search cancel

Active content is block and not repaired on SPSS

book

Article ID: 253174

calendar_today

Updated On:

Products

Protection for SharePoint Servers

Issue/Introduction

Files with active content are block but not repaired when using Protection for SharePoint Server 6.1.1.

Environment

SPSS 6.1.1

Cause

Block Active Content (Disarm) feature can be used for blocking active content files. When Block Active Content
(Disarm) feature is disabled on Symantec Protection for SharePoint Servers and enabled on Symantec Protection
Engine, Symantec Protection for SharePoint Server will not pass the active content file to Symantec Protection Engine
for removing active contents. In this way, we can use the checkbox on Real-time settings page for blocking active
content files

Resolution

Block Active content must be turned on all SPE servers in the farm as well as in the SPSS console, Block Active Content (Disarm) must be turn on.

 

See the Symantec™ Protection for SharePoint Servers 6.1.1 Implementation Guide for Microsoft SharePoint page 49 step 13
https://techdocs.broadcom.com/content/dam/broadcom/techdocs/symantec-security-software/information-security/symantec-protection-for-sharepoint-servers/generated-pdfs/SPSS_6_1_1_Implementation_Guide.pdf 

 

Select the Block Active Content (Disarm) check box to remove any active content from files. If the feature is
enabled, the active content files will be quarantined at the folder location that is specified on the Manual Scan and
Scheduled Scan Settings page. If you are using SPSS 6.1.0 then to ensure that active content is removed from files,
you must enable the Block Active Content (Disarm) setting on all the registered Symantec Protection Engines. From
SPSS 6.1.1 onwards, the setting configured for Block Active Content (Disarm) checkbox will be automatically
applied to all the registered Symantec Protection Engines in the farm on click of the “Save” button on the “Real-time
Scan Settings” page.

Note: After configuring the Block Active Content (Disarm) setting, Symantec Protection Engine service will be
restarted on all the corresponding servers to apply the setting. If the farm setup is huge, this process may take some
time to complete.
Block Active Content (Disarm) feature can be used for blocking active content files. When Block Active Content
(Disarm) feature is disabled on Symantec Protection for SharePoint Servers and enabled on Symantec Protection
Engine, Symantec Protection for SharePoint Server will not pass the active content file to Symantec Protection Engine
for removing active contents. In this way, we can use the checkbox on Real-time settings page for blocking active
content files