- 21 Mar 2022
- 1 Minute to read
Antivirus File Scanning
- Updated on 21 Mar 2022
- 1 Minute to read
Antivirus software is used to prevent malware from infecting files in the organization. CTERA Portal integrates with antivirus vendors through the ICAP protocol to ensure data protection.
To implement antivirus scanning of portal files, you require an antivirus license from CTERA Networks Ltd. Using portal subscription plans, you can activate or deactivate the antivirus feature for specific virtual portals.
When antivirus is activated, files are scanned for malware automatically and transparently, before they are downloaded from the portal. Background scanning checks for files that were not previously scanned, for example, when the antivirus was disabled or not running on a server. Background scanning scans the following:
- Files that were not previously scanned.
- Backup folders that are not passphrase protected.!
- Cloud drive folders.
If an infected file is found, the infected file is quarantined so that you can determine if any action is necessary. The file is replaced by a text file with the name file_name -infected.txt . where file_name is the original name of your file.
If a file called
file_name -infected.txt already exists, the new infected file is call
file_name -infected n .txt, where n is a 1, 2, 3, etc, denoting the additional number of times an infected file with this name has been quarantined.
The text file contains information, including how the infected file was uploaded to the portal:
A file was moved to quarantineFile name:
file_name Uploaded from device:
device_name Detected threat: detected_threat
A file was moved to quarantine
File name: file_name
Uploaded via portal's UI
Detected threat: detected_threat
For example, detected_threat could be
File is infected with Trojan32
Virtual portal administrators can view files that are quarantined by the antivirus servers, the Cloud Drive location and the user who downloaded the files.