After upgrading from SGOS 6.x to 7.x, for Malware Scanning policy we need to install an Access layer and Content Security Policy layer in the web VPM.
When you install any policy from Java VPM the Access layer and Content Security Policy layer gets removed from Web VPM as below:
1. Adding Access layer and Content Security Policy layer via Web VPM.
2. Once the policies are installed via web VPM and if we make any changes from Java VPM and install the policy as below:
3. Post installing policies via Java VPM the Access layer and Content Security Policy layer are automatically removed from Web VPM.
In order to retain the changes in Web VPM, we need to continue using Web VPM, if we use Java VPM the changes for the Content Security Policy layer and Access layer will be removed.
From Management Center also, we need to use the Web VPM to add/install the policy as below (These wont be visible on Java VPM):
Two pre-configured policies, Access Security Policy and Content Security Policy, are available in 7.x release. These policies are configured through the web Visual Policy Manager (VPM) and require minimal manual input and deployment time. Use this feature to implement best-practices security coverage out of the box, and to facilitate setup, deployment, and testing of policies.
This feature provides the following benefits over manually writing policy:
The underlying policy definitions required for this feature are delivered through the Policy Services subscription. Both Access and Content Security policies are disabled by default.
For more information on this feature, refer to the ProxySG Web Visual Policy Manager Reference and the "Using Policy Services" chapter in the SGOS Administration Guide (7.x).