It is possible to block malware in Fabasoft Folio, which was found by an Antivirus software. Therefore, affected documents will be marked as infected and the current content is replaced (the primary content will not get lost). Additionally, these objects can no longer be opened or edited and the user receives a warning.
This feature can be used independently from any kind of Antivirus software but the output must be prepared in a certain structure.
The scan output must be provided in JSON format and must be structured as follows.
In the JSON, hash indicates the affected document name (without extension) found by the Antivirus software and detail contains the virus information.
Fabasoft Folio Configuration
The generated JSON file must be placed in the dedicated MMC area in a pre-defined directory called logscans and must have the name latest.json.
[root@foliofileserver MMCSVC1]# pwd
If the JSON file is placed in the logscans directory, the execution of COOSYSTEM@1.1:CheckVirusScans initializes/updates the attribute COOSYSTEM@1.1:objscaninfo based on the JSON input. All files in the CAS area of all versions referenced by objects in Fabasoft Folio are checked.
The execution can be accomplished by the AT service. Therefore, a new AT service task must be created and placed in a list of automated tasks.
The object is the current domain and the action is COOSYSTEM@1.1:CheckVirusScans.
In case of a virus, the objects in Fabasoft Folio, which reference this content are marked as infected and consequently cannot be edited or opened by the end user.
The infected document can be handled using the “Handle Infected Documents” context menu command.
This way the user can download, scan and clean the file with an own virus scanning software. The cleaned file can be uploaded again. If the file has been mistakenly classified as a potential threat, the warning can be removed. Alternatively, the document can be deleted.