Background:
Companies expose their SAP E-Recruit application to external world for sharing job postings and requesting applications/resumes from the external candidates. Often external candidates uploads their resumes on word or PDF format. The questions that every company should ask before exposing the URL to outside world are:
- What if the document that is being uploaded is corrupted and has virus ?
- What if some external candidate wantedly spreads virus by uploading a malicious document ?
- What if an exe file is uploaded?
Though the above questions poses serious concerns but the answer is simple as SAP Netweaver comes to our rescue and provides an ability to protect the applications. In this weblog series, I will talk about options on how to configure the solution to protect from viruses.
Introduction:
SAP does not provide a specific solution for virus scanning, but delivers an API that partners can use to integrate their virus scan solution in SAP NetWeaver.
As of SAP NetWeaver ’04 SPS 9, You can use the virus scan interface to include external virus scanners in the SAP system to increase the security of your system
Architecture:
"
The above figure shows the main components of the virus scan integration concept :
- Virus scan interface (VSI) provides an interface for ABAP and is part of SAP Netweaver Architecture.
- Virus scan adapter (VSA), which is implemented by partners, communicates with the VSI library.
- Virus scan engine which is an anti-virus scanner communicates to adapter through ICAP client.
Landscape:
- Erecruit SAP System - ERecruit 604 on NW 7.01
- Virus Scan Servers - Web Washer , McAfee, Norton Anti Virus, Trend Micro
- Virus Scan Adapter - Certified Adapters can be found here - http://www.sap.com/ecosystem/customers/directories/SearchSolution.epx
Certified Virus Scan Adapters:
Configuration:
1) Virus Scan Group
IMG --> SAP Netweaver --> Application Server --> System administration --> Virus Scan Interface --> Define Scanner Group
1.1) Create a Scanner group.
1.2) Specify the Configuration parameters for the scanner group as shown below.
2) Virus Scan Server:
IMG --> SAP Netweaver --> Application Server --> System administration --> Virus Scan Interface --> Define Virus Scan Servers
2.1) Specify the following while creating Virus Scan Servers.
| 1 | Provide Types as Adapter |
| 2 | Provide Name |
| 3 | Scanner Group |
| 4 | Server |
| 5 | Trace Level |
| 6 | Adapter Path |
Click on Save and Click on Start. Status will show as Green if specified configuration is correct.
3) Virus Scan Profile:
IMG --> SAP Netweaver --> Application Server --> System administration --> Virus Scan Interface --> Define Virus Scan Profiles
3.1) Activate the following two profiles
3.2) Specify the scanner group to the activated profiles.
Now that you have successfully configured the Virus Scan and its time to test the its functionality. For this you need a anti-virus test file for testing this functionality. Refer to SAP note - 666568 - Using the EICAR anti-virus test file on downloading and using an anti-virus test file.
References:
http://help.sap.com/saphelp_nw04/helpdata/en/e3/aa783f181b0866e10000000a114084/frameset.htm
1 Comment
