CYAN SECURE WEB HOWTO Anti Virus with Kaspersky Engine...Install Kaspersky support package 2. Supply...

CYAN SECURE WEB HOWTO

Anti Virus with Kaspersky Engine

Apr. 4, 2008

Applies to: SECURE WEB Version 1.4 and above

CYAN SECURE WEB HOWTO Anti Virus with Kaspersky Engine

Anti Virus with Kaspersky EngineThis document provides stepbystep instructions on how to install, activate and configure anti virus scanning in CYAN SECURE WEB using the Kaspersky anti virus engine.

Overview1. Install Kaspersky support package2. Supply the Kaspersky license file3. Initiate the update of the Kaspersky virus data files4. Configure automatic update of virus data files5. Enable virus scanning in SECURE WEB6. Test the virus scanner

Note: the various steps need to be performed with proper user permissions. The user is specified with each step as “Proceed as”. Depending on the Linux distribution used, the way to impersonate the proper account differes.

Debian

On Debian systems you either login as root, or login as a user and you change identity to root by executing

su

Ubuntu

On Ubuntu systems typically no root login is permitted. All system administration level tasks are executed by a user having the permission to do so, using the sudo command:

sudo aptget update

Redhat Enterprise Linux 5

On RHEL 5 systems you either login as root, or login as a user and change identity to root by executing:

su

© 2008 CYAN Networks Software GmbH 1


1. Install Kaspersky support packageProceed as: root

Install on Debian

To install the support package for Kaspersky, start by making sure that the CYAN repository is configured in your Debian system:

Test for the repository:

proxy:~# grep cyan /etc/apt/sources.listdeb http://deb.cyannetworks.com/ debian/etch stableproxy:~#

In case the repository is not configured yet execute the following command:

echo "deb http://deb.cyannetworks.com/ debian/etch stable" >> /etc/apt/sources.list

To update the software index execute

aptget update

Finally install the Kaspersky support package for CYAN SECURE WEB

aptget install cyansweb1.4vscankaspersky

Install on Ubuntu

To install the support package for Kaspersky, start by making sure that the CYAN repository is configured in your Ubuntu system:


proxy:~# grep cyan /etc/apt/sources.listdeb http://deb.cyannetworks.com/ ubuntu/feisty stableproxy:~#



In case the repository is not configured yet execute the following command:

echo "deb http://deb.cyannetworks.com/ ubuntu/feisty stable" >> /etc/apt/sources.list

To update the software index execute:

sudo aptget update

Finally install the Kaspersky support package for CYAN SECURE WEB:

sudo aptget install cyansweb1.4vscankaspersky

Install on Redhat Enterprise Linux 5

To install the support package for Kaspersky, start by making sure that the CYAN repository is configured in your Redhat system:


proxy:~# ls l /etc/yum.repos.d/cyan.reporwrr 1 root root 118 *date* *time* /etc/yum.repos.d/cyan.repoproxy:~#

In case the repository is not configured yet, execute the following command:

echo '[cyanyum] name=CYAN Networks Secure Webbaseurl=http://yum.cyannetworks.com/redhat5/stable/enabled=1gpgcheck=0' > /etc/yum.repos.d/cyan.repo

To update the software index execute:

yum update

Finally install the Kaspersky support package for CYAN SECURE WEB


http://yum.cyan-networks.com/redhat5/stable/


yum install cyansweb1.4vscankaspersky

Install on any Linux system using the generic installer

For SUSE linux enterprise, Debian, Ubuntu and Redhat enterprise:The Kaspersky antivirus should be installed by the generic installation of CYAN SECURE WEB.



2. Supply the Kaspersky license fileTo operate CYAN SECURE WEB with the Kaspersky anti virus engine, a valid license must be supplied with the installation. Please contact CYAN Networks (sales@cyannetworks.com) if you do not have such license file.

To supply the license file for CYAN SECURE WEB, enter the Web interface by entering the link in your browser:

https://<yourproxyserver>:9992/

Replace <yourproxyserver> by either the host name or the IP address of your proxy installation.

Change to ADMIN / LICENSE and you will see this picture:

Now enter the path of your kaspersky license (or search for it via the “Browse” button) and click on “Upload License”.


mailto:[email protected]


3. Initiate an update of the Kaspersky virus data filesProceed as: sweb

The installation of the Kaspersky support package includes a script for downloading and updating the virus pattern files. You can execute this script directly from the command line to trigger the initial download:

/opt/cyan/sweb/bin/keepup2date c /opt/cyan/sweb/data/kav_updater.conf

4. Configure automatic update of virus data filesProceed as: root

Virus data files should be kept up to date to maintain the security and reliability of the anti virus scanning. For this purpose we strongly recommend to schedule the automatic execution of the update script at least once a day.

The following command, executed as root, will install a crontab entry that executes the update script every night at 1:00

echo "0 1 * * * /opt/cyan/sweb/bin/keepup2date c /opt/cyan/sweb/data/kav_updater.conf" | crontab u sweb

Install on Ubuntu

Simply put sudo before the crontab command:

echo "0 1 * * * /opt/cyan/sweb/bin/keepup2date c /opt/cyan/sweb/data/kav_updater.conf" | sudo crontab u sweb

To retrieve the current crontab schedule proceed with the following command:

proxy:~# crontab u sweb l0 1 * * * /opt/cyan/sweb/bin/keepup2date c /opt/cyan/sweb/data/kav_updater.conf



5. Enable Virus scanning in SECURE WEBTo enable virus scanning in SECURE WEB you need to open the web administration interface. Use your web browser to connect to the URL

https://<yourproxyserver>:9992/

Replace <yourproxyserver> by either the host name or the IP address of your proxy installation.

In the menu SERVER / VIRUS SCAN / SETUP verify that virus scanning is enabled:

Work path: defines the path in which the download and scanning will be processed.

Quarantine path: infected files are moved into this directory for later investigation by the system administrator. All files within this directory may contain harmful viruses.

Note: paths in CYAN SECURE WEB can be specified in two ways, as a path relative to the installation directory – in this case the path begins with any letter or other character that may start a directory name – or as an absolute path, in which case the name must start with the character '/'.

Next, in the menu SERVER / VIRUS SCAN / ENGINE, select Kaspersky as the virus engine:



You now have to “Save” your selection.

You will be prompted to accept the END USER LICENCE AGREEMENT of the Kaspersky virus scan engine:

After accepting the Kaspersky EULA, you will find the following settings specifying the details for the scan engine:



Path to Kaspersky license: Enter the path to the location of the Kaspersky license file.Path to virus data (IDE): Enter the path to the location of the Kaspersky virus pattern files.

Note: do not forget to click the UPDATE button to notify SECURE WEB that it should reload the configuration.



6. Test virus scanningTo test your virus scan engine open for example:

http://www.eicar.org/anti_virus_test_file.htm

and download the file: eicar_com.zip.

If virus scanning is active and working properly, you should see a page indicating, that the file download was denied:


http://www.eicar.org/anti_virus_test_file.htm

CYAN SECURE WEB HOWTO Anti Virus with Kaspersky Engine...Install Kaspersky support package 2. Supply...

Documents

Transcript of CYAN SECURE WEB HOWTO Anti Virus with Kaspersky Engine...Install Kaspersky support package 2. Supply...