Configuring the Recommended AV

FlexNet Manager Suite 2022 R1 (On-Premises)

Scanning uploaded documents requires that there is a suitable anti-virus tool installed on your web application server (or, in smaller implementations, the server providing that functionality).

Flexera recommends using the open source ClamAV anti-virus engine, because:
  • It supports on-demand document scanning, so that documents can be checked in real time as soon as an upload is requested
  • It has a high scanning speed, minimizing delays in document uploads
  • It is able to trigger suitable feedback to an operator through the web interface
  • A customized PowerShell script is provided as standard on your web application server (from version 2020 R2) to provide integration between FlexNet Manager Suite and ClamAV
  • As freeware, it is unlikely to break the budget.

PowerShell must be running on your web application server for use in the following procedure. The process includes downloading/installing ClamAV, downloading the virus signature databases, and setting up the PowerShell script to integrate ClamAV with FlexNet Manager Suite.

This procedure can only be carried out once the installation or upgrade of FlexNet Manager Suite to version 2020 R2 (or later) is completed.

To configure ClamAV on your web application server:

  1. Download the appropriate version of the software for your platform.
    For example, for a 64-bit Microsoft Windows server, navigate to https://www.clamav.net/downloads#otherversions.
  2. Expand the appropriate ClamAV web page section for your platform (for example, click Win64), and download all files for your platform.
  3. Use the ClamAV documentation to guide your installation process.
    For example, if you have downloaded the portable installation package for 64-bit Windows, navigate to https://www.clamav.net/documents/installing-clamav-on-windows, and scroll down to Install using the ClamAV Portable Install Package for details. (Notice that you may need to mentally adjust the instructions for the latest package number of the version you have downloaded.)
  4. Continue on in the same documentation page to Download the Signature Databases, downloading the large .cvd files to the appropriate folder.
    For Microsoft Windows, the default path is C:\Program Files\ClamAV\database. When the .cvd files have finished downloading, you may close the ClamAV web pages in your browser.
  5. In the downloaded installation/upgrade media for FlexNet Manager Suite, locate and install the PowerShell integration script.
    This is available as <installationMedia>/Support/Filescanner_ClamAV.ps1, and you may move it to any directory on your web application server where permissions are tightly restricted to prevent tampering with the file.
  6. Optionally (but recommended), sign the PowerShell script to prevent tampering.
    Signing the script requires either a certificate from a certification authority, or a self-signed certificate with a strong private key password; and also requires the appropriate execution policy has been set for PowerShell on the web application server. These matters are subject to control by your security team, who should complete this step for you. For an overview, see https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_signing?view=powershell-7.
  7. Set the registry key that identifies the path to this PowerShell integration script.
    For example, if you relocated the PowerShell script to the C:\ClamAV folder, set or create the following registry key (64-bit example shown):
    HKLM\Software\WOW6432Node\Flexera Software\FlexNet Manager 
Platform\Security\CurrentVersion\FileUploadScannerPath
    with the value
    C:\ClamAV\Filescanner_ClamAV.ps1
This completes the installation processes. You now need to continue in the registry on your web application server to turn on automatic document scanning (skip ahead to Turning on Document Scanning).

FlexNet Manager Suite (On-Premises)

2022 R1