Configure Gateway AntiVirus Actions for HTTP Content

By default, when you enable Gateway AntiVirus for a proxy policy from the Gateway AntiVirus configuration, the default action for content that does not match a proxy rule is automatically set to AV Scan. You can improve Gateway AntiVirus performance if you change the default action for HTTP content that does not match a configured proxy rule.

To optimize performance, you can configure Gateway AntiVirus actions for the HTTP proxy to make the proxy more selective about which content types to scan. When you set the None matched action to AV Scan for the URL Paths, Content Types, or Body Content Types categories, the HTTP proxy scans all objects that do not match a rule.

To set the actions for HTTP proxy rulesets, follow the instructions in the next section. The same steps apply to rules in the TCP-UDP proxy and the Explicit proxy, which also apply to HTTP connections.

Configure AV Scan Actions Based on URL Paths

You can configure rules for when to AV scan HTTP content, based on the URL path of the request.

Configure AV Scan Actions Based on Content Types

You can configure the actions for Content Type rules to scan the content types that are most likely to contain a virus, and to not scan other content types. To set the actions more granularly based on content type, in Policy Manager use the advanced view of the rules.

Configure AV Scan Actions Based on Body Content Types

You can also configure the actions for HTTP content based on the Body Content Types rules.

Configure Alarm Notifications for Antivirus Actions

In each rule in a proxy action, you can select the Alarm check box so the proxy policy sends an alarm notification when the rule applies to network traffic. If you enable alarms for a proxy antivirus action, you must also configure the type of alarm to use in the proxy policy.


See Also

Update Gateway AntiVirus Settings