Java based Application used for E-procurement Government Portal blocked by Cloud SWG
search cancel

Java based Application used for E-procurement Government Portal blocked by Cloud SWG


Article ID: 241069


Updated On:


Cloud Secure Web Gateway - Cloud SWG


Users, while utilizing the Cloud SWG agent to access the internet via Cloud SWG, encounter a block when attempting to download a specific file from a government website. Cloud SWG, managed via UPE (not the portal), triggers a malware check, which results in a "virus_detected_denied" action, preventing the file download.

This file, a Java executable, is essential for verifying digital certificates used by users to upload tender responses. Multiple vendors have flagged it as risky/malware according to VirusTotal. Although an effort has been made to add a malware bypass for this file in the UPE configuration, users continue to experience download issues via Cloud SWG.


  • Cloud SWG managed using UPE
  • Cloud SWG Agent on Windows/MacOS


The problem arises due to the multi-layered malware checks within UPE. A specific layer, blocking the file, is executed even after the bypass exception is initiated by a previous layer.


To resolve the issue, consolidate all malware policies into a single layer, streamlining the malware check process and effectively enabling the intended bypass.

Additional Information

Added valid CPL code to bypass scanning for our problem object

 ;; Tab: [MU Gov Java Utility Allow CPL]
condition="Scanning Exemption" response.icap_service(no) 

define condition "Scanning Exemption"
end condition "Scanning Exemption"

but another layer existed below that sent it back to be scanned

 ;; Tab: [GLB Web Content AV Scanning]
<Cache> condition=!__is_notify_internal
policy.BC_TP_respmod_scan_fail_open ok ; Rule 2 ; WSS_AV_Scanning ; Gestures transformed ; response.icap_service.secure_connection(auto) -> ok

Consolidated the two into one layer and all worked fine.