The Jive Antivirus Extension is a plugin that allows a Jive instance to integrate with a virus scan server so that binary content uploaded to the Jive instance can be checked for violations and prevent users from downloading the content if a violation is found. The intended audience for this document is System Administrators and Community Managers. A separate User's Guide is also available. For versions earlier than 6.0, see Jive Antivirus Extension User's Guide for 5.0 and earlier.
- Monitoring and Management
The Jive Antivirus Extension is delivered in a .jar file that is installed on an existing Jive instance. The name of the file will depend on the version of the plugin (e.g. antivirus-6.0.1-0.jar). The version number of will generally correspond to the version of Jive for which it was intended, with the -X suffix indicating the release number (0-based) for that version. For example, 18.104.22.168-0 indicates the first release of the extension for Jive 22.214.171.124. To be sure you have the most recent release of the extension for your version of Jive, consult the Jive Antivirus Extension Compatibility Matrix, which will contain the recommended releases for each Jive version.
Virus Scan Server
The Antivirus Extension requires a virus scan server to perform the actual virus scanning. The Antivirus Extension supports ClamAV, which is freely available, and McAfee products with ICAP support such as McAfee Web Gateway. For hosted customers, Jive Hosting provides a ClamAV server. On-premise customers must provide their own virus scan server. Installation and configuration of the virus scan server is outside of the scope of this document. Please refer to the ClamAV documentation or McAfee Product Support.
A security policy may need to be created to add the X-Infection-Found header to the ICAP response.
While the Antivirus Extension is available for anyone to download, you must have a valid license to run it on your instance. You can check your license in your Jive instance's Admin Console, under the System > Management > License Information section.
If you see the Antivirus Module entry listed in the License Components and Allotments section, you are all set to install the Antivirus Extension. The extension itself may still be installed if it has not been licensed on your instance, but no Antivirus functionality will be enabled. If the module is not listed, but you have purchased the Antivirus Extension, file a case requesting Jive Account Support to update your license. If you have not purchased the Antivirus Extension yet, please contact Jive Sales.
For Hosted Customers
To install the Antivirus Extension, hosted customers can file a case and request that the extension be installed. Jive Account Support will install the extension for you. Installation only takes a few minutes, but will require a server restart. Jive Account Support will configure the extension for the appropriate Virus Scan server based on the data center in which your instance resides. Additional configuration options are available and are described later in this document.
Customers hosting their own Jive instance can install the Antivirus Extension, like any other Jive Plugin, via the Admin Console. Once the file is uploaded, and the plugin is installed, the server will need to be restarted.
After restarting, the Antivirus Extension will show up in the Admin Console's Plugins tab. The Antivirus Extension is not enabled by default and needs some additional configuration before it can be enabled.
Post Installation Configuration
On-prem installations are responsible for the required configuration and enabling virus scanning. Post installation, a System Property specifying the virus scanner URI must be set. An explanation for each of the settings is provided later in this document.
Uninstalling the Antivirus Extension, which also requires a restart, will remove the extension from the system, but not its data. However once the Extension is removed, files that have previously been blocked will be linked for download; an attempt to download a blocked file will result in an error since the blocked file has been removed.
The Antivirus Extension can be configured by users who are members of the Antivirus Management security group. Users in this security group will have an "Antivirus" menu item under the "Manage" sub-heading of the user menu drop down in the Jive header. Configuration changes take effect immediately and do not require a server restart. In addition to the configuration screen, the following system properties are available:
|Property Key||Description||Default Value|
|antivirus.scan.timeout||The number of milliseconds the Antivirus Extension will wait for a scan to complete||300000|
|antivirus.managementGroup.name||The name of the security group used to grant access to Antivirus Management||Antivirus Management|
|antivirus.maxScanChecks||Maximum number of times scan record will be checked for completion when creating a scan request.||5|
|antivirus.scanCheckDelay||Number of milliseconds of delay between checking a scan record for completion when creating a scan request.||3000|
Virus scanning can be tested using the test files provided at Download ° EICAR - European Expert Group for IT-Security.
Monitoring and Management
When a violation is detected, a notification will appear in the Actions stream of all users who are members of the Antivirus Management security group. If the Extension is configured to notify the author, the creator of the content will receive the same notification. E-mails will only be sent to users if e-mail is enabled for Actions in their Jive E-mail Preferences.
Scan Records are stored in the database and can be queried if information is needed for a specific file.
|antivirusid||Primary Key for the table, not visible in the UI.|
|objectid||The ID of the Jive object scanned.|
The objectType of the Jive object scanned. Currently only two types are supported:
|statusid||The status of the scan:|
|violations||Violation(s) reported from the scan server.|
|scancount||Number of times this object has been scanned.|
|scanrequestdate||The date of the initial scan request, in milliseconds|
|lastscandate||The date of the last scan, in milliseconds|
|lastsuccessdate||The date of the last successful scan, in milliseconds|
Retrieve all Scan Records
select * from jiveavscanrecord;
Retrieve Scan Information for an Attachment to a Message
select * from jiveavscanrecord, jiveattachment, jivemessage where jiveavscanrecord.objectid = jiveattachment.attachmentid and jiveattachment.objectid = jivemessage.messageid and jiveavscanrecord.objecttype = 13 and jiveattachment.objecttype = 2 and jivemessage.messageid = [messageid];
Retrieve Scan Information for an Uploaded Document
select * from jiveavscanrecord, jivedocbodyversion, jivedocversion, jivedocument where jiveavscanrecord.objectid = jivedocbodyversion.bodyid and jivedocbodyversion.internaldocid = jivedocversion.internaldocid and jivedocbodyversion.versionid = jivedocversion.versionid and jivedocversion.internaldocid = jivedocument.internaldocid and jiveavscanrecord.objecttype = 110 and jivedocument.documentid = '[docid]';