FlexNet Manager Suite
2021 R1
(On-Premises)
You may prefer to use an anti-virus tool of your own choice for scanning documents
that operators upload to
FlexNet Manager Suite. A suitable tool meets these
requirements:
- It can be triggered at any time, for a specific file, to support on-demand
scanning
- A document scan is efficiently fast, so that uploads to FlexNet Manager Suite do not become unusably delayed by the process
- Its output of results can be trapped by the calling PowerShell integration
script, where the values can be converted to those expected by the web application server.
Clearly, with the variety of anti-virus tools and the variability of your
environment, it is not possible here to give detailed configuration instructions.
This task requires a good understanding of your preferred anti-virus tool (command
line, outputs, and file location) and skills in PowerShell scripting, and so may
require a specialist from your IT team to assist. The following is a high-level
summary of the main points to attend to.
To integrate your chosen anti-virus tool with FlexNet Manager Suite:
-
In the downloaded installation/upgrade media for FlexNet Manager Suite,
locate and install the sample PowerShell integration script for
customization.
This is available as
<installationMedia>/Support/Filescanner_Sample.ps1.
The file includes some comments to guide your editing. For example, the
ScanFile function must be customized to identify your
anti-virus tool in the
$exePath variable, and you may need to
update the resulting output when malicious content is found. You will notice
that the integration script is capable of outputting the following values, each
of which results in the associated text being displayed in the
web interface of
FlexNet Manager Suite for the operator attempting the
document upload:
| PowerShell exit code |
UI text displayed |
| 0 |
The following file(s) have been uploaded:
filename
|
| 102 |
Antivirus scanning has quarantined this file as malicious. If you
think this is a mistake, please contact your IT department for
analysis, or contact Flexera Support.
This text is displayed in a large red block.
|
| 103 |
File upload is blocked. Security file scanning is turned on, but
the antivirus software is not found. Please contact your IT
department.
This text indicates that there is an error in your
configuration, such as a mismatch between the PowerShell
script name/location and the registry key to identify it; or
a failure of the PowerShell script to find your anti-virus
tool.
|
| 104 |
Security scanning of this file timed out. Please try to upload
the file again later or contact your IT department.
The PowerShell script sets a default timeout of 60 seconds.
You may need to adjust this value. A timeout prevents the
web interface becoming unresponsive if the
system is busy, or multiple security scans are queued
up.
|
-
Save your edited PowerShell integration script in the file location of your
choice, and optionally sign the file to prevent unauthorized changes.
The ideal location for this file has permissions tightly restricted to reduce
access to the file. In addition, it is recommended best practice to sign the
file (with either a certificate from a certification authority, or a self-signed
certificate with a strong private key password), and to ensure that the
appropriate execution policy has been set for PowerShell on the web application server.
When this customization is complete, there are two registry
settings required on the web application server to enable the connection between
FlexNet Manager Suite and the PowerShell integration script, and to change the
default (no file scanning) to enable scanning of uploaded files. For details of these
settings, see Turning on Document Scanning.
FlexNet Manager Suite (On-Premises)
2021 R1