Inhaltsverzeichnis

Virus/malware scanner configuration

The file transfer from TightGate-Pro to internal clients can be monitored by a malware scanner on the server side. TightGate-Pro can be supplied with a pre-installed malware scanner as standard. Subsequent installation is also possible. In either case, a licence must be installed with which the malware scanner can be updated over the booked licence period. The licence expiry is displayed on the status page of TightGate-Pro and via the corresponding checkpoint of the Nagios system monitoring.

Note

Downloads that are downloaded from the Internet into the transfer directory of TightGate-Pro are not scanned by the virus scanner. The virus scanner is only queried when files are transferred from TightGate-Pro to the workstation.
The virus scanner is also not queried when uploading files from the workstation to TightGate-Pro.

Installing the AV scanner

TightGate-Pro can be supplied with a factory-installed and licensed malware scanner. If this is not the case, the product can be installed later if required.

How it works

The installation of the malware scanner starts. Once the installation is complete, please log in again as administrator config again. Under the menu item Services menu item, the installed malware scanner is available and can be configured.

Configuration of the AV scanner

The malware scanner is configured as an administrator config.

This is required

How it works

Update virus signatures manually

The malware signatures are an integral part of a malware scanner. To optimise the scanner's detection performance, the signatures must always be up to date. TightGate-Pro downloads the latest definitions directly from the manufacturer's update server every day, so there is usually no need for manual intervention. If the signatures are to be updated manually, proceed as follows.

This is how it works

Note: In the event of an error, network problems are the most common cause. A valid licence for the malware scanner is also required.

Empty AV-Scanner cache

If a file is scanned by the virus scanner, the result of the scan is stored in the cache of TightGate-Pro for one hour. If the same file is scanned again within this time, the result of the cache is used. If files in this cache are marked as malicious code because the virus scanner was not running or had outdated signatures (> 3 days), users must wait one hour until the cache is emptied or the administrator maint clears the cache manually. The cache is emptied via the menu item Malware scanner > Empty cache. Please make sure that the virus scanner is running correctly and that the signatures are up-to-date before you clear the cache.

To check whether a scanner is up to date, proceed as described in the section Updating virus signatures manually.

Configure malware scanner white lists

Scanning large files (ISOs, archives etc.) by virus scanners can sometimes take quite a long time and sometimes even fail. If you have downloaded large files from TightGate-Pro and otherwise ensured that they do not contain any malicious code, it is possible to store MD5 checksums of files in TightGate-Pro for which the virus scanner does not perform a scan. The MD5 checksums can either be stored manually or already rejected files from the virus scanner log can be added to the white list.

MD5 checksum manually to white list add to white list

To add an MD5 checksum to the virus scanner white list, please proceed as follows:

Add MD5 checksum from malware scanner log to white list

To transfer MD5 checksums from an already rejected file transfer, please proceed as follows:

Remove MD5 checksum from white list

If an MD5 checksum is to be removed from the white list, proceed as follows: