How to enable the Malware Scanning error handling policy in UPE.

book

Article ID: 220710

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

When WSS policy is managed from the portal, there is an option to exempt Password-Protected Archives from the malware scanning policy.

When the policy source is changed such that the policies are managed from the Management Center this option is removed from the WSS portal. This policy has to be manually configured from the MC.

Environment

Management Center used to manage WSS

Resolution

In order to deploy the same policy from MC, the following config change and policy has to be deployed from the MC.

  1. Change the ICAP scanning policy object fail behavior to “Fail Open” (you can skip this if the fail behavior is already set to Fail Open).

  1. Install the following CPL policy on an existing or a new CPL layer.
#if enforcement=wss

<proxy>
response.icap.error_code=password_protected Allow
response.icap.error_code=any Deny

#endif

This CPL layer will allow only the password_protected ICAP error code and block all other ICAP error codes.

Attachments