This gives an overview of gateway security measures, most of which relate to a clustered gateway.
The gateway appliance is packaged as a VMware Open Virtual Appliance (OVA). The appliance runs a hardened version of Ubuntu 20.04.
The operating system and Kubernetes are hardened to meet several industry standard security requirements, including:
Center for Internet Security (CIS) security benchmarks.
Open Web Application Security Project® (OWASP) best practices for containers.
Community-sourced hardening checks, such as:
Secure container images
All container images are hosted securely in Google Artifact Registry. A set of rigorous vulnerability scans are applied to container images, including:
Classic gateway antivirus
ClamAV, which is pre-packaged with the classic gateway, is an open-source antivirus engine that detects trojans, viruses, malware, and other malicious threats.
Key gateway antivirus features include:
- If a vendor update is available, the antivirus software version is updated with each gateway release.
- ClamAV performs an antivirus scan every day at 2:15 AM.
- ClamAV updates antivirus definitions once daily and requires outbound access to database.clamav.net on port 443. You must whitelist the associated IP address to get the latest antivirus definitions from the database.clamav.net download server.
Get the gateway antivirus version
- Log in to the gateway with the
dpkg -l | grep clamav.
Disable ClamAV antivirus
By default, ClamAV antivirus is enabled. If you want to disable ClamAV antivirus or do not want gateway outbound communication with the ClamAV DL server:
- Log in to the gateway as an
- Go to the Antivirus section.
- Disable the service.
- Save the change.
See the Security Reference for more information.