fool TrendMicro Deep Security to look for a folder rather than entire server for On-Demand scan
Posted on 2014-08-26
Our environment's (early version 9) of Trend's Deep Security on-demand scan for Linux
can only scan the entire server and not selected folder/files only : this is what Trend
Micro support confirms to us in email & phone.
So if we trigger
/opt/ds-agent/dsa_control -m "AntiMalwareManualScan:true"
it will scan the entire server but this will take a while & chew quite some resources.
DeepSecurity console is not accessible to our tenants & our tenants have applications
which they used to call the above dsa_control command to scan on demand files
Is there any way that I could create a Linux soft link (say create a temporary soft link
/ root which points to only a folder say /var/tmp/avscan) combined with spawning a
shell so that it scans only a specific folder? Just a guess, don't have any idea how this
can be achieved
Or does anyone know if DS 9 (not the beta 9.5) could do selective folder or files'
on-demand scan? How is this done? From the DS manager console, I could specify
a specific folder/files but my cloud tenants can't access the DSM console to manually
activate the scan (ie on-demand scan)
Apps team wants that after users use an application to upload/publish files, the
application will then call a DS command to do a scan immediately after the upload