Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
antivirus [2018_02_05 22:52] – [2. Enabling Antivirus Scanning] shorter title stevenantivirus [2024_02_28 01:03] (current) – external edit 127.0.0.1
Line 1: Line 1:
-# Virus Scanning+# Virus Scanning Protection 
 +last updated on: April 20, 2022
  
-Enterprise File Fabric prevents the downloading and sharing of malicious files through a ‘scan on write’ approach. As files are uploaded they are scanned. If a virus is detected, the upload fails, and an error is returned immediately to the user or application.+Access Anywhere prevents the downloading and sharing of malicious files through a ‘scan on write’ approach. As files are uploaded they are scanned. If a virus is detected, the upload fails, and an error is returned immediately to the user or application.
  
 {{::antivirus:file-mgr_file-infected-error.png?800|}} {{::antivirus:file-mgr_file-infected-error.png?800|}}
Line 9: Line 10:
     File solution-brief.pdf uploaded to My Cloud files/mybucket. Scanned with antivirus ClamAV 0.99.2/24143/     File solution-brief.pdf uploaded to My Cloud files/mybucket. Scanned with antivirus ClamAV 0.99.2/24143/
  
-The ClamAV virus scanner included is a high performance multi-threaded daemon supporting many file formats including file and archive unpacking.+ClamAV is the officially supported virus scanner available for use with Access Anywhere. ClamAV is a high performance multi-threaded daemon supporting many file formats including file and archive unpacking.
  
-In High Availability environments each appliance will run a local ClamAV service (as configured by default).  Files added outside of the File Fabric, directly to the external storage and discovered through provider synchronization, are not scanned.+In High Availability environments each appliance serving web traffic will be required to run a local ClamAV service.  Files added outside of Access Anywhere, directly to the external storage and discovered through provider synchronization, are not scanned.
  
-Works with:+<WRAP center round info 100%> 
 +Files larger than 1.5GB will be uploaded without being scanned, and only the first 1.5GB of files that expand during scanning to more than 1.5GB will be scanned. 
 +</WRAP>
  
-* Enterprise Appliance (since 1712.00) 
  
-## Configuration+## Service Configuration
  
-The virus scanning of uploads is a configuration option for the organization. The option is available when added to the user package.+ClamAV must first be enabled and configured on each web node.  
 + 
 +## 1. Start and Enable ClamAV 
 + 
 +SSH to the appliance as user smeconfiguser, then become root 
 + 
 +    su - 
 + 
 +Use systemctl to start and enable ClamAV (that is, will startup on boot): 
 + 
 +    # systemctl enable clamd@scan 
 +    # systemctl start clamd@scan 
 +     
 +Next verify that it is running and enabled: 
 + 
 +    # systemctl status clamd@scan 
 +    Loaded: loaded (/usr/lib/systemd/system/clamd@scan.server; enabled;...  
 +    Active: active (running) 
 + 
 +## 2. Verify Appliance Integration with ClamAV 
 + 
 +The appliance configuration file can be found at: 
 + 
 +    /var/www/smestorage/public_html/config.inc.php 
 + 
 +Verify that the settings below are configured as shown: 
 + 
 +    var $enableantivirus = 1; 
 +    var $clamavsocketpath = '/var/run/clamd.scan/clamd.sock'; 
 + 
 +## Enabling ClamAV for Organizations 
 +The virus scanning of uploads is a configuration option for organizations. The option is available when added to the user package.
  
 ## 1. Adding the ClamAV Option to a User Package ## 1. Adding the ClamAV Option to a User Package
Line 35: Line 68:
 ## Troubleshooting ## Troubleshooting
  
-### Checking that the ClamAV Service is On +### Checking ClamAV Service Logs 
-The ClamAV service is preinstalled on the appliance and is enabled and running by default.+Once started the ClamAV service will generate log data.
  
 To verify ClamAV has been running successfully check the last entries in the log: To verify ClamAV has been running successfully check the last entries in the log:
Line 44: Line 77:
     Fri Feb 2 00:34:21 2018 -> SelfCheck: Database status OK     Fri Feb 2 00:34:21 2018 -> SelfCheck: Database status OK
  
-Use systemctl to verify ClamAV is both enabled (that is, will startup on boot), and running: 
- 
-    $ systemctl status clamd@scan 
-    Loaded: loaded (/usr/lib/systemd/system/clamd@scan.server; enabled;...  
-    Active: active (running) 
- 
-If needed, to stop, start, enable, disable or restart run systemctl as root: 
- 
-    systemctl restart clamd@scan 
  
 #### Configuration #### Configuration
Line 81: Line 105:
  
     /var/www/smestorage/config/clamd/freshclam.conf     /var/www/smestorage/config/clamd/freshclam.conf
- 
-### Checking Appliance Integration with ClamAV 
- 
-This configuration file can be found at: 
- 
-    /var/www/smestorage/public_html/config.inc.php 
- 
-Make sure the following settings are present: 
- 
-    var $enableantivirus = 1; 
-    var $clamavsocketpath = '/var/run/clamd.scan/clamd.sock'; 
  
 ### Error: Socket Operation Failed ### Error: Socket Operation Failed
Line 110: Line 123:
  
 For a test virus file see https://en.wikipedia.org/wiki/EICAR_test_file. For a test virus file see https://en.wikipedia.org/wiki/EICAR_test_file.
- 
  
© Copyright 2024 Nasuni.