Symantec Mail Security for SMTP 5.0.1 - Best Practices for Windows Installations

Article:TECH85583  |  Created: 2007-01-19  |  Updated: 2011-03-03  |  Article URL http://www.symantec.com/docs/TECH85583
Article Type
Technical Solution

Subject

Issue



You want to know which are the best practices when installing Symantec Mail Security for SMTP 5.0.1 on a Windows server.

 


Solution




Updates and Patches

Always have the latest updates installed on the running operating system and also the updates for Symantec Mail Security for SMTP 5.0.1

Microsoft Update Website
http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us

Symantec Mail Security for SMTP 5.0.1 Updates
http://www.symantec.com/enterprise/support/downloads.jsp?pid=51985

 



NOTE: All Microsoft parameters described over the sections below are not supported by Symantec, they have been technically evaluated however for best direction or support, please contact the vendor directly.
 




Network Optimization

Interface auto-negotiation
We highly recommend you to set the proper speed/duplex on the NIC and switch port to avoid issues. The minimum speed we recommend is 100 Mbits Full Duplex.

Disable task offloading
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/regentry/94176.mspx?mfr=true

TcpTimedWaitDelay
Determines the time that must elapse before TCP/IP can release a closed connection and reuse its resources. We recommend setting it to 30 seconds.
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/regentry/58811.mspx?mfr=true

MaxUserPort
Specifies the highest port number that TCP/IP can assign when an application requests an available user port from the system. We recommend setting it to 65000 ports.
http://technet2.microsoft.com/windowsserver/en/library/730fb465-d402-4853-bacc-16ba78e9fcc01033.mspx?mfr=true

For information about these and other TCP/IP parameters that are available:
http://technet2.microsoft.com/windowsserver/en/library/823ca085-8b46-4870-a83e-8032637a87c81033.mspx?pf=true

For information about protecting the TCP/IP layer from attacks:
http://technet2.microsoft.com/windowsserver/en/library/910c8482-e5e5-4e2c-9ea4-11301ddfc4661033.mspx?mfr=true


Memory Optimization

DEP on Windows 2003
Disable DEP on Windows 2003
Change the option on Boot.ini to /noexecute=AlwaysOff
http://msdn2.microsoft.com/en-us/library/aa468629.aspx

Running with more than 2GB on Windows 2003:
Add the /3GB switch to boot.ini
http://www.microsoft.com/whdc/system/platform/server/PAE/PAEmem.mspx


Antivirus settings

Recommended settings if you have an antivirus installed on the same server:
http://service1.symantec.com/support/ent-gate.nsf/docid/2006081007422263



 



Legacy ID



2007091910075154


Article URL http://www.symantec.com/docs/TECH85583


Terms of use for this information are found in Legal Notices