2.10. VM Anti-Virus¶
2.10.2. Features¶
The following features are available for VM Anti-Virus.
| Feature | Overview |
| Real-Time Scan | Monitors the types of file access, such as write or read, generated inside the VM and scans viruses. |
| Scheduled Scan | Scans for viruses on schedule in files existing on the VM (including files that are not in use). |
| Actions | Executes the specified processes when viruses are detected. |
| Scan Exception | Specifies exceptions to virus scan. |
| Automatic Security Update | Periodically checks pattern file updates and performs updates. |
2.10.2.1. Real-Time Scan¶
This feature is only for Windows.
You can specify the following items in Real-Time Scan.
| Item | Overview | |
|---|---|---|
| Directoriesand Filesto scan | Selects directoriesand files for file access scan. | |
| Directories | Selectable from “All directories”or “Directory list” | |
| Files | Selectable from “All files”, “File Types Recommended by TrendMicro”, or “File extension list” | |
| Schedule | Selectable from “24 hours a day, every day”or “Custom Schedule”. If “Custom Schedule” is selected, the weekly scheduled time is specified. |
|
| Actions | Please refer to section 2.10.2.3.Actions. | |
| Scan Exceptions | Please refer to section 2.10.2.4.Scan Exception. | |
2.10.2.2. Scheduled Scan¶
You can specify the following items in Scheduled Scan.
| Item | Overview | |
|---|---|---|
| Directoriesand Filesto scan | You can select directoriesand files for file access scan. | |
| Directories | Selectable from “All directories” or “Directory list” | |
| Files | Selectable from “All files”, “File Types Recommended by TrendMicro”, or “File extension list” | |
| Schedule | You can specify the intervalthe scheduled scan runs from “Daily” “Weekly” or “Monthly”, and time. Daily: Specifies either “Every Day”, “Weekdays”, or “Every X Days”. Weekly: Specifies either “Every Yday of the week” or “Yday of every XWeeks”. Monthly: Specifies either “The Xthof each month” or “The XthYday of each month”. You can select the time slot except for 0:01-0:59 in your local time, which you can specify in application. |
|
| Actions | Please refer to section 2.10.2.3Actions. | |
| Scan Exceptions | Please refer to section 2.10.2.4Scan Exception. | |
Notes: Xs represent numbers and Ydays represent days of the week in the table above.
2.10.2.3. Actions¶
You can set the processing method for the case where files that are infected by viruses are detected.
You can select from “Recommended Setting” or “Custom Setting.”
| Item | Overview |
| Recommended Setting | The virus processing method recommended by the developers and distributors of the devices making up the VM Anti-Virus feature. |
| Custom Setting | The first process (primary process) when viruses are detected is specified from “Delete,” “Clean,” “Pass,” “Deny access” and “Quarantine.” |
The “Recommended Setting” processing method might be modified based on day-to-day operation and the information concerning the handling method is not disclosed.
You can select one of the following actions as the first process of virus scan in Custom setting.
| Action | The first process |
| Delete | Windows: Moves the backup data of the infected file to a quarantined directory on a VM, and DELETEs the original file.
Linux : DELETEs the infected file.
|
| Clean | CLEANs virus from the infected file and restores the file. |
| Pass | Only logs virus detection and PASSes the infected file as it is. |
| Deny access | This action is available only in Real-Time Scan.
Windows: Immediately blocks file access such as write or read when the access to the infected file is detected.
Linux : Not applicable to Linux because Linux OS doesn’t support Real-time scan.
|
| Quarantine | Windows: Performs the same action as “Delete”.
Linux : Moves the backup data of the infected file to a quarantined directory on a VM, and DELETEs the original file.
|
2.10.2.4. Scan Exception¶
You can specify directories, files and extensions. You can specify files that will not be scanned for viruses.
2.10.2.5. Automatic Security Update¶
Automatic Security Update checks for pattern file update information on NTT Com Group’s administration server and update pattern files automatically when necessary.
You can specify schedule by one of the following parameters.
| Items | Overview |
| Hourly | You can specify “X minutes after the hour” every hour. |
| Daily | You can specify “Every day”, “Weekdays” or “Every X days”, and time. |
| Weekly | You can specify “Every Yday of the week” or “Yday of every X weeks”, and time. |
| Monthly | You can specify “The Xth of each month” or “The Xth Yday of each month”, and time. |
Note: Xs represent numbers and Ydays represent days of the week in the table above.
2.10.3. Restrictions¶
Restrictions relating to OS and resources- The following table shows the system requirements of software agent. Availability of service provisioning also depends on supported OS of Enterprise Cloud itself and kernel version of Linux OS. You should ask NTT Com Group regarding availability.
| Items | Requirements | |
|---|---|---|
| Memory size | Minimum Value: 512 MB | |
| Disk size | Minimum Value: 1GB | |
| OS | Windows | Windows 8 (64bit) |
| Windows server 2012 (64bit) | ||
| Windows 7 (64bit) | ||
| Windows server 2008 R2 (64bit) | ||
| Windows Server 2008 (64bit) | ||
| Windows Vista (64bit) | ||
| Windows Server 2003 SP1 (64bit) with patch “Windows Server 2003 Scalable Networking Pack” | ||
| Windows XP (64bit) | ||
| Linux | Red Hat 5 (64bit) | |
| Red Hat 6 (64bit) | ||
| CentOS 5 (64bit) | ||
| CentOS 6 (64bit) | ||
| SuSE 10 (64bit) | ||
| SuSE 11 (64bit) | ||
- You are responsible for the installation of agents to their VMs.
- You cannot use other antivirus software together with this service. Make sure to uninstall other antivirus software before using this service.
- Do not upload agents by mounting ISO image files or CD/DVD drives, when uploading it to the VMs.
- When the target VM is in a segment which is not directly connected to the vFW/INA, an additional server segment is required to directly connect the vFW/INA and the VM.
- You are responsible for activation confirmation (constant monitoring) of agents.
- Please set IPv6 to ON or OFF correctly when using VM Anti-Virus.
- Please use a VM without this service installed for Create Template feature of Private Catalog menu. If a template is created from a VM where the agent is installed or installation and activation is completed, when a VM is replicated from that template, this service will no longer be available for the newly replicated VM and the VM used for creating that template. The same applies when used for image backup.
- The following files are not targeted for Virus Scan.
- Password-protected files
- Files compressed with unsupported format
- Corrupted files
- Encrypted files
- Files compressed six (6) times or more
- Decompressed file size is 10MB or greater (Real-time scan default value)
- Decompressed file size is 30MB or greater (Scheduled/Manual scan default value)
- Directory and file inside network drive cannot be set as the targets of virus scans.
- We recommend that you do not target directories or files for virus scan that have a high write frequency, such as databases and Active Directories. If you target them for virus scan, the server performance will be reduced.
- VM Anti-Virus does not guarantee that the provided VM Anti-Virus feature has integrity or accuracy, or is suitable for your use. Furthermore, the suitability of the pattern files provided by the developers or distributors of the software that makes up the VM Anti-Virus feature is not guaranteed.
- The following information might be provided to the developers or distributors of the devices making up the VM Anti-Virus feature.
- Configuration information obtained from providing VM Anti-Virus
- Information obtained from VM Anti-Virus
- We cannot guarantee recovery from failures that might occur due to incompatibility between VM Anti-Virus and your environment, or failures that occur due to your operations other than those specified by NTT Com group.