Security Consideration
To enhance security, it is highly recommended to disable the public IP address associated with the instance. This measure helps restrict access to the API Server and mitigates potential risks.
Network Consideration
It is suggested to deploy this server within the same availability zone as your existing infrastructure to minimize data transfer charges. By colocating the virus scan server and your other resources in the same availability zone, you can leverage the low-cost or free data transfer within the same zone. And it ensures that the virus scan API server operates within the same network environment as your infrastructure, enabling faster and more efficient communication while minimizing data transfer costs.
Performance Consideration
Ensure optimal performance by a virtual machine with a minimum of 2 CPUs and 4 GB RAM for seamless operation of the API server.
Cross-Machine File Scanning
If you need to scan files residing on different machines, you can utilize the NFS server enabled on the API server. Here's how:
-
Create a directory on your local machine to store the data you want to scan. For example:
mkdir /tmp/data-to-scan -
Mount the NFS shared directory from your Virus Scan Server to your local machine using this command:
sudo mount -t nfs api-server-ip-address:/elm/shared /tmp/data-to-scan -
Any files stored in /tmp/data-to-scan on your local machine can be accessed and scanned by the Virus Scan Server via http://api-server-ip-address:8080/api/clamav/scan/file
The NFS client can be installed using
sudo apt install nfs-common
and
sudo yum install nfs-utils
for ubuntu-like and amazon-linux-like operating systems, respectively.