suitable product for scanning files, folders on RHEL with no internet connectivity


Hello

We are looking for a suitable Sophos product for our usecase. Have gone through the documentation, however would like to confirm below:

Usecase:
a. System is RHEL7.9 and RHEL9
b. Looking for an on demand scan capability to scan files/folder over nfs file system
c. Should not be required to connect to any external servers(our systems have no internet connectivity)
d. Signature based scanning method, so possible to download the databases to our systems regularly
e. Scan result should be readable/parsable

Following are the questions:
1) There is a product called "Sophos Protection for Linux". However, seems product installation and operation requires connectivity to Sophos Central ?
If true, our above case (c) won't be satisfied, please confirm.

2) If its true that system need connectivity to Sophos central, what specific domains and ports are to be opened from our side to be able to use on-demand file/folder scan ?
https://docs.sophos.com/central/customer/help/en-us/PeopleAndDevices/ProtectDevices/DomainsPorts/index.html#remote-assistance

page has information related to this, however does not talk about Sophos Protection for Linux specifically.

3) What kind of data does Sophos central fetch from the systems where Sophos Protection for Linux is installed ?

4) Could you describe briefly on scanning technique used in on-demand scan. Is it signature based or ?

5) Is there any way we could use on-demand scan without connecting to your servers and running locally with latest antivirus databases ?



Added tags
[edited by: GlennSen at 2:44 PM (GMT -7) on 3 Sep 2024]
Parents Reply Children