Endpoint Protection

 View Only

  • 1.  command line interface of endpoint protection

    Posted Sep 01, 2014 06:00 AM

    Hi,

    my company decided to use symantec endpoint protection [Symantec Endpoint Protection (SEP)12.1.2 Linux client (Corporate Edition)] as their virus scanning solution on our linux servers. To integrate this to my application, I need to use a command line interface, e.g. like:

    • store a file in some folder
    • start endpoint protection to scan the file (or all files in that folder) for viruses
    • get the result (an error code and/or more details from analyzing a log file, ...)
    • do some action in the calling application (send an email, ...)

     

    my questions therefore:

    • does "SEP 12.1.2 Linux Client" have a command line interface (to scan a specific file or folder on demand)?
    • where do I find documentation?
    • if no CLI: is there an alternative to scan a specific file and get the results? (infected / ok / ...)

    Thanks and best regards,

    Matthias



  • 2.  RE: command line interface of endpoint protection

    Posted Sep 01, 2014 06:05 AM

    Here is some Mick2009 good articles

    SAV for Linux Scanning Best Practices: A (Somewhat) Illustrated Guide

    https://www-secure.symantec.com/connect/articles/sav-linux-scanning-best-practices-somewhat-illustrated-guide

    SAV for Linux: A (Somewhat) Illustrated Guide Part 2

    https://www-secure.symantec.com/connect/articles/sav-linux-somewhat-illustrated-guide-part-2

    SAV for Linux: A (Somewhat) Illustrated Guide Part 3

    https://www-secure.symantec.com/connect/articles/sav-linux-somewhat-illustrated-guide-part-3

    SAV for Linux: A (Somewhat) Illustrated Guide Part 4: SAVFL Reporter

    https://www-secure.symantec.com/connect/articles/sav-linux-somewhat-illustrated-guide-part-4-savfl-reporter



  • 3.  RE: command line interface of endpoint protection
    Best Answer

    Posted Sep 01, 2014 11:35 AM

    Yes, this guide by Mick2009 covers your questions:

    SAV for Linux: A (Somewhat) Illustrated Guide Part 2

    https://www-secure.symantec.com/connect/articles/sav-linux-somewhat-illustrated-guide-part-2



  • 4.  RE: command line interface of endpoint protection

    Broadcom Employee
    Posted Sep 01, 2014 12:07 PM

    Hi,

    I will suggest to wait for few more weeks.

    SEP 12.1 RU5 is due for release. In this release you may see SEP for linux (Instead of SAV) & Now linux clients may get managed by SEPM which was not possible previously.

    SEP release history info:https://www-secure.symantec.com/connect/blogs/symantec-endpoint-protection-release-details

    Management of Symantec AntiVirus (SAV) for Linux

    http://www.symantec.com/docs/TECH102587 

     

     



  • 5.  RE: command line interface of endpoint protection

    Posted Sep 03, 2014 01:40 AM
    Thanks everybody. Actually the reference to Symantec AntiVirus for Linux Implementation Guide gave me the solution. Searching the internet for this guide finally led to http://kbdownload.symantec.com/resources/sites/BUSINESS/content/live/DOCUMENTATION/6000/DOC6150/en_US/SAV_Linux_Impl.pdf?__gda__=1409729861_8c2ce04325acf69faf1de55544ec5b89 there are some information regarding "sav" command line tool - which seems to do the job. Best regards, Matthias