In this mode, Kaspersky Scan Engine works as a REST-like service that receives HTTP requests from client applications, scans objects passed in these requests, and sends back HTTP responses with scan results.
This mode is available only for Linux operating systems.
In this mode, Kaspersky Scan Engine works as an ICAP server that scans HTTP traffic that passes through a proxy server and URLs that are requested by users and filters out web page that contain malicious content.
Kaspersky Scan Engine also includes a graphical user interface that allows you to easily configure the behavior of Kaspersky Scan Engine, review its service events, and scan results.
Kaspersky Scan Engine can scan files and blocks of random access memory (RAM) by using the Kaspersky anti-virus database and the advanced heuristics module. Scanning of compressed executables, archives, Microsoft Office macros, email messages, and email databases is supported.
Kaspersky Scan Engine can scan specific URLs (in HTTP mode) or URLs that users request from a proxy server (in ICAP mode). In ICAP mode, Kaspersky Scan Engine can return a user-specified HTML page instead of malicious web pages.
The graphical user interface (GUI) allows you to configure Kaspersky Scan Engine, check the status of a Kaspersky Scan Engine key file or activation code, review service events, and scan results.
Key functionality:
Award-wining Kaspersky anti-malware technology provides the best-in-class malware detection rates and can instantaneously react to emerging threats.
Kaspersky Security Network provides information about the reputation of files and Internet resources, ensures that Kaspersky applications react to threats faster without waiting for an application database update, and reduces the likelihood of false positives.
Filters out malicious, phishing, and adware URLs.
Detection of multi-packed objects and objects packed using “grey” compression utilities (frequently used for hiding malicious programs from anti-virus software).
Advanced heuristics analyzer and machine learning-based detection technologies.
Disinfection of infected files, archives, and encoded objects.
Updatable Anti-Virus engine: detection technologies and processing logic can be upgraded or modified through regular updates of the anti-virus database.
Kaspersky Scan Engine natively supports multithreading and can process several tasks simultaneously. You can adjust the number of scanning processes and threads to increase performance of Kaspersky Scan Engine.
Additional filtering layer is made possible by the Format Recognizer component. You can use this component to recognize and skip files of certain formats during the scanning process. Dozens of formats are supported, including executable, office, media files, and archives.
Graphical user interface (GUI) for management and monitoring:
Lets you configure application settings and manage the application.
Lets you monitor the application operating status, status of the used key file or activation code, and the number of scanned and detected objects.
Provides information about all scanned objects on a dashboard. Scan results can be imported in CSV format.
Ease of installation and configuration, and no development is needed with out-of-the box installation. The solution will be running within minutes.
Reporting features:
Important application events are sent to Syslog in CEF format.
All service events are visible on the GUI dashboard.