Global Antivirus Scanning

You can configure a Content Integrity Control profile to scan all inbound and/or outbound files. When configured, all inbound and/or outbound traffic to the Site, regardless of protocol, will be scanned by the configured profile’s AV tool. No event rules will need to be configured for scans to trigger. Response handling for the AV trigger will honor the configured profile’s settings.

NOTE: There can be only one Global AV outbound and one Global AV Inbound defined per site. You can have several ICAP profiles to difference services. You can have one Global AV outbound defined to one service and the Global AV inbound can be associated with a different ICAP service. This is a per-Site requirement.

To enable global antivirus scanning

  1. Create a CIC profile, as described above.

  2. Right-click the profile, then click GlobalAV: inbound scan or GlobalAV: outbound scan.

  3. Click Apply. An up arrow and/or down arrow appears next to the profile.

The EFT administrator interface will display both an upward and downward arrow to denote that the CIC profile is configured for global inbound and outbound scans. EFT logs should include any entries for files being scanned, triggered, and errors when global AV is enabled. When inbound and outbound GlobalAV is disabled, the EFT administrator interface will not show downward and upward arrows and AV scans for any transfers via any protocol will no longer be scanned. Any previously configured Event Rules that have been defined AV (DLP).