Problem

Supportability of 3rd party Antivirus software solutions with SecureTransport on Windows

Resolution

Use of 3rd party Antivirus software, installed and running on the same server with SecureTransport, is not supported. SecureTransport is a process heavy application which creates processes on the fly, and reads and writes to files persistently. Antivirus software, in general, put a lock on the files while they are being scanned and this could lead to unforeseen issues with SecureTransport since it requires exclusive access to them.

Cygwin

SecureTransport for Windows is built upon an interoperability library called “cygwin” which by design and per its makers is known to be affected by use of Antivirus software altogether (http://cygwin.wikia.com/wiki/FAQ (see section 4.32. How do anti-virus programs like Cygwin?) and/or section 4.44 from the FAQ on Cygwin's page).

NOTE: Microsoft also recommends to turn off scanning on various files associated with important Microsoft applications - http://support.microsoft.com/kb/822158

If scanning of the user files is a requirement (e.g. company policy):

1. Add the SecureTransport installation folder (known as $STHome or $FILEDRIVEHOME) and the user accounts' home folders (regardless if on network share) as exception to the scanning path of the Antivirus software.

IMPORTANT: This is still an unsupported scenario which is not tested or certified by Axway and at any time Axway Support will reserve the right to ask customers to disable the AV solution completely to troubleshoot a core product issue.

2. Starting with ST 5.3.x, SecureTransport supports integration with ICAP servers. The Internet Content Adaptation Protocol (ICAP) settings allow the administrator to configure ICAP engines to be used as part of the SecureTransport file transfer processes so that data loss prevention (DLP) is achieved and anti-virus (AV) scans are completed.

Upgrading to ST 5.3.1 or above and integrating it with an ICAP server is the recommended way to achieve the AV scanning of the user files.