teward001 Posted July 14, 2015 Report Share Posted July 14, 2015 Hello. We want to use Immunet + ClamAV to scan files actively. However, we have a clamd server, and ideally we want to handle scans, updating the signatures, etc. Is there any way to configure Immunet+ClamAV to actually use the clamd server, or do we have to run clamd locally and keep it updated to make this work? Link to comment Share on other sites More sharing options...
millard@immunet.com Posted July 14, 2015 Report Share Posted July 14, 2015 I'm not sure I understand. Clamd runs on Linux and OSX only, doesn't it? Immunet runs on Windows and we use ClamAV as another engine in the drivers that monitor the file I/O. Those drivers are with pickup the activity and then sent to the cloud and clam engines. Link to comment Share on other sites More sharing options...
teward001 Posted July 14, 2015 Author Report Share Posted July 14, 2015 I'm not sure I understand. Clamd runs on Linux and OSX only, doesn't it? Immunet runs on Windows and we use ClamAV as another engine in the drivers that monitor the file I/O. Those drivers are with pickup the activity and then sent to the cloud and clam engines. The environment here is restrictive - that is to say that we can't utilize the Cloud due to the restrictive environment of the network (firewall, etc.), and since we want to have more than one system with Immunet+ClamAV on it and not have to download the clam databases regularly on each system, we have a clamd server that we'd like the system to send files to for scanning, and then act based on that for on-access, etc. scans. Initially a program was being written internally to handle this, but we'd rather have a Live Protect like feature as Immunet can provide. I'm not sure it's even possible to achieve this, though, to configure the clamav instance that Immunet can use to send data to clamd first, and then wait for its response. I was asked to ask this, so forgive me if I can only provide limited data. Link to comment Share on other sites More sharing options...
millard@immunet.com Posted July 14, 2015 Report Share Posted July 14, 2015 Immunet is made for consumers and assumes that you have cloud connectivity. Cisco's Advanced Malware Protection is what enterprises use and there are special considerations for restricted environments like having their own Private Cloud and distributing definitions from that cloud: http://www.cisco.com/c/en/us/products/security/advanced-malware-protection/index.html Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.