In the Policies pane, double-click Anti-virus
Double-click the policy you want to change.
In the Anti-virus and HIPS policy dialog box, click the
Web Protection button.
In the Web Protection dialog box, under Malware
protection, next to Block access to malicious
websites, select On or
Off to block or unblock access to malicious websites.
This option is enabled by default.
To enable or disable scanning of downloaded data and files, next to
Content scanning, select As on-access
scanning, On, or
By default, As on-access scanning is selected, that is,
content scanning is disabled or enabled simultaneously with on-access
To change what happens when a user attempts to download a file with low or
unknown reputation, under Download reputation, next to
Action, select either Prompt
user (default) or Log only.
Note: Download reputation requires Sophos Live Protection to be enabled. (By
default, Sophos Live Protection is enabled.)
If you select Prompt user, every time a user attempts to
download a low reputation file, an alert will be displayed, informing about
this and asking whether to block or allow the download. We recommend that
users do not download such files. If they trust the file's source and
publisher, they can choose to download the file. The choice to block or
allow the download and the file's URL will be recorded in the scanning log
and logged as a web event in Enterprise Console.
If you select Log only, no alert will be
displayed; the download will be allowed and recorded in the scanning log and
logged as a web event in Enterprise Console.
To choose how rigorous you want reputation scanning to be, next to
Threshold, select Recommended
(default) or Strict.
If you select Recommended, an alert will be displayed and/or a
log record and event created every time a user attempts to download a file
with low or unknown reputation.
If you select Strict, an alert will be displayed and/or a log
record and event created every time a user attempts to download a file with
low, unknown, or medium reputation.