POP3-Proxy: AntiVirus

If you have purchased the Gateway AntiVirus feature, you can configure the actions the POP3-proxy takes when a virus is found in an email message. You can also specify the actions the Firebox takes when an email message contains an attachment that the Firebox cannot scan.

To use the proxy definition screens to activate Gateway AntiVirus, go to Enable Gateway AntiVirus in a Proxy Policy.
To use the Subscription Services menu in Policy Manager to activate Gateway AntiVirus, go toEnable Gateway AntiVirus with a Wizard.
You must enable Gateway AntiVirus to use APT Blocker. To configure APT Blocker for the POP3-proxy, go to Configure APT Blocker.

In the Gateway AV settings in the proxy action, you can select the Enable Gateway AntiVirus check box to automatically change the action for all rules in the proxy action from Allow to AV Scan.

In the Gateway AV settings in the proxy action, you can set the actions to take if a virus is detected or if a file cannot be scanned.

Screen shot of the proxy action settings for Gateway AV in a POP3 proxy action in Fireware Web UI

Screen shot of the proxy action settings for Gateway AntiVirus in a POP3 proxy action in Fireware Web UI

Screen shot of the AntiVirus settings in a POP3 proxy action in Policy Manager

Screen shot of the Gateway AntiVirus settings in a POP3 proxy action in Policy Manager

The options for antivirus actions in a POP3 proxy action are:

Allow

Allows the packet to go to the recipient, even if the content contains a virus.

Lock

Locks the attachment. This is a good option for files that cannot be scanned by the Firebox. A file that is locked cannot be opened easily by the user. Only the administrator can unlock the file. The administrator can use a different antivirus tool to scan the file and examine the content of the attachment. For information about how to unlock a file locked by Gateway AntiVirus, go to Unlock a File Locked by Gateway AntiVirus.

Remove

Removes the attachment and allows the message through to the recipient.

If you set the configuration to allow attachments, your configuration is less secure.

You can also configure the Scan size limit. Gateway AntiVirus does not scan files that are larger than the configured scan size limit.

The default and maximum scan size limits changed in Fireware v12.0.1. When you upgrade Fireware OS, the Gateway AntiVirus Scan size limit does not automatically change to the new default. We recommend that you update the Scan size limit to the default value for your Firebox model. For more information, go to About Gateway AntiVirus Scan Limits.

For more information about how to configure the Gateway AntiVirus actions and scan size limit go to Configure Gateway AntiVirus Actions.

POP3-Proxy: AntiVirus

Related Topics