If you think InterScan Web Security Virtual Appliance (IWSVA) is incorrectly stopping files, first check the IWSVA logs and get a complete record of all detections. You can also see what triggered the detection, and the action IWSVA took can be found. (Click Logs in the main IWSVA menu, then choose the logs you want to view.)

IWSVA also tracks all denied URL requests for filtering, blocking, and access quotas. These logs include the requester's User ID, the URL, the remote and local IP, the policy that triggered the action, time, date, etc.

For example, if a user reports that a Web download was blocked, but the user cannot determine the cause, check the logs. If the file was not an Internet threat, it may have violated other proscriptions such as password protection, layers of compression, compression ratio, etc.

See also