On Thu, 7 Apr 2022, Almeida, Nuno wrote:
In our current project, we are using SAP Linux Suse 15.2 with MCafee
EPO. In order to activate the AV config for SAP (SAP Linux does not
support Mcafee) we're thinking implementing the ClamSAP AV.
My question is:
* Is there any problem to install the ClamSAP to use for this
* project and in parallel still use McAfee?
Running two virus scanners (especially in "on-access" mode) is often
very slow and there is the possibility that one scanner will object to
the other scanner's definitions (either now, or at any time after the
definitions are updated).
* Does ClamSAP only will scan this integration or it will monitor
* the whole SAP NW?
I had not heard of ClamSAP before, and I believe that the ClamAV team
have no part in its development.
A quick glance at the NW-VSI technical spec
https://ftp2.gwdg.de/pub/misc/sapdb/icc/nw-vsi/VSA-Specification.pdf
makes me think that NW-VSI controls what ClamSAP monitors, but it would
probably be worth checking with the ClamSAP maintainer Markus Strehle
https://sourceforge.net/projects/clamsap/support
I see that he also maintains SAVI-SAP - a link between SAP and Sophos.
I guess he might be able to help you develop a SAP-McAfee link if that
would be a sensible direction ...
As always, if you are using any malware detection system
you need to know what you are protecting, what you are protecting it from
and that no system catches all malware (people on this list have reported that
ClamAV with default definitions catches less than 10% of what they see !)
Thanks in advance
Best Regards,
____
Nuno Almeida
SAP Basis Senior Architect
Infrastructure & Operations, One ERP
--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
