In Metadefender Core 4.x, workflows are defined slightly differently than they are in Metadefender Core (Metascan) 3.x. Usage of the workflows through the APIs, and through all of the Metadefender components is the same, but the way the workflows are defined is different. In this post, we will go through how to define workflows in Metadefender Core 4.x.
All Metadefender Core workflows are defined in the 'Policies' section of the Metadefender Core Management Console. Within this section, there are three configuration pages.
1. Security Zones
Security zones define the different categories of sources that should be used for assigning the different security rules. By default, the 'All' security zone, which covers all scanning traffic, is included with the Metadefender Core installation.
New security zones for different Metadefender Core sources can be defined.
2. Analysis Workflows
Analysis workflows define how files should be handled by Metadefender Core. These are templates that can be included when defining security rules in Metadefender Core. By default, the 'Default', 'Skip Images', and 'Executables only' workflows are defined in the installation of Metadefender Core. These default workflows can not be edited or removed, but additional workflows can be defined.
New workflows can be defined and added to the list of available workflows.
Workflows can be edited by clicking on the workflow in the list. This will bring up the edit dialog. Workflow configuration options fall into five categories, each with its own tab in the edit dialog.
1. General
In the general tab, you can set the workflow name and description.
2. Archive
On the archive tab you can specify how Metadefender Core should process archives. This includes the options for whether archives should be extracted, and if so, to what depth and whether the original archive should also be scanned by Metadefender.
3. Blacklist
On the blacklist tab you can specify whether certain files should be blocked, either by the detected file type or by the filename.
Scan
On the Scan tab, you can define how files should be scanned, including what files should be skipped as well as such settings as scan timeouts and how to handle scan failures.
3. Security Rules
Security rules are combinations of a workflow that should be applied, the security zone that defines what scanning traffic should have that workflow applied, and the user agent that should be handled by the security rule. The 'File scan' and 'File scan without archive' security rules are included by default with the installation of Metadefender Core.
New rules can be created and assigned to specific security zones and user agents. As part of the creation process, you can select which workflow the configuration settings should be inherited from.
Individual configuration settings inherited from the workflow can be overridden in the security rules edit dialog. To change the settings, click on the lock icon to unlock the setting, which then makes the field editable.
If you have any further questions about the instructions provided above, please feel free to contact our Customer Success Team.