HTTP-Proxy: AntiVirus

If you have purchased and enabled the Gateway AntiVirus feature, you can specify the actions the Firebox takes if a virus is found in a website or when the device cannot scan a website.

When you enable Gateway AntiVirus, you must set the actions to take if a virus or error is found in a web page.

The options for antivirus actions are:

Allow

Allows the packet to go to the recipient, even if the content contains a virus.

Drop

Drops the packet and drops the connection. No information is sent to the source of the message.

Block

Blocks the packet, and adds the IP address of the sender to the Blocked Sites list.

Gateway AntiVirus scans each file up to the kilobyte count you specify. Any additional bytes in the file are not scanned. This allows the proxy to partially scan very large files without a large effect on performance.

For information about the default and maximum scan limits for each Firebox model, see About Gateway AntiVirus Scan Limits.

To specify the antivirus actions:

  1. In the Categories tree, select AntiVirus.
    The AntiVirus page appears.
  2. From the When a virus is detected drop-down list, select an action: Allow, Drop, Block.
  3. From the When a scan error occurs drop-down list, select an action: Allow, Drop, Block.
  4. For each action, to send an alarm message when the action you specified occurs, select the Alarm check box.
  5. For each action, to send a log message when the action you specified occurs, select the Log check box.
  6. In the Limit scanning to firsttext box, type or select the file scan limit in kilobytes.
  7. Click OK.

See Also

About the HTTP-Proxy

About Gateway AntiVirus

Give Us Feedback     Get Support     All Product Documentation     Technical Search