Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2438
Views
5
Helpful
2
Replies

clamav

Go to solution
Jernej Vodopivec
Level 4
Level 4

‎11-21-2016 06:37 AM

Hi,

there were some info about the way how clamav is updated on ESA 10. But this is the first time I heard clamav is running on ESA.

Does anyone know what clamav is used for on ESA? Email scanning? Scanning system files? Something else?

Regrads,

Jernej

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee

‎11-21-2016 07:48 AM

Hi Jerneg,

Cisco Advanced Malware Protection (AMP) includes a version of libclamav library.

ClamAV acts as a pre-classification engine for the AMP feature and reviews the attachments in the emails to determine if the file needs to be uploaded to the file analysis cloud server.

Async OS 10.0 for the ESA added feature - Improved AMP Reporting/Updateable ClamAV.

Prior to Async OS 10 AMP and ClamAV were not updateable from the cloud server. We now have command "ampstatus".

Thanks
Libin Varghese

View solution in original post

2 Replies 2

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee

‎11-21-2016 07:48 AM

Hi Jerneg,

Cisco Advanced Malware Protection (AMP) includes a version of libclamav library.

ClamAV acts as a pre-classification engine for the AMP feature and reviews the attachments in the emails to determine if the file needs to be uploaded to the file analysis cloud server.

Async OS 10.0 for the ESA added feature - Improved AMP Reporting/Updateable ClamAV.

Prior to Async OS 10 AMP and ClamAV were not updateable from the cloud server. We now have command "ampstatus".

Thanks
Libin Varghese

Go to solution
Jernej Vodopivec
Level 4
Level 4
In response to Libin Varghese

‎11-21-2016 08:31 PM

Hi Libin, thank you for explanation.

0 Helpful
Customers Also Viewed These Support Documents