On the Filter Actions > Antivirus page you can configure webfilter settings for antivirus and active content removal.
Use antivirus scanning: Select the option to have inbound and outbound web traffic scanned for viruses. Sophos UTM on AWS features several antivirus engines:
- Single scan: Default setting; provides maximum performance using the engine defined on the System Settings > Scan Settings tab.
- Dual scan: Provides maximum recognition rate by scanning the respective traffic twice using different virus scanners. Note that dual scan is not available with BasicGuard subscription.
- Block potentially unwanted applications (PUAs): PUAs are programs that are not malicious, but may be unsuitable for a business environment. This feature is only available when using the Sophos anti-virus engine. To allow specific PUAs if you enable blocking, add exceptions on Web Filtering > Filtering Options > PUAs.
Do not scan files larger than: Specify the maximum size of files to be scanned by the antivirus engine(s). Files exceeding this size will be exempt from scanning.
Tip – If you want to prevent files larger than the maximum scanning size from being downloaded, set the Block downloads larger than value on the Downloads page.
Active Content Removal
In the Active Content Removal area you can configure the automatic removal of specific web content such as embedded objects in webpages. You can configure the following settings:
Remove embedded objects (ActiveX/Java/Flash): This feature will remove all <OBJECT> tags from HTML pages, stripping off dynamic content including ActiveX, Flash, or Java from incoming HTTP traffic.
Note – Enabling this will cause downloaded items to be scanned by the scan engine, even if AV scanning is disabled or excluded by an exception. This option can affect the website usability.
Click Next to proceed to the next configuration page, Save to save your configuration, or Cancel to discard all changes and close the configuration dialog.