Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
1991 Views 8 Replies Latest reply: May 17, 2013 8:16 AM by camplife RSS
camplife Newcomer 4 posts since
Mar 5, 2013
Currently Being Moderated

Mar 5, 2013 10:46 AM

MSME8.0/Exch 2010 w/SP3 and VSAPI settings

Question for anyone using MSME 8.0 (with hotfix for ESP3) and Exchange 2010 SP3.

 

Our old set up was Exchange 2007 and GSE 7.0.something with patch 1 rollup 1,2 etc... Separate role boxes, CAS server, Hub Transport Server and Mailbox servers.

We had VSAPI turned on on the Mailbox servers.

New environment being built and tested.... W2008, 4.6 agent/VS8.8/MSME8.0 with hotfix for Exchange 2010 with SP3.

Now, we have "multiple role" boxes. Hub and Mailbox on the same box.

Do you still need to have VSAPI turned on?

 

Message was edited by: camplife on 3/5/13 10:46:10 AM CST
  • alexn Veteran 722 posts since
    Aug 9, 2012
    Currently Being Moderated
    1. Mar 5, 2013 10:49 AM (in response to camplife)
    Re: MSME8.0/Exch 2010 w/SP3 and VSAPI settings

    Yes, It should be turnd on for Antivirus scanning.


    Post Timings: 6.00 AM to 3.00PM PDT
  • tlange McAfee SME 344 posts since
    Nov 4, 2009
    Currently Being Moderated
    2. Mar 5, 2013 11:30 AM (in response to camplife)
    Re: MSME8.0/Exch 2010 w/SP3 and VSAPI settings

    Actually with a combined hub/mb role server you don't need to have vsapi scanning enabled.  all mail has to go through the hub role so even with vsapi scanning disabled all email will still get scanned both inbound and out.   the only downside (and this is very minor) to having the vsapi turned off is that the original email will still be in the users sent items unscanned.  however, if the user decides to resend the email from the sent items it will get scanned once it hits the transport agent.  there is also the option to run an odscan on the mailbox stores if the need arises to clean them out due to an infection.

  • flitcraft33 Newcomer 15 posts since
    Feb 24, 2009
    Currently Being Moderated
    4. Mar 13, 2013 2:30 PM (in response to camplife)
    Re: MSME8.0/Exch 2010 w/SP3 and VSAPI settings

    you can choose between vsapi and transport scanning. VSAPI is a lighter load on the processor, but McAfee recommends transport scanning on Edge servers if I recall correctly, so if your server is doing the Hub role, I would probably use transport scanning.

  • Aidan McAfee SME 463 posts since
    Nov 4, 2009
    Currently Being Moderated
    5. Mar 14, 2013 6:28 AM (in response to flitcraft33)
    Re: MSME8.0/Exch 2010 w/SP3 and VSAPI settings

    Well if you have separated roles with GSE or MSME install on each - e.g edge - hub -mb 

    Then the config would be Transport Scan  - Transport Scan  - VSAPI.

     

    Choice exists, as TLange states,  on Combo HUB\MB  - and if you have the Antispam Addon in the HUB\MB then its necessary to have Transport Scan enabled.

  • flitcraft33 Newcomer 15 posts since
    Feb 24, 2009
    Currently Being Moderated
    6. Mar 14, 2013 9:53 AM (in response to Aidan)
    Re: MSME8.0/Exch 2010 w/SP3 and VSAPI settings

    Nice catch on the AntiSpam thing. I did not know that, thanks for mentioning it. As to the best practice guide, I have not seen one for 8 yet. I have stuck to the prior version best practice guide. I don't know if that's a good idea or not.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points