The Scanning server is a virtual machine with a special status and with special software for processing scanning requests from other VMs installed.
For detailed information concerning the installation and the initial configuration of the Scanning server, refer to Dr.Web Enterprise Security Suite Installation Manual, Installing Dr.Web Scanning Server.
|
Dr.Web Scanning server can be installed only on Linux-based OSs and FreeBSD.
A Scanning server and the virtual machines it serves with Dr.Web Agent installed must be located within the same hypervisor.
|
|
Connecting stations to the Scanning server is available only if it is permitted by the terms of your license.
|
To connect a station to the Scanning server
1.Select the Anti-virus Network item ( icon) in the main menu of the Control center.
2.In the anti-virus network tree select a station ( or if the station is turned off) or group of stations ( icon) to be connected to the Scanning server ( icon). Stations connected to the Scanning server are depicted on the tree as nested items.
3.In the Configuration section select Virtual agent.
4.Select Use Scanning server and specify the address of the Scanning server in the Scanning server address field.
|
For one Virtual agent only one address of the Scanning server can be specified.
If you do not have to specify a particular address, use the default setting udp://18008, and the Scanning server will be detected automatically irrespective of whether it has an IPv4 or IPv6 address.
|
The address can be specified in one of the following formats:
•tcp://<IP address>:<port> (IPv4 and IPv6 addresses are allowed; IPv6 addresses must be specified in square brackets, e.g. tcp://[fd15:4ba5:5a2b:1008:edc8:733e:1dd7:789c]:7777);
•udp://:<port> (only the protocol and the port for Dr.Web Agents to search the Scanning server are specified in this format);
•srv://service@<domain>(the address and the port are defined by searching the SRV record of the <domain> DNS; if the domain is not specified, it will be taken from the search or domain field in the DNS settings, depending on which of them is the last in the configuration file).
5.Click the Save button.
Permissions
The following permissions are available to users of Unix-like OS stations:
•run Scanning server,
•stop Scanning server,
•change Scanning server configuration.
By default, only the permission to run the Scanning server is granted.
The set of granted permissions can be changed by the administrator of the anti-virus network if necessary. For detailed information about permissions refer to the Permissions of Station Users section.
Additional settings
You can specify additional settings on the Scanning server as well on the UNIX stations connected to it in the drweb.ini configuration file ([MeshD] section). You can edit the drweb.ini file via the Control center (select UNIX → Dr.Web Agent → Configuration in the station settings menu ).
The detailed description of these settings is given in the table below.
|
For stations running on Windows you can specify the Scanning server address only. All the other settings described in the table are not supported.
|
Parameter
|
Description
|
LogLevel
{logging level}
|
The level of detail for logs. The parameter can have one of the following values:
•DEBUG—the most detailed logging level. All messages and debug information are registered.
•INFO—all messages are registered.
•NOTICE—all error messages, warnings, and notifications are registered.
•WARNING—all error messages and warnings are registered.
•ERROR—only error messages are registered.
Default value: Notice
|
Log
{logging method}
|
Logging method. The parameter can have one of the following values:
•Stderr[:ShowTimestamp]—messages are displayed in the stderr standard error stream.
•Auto—messages for logging are sent to the Dr.Web ConfigD configuration daemon, which saves them to one location according to its configuration.
•Syslog[:<facility>]—messages are transmitted to the syslog system logging service.
•Additional option <facility> is used to specify a level at which syslog registers messages. The following values are possible:
▫DAEMON—messages of daemons.
▫USER—messages of user processes.
▫MAIL—messages of mail programs.
▫LOCAL0—messages of local processes 0.
…
▫LOCAL7—messages of local processes 7.
▫<path>—messages are to be saved directly to the specified log.
Default value: Auto
|
IdleTimeLimit
{time interval}
|
Maximum idle time for the Scanning server/Virtual agent. When the specified time period expires, the Scanning server/Virtual agent shuts down.
The parameter can be set both for the Scanning server and the Virtual agent.
If the None value is set, the Virtual agent/Scanning server will operate eternally, the SIGTERM signal will not be sent to it in case of inactivity.
Minimal—10s.
Default value: 30s
|
DebugSsh
{boolean}
|
Indicates whether it is necessary to log SSH events on the station if LogLevel is set to Debug.
Default value: No
|
ListenAddress
{<IP address>:<port>}
|
The network socket (address and port) on which the Scanning server awaits the connections from client stations.
The parameter can be specified for the Scanning server only.
The parameter must be specified so that the Scanning server listens on IPv6 and detects Virtual agents via IPv6.
IPv6 address must be specified in square brackets.
If the value of this parameter is specified as an empty string, the Scanning server stops operating.
To set the value of this parameter to ' ' (i.e. an empty string) you must simultaneously have the permissions to change the configuration of the Scanning server and to stop it
|
DnsResolverConfPath
{path}
|
Path to the configuration file of the domain name resolution subsystem (DNS resolver).
The parameter is specified for the Virtual agent in case an SRV record is used as the address of the Scanning server.
Default value: /etc/resolv.conf
|
DiscoveryResponderPort
{port}
|
The port on which the Scanning server responds to requests of the clients via the UDP protocol.
Default value: 18008
|
EngineChannel
{On | Off}
|
Enable or disable an option that allows the server to provide Scanning Engine services.
The parameter can be specified for the Scanning server only.
Default value: On
To set the value of this parameter to Off, you must simultaneously have the permissions to change the configuration of the Scanning server and to stop it
|
EngineUplink
{address}
|
The address of the Scanning server (specified in the same format as via the Control center).
The parameter can be specified for the Virtual agent only.
Default value: Not set
|
EngineDebugIpc
{boolean}
|
Log the scanning service debug information if LogLevel is set to Debug.
Default value: No
|
UrlChannel
{On | Off}
|
Enable or disable an option that allows the server to provide URL check services.
Default values: On
To set the value of this parameter to Off, you must simultaneously have the permissions to change the configuration of the Scanning server and to stop it
|
UrlUplink
{address}
|
The address of a higher host used for checking URLs.
The parameter can be specified for the Virtual agent only.
Default value: Not set
|
UrlDebugIpc
{boolean}
|
Log the URL check debug information if LogLevel is set to Debug.
Default value: No
|
|
For more detailed information on configuring the Scanning server and Virtual agents see Dr.Web for UNIX Administrator Manuals, the Dr.Web MeshD section.
|
|