This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Scanning Downloads from Trusted Sites

Hi All

I have version of 4.0.3.1 of SWA, and I add Trusted Sites in, so the WA does not scan the downloaded files. eg. ftp.hp.com

It used to work fine, but now downloading drivers from this site will result in the WA scanning the file.

Upon a Policy Test the site is listed as Trusted. But yet still scans the downloaded files. I am pretty sure this never used to happen? Thoughts on what might be happening or what I may now need to configure, I couldn't seen anything obvious and searching the manual seemed fruitless.

Cheers

:58033


This thread was automatically locked due to age.
  • What could be happening is that the URL your are downloading the drivers from is not "ftp.hp.com" but a variation of the URL. If the URL is different then the Local Site List entry you created/tagged as trusted will not be used and the file will be scanned.

    Do you have access to a Syslog server?

    If yes, I recommend configuring your web appliance to send the web traffic logs to your Syslog server -> review the web logs to see what the extact URL is the drivers are downloading from.

    Path to enable Syslog = Configuration -> System -> Alerts & Monitoring -> Syslog

    You can use the help article below to understand the web log.

    wsa.sophos.com/.../
  • Hello Pomoc,

    Version 4.0.3.1 has a number of defects, including one related to scanning trusted sites. Please upgrade your appliance(s) to 4.1.1 to resolve your policy issues.

    Petr.