Anti-malware Setup and Third-Party Anti-malware Removal Tool
The Anti-malware Setup allows you to download a copy of the anti-malware to reduce the network bandwidth. The setup has the option for online or offline installation.
The Anti-malware Setup option is available for Windows Cloud Agent 5.5 and above.
Installing Anti-malware using an Installer Mode
After clicking the Anti-malware Setup button from the Configuration tab, perform the following steps on the Anti-malware Setup page:
- From the Anti-malware installer mode, select Cloud Installer or On-Premise Installer.
- Cloud Installer mode: This is the default installer mode. Select this mode to use the online version of the Anti-malware.
- On-Premise mode: Select this mode to download the installer file to the local environment. You can download the copy once and place it using Ansible or any other method.
- For the On-Premise Installer, select the Windows Architecture option between x86 and x64.
- Click Download.
- Provide the Installer Location. The location can be your local system path or server http(s).
If you provide a location path, ensure it is accessible to the asset. For the local disk path, once the installation is completed, the installer will be auto-deleted.
Refer to the following On-Premise Installer screenshot for reference:
- Click Save.
- From the Cloud Agent application, click Configuration Profiles.
- Click New Profile and do not toggle the option Enable Malware Protection for this Profile. Assign the newly created profile to an asset.
It is recommended not to make changes to the existing Configuration Profiles.
- Once this profile is assigned to an asset, set the profile with Enable Qualys Anti-malware Protection for this Profile to an asset. Click Continue to Save.
-
You can check the installation status under the Anti-malware Status column in the Assets tab. The following screenshot is an example of the installation status:
Third-Party Anti-malware Removal Tool
The Anti-malware setup can be proceeded with enabling the Third-Party Anti-malware Removal Tool. However, enabling the Third-Party Anti-malware Removal Tool removes the third-party products and their traces from the applications. The tool detects the presence of any third-party application on the system and in case of a failed installation, an error message is displayed with the name of the application that caused the EPP installation to fail.
Using the Add Exclusions field, you can add the list of applications that should be excluded during the removal process. The Third-Party Anti-malware Removal Tool can fail to uninstall the third-party application in any of the following scenarios:
- Third-party Anti-malware is not supported
- Third-party Anti-malware is password-protected
- Stale entry of an old Anti-malware
Prerequisites to Enable Third-Party Anti-malware Removal tool
The minimum requirement for the Agent version is 5.1.0.18 to enable the Third-Party Anti-malware Removal Tool.
If your agent version is lower than 5.7.0, follow the steps below to enable the Third-Party Anti-malware Removal tool. For agent versions 5.7.0 or higher, follow the steps in the Application Configuration section of the Qualys Cloud Agent Online Help, as additional steps are needed.
OPSWAT-supported application. Go to the OPSWAT web page and click the Show Uninstall Supported Only button on the top-right corner to view the list of supported anti-virus.
Enabling the Third-Party Anti-malware Removal tool
After clicking the Anti-malware Setup button from the Configuration tab perform the following steps on the Anti-malware Setup page.
- Enable the Third-Party Anti-malware Removal Tool.
- (Optional) In the Add Exclusions field list the application(s) that will be excluded during the uninstallation process.
You can provide the application name in the Add Exclusion field, even though the Third-Party Anti-malware Removal tool is disabled.
- Qualys Agent can also identify the application that caused the anti-malware installation failure. In such scenarios, an error message is displayed in the Anti-malware Status column of the Assets tab. Copy the application name and paste it in the Add Exclusion field.
- Click Save.
A notification message confirms the Third-Party Anti-malware Removal Tool has been enabled.