If you have purchased the Gateway AntiVirus feature, you can configure the actions the POP3-proxy takes when a virus is found in an email message. You can also specify the actions the Firebox takes when an email message contains an attachment that the Firebox cannot scan.
- To use the proxy definition screens to activate Gateway AntiVirus, see Enable Gateway AntiVirus in a Proxy Policy.
- To use the Subscription Services menu in Policy Manager to activate Gateway AntiVirus, see Enable Gateway AntiVirus with a Wizard.
- You must enable Gateway AntiVirus to use APT Blocker. To configure APT Blocker for the POP3-proxy, see Configure APT Blocker.
In the Gateway AV settings in the proxy action, you can select the Enable Gateway AntiVirus check box to automatically change the action for all rules in the proxy action from Allow to AV Scan.
In the Gateway AV settings in the proxy action, you can set the actions to take if a virus is detected or if a file cannot be scanned.
The options for antivirus actions in a POP3 proxy action are:
Allows the packet to go to the recipient, even if the content contains a virus.
Locks the attachment. This is a good option for files that cannot be scanned by the Firebox. A file that is locked cannot be opened easily by the user. Only the administrator can unlock the file. The administrator can use a different antivirus tool to scan the file and examine the content of the attachment. For information about how to unlock a file locked by Gateway AntiVirus, see Unlock a File Locked by Gateway AntiVirus.
Removes the attachment and allows the message through to the recipient.
If you set the configuration to allow attachments, your configuration is less secure.
You can also configure the Scan size limit. Gateway AntiVirus does not scan files that are larger than the configured scan size limit.
The default and maximum scan size limits changed in Fireware v12.0.1. When you upgrade Fireware OS, the Gateway AntiVirus Scan size limit does not automatically change to the new default. We recommend that you update the Scan size limit to the default value for your Firebox model. For more information, see About Gateway AntiVirus Scan Limits.
For more information about how to configure the Gateway AntiVirus actions and scan size limit see Configure Gateway AntiVirus Actions.