HowTo Installation and Configuration of Avira AntiVir Server for Unix Avira Support June 2009
Content 1 Which environment can be protected by Avira AntiVir Server for Unix? ........................... 2 2 Installation.............................................................................................................................. 2 3 Recommended Basic Configuration ...................................................................................... 3 4 What can be configured additionally?................................................................................... 6 4.
1 Which environment can be protected by Avira AntiVir Server for Unix? - Local virus protection - Samba server - FTP Server - NFS Server - NSS Server - Web server - (In combination with Amavis) as Email scanner You only have to mount the corresponding shares with DazukoFS (or to configure the shares as include path in Dazuko 2) For the installation with Amavis, please, note the corresponding documentation of the Amavis projekt on http://www.amavis.org.
3 Recommended Basic Configuration # Amount of scanner daemons NumDaemons 3 # This produces the start of 3 daemons which are enough for a usual use. The amount can be increased in case of heavy load. But consider that you also need more free main storage! # Action in case of detection AlertAction quarantine # in case of a detection the file is moved to the quarantine directory and renamed. Therefore the file can’t be opened anymore by the user.
# Maximum compression rate ArchiveMaxRatio 150 # You should limit the compression rate of scanned archives to 150 in order to keep a good performance. # Maximum of files which should be scannend ArchiveMaxCount 0 # Limitation of the amount of files which should be scanned. Usually this is not necessary. # Notification level SuppressNotificationBelow scanner warning # Sends email notifications for the component “scanner” in case of an event “warning” and higher.
# HEUR-DBLEXT: The file has an executable file extension, but hides it behind a # harmless one. # JOKE: A harmless joke program is present as file. # PCK: File has been compressed with an unusual runtime compression tool. # Please make sure that this file comes from a trustworthy source. # PHISH: Faked emails that are supposed to prompt the victim to reveal # confidential information such as user accounts, passwords or # online-banking data on certain websites.
4 What can be configured additionally? 4.1 No Real Time Protection You ca use only the command line scanner without real time protection by setting the parameter 'OndemandMgmt yes' in the /etc/avguard.conf. In that case Dazuko or DazukoFS don’t have to be loaded. 4.2 Heavy Load in the System Depending on the load you can choose a value between 3 and 20 in the parameter NumDaemons. You should take into consideration the relation between the need ant the available main storage. 4.
5 Particularities - NSS Volumes The NSS starts very late using e.g. SLES. This causes a malfunction of the already mounted DafukoFS. Therefore it is necessary to adjust the run level, so that the concerned shares are mounted after the start of the NSS with DazukoFS. You find more detailed information bout the adjustment of the start order in the documentation of the operating system.
7 Update Configuration In order to keep your AntiVir installation up-to-date, two kinds of updates are set during the installation: Scanner update (only scanner & engine & VDF) Product update (Guard program files) You find the settings for the update after the installation in the following file: /etc/cron.d/avira_updater: 00 */2 * * * root /usr/lib/AntiVir/avupdate --product=Scanner 15 12 * * Tue root /usr/lib/AntiVir/avupdate --product=Guard 7.
7.4 Customers with Narrow Strip Connections (modem/ISDN) Example: 8 hour interval /etc/cron.d/avira_updater: * */8 * * * root /usr/lib/AntiVir/avupdate --product=Scanner 7.5 Internet Service Providers It is recommended for internet service providers to download the current signatures more frequently, e.g. every 15 minutes. Thereby you can make sure to use always the latest signatures /etc/cron.d/avira_updater: */15 * * * * root /usr/lib/AntiVir/avupdate --product=Scanner 7.