Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
antivirus [2018_07_26 13:07] – jim | antivirus [2022_04_20 09:50] – dan | ||
---|---|---|---|
Line 1: | Line 1: | ||
# Virus Scanning Protection | # Virus Scanning Protection | ||
+ | last updated on: April 20, 2022 | ||
The Enterprise File Fabric prevents the downloading and sharing of malicious files through a ‘scan on write’ approach. As files are uploaded they are scanned. If a virus is detected, the upload fails, and an error is returned immediately to the user or application. | The Enterprise File Fabric prevents the downloading and sharing of malicious files through a ‘scan on write’ approach. As files are uploaded they are scanned. If a virus is detected, the upload fails, and an error is returned immediately to the user or application. | ||
Line 11: | Line 12: | ||
ClamAV is the officially supported virus scanner available for use with the File Fabric. ClamAV is a high performance multi-threaded daemon supporting many file formats including file and archive unpacking. | ClamAV is the officially supported virus scanner available for use with the File Fabric. ClamAV is a high performance multi-threaded daemon supporting many file formats including file and archive unpacking. | ||
- | In High Availability environments each appliance will run a local ClamAV service | + | In High Availability environments each appliance |
- | Works with: | + | <WRAP center round info 100%> |
+ | Files larger than 1.5GB will be uploaded without being scanned, and only the first 1.5GB of files that expand during scanning to more than 1.5GB will be scanned. | ||
+ | </ | ||
- | * Enterprise Appliance (since 1712.00) | ||
- | ## Configuration | + | ## Service |
- | The virus scanning of uploads is a configuration option for the organization. The option is available when added to the user package. | + | ClamAV must first be enabled and configured on each web node. |
+ | |||
+ | ## 1. Start and Enable ClamAV | ||
+ | |||
+ | SSH to the appliance as user smeconfiguser, | ||
+ | |||
+ | su - | ||
+ | |||
+ | Use systemctl to start and enable ClamAV (that is, will startup on boot): | ||
+ | |||
+ | # systemctl enable clamd@scan | ||
+ | # systemctl start clamd@scan | ||
+ | |||
+ | Next verify that it is running and enabled: | ||
+ | |||
+ | # systemctl status clamd@scan | ||
+ | Loaded: loaded (/ | ||
+ | Active: active (running) | ||
+ | |||
+ | ## 2. Verify Appliance Integration with ClamAV | ||
+ | |||
+ | The appliance configuration file can be found at: | ||
+ | |||
+ | / | ||
+ | |||
+ | Verify that the settings below are configured as shown: | ||
+ | |||
+ | var $enableantivirus = 1; | ||
+ | var $clamavsocketpath = '/ | ||
+ | |||
+ | ## Enabling ClamAV for Organizations | ||
+ | The virus scanning of uploads is a configuration option for organizations. The option is available when added to the user package. | ||
## 1. Adding the ClamAV Option to a User Package | ## 1. Adding the ClamAV Option to a User Package | ||
Line 35: | Line 68: | ||
## Troubleshooting | ## Troubleshooting | ||
- | ### Checking | + | ### Checking ClamAV Service |
- | The ClamAV service | + | Once started the ClamAV service |
To verify ClamAV has been running successfully check the last entries in the log: | To verify ClamAV has been running successfully check the last entries in the log: | ||
Line 44: | Line 77: | ||
Fri Feb 2 00:34:21 2018 -> SelfCheck: Database status OK | Fri Feb 2 00:34:21 2018 -> SelfCheck: Database status OK | ||
- | Use systemctl to verify ClamAV is both enabled (that is, will startup on boot), and running: | ||
- | |||
- | $ systemctl status clamd@scan | ||
- | Loaded: loaded (/ | ||
- | Active: active (running) | ||
- | |||
- | If needed, to stop, start, enable, disable or restart run systemctl as root: | ||
- | |||
- | systemctl restart clamd@scan | ||
#### Configuration | #### Configuration | ||
Line 81: | Line 105: | ||
/ | / | ||
- | |||
- | ### Checking Appliance Integration with ClamAV | ||
- | |||
- | This configuration file can be found at: | ||
- | |||
- | / | ||
- | |||
- | Make sure the following settings are present: | ||
- | |||
- | var $enableantivirus = 1; | ||
- | var $clamavsocketpath = '/ | ||
### Error: Socket Operation Failed | ### Error: Socket Operation Failed |