Operation Modes |
In this section •Centralized Protection Concept •Connecting to Centralized Protection Server •Disconnecting from Centralized Protection Server Dr.Web Security Space can operate either in standalone mode or as a part of a corporate or private anti-virus network managed by a centralized protection server. Such operation mode is called a centralized protection mode. Using this mode does not require installation of additional software or Dr.Web Security Space re-installation or uninstallation. •In standalone mode, a protected computer is not connected to the anti-virus network and its operation is managed locally. In this mode, configuration and license key files are located on local disks and Dr.Web Security Space is fully managed by the protected computer. Updates for virus databases are received from Doctor Web update servers. •In centralized protection mode, protection of the computer is managed by the centralized protection server. In this mode, some functions and settings of Dr.Web Security Space can be adjusted in accordance with the general (corporate) anti-virus protection policy implemented on the anti-virus network. The license key file used for operating in centralized protection mode is received from the centralized protection server to which Dr.Web Security Space is connected. The license or demo key file stored on the local computer, if any, is not used. Statistics on threat events together with information on Dr.Web Security Space operation are sent to the centralized protection server. Updates for virus databases are also received from the centralized protection server. •In mobile mode, Dr.Web Security Space receives updates from Doctor Web update servers, but uses settings stored locally and a custom license key file that were received from the centralized protection server. When Dr.Web Security Space operates in centralized protection mode or mobile mode, the following options are blocked: •deletion of a license key file in License Manager; •manual start of an update process and adjustment of update settings; •configuration of file system scanning parameters. A possibility of configuring the settings of the SpIDer Guard file system monitor as well as enabling or disabling it while Dr.Web Security Space is controlled by the centralized protection server are dependent on permissions specified on the server.
Centralized Protection Concept Doctor Web solutions for managing centralized protection use a client-server model (see the figure below). Corporate computers or computers of clients of an IT service provider are protected by local anti-virus components (in this case, by Dr.Web Security Space), which ensure anti-virus protection and maintain connection to the centralized protection server. ![]()
Figure 1. Logical structure of the anti-virus network Local components are updated and configured from the centralized protection server. The entire stream of instructions, data and statistics in the anti-virus network also passes the centralized protection server. The volume of traffic between protected computers and the centralized protection server can be significant, therefore an option for traffic compression is provided. Using encryption while sending data prevents a leak of sensitive data or substitution of software downloaded onto protected computers. All necessary updates are downloaded to the centralized protection server from Doctor Web update servers. Changes in the configuration of local anti-virus components and command transfer are performed by anti-virus network administrators using the centralized protection server. The administrators manage configuration of the centralized protection server and topology of the anti-virus network (for example, they validate connection of a local station to the network) and configure operation of individual local anti-virus components when necessary.
The centralized protection mode allows exporting and saving Dr.Web Security Space operation reports using the centralized protection server. Reports can be exported and saved in the following formats: HTML, CSV, PDF and XML. Connecting to Centralized Protection Server Dr.Web Security Space can be connected to the centralized protection server of the anti-virus network in one of the following ways: •on the Mode tab of the Dr.Web Security Space configuration page; •using the esconnect command of the drweb-ctl command-line management tool.
If Dr.Web Security Space is connected to the centralized protection server, you can switch the product into the mobile mode or switch it back into the centralized protection mode. Switching the mobile mode on or off is accomplished with the help of the MobileMode configuration parameter of the Dr.Web ES Agent component.
Disconnecting from Centralized Protection Server Dr.Web Security Space can be disconnected from the centralized protection server of the anti-virus network in one of the following ways: •on the Mode tab of the Dr.Web Security Space configuration page; •using the esdisconnect command of the drweb-ctl command-line management tool. |