Symantec Protection Engine (SPE) 7.x has the ability to scan plain data files for example, office documents, PDFs, images and other formats as well as executable files. SPE 7.x also has the ability to extract and scan files embedded inside container files such as ZIP, RAR, TAR, 7z and other container formats. SPE scans both the top level container files and the files extracted out of it that is, the files that are embedded inside the container file.
SPE uses a portion of its own process memory to read and scan files. Size of this memory portion is configurable. SPE being capable of handling multiple file scan requests concurrently, needs the memory portion of size that is more than 2 GB to scan one or more large files (files of size between few MBs and 2 GB). This is irrespective of whether the file that is getting scanned is a plain file, a container file, or a file embedded inside a container file. You must configure the size of the memory portion appropriately if you want SPE to scan one or more large files.
You must first determine the size of the process memory portion configured on your SPE setup and whether it is sufficient to scan large files. If this is not configured, Symantec Protection Engine returns an error ICAP RESULT 551 “Resource unavailable” to the client, as shown below.
Converted to readable format below:
Thu Jun 01 14:42:27 India Standard Time 2017, The Symantec Protection Engine has encountered a critical error, Event Severity Level = Error, Error Message = Resource unavailable, Symantec Protection Engine IP address = 10.219.209.97, Symantec Protection Engine Port number = 1344, Uptime (in seconds) = 390
NOTE: The maximum top-level container file size that you can specify in Symantec Protection Engine for tar, rar, and zip containers is 30GB (approximately 30719 MB). For other containers, you can specify a maximum top-level container file size of 2 GB (approximately 1907 MB).
SPE 7.8.1 to SPE 8.0.1 are configured to use memory portion of 30 GB, by default. This setting is inactive in SPE 8.1+. If the size of the memory portion in your SPE setup is not sufficient (possibly because of defaults from older SPE versions) to handle one or more large files, configure it appropriately. Perform the following steps:
Not configuring SPE appropriately to scan large files will result in scan errors.
Tip: For steps to suppress a scan error for a file that is greater than 2 GB in size, see Additional Information below.
For steps to suppress a scan error for a file that is greater than 2GB in size, see the article: Suppressing a scan error in Symantec Protection Engine for a file greater than 2 GB in size
For SPE 7.5.x, the functionality statements in the Issue/Introduction apply, and the Solution steps above also work.
For SPE 7.0.x, the functionality statements in the Issue/Introduction apply, but substitute the following steps for the Solution: