Metadefender Core V4.14.2
Total Page:16
File Type:pdf, Size:1020Kb
MetaDefender Core v4.14.2 © 2018 OPSWAT, Inc. All rights reserved. OPSWAT®, MetadefenderTM and the OPSWAT logo are trademarks of OPSWAT, Inc. All other trademarks, trade names, service marks, service names, and images mentioned and/or used herein belong to their respective owners. Table of Contents About This Guide 11 Key Features of Metadefender Core 12 1. Quick Start with MetaDefender Core 13 1.1. Installation 13 Operating system invariant initial steps 13 Basic setup 14 1.1.1. Configuration wizard 14 1.2. License Activation 19 1.3. Process Files with MetaDefender Core 19 2. Installing or Upgrading Metadefender Core 20 2.1. Recommended System Requirements 20 System Requirements For Server 20 Browser Requirements for the Metadefender Core Management Console 22 2.2. Installing Metadefender 22 Installation 22 Installation notes 23 2.2.1. Installing Metadefender Core using command line 23 2.2.2. Installing Metadefender Core using the Install Wizard 25 2.3. Upgrading MetaDefender Core 25 Upgrading from MetaDefender Core 3.x 25 Upgrading from MetaDefender Core 4.x 26 2.4. Metadefender Core Licensing 26 2.4.1. Activating Metadefender Licenses 26 2.4.2. Checking Your Metadefender Core License 33 2.5. Performance and Load Estimation 34 What to know before reading the results: Some factors that affect performance 34 How test results are calculated 35 Test Reports 35 Performance Report - Multi-Scanning On Linux 35 Performance Report - Multi-Scanning On Windows 39 2.6. Special installation options 42 Use RAMDISK for the tempdirectory 42 3. Configuring MetaDefender Core 46 3.1. Management Console 46 3.2. MetaDefender Configuration 47 3.2.1. Startup Core Configuration 47 3.2.2. Startup Node Configuration 51 3.2.3 Nginx related configuration 54 3.3. User management 55 3.3.1. Users and groups 55 3.3.2. Roles 60 3.3.3. User directories 62 3.3.4. Active Directory attributes 70 3.3.5. Change user password 73 3.4. Update settings 74 Internet 75 Folder 76 Manual 76 3.5. Clean up scan database 77 Technology Note: 77 3.6. Policy configuration 77 3.6.1. How MetaDefender Core policies work 78 3.6.2. Workflow template configuration 78 3.6.3. Security zone configuration 93 3.6.4. Workflow rule configuration 93 3.6.5. Quarantine 98 3.7. Logging 106 3.7.1. Configuration 106 3.7.2. Debug logging 107 3.8 Security settings on web console 107 3.8.1 Enabling HTTPS 108 3.8.2 Session timeout 111 3.9. Configuring proxy settings 112 How can I set proxy server for the product 112 3.10. External Scanners And Post Actions 113 External Scanners 113 Post Actions 116 3.11. Yara rule sources 118 4. Process files with MetaDefender Core 120 Process Files via REST API 120 Process Files via Web Interface 121 Choose what to process and how 121 Start processing 122 Progress of scanning 122 5. Data Sanitization 123 6. Operating MetaDefender Core 124 6.1. Dashboard 124 Overview page 124 Scan history 125 Quarantine 125 Update history 125 6.2. Inventory Management 126 Certificates 126 Nodes 129 Skip by hash 131 Technologies 133 6.3. Regular Maintenance 141 Checking for Upgrades 141 Checking Engines / Databases Health 141 6.4 Import/Export configuration 141 Export 142 Import 142 Note 142 7. MetaDefender Core Developer Guide 143 How to Interact with MetaDdefender Core using REST 143 File scan process 143 7.2. MetaDefender API Code Samples 143 7.1. MetaDefender API 144 7.3. Deployment automation support 318 Installation 318 Initialization 319 Configuration 323 8. Advanced MetaDefender Deployment 324 8.1. Scripted license management 324 Requirements 324 Activation steps 324 Deactivation steps 326 Important notes 327 8.2. Multi-node deployment 327 Setting up several Metadefender Core nodes 327 8.3. Using external load-balancer 330 8.3.1. HTTP(S) - Layer 7 load balancing 331 8.3.2. DNS load balancing 333 8.4. Cloud Deployment 336 8.4.1. AWS Deployment 336 9. Troubleshooting MetaDefender Core 357 Installation issues 357 Issues with nodes 357 Where are the Metadefender Core logs located? 357 How can I create a support package? 357 Issues under high load 357 How to Create Support Package? 358 Creating the package on Linux 358 Creating the package on Windows 358 Content of the created package 359 How to Read the Metadefender Core Log? 359 Files 359 Format 359 Severity levels of log entries 360 Inaccessible Management Console 360 How to detect 360 Solution 360 Possible Issues on Nodes 361 Q. Node detected 3rd party product on system 361 Q. There is no scan node connected 361 Too Many Sockets or Files Open 362 How to detect 362 Solution 362 Too Many TIME_WAIT Socket 363 How to detect 363 Solution 363 Technical Insights 364 10. Release notes 365 10.1. Archived release notes 365 Version v4.14.1 365 Version v4.14.0 366 Version v4.13.2 366 Version v4.13.1 366 Version v4.13.0 366 Version v4.12.2 367 Version v4.12.1 367 Version v4.12.0 367 Version v4.11.3 368 Version v4.11.2 368 Version v4.11.1 369 Version v4.11.0 369 Version v4.10.2 369 Version v4.10.1 370 Version v4.10.0 370 Version 4.9.1 371 Version 4.9.0 371 Version 4.8.2 372 Version 4.8.1 372 Version 4.7.2 374 Version 4.7.1 374 Version 4.6.3 375 Version 4.6.2 375 Version 4.6.1 375 Version 4.6.0 376 Version 4.5.1 377 Version 4.5.0 377 Version 4.4.1 377 Version 4.3.0 378 Version 4.2.0 379 Version 4.1.0 380 Version 4.0.1 380 Version 4.0.0 380 11. Metadefender / Client 382 About This Guide 382 Key Features of MetaDefender Client 382 Supported Operating Systems 382 1. MetaDefender Client Packages 383 MetaDefender Free Client 383 MetaDefender Premium Client 383 2. MetaDefender Premium Client 384 2.1 Install using the Install Wizard 384 2.2 Install using the Command Line 386 2.3 Using the MetaDefender Premium Client 387 2.4 Configuring through the config file 402 2.5 Configuring through Central Management 409 3. MetaDefender Free Client 414 4. Command Line Interface 414 Example: 414 Command Line Options 414 4.1 Generating and using the Administrator Password 418 5. MetaDefender Client Release Notes 420 Tips and Known Issues 420 5.1. Archived MetaDefender Client Release Notes 421 12. Legal 436 Copyright 436 DISCLAIMER OF WARRANTY 436 COPYRIGHT NOTICE 436 Export Classification EAR99 436 13. Knowledge Base Articles 437 Are MetaDefender Core v4 upgrades free? 438 Are there any dependencies that need to be fulfilled for MetaDefender Core v4 engines ? 439 Does Metadefender Core v4 offer real-time antivirus protection on the system where it is installed? 439 Does MetaDefender Core v4 Detect the NotPetya Ransomware? 440 Does the fixing updates for Meltdown and Spectre vulnerabilities affect any engines in MetaDefender Core v4? 442 External scanners in MetaDefender core v4.8.0 and above 443 How can I configure the maximum queue size in Metadefender Core v4 ? 445 How can I find a sanitized file scanned with MetaDefender Core v4? 446 How can I increase the scaling up performance? 447 How can I upgrade from Core v4.7.0/v4.7.1 to a newer Core v4.7 release 449 How can the TEMP folder be changed? 450 How do I collect verbose debug packages on MetaDefender Core v4 for Linux? 451 How do I deploy MetaDefender Core v4 to an offline Linux environment? 452 Installing MetaDefender Core 452 Activate your license 453 Installing the MetaDefender Update Downloader utility 454 Applying offline updates 456 Contacting OPSWAT Support 457 How do I deploy MetaDefender Core v4 to an offline Windows environment? 457 Installing MetaDefender Core 458 Activate your license 458 Installing the MetaDefender Update Downloader utility 459 Applying offline updates 461 Contacting OPSWAT Support 462 How do I disable real-time protection of my anti-malware software if it is not allowed by corporate policy for use with MetaDefender Core v4? 462 How do I remove an engine from my MetaDefender v4 instance? 464 How do I use MetaDefender Core v4 Workflows ? 464 Defining and administering Workflow Templates in MetaDefender Core v4 465 How long is the support life cycle for a specific version/release of MetaDefender Core v4? 466 How to install MSE on Windows Server 2012 R2 and Windows Server 2016 468 MSE on Windows Server 2012 R2 468 MSE on Windows Server 2016 472 How to transfer your Metadefender Core v4 scan history database 479 Is action needed because Metadefender v4's AVG license is expiring on 2018-06-15? 479 What do I need to do? 480 What if I don't take action by June 15, 2018? 480 Why is the license for AVG expiring? 480 What if I need more assistance from OPSWAT on this topic? 480 Is Metadefender Core compromised while scanning files? 481 Is there a virus test I could use to test MetaDefender Core v4? 481 MetaDefender Core v4 shows a large number of files that failed to scan. What can I do? 481 Post actions in MetaDefender core V4.8.0 and above 483 Queue mechanism on Metadefender Core v4 485 Queue mechanism in general 485 Queue size for requests 485 Limit of concurrent connections 485 Max file size allowed 486 Using MetaDefender core V4 BLACKLIST/WHITELIST feature 486 Using filetype groups VS. MIME-types VS file extensions 486 Using Regular Expressions 486 Advanced usage 487 What are Security Policies and how do I use them? 487 Understanding Security Policies 487 What features of MetaDefender Core version 3 are available in version 4 ? 489 What file types are supported by DLP engine? 492 What is Data Loss Prevention (DLP)? 492 Meta Data Check (Only): 493 File Conversion and Parse: 493 What file types can be verified by MetaDefender v4? 495 What links, target-services or target host-IP's need to be allowed for MetaDefender Core v4? 742 What operating system patches should be applied to the system hosting MetaDefender Core? 743 What should I do if an engine is in "failed" or "permanently_failed" status? 743 What temporary folder do Custom Engines use ? 744 Where can I submit false positives detected by MetaDefender Core v4? 744 Which are the supported archive formats for MetaDefender Core v4? 747 Why don't I see the Data Sanitization engine in MetaDefender Core v4? 748 Why should I upgrade my MetaDefender Core v4? 748 About This Guide Welcome to the Metadefender v4 guide.