API Connect

 View Only
Expand all | Collapse all

Antivirus Scan in API Connect

  • 1.  Antivirus Scan in API Connect

    Posted Fri October 04, 2024 01:51 AM

    How to mimic DataPower antivirus scan functionality (Symantec) in API Connect?



    ------------------------------
    Nirmalya Mukherjee
    ------------------------------


  • 2.  RE: Antivirus Scan in API Connect

    Posted Mon October 07, 2024 08:52 AM

    Hi Nirmalya,
    Since the API Connect Gateway is running on DataPower, you can have a DataPower processing rule that contains the Antivirus action called by an API Connect Assembly using the GatewayScript multistep module.  There is some heavy lifting required in DataPower 10.5.0.x, but in 10.6.0.x we made it easier by having a wrapper function that you can setup that call with metadata specified in a JSON object.  See https://www.ibm.com/docs/en/datapower-gateway/10.6.0?topic=apis-multistep-module and in particular, the callRuleWrapperInit and callRuleWrapper functions.  We also have numerous example UDPs that exercise this module for accessing processing rules that contain Processing Rule actions such as AAA, CryptoBin, and XML Sign/Verify/Encrypt/Decrypt actions.  See https://github.com/ibm-apiconnect/policy-apigw/tree/master/user-defined-policies and in particular, the SAMLAssertion is using AAA, SOAP Encrypt/Decrypt is using the XML Encrypt/Decrypt actions, and the pkcs7-policies are using the CryptoBin actions.  You should be able to use those examples as a template to create a user defined policy for an AntiVirus policy in the API Gateway.

    Best Regards,

    Steve Linn



    ------------------------------
    Steve Linn
    Senior Consulting I/T Specialist
    IBM
    ------------------------------



  • 3.  RE: Antivirus Scan in API Connect

    Posted Tue October 08, 2024 01:08 AM

    hi Steve,

    Thanks for the clarification!

    The requirement is needed in our gateway for every api that comes in we would like to call symantec, what is the best way to achieve this? can the wrapper function be called as pre hook global policy?



    ------------------------------
    Nirmalya Mukherjee
    ------------------------------



  • 4.  RE: Antivirus Scan in API Connect

    Posted Tue October 08, 2024 01:17 AM

    Presumably only the ones with a body parameter such as POST or PUT?

    Calling Symantec for other calls like GETs is going to do nothing other than inflate your api response time!



    ------------------------------
    Chris Dudley
    ------------------------------



  • 5.  RE: Antivirus Scan in API Connect

    Posted Tue October 08, 2024 11:22 AM