Run Clam Antivirus Software
Each RSA Authentication Manager instance includes Clam Antivirus (ClamAV) software. ClamAV is an open-source software toolkit that is intended to reduce the risk of intrusion or malicious system or data access. Apply software updates to ClamAV only as part of RSA-delivered updates. You are responsible for updating antivirus definition files and running ClamAV in order to scan any Authentication Manager instance for known malware.
Before you begin
- This procedure assumes a knowledge of Linux commands.
- For the operating system account User ID rsaadmin, obtain the operating system password.
- To access the operating system with a secure shell (SSH) client, you must enable SSH. You can also access the operating system on a virtual appliance in the VMware vSphere client, the Nutanix Prism Central, the Hyper-V System Center Virtual Machine Manager Console,or the Hyper-V Manager.For more information on using SSH, see Enable SSH on the Appliance.
Procedure
- Log on to the appliance with the User ID rsaadmin and the current operating system password:
- On a hardware appliance, an Amazon Web Services appliance, an Azure appliance, or a GCP appliance, log on to the appliance using an SSH client.
- On a VMware virtual appliance, log on to the appliance using an SSH client, or the VMware vSphere client.
- On a Nutanix virtual appliance, log on to the appliance using an SSH client, or the Nutanix Prism Central.
- On a Hyper-V virtual appliance, log on to the appliance using an SSH client, the Hyper-V System Center Virtual Machine Manager Console, or the Hyper-V Manager.
- Update the antivirus definition files. Choose one of the following procedures:
- If the AM instance has access to the Internet, you can automatically download and apply the latest antivirus definition files. Type the following command:
sudo /usr/bin/freshclam
If the AM instance does not have access to the Internet, manually download the main.cvd, daily.cvd, and bytecode.cvd antivirus definition files from the ClamAV web site: http://www.clamav.net/
Copy the files into the /var/lib/clamav/ directory on the instance.
- If the AM instance has access to the Internet, you can automatically download and apply the latest antivirus definition files. Type the following command:
- To scan files and directories for viruses manually, type the following line:
- Check the scan results in /var/log/clamav.log.
sudo clamscan -r / --exclude-dir=/proc --exclude-dir=/sys --exclude-dir=/opt/rsa/am/rsapgdata --follow-dir-symlinks=0 --follow-file-symlinks=0 --log=/var/log/clamav.log
To schedule automatic virus scans, create a cron job that runs the same command.
Note: RSA does not recommend manually creating cron jobs on the Authentication Manager appliance, unless you are advised to do so. Cron jobs may be removed or altered when you upgrade Authentication Manager. If you create any custom cron jobs, you should back up and restore them after the upgrade.
Related Articles
Video Demonstration: Changing the Hostname and IP Address and Generating a Configuration File in Authentication Manager 8.… Number of Views SailPoint IdentityNow - SecurID Authentication Manager Configuration Number of Views Generate the Authentication Manager Configuration File Number of Views verify tool fails to validate keys with error 'KMS Server connection failed : Certificate unknown' Number of Views Hardware Appliance System Image Installation Number of Views
Trending Articles
RSA Authentication Manager Patch Updates RSA SecurID Software Token 4.1.2 and 4.2.1 for Mac OS X displays: No token storage device was detected. Verify that the de… How to manipulate imported RSA SecurID Software Token(s) on an iPhone or iPad device RSA SecurID software token .sdtid file fails to import into RSA SecurID Software Token 5.0 for Windows Configuring a Checkpoint firewall to work with SecurID
