Skip to Content
Yes, you guessed it already from this Weblog post’s title. You can now check documents like e.g. sales orders, new hire applications etc for viruses before you upload them into an SAP system.  But what is available in detail?  SAP has not gone into the virus scan business. You need a partner product to perform the virus scan. You can find partner products that are certified here: Security Partner – Partners vor Virus Scan Interface (NW-VSI). Currently (end of November 2005) there is only one partner product available. Of course, SAP is negotiating with more virus scan software vendors about becoming certified and there are several well-known companies that have expressed interest in becoming certified. But we also encourage you to point other virus software vendors of your choice to our Integration and Certification Center.   What SAP has implemented is an interface that allows performing a virus scan via an external product before the document is uploaded into SAP. Scanning is available as of SAP NetWeaver Application Server Release 6.40 SP11 for the ABAP stack and SP13 for the Java stack.  Scans will be performed via either of the following functions in the source code in the SAP standard: – Function Module GUI_UPLOAD using the SAP GUI – HTTP_UPLOAD in Business Server Pages uploading a local file based on CL_HTMLB_MANAGER – Web Dynpro for JAVA via FileUpload  You are more than welcome to use either of the above mentioned functions for own-developed coding and programs as well.  How do you activate the virus scan in SAP standard applications?  First you have to activate the so-called SAP NW-VSI interface. That is, you go into the Implementation Guide IMG, via transaction SPRO and make the corresponding configurations. That is, you define and configure the external virus scan software. You can have more than one scanner and for load balancing you can combine them to scanner groups. You define steps that are run when an application calls a virus scan. SAP ships pre-defined VIrus Scan Profiles for applications that have implemented the virus scan. For a list of pre-defined profiles please check SAP note 797108. Administrators activate these profiles on an application basis.  You can then test your virus scan using transaction VSCANTEST in ABAP. For more information check out SAP note 786179. For tests in Java please take a look at SAP note 848189.  You will find a detailed description on how to configure the virus scan in the SAP Online Help: http://help.sap.com/nw04  (general help area) – SAP NetWeaver – Security – System security – Virus Scan Interface or on the new SAP notes’ component BC-SEC-VIR.
To report this post you need to login first.

9 Comments

You must be Logged on to comment or reply to a post.

    1. Anonymous
      Hi Milton,
      haven’t heard from them, but have forwarded your information to the SAP Integration and Certification Center.
      Thanks for your information.
      Kind regards,
      Gerlinde Zibulski
      (0) 
    2. Shaik Ahmed
      Hello,

      We have Bowbridge VSA installed on Linux box , but can we install Virus scan server on Windows box?

      Or both VSA and Virus scan server should install on same box ?

      -Shaik

      (0) 
  1. Srikanth Mandalapu
    In my experience using Avira adapter, it doesn’t work on 64-Bit machines.
    You have to install it seperately on 32-bit machine which requires additional hardware.

    -Srikanth M

    (0) 
    1. Gerlinde Zibulski
      Hi Srikanth,

      thank you for pointing this out. This however, would have to be addressed to development/product management of Avira.
      Have you reached out to them yet?

      Thanks,
      Gerlinde

      (0) 
          1. Gerlinde Zibulski
            (0) 
            1. Srikanth Mandalapu
              Hi, I have just visited the link, apparently they support:

              Platform: SUN Solaris x64 and Windows 2003 ix86 / Virusscan from ABAP and Java stack / Scanning SAR Files

              But not WINDOWS X64.

              thanks
              Srikanth M

              (0) 

Leave a Reply