Issue:
Elements EPP for Servers or Linux Protection clients are showing a status of "Malware protection" as disabled in the Elements Security Center portal's Environment > Devices page
Resolution:
Normally, this is caused by the default policy with a blank configuration of "Files and folders to scan" being assigned to the WithSecure™ EPP Elements for Servers (Linux client) or Linux Protection clients.
In order to make the real time scan working, there is a need to clone the default profile and add a path (for example, root directory of "/" for scanning all files) to that configuration in the policy file.
You could perform the following steps to clone the default profile if it has not been done yet, change the configuration for real time scanning, assign the cloned profile and trigger the full status update to solve this issue.
- Log in to the Elements Security Center Portal
- Open the Security configurations section from the menu on the left
- Go to the Profiles page
- Click the three dots which are next to the profile you want to clone (WithSecure™ for Linux in this case)
- Select Clone Profile
- Enter a profile name (Label and description are optional)
- Select Real-time scanning in the profile
- Click on Add path under Files and folders to scan
- Add root directory of "/" to scan all files
- Click Save and Publish
- Go to the Devices tab
- Select the affected Linux device
- Click on Assign > Assign Profile
- Select the cloned profile from the list
- Click on Assign button
- On Devices tab, select the affected Linux device again
- Choose Send full status update
If the default profile has been cloned before but the configurations for real time scanning are not changed yet, follow the steps below to solve the issue.
- Log in to the Elements Security Center Portal
- Open the Security configurations section from the menu on the left
- Go to the Profiles page
- Open the assigned profile
- Select Real-time scanning in the profile
- Click on Add path under Files and folders to scan
- Add root directory of "/" to scan all files
- Click Save and Publish
- Go to the Devices tab
- Select the affected Linux device
- Choose Send full status update
Article no: 000034644