cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Mobile Access Portal + other blades?

Hi,

I try to scan files that are uploaded using Mobile Access Portal - File Shares, Web Applications but it looks like that all other security blades (AV,TE) ignores them. I triple check my TP policy and it seems to be ok.

Does anybody can confirm that it should work and there is something in my configuration or is it something that gateway can't do at all.

7 Replies
Admin
Admin

Re: Mobile Access Portal + other blades?

All the blades are supposed to work with Mobile Access Blade as noted in the documentation.

How are you determining that the blades are "ignoring" files uploaded via file shares?

Note the blades usually don't generate a log unless a file is malicious.

0 Kudos

Re: Mobile Access Portal + other blades?

I'm uploading malware test file "eicar.com" that gateway normally recognized without issue. Only when I transfer it using Mobile Access Portal it doesn't work. I thought it was only for Fileshare (some CIFS issue) but i add web aplication using http (not https) and file isn't scan at all. 

0 Kudos
Admin
Admin

Re: Mobile Access Portal + other blades?

EICAR is kind of a special case

As there have been a few false positives with EICAR, and it's not really malicious, we don't detect EICAR by default.

Execute the following command on the gateway: fw ctl set int g_ci_av_eicar_handling_mode 2

Then repeat your test. 

Re: Mobile Access Portal + other blades?

I have set it to 2 previous it was set to 0.  g_ci_av_eicar_handling_mode = 2

But changing this setting doesn't help. Eicar is and was recognized if i download it form web site but if i uploaded it using Mobile Access Portal interface it doesn't.

Even if I establish tunnel (IPSEC or SSL/Connect)  and uploading eicar file to web application it is blocked as it should.

If I open Mobile Access Portal and without tunnel open that same web application only define as http URL in portal it is passed without scan. 

0 Kudos
Admin
Admin

Re: Mobile Access Portal + other blades?

Recommend opening a TAC case so we can investigate this more closely.

How To Open a Case with TAC and/or Account Services

0 Kudos

Re: Mobile Access Portal + other blades?

I got statements, that Traditional AV and Anti-Virus is not supported with Mobile Access portal. So probably TE does not work either. It should be write red capital letters in documentation in Mobile Access Portal.

I try to figure out some workaround how to solve it because it is big surprised for me. Any ideas and suggestion will be nice.

0 Kudos
Admin
Admin

Re: Mobile Access Portal + other blades?

Please send me the TAC SR in a private message.

The documentation explicitly contradicts this, so I'd like to get to the bottom of it.

0 Kudos