How can I configure the ProxySG appliance to not send files greater than 100MB to the ProxyAV appliance?


<< Back to Knowledge Search

Solution

Overview

To configure the ProxySG to not send files larger than (in this example) 100MB to the ProxyAV:

  1. Ensure that you have already configured ICAP scanning in the Visual Policy Manager (VPM).
  2. Add the following code to your proxy’s Local Policy file:

<cache>
      response.header.Content-Length="^[0-9]{9,12}$"  response.icap_service(no)

This code, Content Policy Language statement,  instructs the ProxySG to look at the Content-Length header field of the HTTP response. If the length of this character string has between 9 and 12 digits (i.e. the length is between 100,000,000 to 999,999,999,999 bytes) then the file will not be passed to the ProxyAV for scanning. So files of at least 100MB in size will not be scanned.

For greater flexibility in determining the minimum and maximum file sizes to not scan, refer to the external website http://utilitymill.com/utility/Regex_For_Range to create an appropriate regular expression.

Note:  This statement applies only to HTTP-based file transfers.

Alternatively, you can configure the ProxyAV appliance to not scan files that are considered to be too large (see 000012320). However, when you configure the do not scan rule on the ProxyAV appliance, the ProxySG will continue to transfer files to the ProxyAV before the ProxyAV looks up the rule to not scan the content. Therefore, implementing the code shown in the example above is a better way to manage large files that do not need AV scanning.

Cause
Resolution
Workaround
Additional Information
Bug Number
InQuira Doc IdFAQ1371
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Software      ProxyAV 3
Article Number      000009714
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat