Enable Gateway AntiVirus in a Proxy Policy
The proxy action defines when Gateway AntiVirus scans content. You can configure rules for a proxy to use Gateway AntiVirus to scan content in multiple categories for each proxy action.
| Proxy Actions | Categories with the AV Scan action |
|---|---|
| FTP-Proxy | Download, Upload |
| SMTP-Proxy, IMAP-Proxy, POP3 -Proxy |
Attachments: Content Types |
|
HTTP-Proxy, Explicit-Proxy, TCP-UDP |
Requests: URL Paths |
There are two methods to enable Gateway AntiVirus in a proxy action
Enable Gateway AntiVirus in the Gateway AV settings in the proxy action
In the Gateway AV settings in a proxy action, select the Enable Gateway AntiVirus check box. This automatically configure rules in the proxy action to use the AV Scan action instead of the Allow action.
Select the AV Scan action for individual rules in the proxy action
Select the AV Scan action for rules in the proxy action in one of the categories listed above. This enables Gateway AntiVirus for the proxy action, but only sets the AV Scan action for the specific rule. It does not change the action for other rules in the proxy action from Allow to AV Scan.
You can also enable Gateway AntiVirus from the Gateway AntiVirus configuration settings. In the Gateway AntiVirus configuration you can use a wizard to automatically change the Allow action to AV Scan for proxy policies you select. For more information, go to Enable Gateway AntiVirus with a Wizard.
When you select the AV Scan action, the proxy also uses APT Blocker to scan the content if APT Blocker is enabled in the proxy action. For more information, go to Enable or Disable APT Blocker for a Proxy Policy.
- Add or edit the proxy policy you want to use with Gateway AntiVirus.
For information on how to add policies, go to Add a Proxy Policy to Your Configuration. - Select the Proxy Action tab.
- In the Proxy Action tab, select the Gateway AV category.
The Gateway AntiVIrus configuration settings for the proxy action appear.
- Select the Enable Gateway AntiVirus check box.
This automatically updates all rules in the proxy action previously configured with the Allow action to use the AV Scan action. - Configure the actions to take when a virus is detected or when a scan error occurs. For more information, go to Configure Gateway AntiVirus Actions.
- Set the Scan size limit.
The default and maximum scan size limits changed in Fireware v12.0.1. When you upgrade Fireware OS, the Gateway AntiVirus Scan size limit does not automatically change to the new default. We recommend that you update the Scan size limit to the default value for your Firebox model. For more information, go to About Gateway AntiVirus Scan Limits.
To use Gateway AntiVirus with other proxies, repeat this procedure for each proxy action.
- Add or edit the proxy policy you want to use with Gateway AntiVirus.
For information on how to add policies, go to Add a Proxy Policy to Your Configuration. - Select the Policy tab.
- Click
adjacent to the Proxy action drop-down list. - From the Categories list on the left side of the Proxy Action Configuration dialog box, select the Gateway AV category.
- Select the Enable Gateway AntiVirus check box.
This automatically updates all rules in the proxy action previously configured with the Allow action to use the AV Scan action. - Configure the actions to take when a virus is detected or when a scan error occurs. For more information, go to Configure Gateway AntiVirus Actions.
- Set the Scan size limit.
The default and maximum scan size limits changed in Fireware v12.0.1. When you upgrade Fireware OS, the Gateway AntiVirus Scan size limit does not automatically change to the new default. We recommend that you update the Scan size limit to the default value for your Firebox model. For more information, go to About Gateway AntiVirus Scan Limits.
To use Gateway AntiVirus with other proxies, repeat this procedure for each proxy action.
Configure Gateway AntiVirus Actions for HTTP Content
Video tutorial: Getting Started with Gateway AntiVirus