Analyzing files tab

Maximum size for antivirus and sandboxing analysis (KB)

This option corresponds to the maximum size of files that will be scanned.
The default size depends on the firewall model:

SN160(W), SN-XS-Series-170, SN210(W), SN-S-Series-220, SN310, SN-S-Series-320, SN510, SN710, SNi10, SNi20, SNi40, EVA1, EVA2, EVA3 and EVAU (16G) : 4000 Ko.
SN-M-Series-520, SN-M-Series-720, SN910, SN-M-Series-920, SNxr1200 and EVA4 : 8000 Ko.
SN1100, SN2100, SN-L-Series-2200, SN3100, SN-L-Series-3200, SN-XL-Series-5200, SN6100, SN-XL-Series-6200 and EVAU (32G, 64G) : 16000 Ko.

WARNING
When a size limit is manually set for analyzed data, ensure that all values are consistent, as the total memory space corresponds to the resources reserved for all antivirus services. If you define the size limit for analyzed data on SMTP as 100% of the total size, no other files can be analyzed at the same time.

Action on messages

This zone defines the behavior of the antivirus module when certain events occur.

When a virus is detected	This field contains two options: "Pass" and "Block". By selecting “Block”, the analyzed file will not be sent. By selecting Pass, the antivirus will send the file event it has been found to be infected.
When the antivirus scan fails	The option Pass without analyzing defines the behavior of the antivirus module if the analysis of the file it is scanning fails. If Block is specified, the file being scanned will not be sent. If Pass without analyzing is specified, the file being scanned will be sent.
When data collection fails	This option defines the behavior of the antivirus module when certain events occur. EXAMPLES If the hard disk has reached its capacity, information will not be downloaded. The maximum size that the file can reach for the antivirus scan is restricted (1000KB).