1 Reply Latest reply on Aug 17, 2015 11:43 AM by Jon Scholten

    How to check for viruses on files being uploaded from web site

    alan4038


      We have a public web site that allows users to upload PDF and image file formats (JPG, GIF, TIF, PNG).  We need a way to check the files for viruses.

       

      This is a low volume site, only about 10 files being uploaded per hour on average.

       

      Application is J2EE running in WebSphere and running on AIX servers.

       

      It sounds like there are two main approaches:

       

      1) Identify the threat before the file lands on AIX server in data center.

      2) Detect the thread after it is uploaded on AIX server.

       

      No matter what, we want to identify the threat immediately and reject the file immediately.

       

      Does ICAP protocol with McAffee Web Gateway allow threats to be detected while being downloaded?  Is there a reference architecture for how this works with existing Web And App Servers?

       

      We think that we want McAfee running on Windows to detect the threat.  Does McAfee software have a service that can be called from java code running on AIX to detect a thread in a file?

       

      Thanks,

      Alan

        • 1. Re: How to check for viruses on files being uploaded from web site
          Jon Scholten

          Hi Alan!

           

          MWG has been using ICAP forever, so we know plenty about ICAP.

           

          In this case though, I could see MWG act as a ICAP server and a reverse proxy. With ICAP, the files could be sent over and checked when they are uploaded (the AIX would be the ICAP client). Acting as a reverse proxy MWG could scan each download by users from the AIX server.

           

          Thinking about it further, the MWG could simply be a reverse proxy and scan both uploads and downloads. This would eliminate the need for creating a special java ICAP client tool. I have had customers using MWGs as a reverse proxy to protect their WebSpheres in the past.

           

          Best Regards,
          Jon