Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Add an Antivirus Profile

You are here: Security Services > Content Security > Antivirus Profiles.

To add an antivirus profile:

  1. Click + available on the upper-right corner of the Antivirus Profiles page.

    The Create Antivirus Profiles wizard appears, displaying brief instructions about creating an antivirus profile.

  2. Click Next to navigate to the next page.
  3. Complete the configuration according to the guidelines provided in Table 1.
  4. Click Finish.

    The Summary page is displayed with the configurations you have made.

  5. Review the settings, and if you need to make any modifications, click the Edit link or the Back button.
  6. Click OK to save the changes. If you want to discard your changes, click Cancel.

    A new antivirus profile is created. You can assign this antivirus profile to a Content Security policy. Within the Content Security policy, you can apply either the same or different antivirus profiles to the Web, file transfer and E-mail traffic.

Table 1: Fields on the Create Antivirus Profile Page

Field

Function

General

Name

Enter a unique name for the antivirus profile.

The maximum length is 29 characters.

URL Allowlist

Select the customized object from the list for a given category that are to be bypassed for scanning.

MIME Allowlist

MIME Allowlist

Select a MIME allowlist from the list.

To create a MIME list inline and add it to the MIME allowlist:

  1. Click Create New MIME List.

    The Add MIME Pattern List window appears.

  2. Enter the following details:

    • Name—Enter a unique name for the MIME pattern list.

      You can use a string beginning with an alphabet or underscore and consisting of alphanumeric characters, special characters such as dashes and underscores. The maximum length is 40 characters.

    • Values—Click + and enter a value in the value list and click the tick mark.

      Note:

      Value must be two strings separated by slash(/):

      • The first string beginning with a letter or number and consisting of alphanumeric characters, underscores and dashes. Dashes cannot be used consecutively in the string.

      • The second string can be null or begin with a letter or number and consisting of alphanumeric characters, underscores, dashes, dots and pluses. Dashes, dots, and pluses cannot be used consecutively in the string.

      If you want to delete any MIME pattern values, select the value and click the delete icon.

  3. Click OK.

    A new MIME list is created and added to the MIME allowlist.

Exception MIME Allowlist

Select an exception MIME allowlist from the list.

Click Create New MIME list to create and add a MIME pattern list inline.

Fallback Options

Fallback options are used when the antivirus system experiences errors and must fall back to one of the previously configured actions to either deny (block) or permit the object.

Content Size

Select Block or Log and Permit.

If the content size exceeds a set limit, the content is either passed or blocked. The default action is Block.

Engine Error

Select Block or Log and Permit to specify whether the scan engine should be blocked (default) or logged and permitted if it is not ready during certain processes. For example, while the signature database is loading.

Trickling Timeout

Select Block or Log and Permit to specify whether the time taken to scan should be blocked (default) or logged and permitted if the scan process exceeds the timeout setting in the antivirus profile.

Out of Resources

Select Block or Log and Permit to specify whether the resource constraints should be blocked (default) or logged and permitted if the error is received during virus scanning.

Decompress Layer

Select Block or Log and Permit to specify whether the number of layers of nested compressed files that the internal antivirus scanner can decompress before the execution of the virus scan. The default action is Block.

Too many Requests

Select an option to specify whether the number of messages should be blocked (default) or logged and permitted if the messages received concurrently exceeds the device limits.

Default Action

Select a default action to take when an error occurs; Block or Log and Permit.

Notification Options

Use the notification options to configure a method of notifying the user when a fallback occurs or a virus is detected.

Fallback Deny

Notify Mail Sender

Select this option to configure e-mail notifications to notify the administrator about the errors returned by either the scan engine or the scan manager when a fallback action occurs.

Notification Type

Select None, Protocol, or Message from the list to specify the type of notification sent when a fallback option of deny is triggered.

Custom Message Subject

Enter the subject line text for your custom message for the fallback deny notification.

The maximum character length is 255.

Custom Message

Enter the customized message text for the fallback deny notification.

The maximum character length is 512.

Fallback Non-Deny

Notify Mail Recipient

Select this option to configure E-mail notifications to notify the recipient when a fallback e-mail option without a deny action is triggered.

Custom Message Subject

Enter the subject line for your custom message for the fallback non-deny notification.

The maximum character length is 255.

Custom Message

Enter the customized message text for the fallback non-deny notification.

The maximum character length is 512.

Virus Detection

Notify Mail Sender

Select this option to configure E-mail notifications to notify the administrator when a virus is detected.

Notification Type

Specifies the type of notification to be sent when a virus is detected.

Select None, Protocol, or Message from the list to specify the type of notification sent when a virus is detected.

Custom Message Subject

Enter the subject line text for your custom message for the virus detection notification.

The maximum character length is 255.

Custom Message

Enter the customized message text for the virus detection notification.

The maximum character length is 512.