Bypass malware scanning in SGOS 6.5.x
search cancel

Bypass malware scanning in SGOS 6.5.x


Article ID: 166300


Updated On:


ProxyAV Software - AVOS ProxySG Software - SGOS


 SGOS 6 introduced malware scanning. When you enable malware scanning on the ProxySG, it automatically adds special policies to perform malware scanning for every response prior to any other policy evaluation.

NOTE: As of 6.5.9.x and later, this CPL code to stop malware scanning to evaluate other policy is no longer required. Please verify on a case by case basis to make sure.


In order to bypass malware scanning for a specific domain or subnet, special rules can be added in the local policy file.

For example, to  override the malware scanning for or to bypass IP address destination, the following CPL can be added to the local policy file:


;================================= Bypass Malware Scanning for specific sites ============================================

<Cache Bypass_BC_malware_scanning_solution>

policy.Bypass_BC_malware_scanning_solution ; Creates a new layer after the Malware Scanning layers.

define cache policy Bypass_BC_malware_scanning_solution

<Cache Bypass_BC_malware_scanning_solution > response.icap_service(no) ; Bypasses Icap scanning for private or internal networks defined on the ProxySG
condition=Bypass_malware_sites response.icap_service(no) ; Bypasses Icap for the sites defined in the Bypass_malware_sites condition


define condition Bypass_malware_sites


More domains or other conditions can be added them to the Bypass_malware_sites condition as required.

If scanning internal sites is desired, this rule can be removed from the CPL code: response.icap_service(no)