Free Trial

Business and Enterprise Documentation

Business and Enterprise

Some of the things Enterprise love about ClamXAV are how lightweight it is on clients/endpoints, and how easy it is to configure and distribute to an entire network of Macs in one fell swoop. Here, we describe some of the things you can achieve with a business licence and how to make it work the way you want it to.

Licensing

We offer great value for volume licensing, with discounts starting at just 2 seats. Please see our Pricing Page for more information. If you need more than 150 seats, just reach our to our sales team and we'll get you sorted.

If, like us, you find your staff numbers are always going up, you can add more seats to your licence at any time during the year, with the cost pro-rata to your renewal date. If the additional seats bump you up into the next discount level, they'll be offered at that price point, and then all your seats will use the new price-point at your next renewal. You can't really say fairer than that, can you?

Distribution

You have two options for distributing and licensing ClamXAV to the Macs on your network depending on the level of access your users/staff have, the number of seats you're protecting, and any distribution methods you already employ:

  • Direct download with email licence
  • Remote deployment and configuration via MDM

Direct download with email licence

This is the easiest method of deployment, but it requires the endpoint user to have admin privileges to perform the installation and any subsequent updates to the application, as well as enabling Full Disk Access. Your users would simply follow the instructions in the QuickStart Guide to download and install ClamXAV. You would then send them an email containing a link to install the registration key.

Your users would then be free to configure the app, and any schedules, as they see fit.

Remote deployment and configuration via MDM

You can use our Remote Deployment Tool to configure an installer .pkg file for remote deployment via your MDM server.

  1. Download the Remote Deployment Tool v3.4.1
  2. Install ClamXAV on the same computer as the Remote Deployment Tool is being used.
  3. Install the registration key and set up your preferences as desired.

Specifying default preference settings

If you don't want to specify default preferences, go directly to step 6.

  1. Copy the file in /Library/Application Support/ClamXAV/Settings/Users to the same place within the RemoteHD folder, but change the name to the login user name on the target computer.

  2. If you also want to prevent your users from modifying your default preferences, take that plist file, rename it to override.plist and move it up one level so that it's sitting in RemoteHD/Library/Application Support/ClamXAV/Settings/ also see the 'Overriding/enforcing preference settings' section below.

Notifying a designated email contact upon malware detection

As of version 3.4, ClamXAV can now notify a designated email contact upon malware detection on any of your endpoints. To enable this, you need to deploy a `global.plist` preferences file to your endpoints.

You can find an example of this in `RemoteDeploymentTool/Extras/global.plist`. You'll need to change the value of the `SendEmailAlert` setting to `true`. You will also need to contact us and let our support staff know the email address to be notified when malware is detected.

The `global.plist` file should be copied to `RemoteHD/Library/Application Support/ClamXAV/Settings/global.plist`

Configuration Profile for Full Disk Access

You may also need to distribute a configuration profile to your Macs to enable Full Disk Access. If you don't do this, you will need to manually enable this via System Preferences on each computer. You can find the profile in the Extras folder of the Remote Deployment Tool, called 'ClamXAV Full Disk Access.mobileconfig'

Overriding/enforcing preference settings

You can force any preference setting with an override config file.

Within the Remote Deployment Tool folder, you'll find a sample override configuration file. It's an XML file but it can be edited with a plain text editor. The first two settings will ensure the database is updated daily and that the app itself will be kept up-to-date:


	ScheduleUpdateFrequency	1
	UpdateClamXAVOnLaunch	true
			

The file then configures a default set of preferences for the scan settings.

After that is a section which lists the preference settings that users are allowed to specify for themselves - UserConfigurableSettings.

For the purposes of this example, you'll want to remove the lines in this section which would otherwise allow users to configure ScheduleUpdateFrequency and UpdateClamXAVOnLaunch via the app.

The override.plist file should be placed within RemoteHD/Library/Application Support/ClamXAV/Settings/ prior to generating the ClamXAV.pkg installer file in step 6 above.

Generate the ClamXAV.pkg installer package

  1. Open a terminal window into the RemoteDeploymentTool folder and run the buildStandaloneInstaller.sh script.

That will result in a package file called ClamXAV.pkg which you should to be able to code-sign and deploy via your usual tools.

Offline Database Updates

If you have any computers which need to be kept disconnected from the internet, but which still require to have ClamXAV installed and updated, you can use our Offline Database Updates for this.

Please see the Offline Database Updates page for more information.

Controlling ClamXAV via the command line

Some of ClamXAV's functions can be performed via the XAV command line. Some examples of which are below:

Get current version information


	/usr/local/ClamXAV3/bin/XAV --version

Update the malware database


	/usr/local/ClamXAV3/bin/XAV --update

Perform a Quick Scan


	/usr/local/ClamXAV3/bin/XAV --quick-scan
	

We will be adding features to the command line interface as time goes on. You are able to see the available feature-set by running the XAV tool with no command line flags.

Parsing ClamXAV's logging database

All events performed by ClamXAV are logged in our proprietary database format. To aid data collection and reporting, it's possible to export the logs into a plain text file. This can also be done using the XAV command line tool.

Viewing Malware DB Update logs

You can obtain a report of all malware database update events since you installed ClamXAV with the following command:

			
	/usr/local/ClamXAV3/bin/XAV --parse-logs updates
			
			

Alternatively, you can supply a start date (in ISO 8601 format) for the log parser if you only want to see recent events:

			
	/usr/local/ClamXAV3/bin/XAV --parse-logs updates start-date 2022-01-10
			
			

Likewise, you can supply an end-date if you don't want the most recent records. Alternatively, you can combine 'start-date' and 'end-date' if you're only interested in a range in the middle of the report.

Viewing Scan reports

The same command line options work for viewing the output of scan reports:

				
	/usr/local/ClamXAV3/bin/XAV --parse-logs scans
	/usr/local/ClamXAV3/bin/XAV --parse-logs scans start-date 2022-01-01
	/usr/local/ClamXAV3/bin/XAV --parse-logs scans start-date 2022-01-01 end-date 2022-01-20
			
			

Any scans which detected malware will be followed by those detections, indented with a single tab character.