This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How to integrate with McAfee Anti-Virus system in APIGEE?

Posted on 11-22-2017 10:00 PM
ramyagullapalli
New Member
Reply posted on --/--/---- --:-- AM

If I need to scan the attachments for proxy service to check any virus/ Threats in the attachment using Antivirus. for the I need to integrate with Anti Virus system. Can any one have any idea on this? Please help me to understand how to integrate this.

0 6 1,436
Topic Labels
0 Likes
6 REPLIES 6

Posted on --/--/---- --:-- AM
DChiesa
Staff
Reply posted on --/--/---- --:-- AM

Other customers who do this, follow this pattern:

  1. save the attachment as a file in some staging area. Like a BaaS Asset or in aa GCS bucket, or etc.
  2. send the attachment via API to the virus scanner
  3. observe the result of the scan (this result may be asynchronously delivered)
  4. Based on that result, delete the file, or transmit it back to whatever system it needs to go to.

If your anti-virus scanner can return the result of a scan synchronously, then you don't need to "save" the file anywhere. Just invoke the scanner API using ServiceCallout, and then interpret the result in the rest of the proxy flow.

This isn't any different than any other ServiceCallout implementation. The only special thing is, in this case you need to duplicate the request content in the inbound request, to the request content sent to the ServiceCallout. But that's easy, with AssignMessage.

0 Likes

Posted on --/--/---- --:-- AM
ravirajthakur
New Member
In response to DChiesa
Reply posted on --/--/---- --:-- AM

Thanks for your comments on this Dino. I was evaluating this use case for one of my implementations and was exploring the best place to get this scanning done that is more secure and performance friendly approach. What are your thoughts on activating this scanning functionality on the perimeter of the network at Firewall or loadbalancer instead of APIGEE/API Layer ?

0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to ravirajthakur
Reply posted on --/--/---- --:-- AM

Hi Ravi

I think it's maybe prudent to do it at multiple layers. In some cases the firewall or network edge system may be able to introspect the traffic and perform the scanning. In some cases your API call payload may carry files, and this may not be apparent to an firewall. So you'd need to do it in both places in order to be protected.

Just my opinion. This may not apply in your scenario if you don't send files within APIs, or if you don't want to allow that.

0 Likes

Posted on --/--/---- --:-- AM
iamasim04
Bronze 3
Bronze 3
In response to DChiesa
Reply posted on --/--/---- --:-- AM

Hi @dchiesa1 Could you suggest any code snippet example for the same using ServiceCallout ? 

Thanks.

0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to iamasim04
Reply posted on --/--/---- --:-- AM

Can you be specific about what you are asking for? 

0 Likes

Posted on --/--/---- --:-- AM
iamasim04
Bronze 3
Bronze 3
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

Hi @dchiesa1 

Could you please give an example of invoking the scanner API using Java ServiceCallout and interpreting with the response.

0 Likes