Settings
ClamAV file analysis
The types of files that the Stormshield Network firewall antivirus service must analyze can be configured in this menu.
Analyze compressed executable files | This option enables the decompression engine (Diet, Pkite, Lzexe, Exepack, etc.). |
Analyze archives | This option enables the extraction engine and makes it possible to analyze archives (zip, arj, lha, rar, cab, etc.) |
Block encrypted or password-protected files | This option allows blocking files that are encrypted or protected by a password. |
Block unsupported file formats | This option allows blocking file formats that the antivirus is unable to scan. |
Advanced antivirus file analysis
Inspect archives | This option enables the extraction engine and makes it possible to analyze archives (zip, arj, lha, rar, cab, etc.). |
Block password-protected files | This option allows blocking password-protected files. |
Sandboxing
This menu is only available (not grayed out) when the advanced antivirus engine has been selected. It also requires the prior subscription of the sandboxing (Breach fighter) option.
Do note that files can be manually submitted on https://breachfighter.stormshieldcs.eu/ for analysis.
After being sandboxed, the file will be assigned a score (maliciousness threshold) evaluated on a scale of 1 to 100. Files with a score of 0 are considered not dangerous. Files with a score of 100 are considered malicious.
Sandboxing threshold above which files will be blocked | From the drop-down list, select the level of maliciousness above which the firewall must block such files. Four levels are available:
|