Metadefender Core V4.10.1
Total Page:16
File Type:pdf, Size:1020Kb
MetaDefender Core v4.10.1 © 2018 OPSWAT, Inc. All rights reserved. OPSWAT®, MetadefenderTM and the OPSWAT logo are trademarks of OPSWAT, Inc. All other trademarks, trade names, service marks, service names, and images mentioned and/or used herein belong to their respective owners. Table of Contents About This Guide 13 Key Features of Metadefender Core 14 1. Quick Start with Metadefender Core 15 1.1. Installation 15 Installing Metadefender Core on Ubuntu or Debian computers 15 Installing Metadefender Core on Red Hat Enterprise Linux or CentOS computers 15 Installing Metadefender Core on Windows computers 16 1.2. License Activation 16 1.3. Scan Files with Metadefender Core 17 2. Installing or Upgrading Metadefender Core 18 2.1. Recommended System Requirements 18 System Requirements For Server 18 Browser Requirements for the Metadefender Core Management Console 20 2.2. Installing Metadefender Core 20 Installation 20 Installation notes 21 2.2.1. Installing Metadefender Core using command line 21 2.2.2. Installing Metadefender Core using the Install Wizard 23 2.3. Upgrading MetaDefender Core 23 Upgrading from MetaDefender Core 3.x 23 Upgrading from MetaDefender Core 4.x 23 2.4. Metadefender Core Licensing 24 2.4.1. Activating Metadefender Core Licenses 24 2.4.2. Checking Your Metadefender Core License 30 2.5. Performance and Load Estimation 31 What to know before reading the results: Some factors that affect performance 31 How test results are calculated 32 Test Reports 32 Performance Report - Multi-Scanning On Linux 32 Performance Report - Multi-Scanning On Windows 36 2.6. Special installation options 41 Use RAMDISK for the tempdirectory 41 3. Configuring Metadefender Core 45 3.1. Management Console 45 3.2. Metadefender Configuration 46 3.2.1. Startup Core Configuration 46 3.2.2. Startup Node Configuration 50 3.3. User management 53 3.3.1. Users and groups 53 3.3.2. Roles 57 3.3.3. User directories 60 3.3.4. Active Directory attributes 67 3.3.5. Change user password 70 3.4. Update settings 71 Internet 72 Folder 73 Manual 73 3.5. Clean up scan database 74 Technology Note: 74 3.6. Policies configuration 74 3.6.1. How MetaDefender Core policies work 75 3.6.2. Workflow template configuration 75 3.6.3. Security zone configuration 88 3.6.4. Workflow rule configuration 88 3.7. Logging 92 3.7.1. Configuration 93 3.7.2. Debug logging 93 3.8. Enabling HTTPS 93 Enabling HTTPS via Management Console 94 Enabling HTTPS via configuration files 96 3.9. Configuring proxy settings 98 How can I set proxy server for the product 98 3.10. External Scanners And Post Actions 98 External Scanners 99 Post Actions 102 4. Scan files with Metadefender Core 105 Scan Files via REST API 105 Scan Files via Web Interface 106 Choose what to scan and how 106 Start scanning 106 Progress of scanning 106 5. Data Sanitization 108 6. Operating Metadefender Core 109 6.1. Dashboard 109 Overview page 109 Scan history 110 Quarantine 110 Update history 110 6.2. Inventory Management 111 Certificates 111 Engines 114 Nodes 121 Whitelist (by hash) 123 6.3. Regular Maintenance 124 Checking for Upgrades 124 Checking Engines / Databases Health 124 6.4 Import/Export configuration 125 Export 125 Import 125 Note 125 7. Metadefender Core Developer Guide 126 How to Interact with Metadefender Core using REST 126 File scan process 126 Activate License Online 126 Successful response 127 Error response 127 Cancel Batch 128 Cancel Scan Batch 128 Close Batch 129 Close Scan Batch 129 Download Batch Signed Result 131 Download Batch Signed Result 131 Download Sanitized Files 133 Download Sanitized Files Using Data Id 133 Error response 134 Fetching Available Scan Rules 135 Successful response 135 Error response 136 Fetching Engine/Database Versions 136 Successful response 137 Error response 138 Fetch Scan Result 138 Retrieving Scan Reports Using Data ID 138 Successful response 138 Successful response with archive detection 143 Response (not existing data_id) 145 Error response 145 Fetch Scan Result by File Hash 146 Retrieve Scan Results Using Hash 146 Request http header parameters 146 The retrieved result is always the most recent for the processed item, if rule is set then it will be the most recent - if exists - under the given rule. 146 Successful response 146 Successful response with archive detection 150 Response (not existing hash) 152 Error response 152 Get Current License Information 153 Successful response 153 Error response 154 Get Product Version 154 Successful response 155 Error response 155 Initiate Batch 156 Initiate Scan Batch 156 Login / Create a Session 157 Successful response 157 Error response 158 Logout / Destroy a Session 158 Successful response 159 Error response 159 Scan A File 159 Successful response 160 Error response 160 Scan file in batch 161 Scan file in batch 161 Status of Batch 162 Status of Scan Batch 162 Uploading License Key File 163 Successful response 164 Error response 164 Vulnerability Info In Scan Result 165 Example 165 8. Advanced Metadefender Core Deployment 169 8.1. Scripted license management 169 Requirements 169 Activation steps 169 Deactivation steps 170 Important notes 172 8.2. Multi-node deployment 172 Setting up several Metadefender Core nodes 172 8.3. Using external load-balancer 175 8.3.1. HTTP(S) - Layer 7 load balancing 175 8.3.2. DNS load balancing 178 9. Troubleshooting Metadefender Core 182 Installation issues 182 Issues with nodes 182 Where are the Metadefender Core logs located? 182 How can I create a support package? 182 Issues under high load 182 How to Create Support Package? 183 Creating the package on Linux 183 Creating the package on Windows 183 Content of the created package 184 How to Read the Metadefender Core Log? 184 Files 184 Format 184 Severity levels of log entries 185 Inaccessible Management Console 185 How to detect 185 Solution 185 Possible Issues on Nodes 186 Q. Node detected 3rd party product on system 186 Q. There is no scan node connected 186 Too Many Sockets or Files Open 187 How to detect 187 Solution 187 Too Many TIME_WAIT Socket 188 How to detect 188 Solution 188 Technical Insights 189 10. Release notes 190 Version v4.10.1 190 Version v4.10.0 190 Version 4.9.1 191 Version 4.9.0 191 Version 4.8.2 192 Version 4.8.1 192 Version 4.7.2 193 Version 4.7.1 194 Version 4.6.3 195 Version 4.6.2 195 Version 4.6.1 195 Version 4.6.0 196 Version 4.5.1 197 Version 4.5.0 197 Version 4.4.1 197 Version 4.3.0 198 Version 4.2.0 199 Version 4.1.0 200 Version 4.0.1 200 Version 4.0.0 201 11. Metadefender / Client 202 About This Guide 202 Key Features of MetaDefender Client 202 Supported Operating Systems 202 1. MetaDefender Client Packages 203 MetaDefender Free Client 203 MetaDefender Premium Client 203 2. MetaDefender Premium Client 204 2.1 Install using the Install Wizard 204 2.2 Install using the Command Line 206 2.3 Using the MetaDefender Premium Client 207 2.4 Configuring through the config file 222 2.5 Configuring through Central Management 229 3. MetaDefender Free Client 234 4. Command Line Interface 234 Example: 234 Command Line Options 234 4.1 Generating and using the Administrator Password 238 5. MetaDefender Client Release Notes 240 Tips and Known Issues 240 4.1.4 Release 240 4.1.3 Release 241 4.1.2 Release 241 4.1.1 Release 241 4.1.0 Release 242 4.0.18 Release 242 4.0.17 Release 243 4.0.16 Release 243 4.0.15 Release 243 4.0.14 Release 244 4.0.13 Release 244 4.0.12 Release 245 4.0.11 Release 245 4.0.10 Release 246 4.0.9 Release 246 4.0.8 Release 247 4.0.7 Release 247 4.0.6 Release 247 4.0.5 Release 248 4.0.4 Release (Internal Only) 248 4.0.3 Release 248 4.0.2 Release 249 4.0.1 Release 249 4.0.0 Release 249 Changes in 3.12.5 250 12. Legal 251 Copyright 251 DISCLAIMER OF WARRANTY 251 COPYRIGHT NOTICE 251 Export Classification EAR99 251 13. Knowledge Base Articles 252 Are MetaDefender Core v4 upgrades free? 253 Are there any dependencies that need to be fulfilled for MetaDefender Core v4 engines ? 253 Does Metadefender Core v4 offer real-time antivirus protection on the system where it is installed? 254 Does MetaDefender Core v4 Detect the NotPetya Ransomware? 254 Does the fixing updates for Meltdown and Spectre vulnerabilities affects any engines in MetaDefender Core v4? 257 External scanners in MetaDefender core v4.8.0 and above 257 How can I configure the maximum queue size in MetaDefender Core v4 ? 259 How can I find a sanitized file scanned with MetaDefender Core v4? 261 How can I increase the scaling up performance? 261 How can I upgrade from Core v4.7.0/v4.7.1 to a newer Core v4.7 release 263 How can the TEMP folder be changed? 264 How do I collect verbose debug packages on MetaDefender Core v4 for Linux? 265 How do I deploy MetaDefender Core v4 to an offline Linux environment? 267 Installing MetaDefender Core 267 Activate your license 267 Installing the MetaDefender Update Downloader utility 269 Applying offline updates 270 Contacting OPSWAT Support 271 How do I deploy MetaDefender Core v4 to an offline Windows environment? 271 Installing MetaDefender Core 272 Activate your license 272 Installing the MetaDefender Update Downloader utility 273 Applying offline updates 275 Contacting OPSWAT Support 276 How do I disable real-time protection of my anti-malware software if it is not allowed by corporate policy for use with MetaDefender Core v4? 276 How do I remove an engine from my MetaDefender v4 instance? 278 How do I use MetaDefender Core v4 Workflows ? 278 Defining and administering Workflow Templates in MetaDefender Core v4 279 Is there a virus test I could use to test MetaDefender Core v4? 280 MetaDefender Core v4 shows a large number of files that failed to scan.