Hello, > I think you may be overstating the problem of running anti-virus on > Qubes. If you could find an AV that updates its virus definitions via > signed RPMs, then it can be made to work without a lot of effort. >
The issue in this case is two fold: The designated ~antivius~ endpoint protection solution (Sentinel One in our case) offers no support for Fedora, specially an oldish one like F25. Also, the whole compliance point is to have the endpoint report frequently its compliance status, which dom0 would not do. And, of course, this solution has its own update mechanism, so it cannot be made work with the RPM proxy Qubes offers. > Beyond that, you could still do it without RPMs, assuming the AV program > requires all of its data to be signed. > > - > > Whatever AV installation you had in dom0 would also need to be installed > in a template as well... this allows DispVMs to scan your various > working VMs while still maintaining isolation. The definition update > mechanism for the template would be the same as for dom0 (i.e. import an > RPM, or some other signed data file via qvm-copy). > I see no issue with that. Unfortunately, from my company point of view, having only all VMs with the endpoint security software would not make me compliant. Thanks for your comments! ///Pablo > > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ca6a5923-15f7-42c2-a0c4-d2179b61abcd%40googlegroups.com.
