2.10. VM Anti-Virus


2.10.1. Overview

VM Anti-Virus is a service that protects VMs against virus contagion and threats.

2.10.2. Features

The following features are available for VM Anti-Virus.
Feature Overview
Real-Time Scan Monitors the types of file access, such as write or read, generated inside the VM and scans viruses.
Scheduled Scan Scans for viruses on schedule in files existing on the VM (including files that are not in use).
Actions Executes the specified processes when viruses are detected.
Scan Exception Specifies exceptions to virus scan.
Automatic Security Update Periodically checks pattern file updates and performs updates.

2.10.2.1. Real-Time Scan

This feature is only for Windows.
You can specify the following items in Real-Time Scan.
Item Overview
Directoriesand Filesto scan   Selects directoriesand files for file access scan.
Directories Selectable from “All directories”or “Directory list”
Files Selectable from “All files”, “File Types Recommended by TrendMicro”, or “File extension list”
Schedule

Selectable from “24 hours a day, every day”or “Custom Schedule”.

If “Custom Schedule” is selected, the weekly scheduled time is specified.

Actions Please refer to section 2.10.2.3.Actions.
Scan Exceptions Please refer to section 2.10.2.4.Scan Exception.

2.10.2.2. Scheduled Scan

You can specify the following items in Scheduled Scan.
Item Overview
Directoriesand Filesto scan   You can select directoriesand files for file access scan.
Directories Selectable from “All directories” or “Directory list”
Files Selectable from “All files”, “File Types Recommended by TrendMicro”, or “File extension list”
Schedule

You can specify the intervalthe scheduled scan runs from “Daily” “Weekly” or “Monthly”, and time.

Daily: Specifies either “Every Day”, “Weekdays”, or “Every X Days”.

Weekly: Specifies either “Every Yday of the week” or “Yday of every XWeeks”.

Monthly: Specifies either “The Xthof each month” or “The XthYday of each month”.

You can select the time slot except for 0:01-0:59 in your local time, which you can specify in application.

Actions Please refer to section 2.10.2.3Actions.
Scan Exceptions Please refer to section 2.10.2.4Scan Exception.

Notes: Xs represent numbers and Ydays represent days of the week in the table above.

2.10.2.3. Actions

You can set the processing method for the case where files that are infected by viruses are detected.
You can select from “Recommended Setting” or “Custom Setting.”
Item Overview
Recommended Setting The virus processing method recommended by the developers and distributors of the devices making up the VM Anti-Virus feature.
Custom Setting The first process (primary process) when viruses are detected is specified from “Delete,” “Clean,” “Pass,” “Deny access” and “Quarantine.”

Recommended Setting
The “Recommended Setting” processing method might be modified based on day-to-day operation and the information concerning the handling method is not disclosed.
Custom Setting
You can select one of the following actions as the first process of virus scan in Custom setting.
Action The first process
Delete
Windows: Moves the backup data of the infected file to a quarantined directory on a VM, and DELETEs the original file.
Linux : DELETEs the infected file.
Clean CLEANs virus from the infected file and restores the file.
Pass Only logs virus detection and PASSes the infected file as it is.
Deny access
This action is available only in Real-Time Scan.
Windows: Immediately blocks file access such as write or read when the access to the infected file is detected.
Linux : Not applicable to Linux because Linux OS doesn’t support Real-time scan.
Quarantine
Windows: Performs the same action as “Delete”.
Linux : Moves the backup data of the infected file to a quarantined directory on a VM, and DELETEs the original file.

2.10.2.4. Scan Exception

You can specify directories, files and extensions. You can specify files that will not be scanned for viruses.

2.10.2.5. Automatic Security Update

Automatic Security Update checks for pattern file update information on NTT Com Group’s administration server and update pattern files automatically when necessary.
You can specify schedule by one of the following parameters.
Items Overview
Hourly You can specify “X minutes after the hour” every hour.
Daily You can specify “Every day”, “Weekdays” or “Every X days”, and time.
Weekly You can specify “Every Yday of the week” or “Yday of every X weeks”, and time.
Monthly You can specify “The Xth of each month” or “The Xth Yday of each month”, and time.

Note: Xs represent numbers and Ydays represent days of the week in the table above.

2.10.3. Restrictions

Restrictions relating to OS and resources

  • The following table shows the system requirements of software agent. Availability of service provisioning also depends on supported OS of Enterprise Cloud itself and kernel version of Linux OS. You should ask NTT Com Group regarding availability.
Items Requirements
Memory size Minimum Value: 512 MB
Disk size Minimum Value: 1GB
OS Windows Windows 8 (64bit)
Windows server 2012 (64bit)
Windows 7 (64bit)
Windows server 2008 R2 (64bit)
Windows Server 2008 (64bit)
Windows Vista (64bit)
Windows Server 2003 SP1 (64bit) with patch “Windows Server 2003 Scalable Networking Pack”
Windows XP (64bit)
Linux Red Hat 5 (64bit)
Red Hat 6 (64bit)
CentOS 5 (64bit)
CentOS 6 (64bit)
SuSE 10 (64bit)
SuSE 11 (64bit)

Restrictions relating to agent installation

  • You are responsible for the installation of agents to their VMs.
  • You cannot use other antivirus software together with this service. Make sure to uninstall other antivirus software before using this service.
  • Do not upload agents by mounting ISO image files or CD/DVD drives, when uploading it to the VMs.
Restrictions relating to network configuration

  • When the target VM is in a segment which is not directly connected to the vFW/INA, an additional server segment is required to directly connect the vFW/INA and the VM.
Other restrictions

  • You are responsible for activation confirmation (constant monitoring) of agents.
  • Please set IPv6 to ON or OFF correctly when using VM Anti-Virus.
  • Please use a VM without this service installed for Create Template feature of Private Catalog menu. If a template is created from a VM where the agent is installed or installation and activation is completed, when a VM is replicated from that template, this service will no longer be available for the newly replicated VM and the VM used for creating that template. The same applies when used for image backup.
  • The following files are not targeted for Virus Scan.
    • Password-protected files
    • Files compressed with unsupported format
    • Corrupted files
    • Encrypted files
    • Files compressed six (6) times or more
    • Decompressed file size is 10MB or greater (Real-time scan default value)
    • Decompressed file size is 30MB or greater (Scheduled/Manual scan default value)
  • Directory and file inside network drive cannot be set as the targets of virus scans.
  • We recommend that you do not target directories or files for virus scan that have a high write frequency, such as databases and Active Directories. If you target them for virus scan, the server performance will be reduced.
  • VM Anti-Virus does not guarantee that the provided VM Anti-Virus feature has integrity or accuracy, or is suitable for your use. Furthermore, the suitability of the pattern files provided by the developers or distributors of the software that makes up the VM Anti-Virus feature is not guaranteed.
  • The following information might be provided to the developers or distributors of the devices making up the VM Anti-Virus feature.
    • Configuration information obtained from providing VM Anti-Virus
    • Information obtained from VM Anti-Virus
  • We cannot guarantee recovery from failures that might occur due to incompatibility between VM Anti-Virus and your environment, or failures that occur due to your operations other than those specified by NTT Com group.