WSS is enabled with advanced malware license but Malware and risky files are not being blocked when accessed through WSS.
No error are reported downloading malware files via WSS, however downloaded malware files are caught by on-device Antivirus.
Management Center used to configure Cloud SWG (Formerly WSS) Policy
Applies to all access methods.
Management center policy is missing the needed configuration item to handle requests that need to be checked via malware/Content analysis service
Add Management Center/UPE policies to send traffic into Content Analysis servers. To do this
1. Create a new Content Analysis ICAP object on your local reference proxy server
2. From the Management Center console
If you want to bypass anything from ICAP scanning, you can add it before this in the rule list.