Configuring Antivirus, Proxy and Firewalls to ensure Atakama functionality

TABLE OF CONTENTS


Summary

As a general matter, encrypted files are not vulnerable to viruses and antivirus software cannot scan encrypted files. As a result, you will want to configure your antivirus software to exclude scans of the Atakama Vault and .kama files. For example, Sophos offer the ability via their extension configuration page to exempt files based on file extensions. If you do not exclude the Atakama Vault and .kama files from your antivirus scan you will receive a MofNop every time the antivirus software attempts to scan an Atakama encrypted file.

 

In addition, Antivirus software uses heuristic analysis as a method to detect unknown computer viruses. This method sometimes mistakenly identifies downloadable software, such as Atakama, as malware. The method can also sometimes block legitimate communications between the Atakama desktop client and the Atakama Mobile app. 

 

If you are running the following antivirus software, you should not need to change your current configuration when installing Atakama:

  • Bitdefender Total Security

  • Malwarebytes

  • Microsoft Security Essentials

  • Sophos Home Edition

  • Symantec Endpoint Protection Cloud

  • Webroot Business Endpoint Protection.

 

If you are running other antivirus software and encounter issues with Atakama installation, the following should ensure proper Atakama functionality:

  • Review your antivirus software's whitelist instructions. Searching online for your antivirus software plus the keyword "whitelist" should bring up the relevant instructions. Add "Atakama.exe" (located in C:\Program Files\Atakama) and add wss://relay.atakama.com:443 to the whitelist if you experience an issue during installation/setup of Atakama.

  • During installation you may see a pop-up notification to block "vidable.exe". Do not approve this block. 

  • Do not add Atakama to the quarantine list if the antivirus software incorrectly detected Atakama as an application with suspicious activity.


If you are running SentinelOne, we recommend adding the following path exclusions (make sure to include subfolders):

  • C:\Users\*\Atakama 
  • C:\Program Files\Atakama\ 
  • *.kama  



Technical Details

Whitelisting Application Binaries

Several binaries are installed as part of Atakama, all of which will need to be whitelisted to ensure proper application functionality. There are potentially several ways of doing this:

  • Whitelist by Certificate
  • Whitelist by File
  • Whitelist by Folder


Signing Certificate

All binaries, DLLs, and scripts included in the installer are signed with the same certificate. By whitelisting the certificate, you can more easily ensure that the application and any future components all function without interruption. Keep in mind, this certificate is different than the one used to establish SSL connections described in the networking section.


FieldValue
Issuer

CN = SSL.com EV Code Signing Intermediate CA RSA R3

O = SSL Corp

L = Houston

S = Texas

C = US

Serial Number0b93344beca5ba8eeb42cd84dd908d6d
Thumbprint47cd0dd501bef98d9e720e2b97ad13409aa8467c


Files and Folders

If whitelisting by certificate is not an option, or you would rather whitelist by file or folder, then consult the following table for a list of all applicable paths. Note: all file paths are relative to the installation root. This is typically C:\Program Files\Atakama.


PathFile or FolderFile TypeRequired
Atakama.exeFileExecutableYes
AtakamaW.exeFileExecutableYes
vidautil.exeFileExecutableNo
atakamabugs.exeFileExecutableYes
atakamareport.exeFileExecutableYes
scripts\defender_unexclude_kama_files.ps1FilePowerShell ScriptNo
scripts\migrate.ps1FilePowerShell ScriptNo
bin\VidableBuddy\AtakamaBLE.exeFileExecutableYes
C:\Program Files\Atakama
(Installation Root)
Foldern/aYes


Whitelisting Network Connections (Proxy servers and firewalls) 

Atakama relies on a few remote components as part of normal application function. Please ensure the following connections are whitelisted accordingly.


ServiceDomain NameResource (if HTTPS)PortProtocol
Relay Serverrelay.atakama.com
443WebSocket (wss://)
Licensing Serverservice.atakama.com/license443HTTPS (https://)
Bug Reporterservice.atakama.com/bugreporter/dump443HTTPS (https://)
OneDrive (if applicable)login.microsoft.com
443HTTPS (https://)

Note: Setting up a bypass for *.atakama.com on proxy servers should fix license activation issues that might not appear during initial setup.


Scanning Exclusions

Kama Extension

In addition to whitelisting Atakama application files and network connections, it may also be desirable to exclude encrypted files from antivirus and antimalware scans. The Atakama installer will attempt to do this automatically for Windows Security during installation by running a PowerShell script, but this can fail due to a strict execution policy.


It is recommended that you exclude all .kama files from automatic scans, as these files are encrypted and thus scanning them is unnecessary and can introduce performance issues.


You can see the exclusion in Windows Security by going to the "Virus & threat protection" section, clicking "Manage settings", and then clicking "Add or remove exclusions" towards the bottom of that page.

Atakama Vault

In addition to excluding Atakama-encrypted files, the Atakama Vault must be excluded from all scans or backup applications. As mentioned in the summary, if this directory is not excluded from scans or backups, the active user will receive file open MofNops for every file that is scanned. This is undesirable, not only because the user will be inundated with erroneous requests, but also because this directory is only a virtual filesystem. Take a look at this article for more information.


The vault is located in the active user's home directory in a folder called Atakama. Using an environment variable, this can be generalized as follows:

  • %USERPROFILE%\Atakama

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.