Configuring NetBackup NextGen Malware Scanner
NetBackup 11.1 and later now provides support for malware scanning using the NetBackup NextGen Malware Scanner.
Prerequisites
Ensure that is installed and available in the system PATH.
For Windows systems, you can download the utility from the following link:
https://eternallybored.org/misc/wget/
Configuring NetBackup NextGen Malware Scanner for Windows
- Download the NetBackup NextGen Malware Scanner from Veritas Download Center.
- Extract the downloaded zip files. Extracted files must have the following structure:
NBNextGenMalwareScanner_version_number Readme.txt NBNextGenMalwareScanner_version_number_AMD64 savapi-sdk-win64.zip setup.bat - Refer to the
Readme.txtfile for install, upgrade or uninstall processes.To install or upgrade the NetBackup NextGen Malware Scanner on a Windows computer:
Navigate to the
NBNextGenMalwareScanner_version_number_AMD64folder and run thesetup.batfile as an administrator user, this is required to register DLL.Enter the target location to install the NetBackup NextGen Malware Scanner.
Note:
If NetBackup NextGen Malware Scanner is already installed, then
setup.batoverwrites the existing binary files.
To uninstall the NetBackup Malware Scanner from a Windows computer:
Run the
cleanup.batfile.
- To validate that the scan works with NetBackup NextGen Malware Scanner on a Windows setup, perform the following:
Navigate to the NetBackup NextGen Malware Scanner installed path and run
sophos_updateto get the latest signature update.Run sophos_scan_cmd.exe command with the required parameters.
For example,
sophos_scan_cmd.exe -i ./ide -d ./vdl <sample file path>
Ensure that the output of the command is successful:
For existing sample malware files, the output must be a list of infected files.
Otherwise, the output must be empty.
Configuring NetBackup NextGen Malware Scanner for Linux
- Download the NetBackup NextGen Malware Scanner from Veritas Download Center.
- Extract the downloaded zip files. Extracted files must have the following structure:
NBNextGenMalwareScanner_version_number_LinuxR_x86 savapi-sdk-linux64.zip setup.sh cleanup.sh NBNextGenMalwareScanner_version_number_LinuxS_x86 savapi-sdk-linux64.zip setup.sh cleanup.shWarning:
The setup.sh script modifies the
.bashrcfile on Linux. - Refer to the
Readme.txtfile for install, upgrade, or uninstall processes.To install or upgrade NetBackup NextGen Malware Scanner on a Linux RHEL computer:
Navigate to the
NBNextGenMalwareScanner_version_number_LinuxR_x86folder and run the setup.sh script using the scanuser (name of the user used for scanning).Enter the target location to install the NetBackup NextGen Malware Scanner.
To install or upgrade NetBackup NextGen Malware Scanner on a Linux SUSE computer:
Navigate to the
NBNextGenMalwareScanner_version_number_LinuxS_x86folder and run the setup.sh script using scanuser (name of the user used for scanning).Enter the target location to install the NetBackup NextGen Malware Scanner.
Note:
For Linux SUSE computers, if the
.bashrcfile is not present, create an empty.bashrcfile in the user's home directory.The path of the scanner directory (
/bin) is added to the.bashrcfile of the Linux user installing the NetBackup NextGen Malware Scanner.To uninstall NetBackup NextGen Malware Scanner from a Linux computer:
Run the cleanup.sh script.
- To validate that the scan works with the NetBackup NextGen Malware Scanner on a Linux setup, perform the following:
Navigate to the NetBackup NextGen Malware Scanner installed path and run
sophos_updateto get the latest signature update.Run sophos_scan_cmd.exe command with the required parameters.
For example,
./sophos_scan_cmd -i ./ide -d ./vdl <sample file path>Ensure that the output of the command is successful:
For existing sample malware files, the output must be a list of infected files.
Otherwise, the output must be empty.
Note:
When using a NetBackup Client as the scan host, configure the environment variable for the NetBackup Client processes. One option is to add the following entry to the bp.conf file for the non-root user:
NB_NEXTGEN_MALWARE_SCANNER_PATH = <sophos installed path>/sophos-sdk-linux64/bin
Although this is a supported method, it is not mandatory for malware scan execution.
Ensure that the environment variable is configured persistently so that it remains available after an operating system reboot. If the setting is not persistent, malware scanning operations may fail following a restart.
After updating the environment variable, restart the NetBackup Client services on the scan host for the changes to take effect.