

(SCVObject

   :SCVNames (

      : (OfceSCV

         :type (plugin)

         :parameters (

            :CheckType (OfceVersionCheck)

            :LatestPatternVersion (701)

            :LatestEngineVersion (7.1)

            :PatternCompareOp (">=")

            :EngineCompareOp (">=")

         )

      )

   )

   :SCVPolicy (

      : (OfceSCV)

   )

   :SCVGlobalParams (

      :block_connections_on_unverified (true)

      :scv_policy_timeout_hours (24)

   )

)

In this example, the SCV check will allow connections through the firewall if the pattern file version is 701 or later, and the scan engine number is 7.1 or later. If the scan engine or pattern file is earlier, all connections through the Check Point firewall get blocked. Modify these values using the SCV Editor on the local.scv file on the Policy Server.

• Check Point does not automatically update the pattern file and scan engine version numbers in the SCV file. Whenever OfficeScan updates the scan engine or pattern file, you need to manually change the value of the conditions in the local.scv file to keep them current. If you do not update the scan engine and pattern versions, Check Point will authorize traffic from clients with earlier pattern files or scan engines, creating a potential for new viruses to infiltrate the system.