From Solution perspective--
connect with Anti Virus Experts- Way to scan an attachment using Some Command Line?
May be Same commandline will be used in Some Run Process Command, $PROCESS$ and control the Attachment insertion in Remedy?
But the Big Picture here is why only remedy - Scanning should be done at enterprise level? Let say i have an Infected Attachment on My Laptop and i connected my Laptop to Company N/W . Now virus can spread on multiple machines. So now security is compromised .
So from where your requirement is coming?
4 of 4 people found this helpful
There is a feature available to allow you to send attachments to a plugin for scanning which would do what you want. It was officially introduced in 8.x but I think it was also backported to 7.6.04 SP5 - check if you have an Attachment Security tab on the Server Information form.
You will need to create a plugin to interface to you AV solution though.
2 of 2 people found this helpful
I have the following details to determine whether the Virus scan is running or not.
For example, if Norton AntiVirus is running on the client, then allow attachments to be entered and viewed. To determine if Norton AntiVirus is running:
You could have an active link run these actions:
-> Create a Run Process Action:
$PROCESS$ cmd /c winmsd /categories +SWEnvRunningTasks /report C:\Temp\report.txt
-> Perform a Set Field action. From the Fields selection at the bottom of the Active Link dialog window, select the field you want to set. From the Value selection right below, enter the following string:
$PROCESS$ cmd /c type C:\Temp\report.txt find /C "rtvscan.exe"
This will set this field with the number 1 if the Norton Antivirus service is running.
Requirement is to check whether there is an Anti vrius running on the device.
You can try what you said in some work flow.
Please let us know once you achieve this.
1 of 1 people found this helpful
We are testing Symantec's Protection Engine which runs on it's own servers.
We can pass an attachment file to it and it will pass back a simple clean or dirty signal.
Still in the Design phase, but it looks very promising.
3 of 3 people found this helpful
We are in the process of finalizing what we are calling "Server Side Virus Scanning" of all Remedy Attachments on a 9.1 Remedy Server:
These are the fundamental steps:
1. Obtain "server based" virus scanning software from your preferred vendor. We are using the Symantec Protection Engine (SPE).
2. Install the software on a server accessible by your Remedy server.
(As I understand it this can also be a Cloud Based Server as long as your Remedy servers can access it and you aren't worried about
sending your attachment files into the Cloud for scanning)
3. Make sure the scanning server is configured to auto update with the latest virus information.
4. Review the API requirements for passing a file to the engine and generate a callable routine that accepts the file and returns the response from SPE.
We use a simple windows command file that calls the engine: ssecls -server IPADDRESS:PORT -log D:\Temp\spe.log -mode scan %1
where %1 is the name and location of the file to be scanned.
5. Acquire, install and configure a Remedy plugin that will call the routine on your Remedy Server(s)
We are using LJ LongWing's APLAttachmentValidationPlugin.jar (Thanks LJ!)
configured as follows:
<pathelement type="location">D:/Program Files/BMC
<errorText>Files Infected = 1</errorText>
<warningText>Files Scan Error = 1</warningText>
(NOTE 1: The call will automatically append the Filename to the virusprogram.)
6. Configure your Remedy Admin Console Attachment Security Tab with the name of your plugin:
7. Restart Services as necessary.
Your result will look like this IF a virus is present upon ant attempted save :
If no virus is present the save will just occur with no indication that the file is virus free.
(NOTE 2: You can go to eicar.org and get a test string from there. This can be pasted in to a text file for testing. It cannot be modified in any way)
So you got it working then?
1 of 1 people found this helpful
Oh yes...it works great!