The XTM device has Gateway AntiVirus settings that are used regardless of which proxy Gateway AntiVirus is configured to work with. For more information, see Configure Gateway AV Decompression Settings.
It is important to update the signatures for Gateway AntiVirus/Intrusion Prevention Service.
If you use a third-party antivirus service on computers that are protected by your XTM device, you could have problems with updates for the third-party service. When the client for that secondary service tries to update its signature database on port 80, the WatchGuard Gateway AV service, working through the HTTP proxy, recognizes the signatures and strips them before they download to the client. The secondary service cannot update its database. To avoid this problem, you must add HTTP-Proxy: Exceptions to the policy that denies the update traffic. You must know the host name of the third-party signature database. Then you can add that host name as an allowed exception.
About Gateway AntiVirus