Acquiring Virus Definitions Using a Local Repository

The following procedure describes one way to download the required files from McAfee's HTTP server, then make them available to Powertech Antivirus using an FTP server, a local path, or a network path. (This example uses a Windows server, but an AIX or Linux server could be used instead.)

Firewall Configuration

In order to acquire McAfee virus definition updates, the system's firewall must be configured to allow them. Virus updates are acquired either directly from McAfee, or from a server configured to host the virus definitions for the local network. Both of these scenarios are described below. In either, you must configure the firewall of the system receiving the virus definitions from McAfee to allow HTTP downloads from http://update.nai.com. On that system, if a firewall rule exclusion previously allowed FTP to be used with update.nai.com, that rule should be removed from the firewall.

Download the DAT Files Using a Windows PC

You can use a PowerShell script to download the DAT files (PowerShell is built into Windows 10). 

1. Copy the following text into Notepad and save the file as “getdats.ps1” into an empty directory:

   $url = 'http://update.nai.com/products/commonupdater/'
   Invoke-WebRequest $url'oem.ini' -OutFile 'oem.ini'
   Invoke-WebRequest $url'gdeltaavv.ini' -OutFile 'gdeltaavv.ini'
   $site = Invoke-WebRequest -UseBasicParsing -Uri $url
   $table = $site.links | ?{ $_.href.ToLower().Contains('avvdat-') } | sort href -desc | select href -first 1
   $filename = $table.href.ToString()
   Invoke-WebRequest $url$filename -OutFile $filename
   Expand-Archive -Force $filename .
   Get-ChildItem $Path -Recurse | Where-Object {($_.Name -like '*-*') -and ($_.LastWriteTime -lt (Get-Date).AddDays(-2))} | Remove-Item -Recurse
   

2. Copy the following text into Notepad and save the file as “getdats.bat”:

   @ECHO OFF
   PowerShell.exe -NoProfile -ExecutionPolicy Bypass -Command "& './getdats.ps1'"

3. Open a command window and execute the batch file getdats.bat. This will execute the PowerShell script to download and extract the appropriate .zip file from McAfee’s HTTP server into the current directory. Once completed the directory will be as follows:

   06/19/2019  08:25 AM    <DIR>          .
   06/19/2019  08:25 AM    <DIR>          ..
   06/19/2019  07:00 AM           833,041 avvclean.dat
   06/19/2019  08:24 AM       121,669,129 avvdat-9292.zip
   06/19/2019  08:24 AM           730,425 avvnames.dat
   06/19/2019  07:00 AM       102,055,422 avvscan.dat
   06/19/2019  08:23 AM             2,151 gdeltaavv.ini
   04/29/2019  12:22 PM                89 getdats.bat 
   06/19/2019  08:40 AM               606 getdats.ps1
   06/19/2019  07:00 AM             8,170 legal.txt
   06/19/2019  08:23 AM             2,034 oem.ini
   		7 File(s)    243,301,067 bytes

4. Schedule the batch file to be executed once a day, every day. You can use any scheduler to do this, including the Windows Task Scheduler included with Windows.

   Ensure the working directory of the action is set to the directory of the getdats.bat file. For example, if the getdats.bat file's full path is C:\HelpSystems\PTAV-i\getdats.bat, specify C:\HelpSystems\PTAV-i as the working directory.

   If you use Windows Task Scheduler, you can configure the working directory as follows:

   1. Double-click the task to display its Properties.
   2. Choose the Actions tab.
   3. Select the 'Start a program' action and click Edit.
   4. Enter the working directory in the field 'Start in (optional)'. (Note: Do not put the value in quotation marks.)
   5. Click OK, then OK again.

Note: A method of monitoring the above process to ensure it is continuously running is recommended.

Make the DAT Files Available to Powertech Antivirus

Now that you have the virus definition files listed on the previous page in a directory on your network, the next step is to configure Powertech Antivirus to retrieve the files from an alternate source. There are two main methods:

• Put the files onto an internal FTP server, and set Powertech Antivirus to download them via FTP.
• Share the files over a file share from a Windows server, configure the QNTC file system on the IBM i to include the file share, and configure Powertech Antivirus to download them via the *PATH method.

These methods are described below.

Using FTP

1. Identify an internal Windows or Linux system that is configured as an FTP server.
2. Verify that you can connect from the IBM i to that server using FTP using the command ftp xx.xx.xx, where "xx.xx.xx.xx" is the IP address of the server. If you can connect, so can Powertech Antivirus for IBM i.
3. Identify the folder on the server that is shared via FTP. There is at least one directory that the FTP server shares (for example, a "C:\FTP Files" directory).
4. Place the files that you downloaded previously into that directory.
5. Use the STANDGUARD/AVCHGUPDA command to set the Transfer Method to *FTP, change the FTP Location to the address of the FTP server, and to specify the FTP user and password.

Example:

AVCHGUPDA FROM(*FTP) FTP(IP-address/directory) FTPUSER(user) FTPPWD(password)

Be sure to add the path to the end of the server's address. If the DAT files are located in the user's home or root directory, then specify / after the address.

Using a File Share

1. Identify an internal Windows PC or Windows server that is configured to share files.
2. Place the files that you downloaded previously into the shared directory on the Windows system.
3. Configure the QNTC file system on the IBM i so that the file share from the Windows system is mounted. The QNTC file system makes shared files on a Windows system visible in an IFS. The configuration of the QNTC file system is described in the following IBM document: https://www.ibm.com/support/pages/how-access-file-shares-ibm-i-using-qntc.
4. Once the QNTC file system has been configured, determine the directory (path) of the Windows file share in the IFS of the IBM i.
5. Use the STANDGUARD/AVCHGUPDA command to change the Transfer Method to *PATH and the Path to the IFS path that you determined in the preceding step.

Example:

AVCHGUPDA FROM(*PATH) PATH(/QNTC/server-name/share-name)