Metadefender Core V4.16.3
Total Page:16
File Type:pdf, Size:1020Kb
MetaDefender Core v4.16.3 © 2019 OPSWAT, Inc. All rights reserved. OPSWAT®, MetadefenderTM and the OPSWAT logo are trademarks of OPSWAT, Inc. All other trademarks, trade names, service marks, service names, and images mentioned and/or used herein belong to their respective owners. Table of Contents About This Guide 12 Key Features of MetaDefender Core 13 1. Quick Start with MetaDefender Core 14 1.1. Installation 14 Operating system invariant initial steps 14 Basic setup 15 1.1.1. Configuration wizard 15 1.2. License Activation 20 1.3. Process Files with MetaDefender Core 20 2. Installing or Upgrading MetaDefender Core 21 2.1. System Requirements 21 System Requirements For Server 21 Browser Requirements for the Metadefender Core Management Console 25 2.2. Installing MetaDefender 26 Installation 26 Installation notes 26 2.2.1. Installing Metadefender Core using command line 27 2.2.2. Installing Metadefender Core using the Install Wizard 30 2.3. Upgrading MetaDefender Core 30 Upgrading from MetaDefender Core 3.x 30 Upgrading from MetaDefender Core 4.x 30 2.4. MetaDefender Core Licensing 30 2.4.1. Activating Metadefender Licenses 31 2.4.2. Checking Your Metadefender Core License 36 2.5. Performance and Load Estimation 37 What to know before reading the results: Some factors that affect performance 37 How test results are calculated 38 Test Reports 38 Performance Report - Multi-Scanning On Linux 38 Performance Report - Multi-Scanning On Windows 42 2.6. Special installation options 45 Use RAMDISK for the tempdirectory 45 3. Configuring MetaDefender Core 49 3.1. Management Console 49 3.1.1. Password Recovery 50 3.2. MetaDefender Configuration 57 3.2.1. Startup Core Configuration 58 3.2.2. Startup Node Configuration 62 3.2.3 Nginx related configuration (for API Rate Limiting) 68 3.3. User management 70 3.3.1. Users and groups 70 3.3.2. Roles 75 3.3.3. User directories 80 3.3.4. Active Directory attributes 87 3.3.5. Change user password 90 3.4. Update settings 91 Internet 92 Folder 93 Manual 93 3.5. Clean up scan database 94 Technology Note: 94 3.6. Policy configuration 94 3.6.1. How MetaDefender Core policies work 95 3.6.2. Workflow template configuration 95 3.6.3. Security zone configuration 109 3.6.4. Workflow rule configuration 110 3.6.5. Quarantine 115 3.7. Logging 123 3.7.1. Configuration 123 3.7.2 Log message format 124 3.7.3 Syslog message format 125 3.7.4 Error Message Description Table 129 3.8 Security settings on web console 170 3.8.1 Enabling HTTPS 170 3.8.2 Session timeout 174 3.8.3 Password Policy 175 3.9. Configuring proxy settings 176 How can I set proxy server for the product 176 3.10. External Scanners And Post Actions 177 External Scanners 177 Post Actions 180 3.11. Yara rule sources 182 3.12. Configuring mail settings 185 Server configuration 185 User authentication 186 4. Process files with MetaDefender Core 187 Process Files via REST API 187 Process Files via Web Interface 188 Choose what to process and how 188 Start processing 189 Progress of scanning 189 5. Deep CDR (Data Sanitization) 190 6. Proactive DLP 191 Detect and then block approach 191 Prevent and then allow approach 191 6.1 Detect sensitive information 191 Sensitive Data 191 Certainty score 192 Supported File Types 192 6.2 Redact sensitive information 194 Supported File Types 194 Supported Sensitive Information 194 To set redaction 194 6.3 Remove metadata 196 Supported File Types 196 To set remove metadata 196 6.4 Watermark images 197 Supported File Types 197 To set watermark 197 7. Operating MetaDefender Core 200 7.1. Dashboard 200 Overview page 200 Processing history 201 Quarantine 202 Update history 202 7.2. Inventory Management 203 Certificates 203 Modules 206 Nodes 215 Skip by hash 217 7.3. Regular Maintenance 219 Checking for Upgrades 219 Checking Engines / Databases Health 219 7.4 Import/Export configuration 220 Export 220 Import 220 Note 221 8. MetaDefender Core Developer Guide 222 How to Interact with MetaDefender Core using REST 222 File scan process 222 8.1. MetaDefender API 222 8.1.1. Sessions 223 8.1.2. Licensing 226 8.1.3. Processing files 230 8.1.4. Processing files in batch 253 8.1.5. Download Sanitized Files 265 8.1.6. Vulnerability Info In Processing Result 266 8.1.7. Skip by hash 270 8.1.8. Get version of components 275 8.1.9. Configuration related APIs 278 8.1.10. Yara 406 8.2. MetaDefender API Code Samples 413 9. Advanced MetaDefender Deployment 415 9.1. Scripted license management 415 Requirements 415 Activation steps 415 Deactivation steps 417 Important notes 418 9.2. Deployment automation support 418 Installation 419 Initialization 419 Configuration 423 9.3. Cloud Deployment 423 9.3.1. AWS Deployment 423 9.4. Multi-node deployment 444 Setting up several Metadefender Core nodes 444 9.5. Using external load-balancer 448 9.5.1. HTTP(S) - Layer 7 load balancing 448 9.5.2. DNS load balancing 451 10. Troubleshooting MetaDefender Core 454 Installation issues 454 Issues with nodes 454 Where are the Metadefender Core logs located? 454 How can I create a support package? 454 Issues under high load 454 Debug logging 455 How to Create Support Package? 455 Creating the package on Linux 455 Creating the package on Windows 456 Content of the created package 456 How to Read the Metadefender Core Log? 457 Files 457 Format 457 Severity levels of log entries 457 Inaccessible Management Console 458 How to detect 458 Solution 458 Possible Issues on Nodes 458 Q. Node detected 3rd party product on system 458 Q. There is no scan node connected 459 Too Many Sockets or Files Open 459 How to detect 459 Solution 460 Too Many TIME_WAIT Socket 461 How to detect 461 Solution 461 Technical Insights 462 11. Release notes 464 11.1 Archived release notes 465 Version v4.16.2 465 Version v4.16.1 465 Version v4.16.0 466 Version v4.15.2 467 Version v4.15.1 467 Version v4.15.0 468 Version v4.14.3 469 Version v4.14.2 470 Version v4.14.1 470 Version v4.14.0 470 Version v4.13.2 470 Version v4.13.1 471 Version v4.13.0 471 Version v4.12.2 472 Version v4.12.1 472 Version v4.12.0 472 Version v4.11.3 473 Version v4.11.2 473 Version v4.11.1 473 Version v4.11.0 474 Version v4.10.2 474 Version v4.10.1 474 Version v4.10.0 475 Version 4.9.1 476 Version 4.9.0 476 Version 4.8.2 477 Version 4.8.1 477 Version 4.7.2 478 Version 4.7.1 479 Version 4.6.3 479 Version 4.6.2 480 Version 4.6.1 480 Version 4.6.0 480 Version 4.5.1 481 Version 4.5.0 482 Version 4.4.1 482 Version 4.3.0 483 Version 4.2.0 484 Version 4.1.0 484 Version 4.0.1 485 Version 4.0.0 485 11.2 Proactive DLP Release Notes 486 v2.1.1 486 v2.1 486 v2.0.1 486 v2.0 486 v1.0.3 486 12. Legal 487 Copyright 487 DISCLAIMER OF WARRANTY 487 COPYRIGHT NOTICE 487 MetaDefender Export Classification 487 13. Knowledge Base Articles 489 Are MetaDefender Core v4 upgrades free? 490 Can I control access to the RAM disk in MetaDefender Core v4? 491 Do any of the MetaDefender Core v4 custom engines have OS compatibility limitations? 491 Does Metadefender Core v4 offer real-time antivirus protection on the system where it is installed? 491 Does MetaDefender Core v4 Detect the NotPetya Ransomware? 492 External scanners in MetaDefender core v4.8.0 and above 494 How can I configure the maximum queue size in Metadefender Core v4 ? 496 How can I find a sanitized file scanned with MetaDefender Core v4? 497 How can I increase the scaling up performance? 498 How can I run tests to see the different scan results on MetaDefender Core v4? 500 How can I upgrade from Core v4.7.0/v4.7.1 to a newer Core v4.7 release 501 How can the TEMP folder be changed? 503 How do I collect verbose debug packages on MetaDefender Core v4 for Linux? 504 How do I deploy MetaDefender Core v4 to an offline Linux environment? 505 Installing MetaDefender Core 506 Activate your license 506 Installing the MetaDefender Update Downloader utility 508 Applying offline updates 510 Contacting OPSWAT Support 510 How do I deploy MetaDefender Core v4 to an offline Windows environment? 511 Installing MetaDefender Core 511 Activate your license 512 Installing the MetaDefender Update Downloader utility 514 Applying offline updates 516 Contacting OPSWAT Support 517 How do I remove an engine from my MetaDefender v4 instance? 517 How do I use MetaDefender Core v4 Workflows ? 518 Defining and administering Workflow Templates in MetaDefender Core v4 518 How long is the support life cycle for a specific version/release of MetaDefender Core v4? 519 How to install MSE on Windows Server 2012 R2 and Windows Server 2016 522 MSE on Windows Server 2012 R2 522 MSE on Windows Server 2016 526 How to transfer your Metadefender Core v4 scan history database 532 Is Metadefender Core compromised while scanning files? 532 Is there a virus test I could use to test MetaDefender Core v4? 533 MetaDefender Core v4 shows a large number of files that failed to scan.