Analyzing files tab

Maximum size for antivirus and sandboxing analysis (KB)

In this field, you can set the maximum size used to analyze files, and
configure the action to take if the file exceeds the allowed size.

WARNING
When a size limit is manually set for analyzed data, ensure that all values are consistent, as the total memory space corresponds to the resources reserved for all antivirus services. If you define the size limit for data analyzed over FTP as 100% of the total size, no other files can be analyzed at the same time.

This option corresponds to the maximum size of files that will be scanned.
The default size depends on the firewall model:

S model firewalls (SN160(W), SN210(W) and SN310): 4000 KB.
M model firewalls (SN-S-Series-220, SN-S-Series-320, SN510, SN710, SNi20 and SNi40): 4000 KB.
L model firewalls (SN-M-Series-520, SN-M-Series-720, SN910, SN-M-Series-920 and SNxr1200): 8000 KB.
XL model firewalls (EVA1, EVA2, EVA3,EVA4, EVAU, SN1100, SN2000, SN2100, SN3000, SN3100, SN6000 and SN6100): 16000 KB.

Analyzing files

This option makes it possible to choose the type of file that needs to be analyzed: “downloaded and sent” files; “downloaded only” or “sent only” files.

Actions on files

When a virus is detected	This field contains two options: "Allow" and "Block". By selecting “Block”, the analyzed file will not be sent. By selecting “Allow”, the antivirus will send the file as is.
When the antivirus scan fails	This option defines the behavior of the antivirus module if the analysis of the file it is scanning fails. EXAMPLE The file could not be scanned as it is locked. If Block is specified, the file being scanned will not be sent. If Pass without scanning is specified, the file being scanned will be sent.
When data collection fails	This option defines the behavior of the antivirus module when certain events occur. It is possible to Block traffic when information cannot be retrieved, or Pass without scanning.