Integration with Virtual Desktop Infrastructure

Dr.Web Enterprise Security Suite supports integration with virtual desktop infrastructure (VDI). This is useful when working with thin clients capable of running in terminal mode via the RDP protocol.

In this case, the anti-virus network is organized in the following way:

1.An anti-virus network administrator creates a reference virtual workstation with pre-installed software and Dr.Web Agent and connects it to Dr.Web Server.

2.Required virtual workstations are cloned from the created reference station.

3.After a specified period, the virtual workstations are removed. In future, they are created once again from the reference station, if necessary.

To prepare the anti-virus network for integration with VDI

1.Select the Anti-virus Network item in the main menu of the Control Center and create a new station, which will be the reference station.

2.Install Dr.Web Agent along with all necessary software on the station you created. Connect the station to Dr.Web Server.

3.Appoint a virtual machine the Scanning Server and install the necessary software on it. You can create several Scanning Servers in your anti-virus network if necessary.

4.In the setting of the stations specify that they should use the Scanning Server. Specify for the stations the address of the Scanning Server to connect to.

5.In the same section of the Control Center, create a new group that will contain all future virtual workstations.

6.Set up the virtual workstation registration procedure. To do that, proceed to the Administration → User hooks section. Add a new hook based on the Newbie connects to Dr.Web Server event. In the Hook text field, type in:

local args = ... -- args.id, args.address, args.station

if args.id == '<reference_station_id>' then

 return { "id", dwcore.get_uuid(), "pgroup", "<primary_group_id>" }

end

Specify ID of the reference station you created at step 1 as <reference_station_id>. Specify ID of the group you created at step 5 as <primary_group_id>. This information is always available in the Anti-virus Network object properties.

During the cloning, each new virtual workstation will get an ID matching the ID of the reference station. According to the hook above, upon connecting to Dr.Web Server the station gets a newly generated UUID. After that, the station is registered in a primary group that has the specified ID.

When creating the hook, it is recommended that you check with the pre-built Newbie connects to Dr.Web Server hook template. Select Examples of the hooks → Newbies → Newbie connects to Dr.Web Server in the hook tree of the Control Center to see the details, including possible alternative parameters and returned values.

Scheduled removal of inactive virtual workstations

To allocate the available licenses efficiently and prevent accumulation of information about removed virtual workstations in the database, make sure to set up a task to automatically remove any inactive workstations. The inactive workstations here should be understood as the stations that have not connected to Dr.Web Server within a specified period.

To create a task for automatic removal of inactive stations

1.In the Control Center, proceed to the Administration → Dr.Web Server Task Scheduler section.

2.Create a new task by clicking the icon-schedule-add Create task button on the toolbar.

3.On the Action tab, select Execute script in the drop down list. After that, either import from a separate file or type in the following Lua script to the field below:

local adminName = 'admin'

-- specify the group ID

local gid       = '<primary_group_id>'

-- set the inactivity period (in seconds)

local interval  = 86400

 

require('st-db-state')

require('core/datetime')

require('core/admins/admins')

local lastseen = Datetime.timeUnixstampToDBFormat(Datetime.nowTimestamp() - interval)

local stations = {}

-- run the database query

local res, err1 = DBuilder()

   :select('id, lastseenat')

   :from('stations')

   :where('gid', gid)

   :where('lastseenat '..dwcore.base64_decode('PA=='), lastseen)

   :where('state !=', st_db_state.st_db_state_logged_in)

   :get()

if res and next(res) then

 for i = 1, #res do

   table.insert(stations, res[i][1])

 end

end

-- remove inactive workstations

local function delete_stations(ids)

 local admin, err    = Admin:initWithLogin(adminName)

 require 'core/admins/admins'

 require('core/stations/stations')

 local status, results_stations = Stations:delete(ids, admin)

 return ''

end

return delete_stations(stations)

For <primary_group_id> specify ID of the group you created at step 5 of preparation for integration with VDI.

The script above accesses the database, gets ID of the stations that have not connected to Dr.Web Server within the last 24 hours (86400 seconds) and removes such stations from the group that has the specified ID.

info

It is recommended that you update the reference workstation every time after any anti-virus component updates, which requires the operating system restart. After the update, make sure to check and change the reference workstation ID in the hook text, if necessary.