Updating Virus Definitions
To ensure that you have the most up-to-date virus definition files available, update them frequently. Virus definitions are generally updated twice each day. If you are updating from a CD or the Internet, you must prepare your virus definition sources before updating for the first time. You can then update definitions in real-time or schedule a one-time or recurring update for later.
To view the most recent update, select 49. Display Last Update Time from the Antivirus Definitions and Refresh menu (STRAV> 21). The date appears together with the precise update time and file definition file details.
| AVDFN Antivirus Definitions and Refresh RLDEV Definitions Refresh Virus Definitions .............................................................................. : : : Last attempt for download was at 15-09-20-15.45.49. The current : : definition file details are ClamAV-VDB:02 Aug 2020 11-01 : : -0400:25892:374733. : : : : : : : : Bottom : : F12=Cancel : : : :............................................................................: Selection or command ===> 49 F3=Exit F4=Prompt F9=Retrieve F12=Cancel F13=Information Assistant F16=System main menu |
You can update virus definitions from several different sources:
- *CD: Refresh the Virus Signature Database from a CD which was burned on an internet-connected PC which has downloaded files main.cvd and daily.cvd from the ClamAV server.
- *CMD: Load the definitions via a command on the command line.
- *DIR: Specify a directory on the IBM i that contains the definitions.
- *INTERNET: Download the Virus Signature Database refresh directly from the internet to the IBM i. This option enables users to refresh virus definitions at their own computers. (If regulations prevent your IBM i system from connecting to the internet, updating from *CD might be more feasible.)
- *LAN: Download the Virus Signature Database refresh to a PC, then upload it to the IBM i via a LAN. This option enables only one user to download definitions, thereby providing greater security. All other users receive their updates from that user.
- *RAZLEE: Download from Raz-Lee website.
Preparing Virus Definition Sources
To update definitions from a *LAN or from the *INTERNET, you must first set up the data sources.
Updating Domain Information for Internet Updates
To update your domain information when you update virus definitions for the first time:
- Enter the command CFGTCP into the command line and select option 12. The Change TCP/IP Domain (CHGTCPDMN) screen appears.
- Check that your DNS (Domain Name Server) is defined. If not, update your ISP Domain details.
Setting Up a Proxy for LAN Updates
To set up the LAN proxy when you update virus definitions for the first time:
- Enter the command CFGTCP into the command line and select option 10. The Work with TCP/IP Host Table Entries screen appears.
- Add your IP address with the host name AVDBPC by using option 1 next to the blank line at the top of the Internet Address column.
- If you are installing the definitions from an installation disk, copy the avpc directory from the installation disk to C:\
- If you are downloading the definition file:
Download the zip file AVPC.zip from the link : http://as400.razlee.com/downloads/PTF/AVPC.zip
Extract the avpc directory from the zip file to C:\avpc.
-
Open the C:\avpc folder and double-click Apache installation file:
C:\avpc\apache_2.0.43-win32-x86-no_ssl.exe .
- Enter domain, server name, and email when prompted (you can use any text you like).
- Double-click batch file: ScheduledUpdate.bat. When the download is finished, files are ready for the IBM i update tool.
- To update virus database on a daily basis, add ScheduledUpdate.bat to the scheduled tasks on the PC. Select Start > Programs > Accessories > System Tools > Scheduled Tasks, and click Add Scheduled Task.
- Browse to folder C:\avpc and open ScheduledUpdate.bat.
- Check daily option, fill in login password, choose your preferred time for the update, select Finish, and press Enter.
- Return to native interface and enter STRAV to return to the Antivirus main screen.
Performing or Scheduling Virus Definition Updates
You can update virus definitions on demand or schedule them to run as one-time or recurring events.
Refreshing (Updating) Virus Definition Files on Demand
To update virus definition files on demand via any of these methods, Select 41. Refresh from the IFS Viruses, Worms and Trojans menu (STRAV > 21). The Update Virus Definitions (UPDAVDFN) screen appears:
| Update Virus Definitions (UPDAVDFN) Type choices, press Enter. Type . . . . . . . . . . . . . . > *CD *RAZLEE, *INTERNET, *DIR... If ICAP is used . . . . . . . . *SKIP *SKIP, *UPDATE Bottom F3=Exit F4=Prompt F5=Refresh F12=Cancel F13=How to use this display F24=More keys |
- The screen, as it first appears, has two fields:
- *SKIP: Do not perform the update.
- *UPDATE: Perform the update.
- The next step depends on the value in the Type field:
- For *CD or *INTERNET updates: The Incremental or Full update field appears. Possible values are:
- *INCREMENTAL: Only update definitions that have changed since the last update.
- *FULL: Update the full set of definitions.
- For *CMD updates: The Command to load definitions field appears. Fill in the command to run. By default, the command is: '/*Refresh /SMZVDTA/database/* */'
- For *DIR updates: The Directory ('/dir/') field appears. Enter the path to the directory containing the definitions.
- For *LAN or *RAZLEE updates: There are no further fields.
- Press Enter. Antivirus updates its definitions.
Type
The type of update. Possible values are *CD, *CMD, *DIR, *INTERNET, *LAN, and *DIR (as shown in Updating Virus Definitions).
If ICAP is used
If you are scanning via an ICAP server (as shown in Connecting to ICAP Servers), whether to update the definitions. (This parameter is useful if updating the definitions from a script that calls the UPDAVFN command.) Possible values are:
Scheduling Virus Definition Updates
To schedule virus definition updates, as either a one-time or recurring event, select 42. Schedule Refresh from the Antivirus Definitions and Refresh screen (STRAV> 21). The standard Work with Job Schedule Entries screen appears, with an entry for the job AV$UPDDFN.
| Work with Job Schedule Entries RLDEV 29/09/20 14:10:21 UTC Type options, press Enter. 2=Change 3=Hold 4=Remove 5=Display details 6=Release 8=Work with last submission 10=Submit immediately Next -----Schedule------ Recovery Submit Opt Job Status Date Time Frequency Action Date AV$UPDDFN SCD *ALL 03:00:00 *WEEKLY *SBMRLS 30/09/20 Bottom Parameters or command ===> F3=Exit F4=Prompt F5=Refresh F6=Add F9=Retrieve F11=Display job queue data F12=Cancel F17=Top F18=Bottom |
To see and change the parameters for the scheduled job, type 2 in the Opt field for that line and press Enter. The Change Job Schedule Entry (CHGJOBSCDE) screen for that command appears, showing the values for the job.
| Change Job Schedule Entry (CHGJOBSCDE) Type choices, press Enter. Job name . . . . . . . . . . . . > AV$UPDDFN Name Entry number . . . . . . . . . . > 000756 000001-999999, *ONLY Command to run . . . . . . . . . SMZV/UPDAVDFN TYPE(*INTERNET) Frequency . . . . . . . . . . . *WEEKLY *SAME, *ONCE, *WEEKLY... Schedule date . . . . . . . . . *NONE Date, *SAME, *CURRENT... Schedule day . . . . . . . . . . *ALL *SAME, *NONE, *ALL, *MON... + for more values Schedule time . . . . . . . . . '03:00:00' Time, *SAME, *CURRENT Bottom F3=Exit F4=Prompt F5=Refresh F10=Additional parameters F12=Cancel F13=How to use this display F24=More keys |