search cancel

How to allow certain files based on Content Analysis exception (for example password protected files)

book

Article ID: 230196

calendar_today

Updated On:

Products

ASG-S500 ProxySG Software - SGOS ASG-S400 ASG-S200 ISG Proxy

Issue/Introduction

The customer as some requirement to authorize the download of encrypted files.

How can this be achieve in a Proxy SG policy?

Resolution

In this example, the administrator has chosen to allow access to files that fail scanning because of password protection.

The scanning property must use the optional fail_open setting, and that the rules must also allow an error code of none. Also, the example assumes a user-defined exception page named virus_scan_failure.

<proxy>
response.icap_service(virus_scan, fail_open)

<proxy>
response.icap.error_code=!(none, password_protected) exception(virus_scan_failure)

The reponse.icap.error_code condition is detailed on the "ProxySG Content Policy Language Reference" documents [1][2].

Additional Information

[1] ProxySG Content Policy Language Reference (CPL7.2 PDF)

[2] ProxySG Content Policy Language Reference (ProxySG_CPL_73.PDF)