Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
KhuuHieu
Explorer

Anti Virus on CheckPoint

Hello Guys. Today I turn on the anti virus on Checkpoint Gateway. I watched a video on Youtube and config the profile like them, but the anti virus doesn't work. I config the Profile, In tab Anti Virus, File Type, I choose Process file type known to contain malware. After that, I go to CheckPoint threat wiki and test virus file but I still Download the file.

L2.pngLÓI.pngl7.pngL6.png

 

The Second case,  when i choose Process specific file type families and config drop file "com". I go to eicar to test the virus file. It work with using standard protocol http, I can't download the file. But in using secure, SSL enabled protocol https, I can download the file. How can i block the file with using secure, SSL like the picture?? 

l4.pngl5.pngL3.png

 

And the last question that is how can i drop the file that contains viruses? For Instance, a zip/rar file that contain the virus, the checkpoint will block it, but if it is a safe zip/rar file then, checkpoint will accept it.

 

Thank you guys so much. I'm a newbie so i have a lot of problems.

Thank you guys so much.

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

We had a discussion on EICAR recently as it's kind of a "special case."
See: https://community.checkpoint.com/t5/IPS-Anti-Virus-Anti-Bot-Anti/Will-CheckPoint-Firewall-AV-Blade-B...
If you want files blocked over HTTPS, you need to enable HTTPS Inspection.
0 Kudos