SGOS 6 introduced malware scanning. When you enable malware scanning on the ProxySG, it automatically adds special policies to perform malware scanning for every response prior to any other policy evaluation.

NOTE: As of 6.5.9.x and later, this CPL code to stop malware scanning to evaluate other policy is no longer required. Please verify on a case by case basis to make sure.

In order to bypass malware scanning for a specific domain or subnet, special rules can be added in the local policy file.

For example, to  override the malware scanning for mydomain.com or to bypass IP address destination 1.2.3.4, the following CPL can be added to the local policy file:

;================================= Bypass Malware Scanning for specific sites ============================================

<Cache Bypass_BC_malware_scanning_solution>

policy.Bypass_BC_malware_scanning_solution ; Creates a new layer after the Malware Scanning layers.

define cache policy Bypass_BC_malware_scanning_solution

<Cache Bypass_BC_malware_scanning_solution >

url.host.is_private=yes response.icap_service(no) ; Bypasses Icap scanning for private or internal networks defined on the ProxySG
condition=Bypass_malware_sites response.icap_service(no) ; Bypasses Icap for the sites defined in the Bypass_malware_sites condition

end

define condition Bypass_malware_sites
    url.domain=mydomain.com
    url.address=1.2.3.4
end

;=============================================================================================================

More domains or other conditions can be added them to the Bypass_malware_sites condition as required.

If scanning internal sites is desired, this rule can be removed from the CPL code:

url.host.is_private=yes response.icap_service(no)