Exempt destinations from Malware scanning in UPE setup

search cancel

Exempt destinations from Malware scanning in UPE setup

book

Article ID: 220711

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

How do you bypass destinations from Malware scanning (CAS) when the Cloud SWG policy is managed from the Management Center?

Certain websites are not loading due to malware scanning and need to be bypassed from the scanning.

Resolution

There are two ways to bypass anything from Malware Scanning from the MC VPM:

From the VPM Web Content Layer where the default scanning policy is defined
From a CPL Layer using CPL policy

From the VPM Web Content Layer where the default scanning policy is defined

To bypass destinations from the same Web Content Layer where you have defined the default scanning rule:

Add a new rule and place it above the default scanning rule.
Set the Destination as a “Combined Destination Object” and add all the destination that you would like to bypass from the scanning.
Set the Action as None and select the appropriate Enforcement Domain (WSS or Universal)
Install the policy and push the policy to WSS.

From a CPL Layer using CPL policy

To bypass destinations using CPL policy:

Add the following CPL policy into an existing or new CPL Layer.
Make sure the CPL Layer is placed after the Web Content Layer with the default scanning policy.
Save the policy and push the policy to WSS.

#if enforcement=wss

<Cache>
  condition="Scanning Exemption" response.icap_service(no)
  response.icap_service.secure_connection(auto)

define condition "Scanning Exemption"
 url.domain=www.example.com
 url.domain=www.another.example
end condition "Scanning Exemption"

#endif

Feedback

thumb_up Yes

thumb_down No