Manualshelf

Installation manual

ManualsBrandsESET ManualsPrint & ScanGATEWAY SECURITY - FOR LINUX BSD AND SOLARIS
21222324252627282930
21
To enable this technique, the parameter lo_partscan_enabled is entered in the [http]
section of the ESETS conguration le. This will cause large objects to be scanned for inltrations
during transfer in predened intervals, while the data which has already been scanned is sent
to an awaiting end-point such as a client or server. This method ensures that no inltrations are
passed to the computer whose user agent has requested the large infected object, because each
portion of the sent data is already veried to be safe.
It has been proven that in common circumstances where the speed of the gateway's local
network connection is higher than the speed of the gateway connection to the Internet, the total
processing time of a large object transfer using the ‘partial scan’ technique is approximately the
same as when the standard ‘deferred scan method is used.
5.5. ESETS plug-in lter for SafeSquid Proxy Cache
In previous sections we described the integration of ESET Gateway Security with HTTP
and FTP services using esets_http and esets_ftp. The methods described are applicable
for the most common user agents, including the well known content ltering internet proxy
SafeSquid (http://www.safesquid.com). However, ESET Gateway Security also oers an alternative
method of protecting Gateway services, using the esets_ss.so module.
5.5.1. Operation principle
The esets_ss.so module is a plug-in to access all objects processed by the SafeSquid proxy
cache. Once the plug-in accesses the object, it is scanned for inltrations using the ESETS daemon.
If the object is infected, SafeSquid blocks the appropriate resource and sends the predened
template page instead. The esets_ss.so module is supported by SafeSquid Advanced version
4.0.4.2 and later.
5.5.2. Installation and conguration
To integrate the module, you must create links from the SafeSquid modules directory to
the appropriate installation locations of the ESET Gateway Security package. In the following
examples, it is assumed that SafeSquid is installed on a Linux OS in the ‘/opt/safesquid‘
directory.
If SafeSquid 4.2 or later is installed, enter the following commands:
mkdir/opt/safesquid/modules
ln-s@LIBDIR@/ss/esets_ss.so/opt/safesquid/modules/esets_ss.so
ln-s@LIBDIR@/ss/esets_ss.xml/opt/safesquid/modules/esets_ss.xml
If an earlier version is installed, enter the following commands:
mkdir/opt/safesquid/modules
ln-s@LIBDIR@/ss/esets_ss.so/opt/safesquid/modules/esets_ss.gcc295.so
ln-s@LIBDIR@/ss/esets_ss.xml/opt/safesquid/modules/esets_ss.xml
/etc/init.d/safesquidrestart
To complete the SafeSquid plug-in installation, rst logon to the SafeSquid Web Administration
Interface. Select the Cong menu from the main interface page and browse Select a Section to
Congure until you nd ESET Gateway Security. Click Submit and create the antivirus prole
for the ESET Gateway Security section by clicking the Add button at the bottom. Dene the
below parameters within the list that appears and click Submit. Remember to save the Safesquid
chapter 5 Integration with Internet Gateway services