Overview

Ribbon recommends the deployment of an approved third-party anti-malware solution to SBC 1000/2000 with vSBA units as an added measure of security to inspect and “cleanse” devices of viruses and ransomware,

Ribbon approves Bitdefender Endpoint Security Tools (BEST) as the Antivirus and Ransomware protection software for any SBC 1000 or SBC 2000 unit with an vSBA:

BEST is a fully-automated computer security program, managed remotely by the network administrator. Once installed, it protects the system against malware (such as viruses, spyware and trojans), network attacks, phishing, ransomware, and other threats. For more information, refer to: https://www.bitdefender.com.


Prerequisites

Before you install BEST on the vSBA, make sure you have completed the following:

  • Obtain an active Bitdefender GravityZone subscription.
  • Obtain administrative access to the Bitdefender GravityZone Control Center.

This document assumes that the vSBA has Internet access.


Installing Bitdefender Endpoint Security Tools on the vSBA

The following workflow defines the procedures for installing BEST on the vSBA. 

Workflow


Create an Installer Package for the vSBA

Start

  1. Log in to the Bitdefender GravityZone Control Center at: https://gravityzone.bitdefender.com/.
  2. In the left navigation pane, navigate to Network > Packages. The Packages settings pane opens on the right.
  3. In the menu bar at the top, click Add. The New Endpoint Package window opens.
     
  4. Complete the following fields:
    1. In the General section, 
      • Name: Enter the name of the Package.
      • Description: Enter a description for the Package.
      • Language: From the dropdown list, select the required language.

    2. In the Security Modules & Roles section, select the required modules and roles.
  5. Click Save


Download an Installer Package for the vSBA

Start

  1. Log in to the Bitdefender GravityZone Control Center at: https://gravityzone.bitdefender.com/.
  2. In the left navigation pane, navigate to Network > Packages. The package settings pane opens on the right.
  3. Select the package you created in Create an Installer Package for the vSBA.
  4. In the menu bar at the top, select Download > Windows Downloader.

Run the Installation Package on the vSBA

Start


  1. Copy the installation package you downloaded in Download an Installer Package for the vSBA to a local ASM folder (for example, the Documents folder).
  2. Run the installer. The following message opens when the installation is complete.

    Note

    The installer checks the system and downloads the required packages from the Bitdefender cloud. Depending on your ASM hardware, the amount of time it takes for the package to install varies. The system displays the installation progress screens during the process. 

    Note

    The system does not require you to provide any input once the installation starts.

  3. Click Finish.

Configure a Scan Policy Exclusion 

Configuring a scan policy exclusion allows you to create a Bitdefender security policy for the vSBA and exclude certain process from scanning to ensure that the BEST operations do not interfere with the SBA. 

Start

  1. Log in to the Bitdefender GravityZone Control Center at: https://gravityzone.bitdefender.com/.
  2. In the left navigation pane, select Policies. The policy settings pane opens on the right.
  3. Select Default Policy.
  4. From the menu bar at the top, click Clone Policy. The policy settings pane opens.

    Note

    Bitdefender does not allow any modifications to the Default Policy, so you must clone the Default Policy first to make any modifications.

  5. In the Name field, enter a name for the cloned policy.
  6. Click Save. The cloned policy becomes a new policy.
  7. In the policy settings pane, click on the new policy. 
  8. From the policy settings menu, expand Antimalware > Settings. The settings pane opens.
  9. Select In-policy exclusions.
  10. Complete the following fields to add the required exclusion entries:
    • Type: From the dropdown list, select the file type that applies.
    • Excluded Name: Enter the file path. 
    • Modules: From the dropdown list, select the modules that apply. 
    • Action: Click Add.

    Exclusions Recommended by Ribbon
     

    SBAExclusion
    Office 365 Direct Routing SBA


    • C:\Program Files\Microsoft\Microsoft SBA
    • C:\Program Files\Microsoft\Microsoft SBA\Microsoft.Teams.SBA.exe
    • C:\UX\APPS\UXSBA.EXE
    • C:\UX\PUBLIC\LOGS\

  11. Click Save.


Assign a Security Policy to the vSBA

Start

  1. Log in to the Bitdefender GravityZone Control Center at: https://gravityzone.bitdefender.com/.
  2. In the left navigation pane, select Network. The network settings pane opens on the right.
  3. Right-click on the required vSBA system (for example, SBA2) and select Assign Policy.
  4. From the Assign the following policy template dropdown list, select the vSBA policy template (for example, ASM BEST Policy).
  5. Click Finish.