Metascan®

Features

Different organizations have varying needs for scanning performance, customization and management. Metascan’s many features enable powerful multi-scanning for every environment.

Metascan packages feature licenses for the included built-in engines, saving you the hassle of sourcing and managing licenses from multiple vendors. If additional engines are desired, Metascan is compatible with dozens of anti-malware applications that can be integrated into your solution. To learn more about the engines available with Metascan, please visit the Metascan Package Options page.

Evaluate Metascan

All Metascan packages and implementations include the following features:

  • Management station: For implementations using multiple installations of OPSWAT’s multi-scanning technology, the Metascan management station provides a centralized console for managing compliance and configuration. Details and screenshots>>
  • Post actions: Metascan supports custom post actions, enabling you to specify post-scan file handling by result, file type and more. Examples of custom post actions>>
  • Custom engines: Metascan supports the integration of custom scanning engines, allowing you to implement your own scanning logic or a solution for data loss prevention. Possible implementations>>
  • Web interface: Create your own in-house version of Metascan-online.com using the web interface included with all Metascan packages. Learn more>>

Additional features include:

  • Scan Optimizer to enable archive extraction, file queuing, and engine synchronization
  • Intuitive Microsoft Management Console
  • Boot sector scanning
  • Scan result caching
  • URL filtering engine
  • Integrated RAM drive to protect confidential data in the event of a re-boot during scan
  • Scanning of files, folders, drives, and data streams
  • Ability to quarantine infected files
  • Ability to schedule signature updates for both built-in engines and pre-installed applications
  • Queue management
  • Easy evaluation and licensing
  • Easy manual update process for locked down networks
  • High performance and scalability
  • Ability to analyze hundreds of different file types
  • Ability to extract many different archive types
  • Support for integration with various DBMS such as Microsoft SQL Server and PostgreSQL
  • Support for ICAP (Internet Content Adaptation Protocol)
  • Support for RESTful Web API
  • Easy integration to sandbox solutions such as those from GFINorman and ValidEdge
  • Easy integration to threat detection and response solutions such as Silicium ECAT

 

Sample Projects Visual C/C++, Visual Basic, .NET, C#, ASP.NET, PHP, JAVA
Interfaces Simple COM interface (TLB files available)
JAVA interface
Command line interface
Supported Operating Systems* Windows 2003, Windows XP, Windows Vista, Windows 2008, Windows 2008 R2, Windows 7
* Supports both 32 bit and 64 bit OS
Supported File Types ANI, ARJ, CAD, AVI, BMP, DataZfile, Doc, EPS, EXE, Font_Type1, Gif, GZip, ICO, IS_Uninst, CAB, Jar, JavaClass, JPEG, LHA, MDB, Mp3, MPEG, Hlp, WMF,MIME, MsLibrary, LNK, DB, OBJ, XML, PCX, PDF, PIF, PKLite, PNG, QTMovie, SFXexe, RAR, RIF, TAR, Txt, Tiff, TNEF, TTF, Unicode, UnixComprs, Visio, WMV, WAV, XLS, Xara, Zip, Zoo, ISO, NSIS, MSI, Office 2007 documents, and other file types
Supported Archive Types zip, rar, tar, jar, lha, gzip, bzip, arj, iso, sfx

Read more in our Metascan brochure.

When implementing multiple OPSWAT multi-scanning installations into your solution, the Metascan management station provides an easy way to track and manage your installations of Metascan, MetaDefender for Media (MD4M) and MetaDefender for Secure Access (MD4SA). With a simple, clear interface, the management station is a centralized console for:

Management StationCompliance Information Monitoring

  • View the list of managed engines on each installation
  • View the license status for each managed engine
  • View the update statuses for each managed engine

Configuration Adjustments

  • Change scan settings
  • Set archive handling
  • Manage update settings
  • Edit cache settings
  • And other available settings

Update Management

  • Push offline updates to each managed product
  • Configure automatic updates to come directly from OPSWAT

Additional features are coming soon! If you have questions regarding the Metascan management station and the planned features, please contact sales@opswat.com.

Current multi-scanning customers can access the Metascan management station software through their account on the OPSWAT User Portal.

 

Evaluate Metascan

When implementing your multi-scanning solution, utilize Metascan’s custom post-actions to designate specific handling for files after scanning has been completed.

Evaluate Metascan

Possible post actions through Metascan include:

  • Upload clean files to an FTP server
  • Convert files to a standard format e.g. convert all Word documents to PDF or all images to JPG
  • Log threat detections
  • Move clean and infected files to different folders
  • Upload files to a HFS - HTTP file server
  • Burn clean files to a CD
  • Print scan receipts with details
  • Send email alerts with scan results

Read more about implementing post actions in our knowledge base.

Metascan offers powerful scanning using built-in and added antivirus engines, but one of its greatest strengths is the ability to integrate your own custom engines. Using this feature of Metascan, you can greatly extend the capabilities of your multi-scanning solution to perform additional scanning alongside your antivirus engines.

Evaluate Metascan

Possible custom engines include:

  • Data loss prevention: Allow Metascan to control the flow of data out of your organization by implementing a custom DLP engine. An effective scanning solution can be easily created by coding logic to search files for specified keywords, such as “confidential”, or for specific strings of data, such as social security numbers or credit card numbers. By integrating this type of custom engine, Metascan can report files as suspicious if the sensitive keyword or data is present.
  • Custom antivirus engines: Utilize your own command line scanners as part of your solution
  • Custom scanning logic: Create your own scanning logic and integrate it to your solution

Sample code for integrating custom engines is available in our knowledge base.

All Metascan packages provide the ability to implement an in-house file scanning solution, like our Metascan Online demo, given certain technical requirements. Use the web interface feature to create a complete, static file scanning solution suitable for malware analysis in off-line or locked-down environments.

File analysis via a web interface allows anyone with a web browser in your network to quickly determine the status of a file (clean or infected) as well as the particular threat identified (class of malware, name, engines that detected the threat).

The web interface provides:

  • Standards-compliant web interface
  • Custom reports via downloadable .CSV files
  • Integrated file browser, as shown in the lower right screenshot
  • Permanent URL for each file for rapid referencing of previously scanned files
  • Ability to search via threat name, MD5 or SHA1 hashes

View a performance analysis of Metascan file-scanning using 20 engines.

Additional Information:

For a free online demo of multiple engine malware scanning of files, please visit metascan-online.com.

For a full demonstration and licensing information, please contact sales@opswat.com.

Metascan Web Interface Scan Results
Metascan Web Interface File Browser