THE BPD Blog

From blogs to case studies to news, we love sharing our tips and tricks for asset management, cloud, IoT and smarter operations.

by | Oct 12, 2018

Virus Scanning Maximo Attached Documents and Migration Packages

You can upload attached documents to many Maximo records such as Work Orders, Purchase Orders and Purchase Requisitions as well as uploading Migration Packages through the Migration Manager application. Maximo will allow you to upload anything if it has an extension which it will accept, for example .txt, .doc, .docx and .zip.
During a recent penetration test, we discovered that not all virus scanners will remove harmful attached documents from the server once they are uploaded. Even if they do, by that point they have been written to disk, so the damage may already be done!  It would be better if Maximo could scan the attachments before writing them to disk. This way, they can’t do any harm, or at least reduce amount of damage they may cause. After some digging around, it turns out there are actually three system properties and a third party virus scanner that can enable this functionality.

Example

In this example we will be uploading a .txt file called TEST.txt which will contain the EICAR text. This text is not a virus, but it used by all major virus scanning software to test functionality without having to use a real virus or worm. So, if we uploaded this to Maximo (in an ideal scenario) it should be picked up by the virus scanning software on the server and removed.
This is what our “virus” looks like:

If we upload it to a “vanilla” Maximo system, we can see Maximo processes it and it sits quite happily on the server’s file system:


Now, if we enable the third party virus scanner for Maximo when we try and upload the document, we get the following error message:

This file is not written to disk and can’t be uploaded to Maximo.

Setting up the Virus Scanner in Maximo

Enabling the virus scanner in Maximo is very simple. First you need a virus scanner that can use the ICAP protocol. In this example we are using the Symantec protection for cloud services.  The ICAP functionality setup in the Symantec protection for cloud services is very simple as is shown below:

There are three system properties which don’t seem to be documented anywhere but can been seen in the Maximo logs as warnings. This is because they don’t exist by default in Maximo.
The properties are:

  1. mxe.doclink.VirusScannerIPAddress – The IP address where the virus scanner is hosted. This is set to the IP from the ICAP configuration 192.168.254.59.
  2. mxe.doclink.VirusScannerPort – The port the virus scanner uses for its ICAP protocol. This is set to the port number from the ICAP configuration 1345.
  3. mxe.doclink.isVirusScanEnabled – Set to true or false to enable the virus scanning functionality.

These will need to be added through the System Properties application. Once applied, virus scanning is enabled. If it causes any issues, it can be disabled by setting the mxe.doclinks.isVirusScanEnabled system property to false.

Chris Brown

Chris Brown

As an Engineer, Chris is one of BPD Zenith’s most experienced developers. With over 10 years of in-depth technical experience, Chris is the most certified member of the UK team, specialising in Maximo versions 4 to 7.6, Tivoli Process Automation Engine, DB2, SQL Server and Oracle DBA. Chris can develop custom applications and extend the functionality of standard Maximo applications using both the Maximo Application Designer and the Java programming language to meet client requirements. He is knowledgeable in developing custom reports and modifying existing reports using both Actuate and BIRT report designers.

0 Comments

Maximo Inspection Forms extension for Procurement

Maximo Inspection Forms extension for Procurement

Since the release of Maximo Work Centers, Inspection Forms have gained popularity in the work management circles, however, this powerful tool seems to be under-utilized for Maximo’s purchasing module. The below is an attempt to harness the potential for procurement. A...

An Introduction to Conduct an Inspection Work Center

An Introduction to Conduct an Inspection Work Center

Conduct an Inspection Last week we reviewed the “Manage Inspection Forms” tool in Maximo. This week we will look in to the “Conduct an Inspection” tool which is very closely related to the Manage Inspection Forms tool.  One of the primary responsibilities of an...

Introduction to the Manage Inspection Forms Tool

Introduction to the Manage Inspection Forms Tool

Manage Inspection Forms Tool This blog will provide a quick overview and use case of the Manage Inspection Forms Tool. This is part of a series of blogs looking at Work Center functionality and our experience in implementing them.  The Manage Inspection Forms tool is...

Introduction to the Work Supervision Work Center  

Introduction to the Work Supervision Work Center  

Work Supervision Work Center   This blog will provide a quick overview and use case of the Work Supervision Work Center. This is part of a series of blogs looking at Work Center functionality and our experience in implementing them.  The Work Supervision Work Center...

Introduction to the Work Execution Work Center

Introduction to the Work Execution Work Center

Work Execution Work Center This blog will provide a quick overview and use case of the Work Execution Work Center. This is part of a series of blogs looking at Work Center functionality and our experience in implementing them.  Maximo Work Centers are visually dynamic...

Sign up to our free newsletter to explore emerging technologies, industry events and Maximo best practice.

Come with BPD Zenith to the future of Asset Management

Listen to your assets!

Most companies are aware of waste in their preventative maintenance efforts, but aren’t quite sure how to eliminate it.