SqScan

From Secure Web Gateway

Overview

SqScan is a built-in module in SafeSquid that protects the users against malware.

Internet browsing is unsafe while browsing certain sites which allow malware or virus.

This causes software attack on the computer, which decreases its performance.

To prevent this SafeSquid having this advance Module named SqScan to Scan the sites specially for virus or malware.

It prevents the access and downloads from that type of websites.

Virus scanning policies

Enabling SqScan section on SafeSquid User Interface

Access the SafeSquid interface

 

Go to Configure Page

Goto configure.png
 

Go to Real time content security

Go to real time content security.png
 

Go to SqScan Section

 
SvScanconfigureSlide1 (1).PNG
 

Global

Enabled

Enable or Disable this section.

  • TRUE : Enable in memory virus scanning.
  • FALSE : Disable in memory virus scanning.
 
     
SvScanconfigureSlide1 (2).PNG
SvScanconfigureSlide1 (3).PNG
 
SvScanconfigureSlide1 (4).PNG
 

Virus Scanning Policies

Create the entries for SqScan.

Define the Security level and Malware type in each entry.

ALL The Following Entries will be tested from top to bottom.

SvScanconfigureSlide1 (5).PNG
 

Create the entries for SqScan.

Define the Security level and Malware type in each entry.

Svscan-policy.jpg
 

Enabled

Enable or Disable SqScan Policy.

  • TRUE : Enable this entry.
  • FALSE : Disable this entry.

Comment

For documentation, and future references, explain the relevance of this entry with your policies.

That is, by reading the policies, a future user can understand the purpose of that entry.

Profiles

Specify the Profiles applicable for this entry.

This entry will be applicable only if the connection has any one of the specified profiles.

Leave it Blank, to apply for all connections irrespective of any applied profile.

To avoid application to a connection that has a profile, use negated profile (!profile).

Malware Security Level

Select security level depending on your requirement.

Set security level as per your safety measures: standard or High or Paranoid.

Set scan-level to bypass for disable the scanning.

  • BYAPASS : Disable Virus Scanning for the matching Profiles.
  • STANDARD : Block if a threat is detected, but not on mere Suspicious.
  • HIGH : Block if a threat is detected, even if the content is suspicious.
  • PARANOID : Block everything that SqScan cannot assure clean. Warning! This can cause all content to be blocked even in the event of any systemic failures of this functionality.

Malware Types

Select Virus/Malware type(s) to be blocked, if received content have their signature(s).

SafeSquid will block all such requests if a threat is detected, if the content is suspicious.

  • VIRUS : Enable Security Against VIRUS threats.
  • SPYWARE : Enable Security Against SPYWARE threats.
  • ADWARE : Enable Security Against ADWARE threats.
  • SPAM : Enable Security Against SPAM threats.
  • ROOTKIT : Enable Security Against ROOTKIT threats.
  • DIALER : Enable Security Against DIALER threats.
  • MALICIOUS_APP : Enable Security Against MALICIOUS_APP threats
  • ARCHBOMB : Enable Security Against ARCHBOMB threats