To configure the ProxySG to not send files larger than (in this example) 100MB to the ProxyAV:
- Ensure that you have already configured ICAP scanning in the Visual Policy Manager (VPM).
- Add the following code to your proxy’s Local Policy file:
This code, Content Policy Language statement, instructs the ProxySG to look at the Content-Length header field of the HTTP response. If the length of this character string has between 9 and 12 digits (i.e. the length is between 100,000,000 to 999,999,999,999 bytes) then the file will not be passed to the ProxyAV for scanning. So files of at least 100MB in size will not be scanned.
For greater flexibility in determining the minimum and maximum file sizes to not scan, refer to the external website http://utilitymill.com/utility/Regex_For_Range to create an appropriate regular expression.
Note: This statement applies only to HTTP-based file transfers.
Alternatively, you can configure the ProxyAV appliance to not scan files that are considered to be too large (see 000012320). However, when you configure the do not scan rule on the ProxyAV appliance, the ProxySG will continue to transfer files to the ProxyAV before the ProxyAV looks up the rule to not scan the content. Therefore, implementing the code shown in the example above is a better way to manage large files that do not need AV scanning.