Kaspersky for Marshal Release Notes

Version: 1.2, Last Revision: February 08, 2019

Kaspersky for Marshal is a configuration and update tool that allows the Kaspersky anti-virus scanner to be used with Trustwave SEG and WebMarshal products.

These notes are additional to the Help or other documentation.

The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q21037.

Supported Trustwave Products

Kaspersky for Marshal works with the following Trustwave content scanning product releases:

Trustwave SEG 7.3.0 and above
WebMarshal 6.10.0 and above
Trustwave ECM (MailMarshal Exchange) 7.1.5 and above

New Features

For more information about additional minor features and bug fixes, see the release history.

Features New in Release 1.2.0

Improved Engine update behavior: When a new Engine is downloaded, the previous Engine is still available and will be used for scanning until the required bases (signatures) database has been downloaded and validated.
- Note that this change applies to automatic updates only. Product upgrade (running the installer) still requires the Engine to be stopped until bases are downloaded.

Features New in Release 1.1.0

Native 64-bit support: Kaspersky for Marshal is available in a native 64-bit version as well as a 32-bit version. Both versions can be installed on the same system. Use the 64-bit installation with SEG version 8.X, WebMarshal version 7.X, and other forthcoming content scanning releases that use a native 64-bit scanning engine.
Supports Kaspersky Security Network: You can choose to participate in this cloud service for enhanced protection against new threats.
Includes "special email protection": By default additional checking for email related threats is enabled (for all scanning)

Licensing

Kaspersky for Marshal is licensed and purchased through Trustwave.

Current versions of the supported product include Kaspersky for Marshal licensing in automatically generated trial licenses.
To purchase Kaspersky for Marshal and obtain a customer license (Product Key), please contact Trustwave.
Engine and signature updates are available only if the product license key has a current trial or maintenance entitlement for Kaspersky for Marshal.

System Requirements

Operating System: This release is supported on Windows 2008 (SP2) and above.
HTTPS Root Certificates: Kaspersky for Marshal uses HTTPS to retrieve updates. On some supported operating systems, the root certificates required to validate the HTTPS certificate are not installed, and you may need to install them manually, For details, see Trustwave Knowledge Base article Q13703.
Disk space requirements: Allow 500MB of free space. This space is required to maintain and update the Kaspersky Anti-virus database.
Visual C++ 2010 SP1 runtimes. This prerequisite will be installed automatically if required.

Installation and Upgrade Instructions

Please read this entire section, including notes, before beginning.

To install Kaspersky for Marshal, run the installer package.

Immediately after installation, the Kaspersky for Marshal updater attempts to retrieve the latest virus scanning Engine and signature files. If you need to configure proxy settings, you should do so immediately and then start an update manually.

Note: During upgrade, Kaspersky for Marshal downloads a full set of new signature files. SEG and/or WebMarshal scanning (Engine services) will not be available until the download is complete. This process can take 15 minutes or longer. Schedule installation accordingly.

To configure settings and start an update, start "Kaspersky for Marshal Configuration" from the Start menu. (Installation creates shortcuts in the submenu for each installed content scanning product that supports Kaspersky for Marshal). For details of the fields in the configuration tool, see Help.

Note: The updater requires access to the following websites:

http://kaspersky.marshal.com

https://kaspersky.marshal.com

To use Kaspersky for Marshal with a supported content scanning product:

Obtain and install the appropriate Product Key for SEG or WebMarshal. To update the signatures you must use a product key that includes maintenance for Kaspersky for Marshal (or a valid trial key).
Ensure the installed version of SEG or WebMarshal is a supported version.
Configure the updater and ensure that the initial download of signatures is complete.
- Note: The initial download retrieves a complete set of signatures. This process can take 15 minutes or longer. The scanner cannot process content until the signatures are available. Content could be blocked if the scanner is installed to the content scanning product before download is complete.
Follow the instructions for adding a scanner in the documentation for the specific product.
If you perform virus scanning on the server using another anti-virus product, exclude the Kaspersky for Marshal Engine folder from scanning. By default this folder is located as follows:
- 64 bit installation: C:\Program Files\Trustwave\Kaspersky for Marshal\engine
- 32 bit installation : C:\Program Files (x86)\Trustwave\Kaspersky for Marshal\engine

Notes on Upgrading

Note: The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q21037.

When upgrading Kaspersky for Marshal, stop the SEG or WebMarshal engine. The upgrade requires a download of data in a new format. While this data is being downloaded, Kaspersky for Marshal is not available to perform scanning. Downloading can take 15 minutes or longer. Schedule installation accordingly.
If you encountered the issue described in KM-195 below (after upgrade from 1.0.3 to 1.1.0 or 1.1.1), upgrading may not fully correct the issue. To correct the issue, re-enter the proxy password or enable/disable and apply proxy settings.
On upgrade from 1.0 versions, the update frequency is set to Hourly. You can use the configuration tool to set more frequent checks.

Uninstalling

To uninstall Kaspersky for Marshal:

Remove the Kaspersky for Marshal scanner from all scanning rules.
Delete the Kaspersky for Marshal scanner from the list of scanners in each installed product.
Restart the Engine services for each product. If the server has not been restarted since Kaspersky for Marshal was installed, you may need to restart the SEG Controller.
Close the SEG Configurator and/or WebMarshal Console.
Use the Add/Remove Programs control panel to uninstall Kaspersky for Marshal.

Release History

The following additional items have been changed or updated in the specific build versions of Kaspersky for Marshal listed.

Note: The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q21037.

1.2.0 (February 08, 2019)

KM-178	A new version of the Kaspersky SDK is used.
KM-180	In earlier 64 bit releases, certain files could cause the scanner to log an error and exit in an inconsistent state. Fixed.
KM-182	The TLS/SSL component used by Kaspersky for Marshal is now part of the downloadable components so that it can be updated.
KM-185	The version of the archive extraction library included in the installation is updated.
KM-195	In 1.1 releases, upgrade from 1.0 did not correctly copy the encrypted proxy password. Scanning product engines would not start if a proxy password had ever been entered. Fixed.
KM-204	When the Engine is automatically updated, the previous Engine will be used until the new virus database is available.

1.1.1.1559 (September 19, 2017)

KM-155	Kaspersky for Marshal 1.1.0 used the Windows temporary file location for some processing. Fixed: the temporary location is now the `engine` folder within the Kaspersky for Marshal install location. This folder must be excluded from on-access and scheduled virus scanning.
KM-156	In release 1.1.0, the initial signature updates could fail due to locking of the signature database. Fixed.
KM-169	Discovery of SEG and ECM license keys is improved.

1.1.0.1027 (June 6, 2017)

KM-103	Kaspersky for Marshal uses Driverless Mode.
KM-113	Engine and signature updates require valid maintenance for the scanning product (SEG, ECM, or WebMarshal).
KM-122	Kaspersky special email protection is enabled.
KM-124	Kaspersky Security Network cloud service for enhanced protection against new threats is available for selection.
KM-127	The available frequencies for signature and engine updates have changed. You can choose to check as often as every 10 minutes. The default check is hourly.

1.0.3.950 (September 17, 2013)

KM-99

In release 1.0.2 the updater could close unexpectedly when the user interface queried for log changes (affecting 32 bit servers). Fixed.

1.0.2.950 (April 4, 2013)

KM-80	In some cases the Kaspersky for Marshal component did not properly exit when processing a password protected file. Fixed.
KM-81	The Kaspersky Scanner component has been updated to version 8.3.0.13. The Kaspersky Updater component has been updated to version 8.3.0.2.
KM-89	The product branding has been updated to Trustwave.

1.0.0.9484 (June 22, 2010)

Initial product release

Legal Notice

All rights reserved. This document is protected by copyright and any distribution, reproduction, copying, or decompilation is strictly prohibited without the prior written consent of Trustwave. No part of this document may be reproduced in any form or by any means without the prior written authorization of Trustwave. While every precaution has been taken in the preparation of this document, Trustwave assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.

While the authors have used their best efforts in preparing this document, they make no representation or warranties with respect to the accuracy or completeness of the contents of this document and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the author nor Trustwave shall be liable for any loss of profit or any commercial damages, including but not limited to direct, indirect, special, incidental, consequential, or other damages.

The most current version of this document may be obtained from Trustwave Knowledge Base article Q20712.

Trademarks

Trustwave and the Trustwave logo are trademarks of Trustwave. Such trademarks shall not be used, copied, or disseminated in any manner without the prior written permission of Trustwave.

About Trustwave®

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.