Run Clam Antivirus Software
Each RSA Authentication Manager instance includes Clam Antivirus (ClamAV) software. ClamAV is an open-source software toolkit that is intended to reduce the risk of intrusion or malicious system or data access. Apply software updates to ClamAV only as part of RSA-delivered updates. You are responsible for updating antivirus definition files and running ClamAV in order to scan any Authentication Manager instance for known malware.
Before you begin
- This procedure assumes a knowledge of Linux commands.
- For the operating system account User ID rsaadmin, obtain the operating system password.
- To access the operating system with a secure shell (SSH) client, you must enable SSH. You can also access the operating system on a virtual appliance in the VMware vSphere client, the Nutanix Prism Central, the Hyper-V System Center Virtual Machine Manager Console,or the Hyper-V Manager.For more information on using SSH, see Enable SSH on the Appliance.
Procedure
- Log on to the appliance with the User ID rsaadmin and the current operating system password:
- On a hardware appliance, an Amazon Web Services appliance, an Azure appliance, or a GCP appliance, log on to the appliance using an SSH client.
- On a VMware virtual appliance, log on to the appliance using an SSH client, or the VMware vSphere client.
- On a Nutanix virtual appliance, log on to the appliance using an SSH client, or the Nutanix Prism Central.
- On a Hyper-V virtual appliance, log on to the appliance using an SSH client, the Hyper-V System Center Virtual Machine Manager Console, or the Hyper-V Manager.
- Update the antivirus definition files. Choose one of the following procedures:
- If the AM instance has access to the Internet, you can automatically download and apply the latest antivirus definition files. Type the following command:
sudo /usr/bin/freshclam
If the AM instance does not have access to the Internet, manually download the main.cvd, daily.cvd, and bytecode.cvd antivirus definition files from the ClamAV web site: http://www.clamav.net/
Copy the files into the /var/lib/clamav/ directory on the instance.
- If the AM instance has access to the Internet, you can automatically download and apply the latest antivirus definition files. Type the following command:
- To scan files and directories for viruses manually, type the following line:
- Check the scan results in /var/log/clamav.log.
sudo clamscan -r / --exclude-dir=/proc --exclude-dir=/sys --exclude-dir=/opt/rsa/am/rsapgdata --follow-dir-symlinks=0 --follow-file-symlinks=0 --log=/var/log/clamav.log
To schedule automatic virus scans, create a cron job that runs the same command.
Note: RSA does not recommend manually creating cron jobs on the Authentication Manager appliance, unless you are advised to do so. Cron jobs may be removed or altered when you upgrade Authentication Manager. If you create any custom cron jobs, you should back up and restore them after the upgrade.
Related Articles
Run a Report Job Number of Views How to disable Ping Internet Control Message Protocol (ICMP) reply on RSA Authentication Manager 8.1 Number of Views RSA Identity Governance & Lifecycle 7.0.x provisioning termination rule is not creating a change request to disable the ma… Number of Views Configure a Web-Tier Self-Service Console Logon Banner on Windows Number of Views DSA-2019-129: RSA Identity Governance and Lifecycle Security Update for SUSE Linux Enterprise Server Vulnerabilities Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Release Notes for RSA Authentication Manager 8.8 Deploying RSA Authenticator 6.2.2 for Windows Using DISM Downloading RSA Authentication Manager license files or RSA Software token seed records
