One of the frequent questions we’ve been getting lately is how efficient the scanner is, and what might be an alternative to doing something similar to the rapid scan offered by any other solution. To answer this question we need to explain how Total Scanning System works automatically or manually and Total Workflow is very fast and efficient than any other competing solution.
In cPGuard, we scan each new/updated files in multiple layers which helps in processing the files in different ways, many times with latest virus signatures, and efficiently process them with very less load . Each layer is explained below.
- HTTP Upload Scanner :- If you have WAF integration enabled, this is the first level of scanning when file upload/update is done through web. This scanner will immediately reject the file upload if it contains malicious code and notifies the client. You can find the relevant logs in the web server modsec logs or in the cPGuard WAF under WAF logs.
- Automatic Scanner :- If you have Virus Scanner enabled under Settings >> Scanner, it will be triggered. So it is background scanner where it keeps track of all uploaded/modified files and scans them.
- Daily Scanner :- If you have enabled dialy scanning from Settings >> Additional Settings, then daily file scanning will trigger every day. This option will scan all files uploaded/updated in the last 24 hours.
- Weekly Scanner:- If you have enabled weekly scanning from Settings >> Additional Settings, weekly files scanning will start every Sunday. This option will scan all the files uploaded/updated in the last 7 days.
So how does incremental scanning work?
Like the different scanner levels mentioned above, each layer works differently. So once you have installed and configured cPGuard on your server
- Run all manual scans which will scan and process all web files on your server
- enable daily scan
- enable weekly scans
- Make sure WAF integration is enabled and works fine
- So the above steps ensure that your server will be free from all known virus files. In addition to the scanner layers, our WAF rules are powerful enough to stop uploading/exploiting sensitive files and add an extra layer of security.
Is incremental scan really that fast?
Yes, it really works faster and more efficiently than any other competing solution. Based on analysis of multiple servers, it took less than a few minutes to complete daily scanning for 200GB of web data without any high load on the server. You can see how many files were scanned and how long each scan took.
Is it possible to schedule daily and weekly scans?
Yes, if you prefer to run scheduled scans at a particular time then you can do it easily. To do this. Disable daily and weekly scanner from additional settings. Use the cpgbin CLI utility to schedule daily and weekly scans at your preferred time. More questions? We are always happy to hear from you. If you need further clarification please reach out to our help desk.