Installation & Setup
Step by step guide to install and configure bowbridge Anti Virus for Salesforce
Prerequisites
Before you start, make sure your administrator user has the ThreatProtectionAdmin permission set.
Installation
Open the bowbridge app, go to Settings, select General, and click Installation Assistant.
Configure Scan Endpoint
Choose the Scan Cluster Endpoint closest to your Salesforce org location and click Save Endpoint.
Register Organisation
Click Register Org. The assistant registers your Salesforce org with the bowbridge service and stores the required connection values.
Create Default Protection Profile
Click Create Profile. The assistant creates the default Protection Profile for your org.
Start Schedulers
Click Start Schedulers. This starts the log cleanup scheduler and the weekly system report scheduler. The log cleanup job keeps File Scan Logs, URL Scan Logs, and Audit Trail entries within your retention settings. The weekly report emails administrators a summary of scan activity, license issues, and critical system events.
Assign User Permissions
Click Assign Permission Sets. This assigns the ThreatProtectionUser permission set to active users who need to open redirect and block pages when protected links are clicked.
Turn on Automatic Assignment if new and reactivated users should receive this permission set automatically.
Assign Package Licenses
Click Assign Licenses and select the profiles whose users should receive a managed package license. Users who already have a license are skipped.
Turn on Automatic License Assignment if new and reactivated standard users should receive a package license automatically.
Admin Tools Permissions
To give other administrators access to the app settings, dashboard, or logs, manually assign them the appropriate permission set:
- ThreatProtectionAdmin: Full read and write access to all Threat Protection configuration, policies, and system operations.
- ThreatProtectionDashboardViewer: Read only access to view the Dashboard, review scan logs, and analyze metrics without the ability to change settings.
Bulk Scan Permissions (Optional)
If you intend to use bulk scanning to cover all existing files across the entire Salesforce organization, the user initiating the scan must have the standard Salesforce Query All Files permission. You must add this permission to the user starting the scan, for example via a custom Permission Set.
Configure Notifications
Click Configure Notifications and set the email and in app notification options for administrators and users. See Notification Configuration for details. (Note: This section is kept at the end because clicking the button navigates away from the installation assistant).
Verify the Installation
- Open the Dashboard tab and confirm that the service status is active.
- Run the provided test tools to confirm scanning is working correctly.
Test File Scanning
Upload an EICAR test file to confirm virus detection, blocking, and log creation are all working.
Test URL Scanning
Scan malicious and clean test URLs to verify reputation lookups and category blocking.
API Key Rotation
If the Salesforce API key has been compromised or you suspect a security breach, you can rotate the API key directly from the Installation Assistant. This requests a new key from the gateway and immediately replaces the stored value.