Configure OPSWAT
OPSWAT (MetaDefender Core) provides advanced malware detection capabilities by scanning files with multiple anti-malware engines simultaneously. OPSWAT is disabled by default. As an administrator, you can enable and configure OPSWAT on the endpoint servers.
Note: You need to deploy the following OPSWAT app rules from Live services to log decoder for successful configuration of OPSWAT on endpoint servers:
- opswat reported infected
- opswat reported suspicious
- process with opswat reported suspicious
- process with opswat reported infected
IMPORTANT: Ensure that OPSWAT is configured in all endpoint servers and the configuration parameters are consistent across all endpoint servers.
To enable and configure OPSWAT:
-
Go to (Admin) > Services.
-
In the Services view, select the Endpoint Server service.
-
Click and select View > Config.
-
Click the 3rd Party Scan tab.
-
Select Enable OPSWAT Scan.
-
Enter the URL.
-
Click Save Configure.