Installation guide for VMware-based antivirus

To support VMware-based antivirus, the first thing to do is share the /media/multiscanner folder on your server with virtual machines and the system’s server, using the NFS protocol. To do that, follow the instructions below.

 

Setting Up The NFS Server

To set up the NFS server, go through the instructions below, step by step:

 

1- Install the “nfs-kernel-server” package:

sudo apt-get update

sudo apt-get install nfs-kernel-server

 

2- Provide the required access for the folder: 

sudo chown nobody:nogroup /media/multiscanner

 

3- Open "/etc/exports" and add the following phrase to its end (replace "avs_subnet" with the subnet address of virtual machines (like 192.168.1.0/24) that are containing the antivirus):

/media/multiscanner avs_subnet(rw,sync,no_root_squash,no_subtree_check

 

4- Finally, reset the “nfs-kernel-server” service:

sudo systemctl restart nfs-kernel-server

 

Setting up the NFS Client

In the next step, NFS Client Service has to be installed and set up on virtual machines of all the VMware-based antivirus for these virtual machines to have access to the test file location. To do so, follow the following instructions:

  1. Go to Control Panel and then, to Programs
  2. Select "Turn Windows features on or off".
  3. Check the "Services for NFS" option.
  4. Click on "Ok".
  5. Open regedit software. Go to HKEY_LOCAL_MACHINE, and then to the SOFTWARE sub-section.
  6. Create two value of DWORD (32-bit) in the following path and then, name them AnonymousUid and AnonymousGid and then equate them with zero:

Microsoft\ClientForNFS\CurrentVersion\Default 

 

  1. Reset the server for the changes to be applied.
  2. Mount the folder that is shared by NFS, directly to the system by using the following command (replace 192.168.10.10 with your system’s IP server):

mount -o anon nolock \\192.168.10.10\media\multiscanner Z:\

 

Antivirus General Settings

The following settings should be applied to all of the antivirus

  1. The Real-Time Protection feature has to be disabled in all of the antiviruses.
  2. On all of the virtual machines that the antivirus is installed on, the “42423” port should be accessible through the firewall (from the system’s server source).
  3. The Wrapper software of the associated antivirus has to be run on all of the virtual machines. Every antivirus has its specific Wrapper that has to be running all the time. So, it is recommended to add it to the Windows Startup for it to automatically run if the virtual machines are turned off for any reason and turned on again.

 

Antivirus Specific Settings

In the final section of this document, specific settings for each antivirus are presented.

 

Kaspersky Specific Settings

The path that this antivirus is installed on has to be added to the "Environment Variables".

 

Windows Defender Specific Settings

This antivirus is installed on Windows 10 by default. So, the only thing you have to do to support this antivirus is install it on a virtual machine and run the Wrapper software on that.

 

Avira Specific Settings

For Avira antivirus to run properly, the following configurations are necessary:

  1. In the Wrapper software of this antivirus, turn the "filescan.avp" file Read-Only.
  2. Connect this antivirus’s NFS server with admin access (as Avira has to be run with admin access, and by doing so, it only has access to paths that are connected with admin access).
  3. Run the Wrapper software as administrator on this antivirus.

 

Can't find an answer? Are you looking for a specific article that is in the General Questions section? Just browse through the various related folders and categories and then you will find the article you are looking for.
Home Cyberno
Copyright © Cyberno Inc. All rights reserved.