About Gateway AntiVirus Scan Limits
Gateway AntiVirus scans each file up to a specified kilobyte count. Any additional bytes in the file are not scanned. This allows the proxy to partially scan very large files without a large effect on performance.
Most malware is delivered in files smaller than 1 MB in size. Larger files are less likely to spread quickly in a viral manner. We recommend that you use the default scan limit setting. If you increase the scan limit, Gateway AntiVirus scans larger files (or partial files), but it could result in fewer concurrent connections through the Firebox because the available memory is constant. If you decrease the scan limit, we recommend that you do not set it to a value lower than 256 Kb.
The minimum Gateway AntiVirus scan limit is 10 Kb for all models. The default and maximum scan limits vary by Firebox model.
|Default (Kb)||Min||Max||Device Model|
Firebox T10, T30, XTM 21, 22,23, 25, 26
|1024||10||20480||Firebox T50, T70, M200, M300, M370, M400, M470, M500, M570, M670
XTM 33, 330, 505, 510, 515, 520, 525, 530, 535, 545
|1024||10||30720||Firebox M440, M4600, M5600, FireboxV
XTM 810, 820, 830, 830-F, 1050, 1520, 1525, 2050, XTMv
If you enable DLP and Gateway AV for the same proxy action, the larger configured scan limit is used for both services.
For information about how to set the scan limit, see Configure Gateway AntiVirus Actions.