DocuShare and Virus Protection
on your organization’s security policies the following should be considered
anti-virus tool to work with DocuShare.
the anti-virus tool on the computer following a clean reboot and a full system
check. Ideally this should be performed as part of the initial system
installation and configuration of the operating system. The %DSHOME%\documents
file directory (C:\Program Files\Xerox Corporation\DocuShare\documents on a
Windows NT Server by default) contains the file repository for all files stored
in DocuShare. The only change DocuShare makes to a file is the file name. Your
anti-virus tool should be configured to scan ALL files and sub-directories in
the %DSHOME%\documents directory.
anti-virus tools limit file scanning to certain file types by their extension,
such as .exe, .bat, .doc, .zip, etc. Because DocuShare renames files, the
anti-virus tool will not scan the files if it is configured to scan only
executable files by their file type extension. Configure your anti-virus tool
to check all files without regard to file extension.
scanning the DocuShare Documents directory do NOT configure the anti-virus tool
to delete or move files to a quarantine area when a virus is detected. This
will cause the meta data in the database to become inconsistent with the
contents of the documents repository.
the anti-virus tool to Flag infected files for manual deletion. The DocuShare
administrator should delete infected files using DocuShare’s dsdelete command
for multiple files or the web browser interface for single files. This will
maintain consistency in the database. If your security policy allows, you can
set the anti-virus tool to Clean the infected files instead of flagging them
for deletion. Should files accidentally be deleted contact DocuShare customer
support for help in cleaning up the meta data. Anti-virus tools that run
continuously in the background will affect the performance of DocuShare. If the
anti-virus tool checks files inbound and outbound (upload and download),
consider scanning only inbound files. This will improve performance especially
if most activity is accessing or reading files from the
anti-virus tool has a feature for scanning each time a program is executed
(called On-Access in some tools), consider excluding the DocuShare directory,
with the exception of the %DSHOME/documents directory.
tools alone cannot secure your server from all threats. You must insure that
anti-virus tools are updated regularly, especially when new threats are
discovered. Also, routinely check for and apply new security patches and
updates to your operating system and web server software.
Solution Published: June 27, 2016
Solution ID: 1781