The following Commvault are Threat Scan advanced requirements for software-managed deployments and SaaS deployments.
Networking Requirements
-
At a minimum, you must open port 8403 both ways on your firewall between the Threat Scan server and the CommServe server and MediaAgent. For all other standard networking requirements, see Port Requirements for Commvault .
-
Advanced network settings can be used to isolate the Threat Scan server. Using Commvault network topologies, you can configure different network ports as well as tunnel communication between the Threat Scan server, CommServe server, and MediaAgent, in order to create an isolated scanning server. For more information, see Network Topologies.
Update Avira Signatures
Threat Scan automatically updates malware signature definitions on the Threat Scan server every 24 hours.
-
To allow updates, open outbound port 443 from the Threat Scan server to the following URL: https://oem.avira-update.com/update.
-
To use a proxy server for signature updates, see Configuring a Proxy Server to Perform Virus Definition Updates.
Antivirus Exclusions
If an antivirus product is active on the scanning/index server, it is recommended that you follow general Commvault antivirus exclusion recommendations. For more information, see the following:
At a minimum, the antivirus product must exclude the following processes and directories:
-
Processes
-
CvFileScan.exe
-
CvDistributor.exe
-
CLRestore.exe
-
-
Directories
-
<CVInstallDir>/iDataAgent/jobResults/CV_JobResults/
Where:
- <CVInstallDir> is the actual installation path.
-