FTP Virus Scan: Action

FTP > Scan Rules | Action

You can specify the action you want IWSVA to take whenever it detects an Internet threat in inbound or outbound FTP traffic.

Infected files—Default action is Clean. Trend Micro recommends that you Clean virus-infected files. If the file is corrupt or otherwise uncleanable, the specified action with be taken.

Note

Only files infected with a virus can be cleaned. Most threats now tend to be "uncleanable" such as spyware, Trojans, phish, and worms.

Uncleanable files—Default is Delete. A large number of so-called "viruses" are in fact other types of Internet threat. Because these types of malicious code do not "infect" a file they cannot be cleaned. The whole file is bad; there is nothing to clean. Trend Micro recommends that you quarantine or delete these "uncleanable" files.
Password protected—Default is Pass. IWSVA cannot open or scan password-protected files. Rather than pass these files through to the requesting client unscanned, Trend Micro recommends that you quarantine them.

Macros—Default is Pass. Choose Clean to have IWSVA strip all macros from all files crossing the FTP gateway, typically in case of a macro virus outbreak, or Quarantine to have IWSVA move all macro containing documents to the quarantine server.

Important

Macro settings are intended to be temporary only—usually as a reaction to a sudden outbreak due to a unknown macro virus. The default setting is Pass, and typically should not be changed. IWSVA will scan and clean ordinary macro viruses using the MacroTrap technology available as part of "infected" file scanning.

/*<![CDATA[*/ $('#title').html($('meta[name=map-description]').attr('content')); /*]]>*/