SqScan

From Secure Web Gateway
Revision as of 20:10, 15 June 2022 by Pratik (talk | contribs)

Overview

SvScan is a built in module in SafeSquid that Protects the users against malware.

Internet browsing is unsafe while browsing certain sites which will allow malware or virus.

This causes software attack on the computer, which decrease its performance.

To prevent this SafeSquid having this advance Module named SvScan to Scan the sites specially for virus or malware.

It prevents the access and downloads from that type of websites.

Virus scanning policies

Enabling SvScan section on SafeSquid User Interface

Access the SafeSquid interface

 

Go to Configure Page

Goto configure.png
 

Go to Real time content security

Go to real time content security.png
 

Go to SvScan Section

 
SvScanconfigureSlide1 (1).PNG
 

Global

Enabled

Enable or Disable this section.

  • TRUE : Enable in memory virus scanning.
  • FALSE : Disable in memory virus scanning.
 
     
SvScanconfigureSlide1 (2).PNG
SvScanconfigureSlide1 (3).PNG
 
SvScanconfigureSlide1 (4).PNG
 

Virus Scanning Policies

ALL The Following Entries will be tested from top to bottom.

SvScanconfigureSlide1 (5).PNG
 

Create the entries for SvScan.

Define the Security level and Malware type in each entry.

Svscan-policy.jpg
 

Enabled

Enable or Disable SvScan Policy.

  • TRUE : Enable this entry.
  • FALSE : Disable this entry.

Comment

For documentation, and future references, explain the relevance of this entry with your policies.

That is, by reading the policies, a future user can understand the purpose of that entry.

Profiles

Specify the Profiles applicable for this entry.

This entry will be applicable only if the connection has any one of the specified profiles.

Leave it Blank, to apply for all connections irrespective of any applied profile.

To avoid application to a connection that has a profile, use negated profile (!profile).

Malware Security Level

Select security level depending on your requirement.

Set security level as per your safety measures: standard or High or Paranoid.

Set scan-level to bypass for disable the scanning.

  • BYAPASS : Disable Virus Scanning for the matching Profiles.
  • STANDARD : Block if a threat is detected, but not on mere Suspicious.
  • HIGH : Block if a threat is detected, even if the content is suspicious.
  • PARANOID : Block everything that SvScan cannot assure clean. Warning! This can cause all content to be blocked even in the event of any systemic failures of this functionality.

Malware Types

Select Virus/Malware type(s) to be blocked, if received content have their signature(s).

SafeSquid will block all such requests if a threat is detected, if the content is suspicious.

  • VIRUS : Enable Security Against VIRUS threats.
  • SPYWARE : Enable Security Against SPYWARE threats.
  • ADWARE : Enable Security Against ADWARE threats.
  • SPAM : Enable Security Against SPAM threats.
  • ROOTKIT : Enable Security Against ROOTKIT threats.
  • DIALER : Enable Security Against DIALER threats.
  • MALICIOUS_APP : Enable Security Against MALICIOUS_APP threats
  • ARCHBOMB : Enable Security Against ARCHBOMB threats