Grettings,
I'm trying to detect, block and log the EICAR file transfered on diferent protocols (FTP, HTTP and SMB), I've deployed the Checkpoint 1570R on transparent mode by configuring a bridge between 2 interfaces with a laptop on each interface, somehow I'm not being able to block the file despite I think I've properly enabled Antivirus etc.
By the way, in the enviroment where I'm testing this I'm not allowed to access to the internet to update the device, I just want to know if it's an configuration issue. In case it's an issue with updates I would find a way to fix it.
Any advice?
Thanks