Integrating with Powertech Antivirus Server
Powertech Antivirus Server
Powertech Antivirus (PTAV) allows you to protect your AIX and Linux servers from the threats of viruses, worms, and malware using the industry-leading Trellix scanning engine.
Powertech Antivirus Server, also known as Powertech Antivirus for Fortra Application Hub, can be used to provide central management capabilities and includes a graphical, browser-based user interface to Powertech Antivirus on IBM i, Linux and Unix endpoints.
The status of IBM i, Linux and Unix endpoints on your network can be monitored and updated with the latest virus definitions directly from your browser using this hub, which can also be used to centrally provide DAT files to endpoints.
Updating DATs from Powertech Antivirus Server
Powertech Antivirus for IBM i can be configured to retrieve DAT updates from Powertech Antivirus Server. To do so, perform the following steps:
-
Powertech Antivirus Server configuration
-
Ensure that Powertech Antivirus Server is configured to download DAT updates from the external Trellix server.
-
Ensure that Powertech Antivirus Server is configured to provision DAT updates via HTTP. (This actually uses HTTPS.)
-
-
Communications configuration (firewalls)
-
Ensure that Powertech Antivirus Server can communicate with the external Trellix server via HTTPS over the default HTTPS port.
-
Ensure that the IBM i can communicate with the Powertech Antivirus Server via HTTPS over port 8023.
-
-
For Powertech Antivirus 8.00 through 8.08
-
Configure DAT updates to use transfer method *WGET.
-
Configure the "WGET string" parameter as follows:
https://<Powertech Antivirus server address>:8023/current --no-check-certificate
Notes:
Be sure to use two hyphens before "no-check-certificate".
-
-
Powertech Antivirus 8.09 or higher
-
Configure DAT updates to use transfer method *HTTP.
-
Configure the "WGET/HTTP string" parameter as follows:
https://<Powertech Antivirus server address>:8023/current
Note: If you configured Powertech Antivirus Server to use a port other than the default port 8023 to provision the DAT files over HTTP, specify that port in the URL instead of 8023.
-
You can use any of the following in the above parameters to indicate the address of the Powertech Antivirus Server:
-
The server's numerical IP address: for example; 10.1.2.3
-
The server's unqualified host name, if it is name-resolved on the IBM i: MYSERVER
-
The server's qualified host name, if it is name-resolved on the IBM i: MYSERVER.OURDOMAIN.COM
To test if a host name is name-resolved on the IBM i, you can use the PING command. The PING command does not need to receive a reply, but it will show whether the host name is resolved to a numerical IP address or not.
To additionally enable the Powertech Antivirus for IBM i to be centrally managed as an endpoint in Powertech Antivirus Server, the IBM i needs to be registered in Powertech Antivirus Server. For details, see the Registering IBM i Endpoints section in the Powertech Antivirus Server User Guide.
From Powertech Antivirus for IBM i version 8.10 onwards, the DAT update will be performed automatically on IBM i endpoints if they are registered on the Powertech Antivirus Server, as part of the central management functionality. There is no need to manually configure DAT updates on IBM i. Powertech Antivirus Server will initiate the DAT update from itself automatically on all endpoints, including IBM i endpoints. IBM i endpoints that were manually configured to be updated from Powertech Antivirus Server no longer need to initiate the DAT update themselves. The following command can be run to stop Powertech Antivirus for IBM i from initiating the DAT update itself:
STANDGUARD/AVCHGUPDA SCHEDULE(*NONE)
Central management
Powertech Antivirus for IBM i can be centrally managed from Powertech Antivirus Server provided that the IBM i is registered as an endpoint in the Server. See Registering IBM i endpoints in the Powertech Antivirus Server User Guide for more information.