In Metadefender Core 4.x, workflows are defined slightly differently than they are in Metadefender Core (formerly Metascan) 3.x. Using the workflows via the APIs, and through all of the Metadefender components is the same, but the way the workflows are defined is different. In this post, we will go through how to define workflows in Metadefender Core 4.x.
All Metadefender Core workflows are defined in the "Policies" section of the Metadefender Core Management Console. Within this section, there are three configuration pages.
Security zones define the different categories of sources that can be used for assigning the different security rules. By default, the "All" security zone, which covers all scanning traffic, is included with the Metadefender Core installation.
You can define new security zones for different Metadefender Core sources.
You can use analysis workflows to define how Metadefender Core handles files. You can include these templates when defining security rules in Metadefender Core. By default, the "Default", "Skip Images", and "Executables only" workflows are included. You cannot edit or remove these default workflows, but you can define additional workflows.
You can define and add new workflows to the list of available workflows.
You can edit a workflow by clicking on the workflow in the list. The Modify workflow window appears. Workflow configuration options fall into five categories, each with its own tab in the edit dialog.
In the General tab, you can add or edit the workflow name and description.
In the Archive tab, you can specify how Metadefender Core processes archives. This includes the options for whether archives should be extracted, and if so, to what depth and whether the original archive should also be scanned by Metadefender Core.
On the Blacklist tab, you can specify whether certain files should be blocked, either by the detected file type or by the filename.
On the Scan tab, you can define how files should be scanned, including what files should be skipped as well as such settings as scan timeouts and how to handle scan failures.
Security rules include the security zone that defines what scanning traffic should have that workflow applied, and the user agent that should be handled by the security rule. The File scanand File scan without archive security rules are included by default.
You can create new rules and assign them to specific security zones and user agents. As part of the creation process, you can select the workflow from which the configuration settings should be inherited.
You can override individual configuration settings inherited from the workflow in the Modify rule window. To change the settings, click the lock icon to unlock the setting, which then makes the field editable.
If you have any questions about these instructions, please contact our Customer Success Team.
This article applies to Metadefender Core product.
This article was last updated on 2016-09-20.