to verify that everything is running right I try to download test virus files (e.g. eicar.org) regularly.
The last time I did it I was very surprised that only eicar.com was blocked by my UTM (V9.102-8), all other file types went through without any suggestions by the UTM!!! I tried different proxy modes (mainly standard is used, one VLAN uses Transparent) but everytime the files were not blocked.
2013:06:30-13:00:24 vpn httpproxy[29749]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="10.91.1.30" dstip="188.40.238.250" user="" statuscode="200" cached="0" profile="REF_HttProLan (LAN)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="68" request="0xccf8b28" url="www.eicar.org/.../octet-stream" application="http"
I tried both Scan Engines, single and dual scan.
With an older ASG 8.310 this problem does not exist, everything's scanned and blocked.
Personal problem or bug?
Regards,
Uli
This thread was automatically locked due to age.
