Handle Object Policy; User Specific Configuration - ESET GATEWAY SECURITY Installation Manual
Hide thumbs
Also See for GATEWAY SECURITY:
- Installation manual (38 pages) ,
- Datasheet (2 pages) ,
- Installation manual (20 pages)
Table of Contents
Advertisement
6.1. Handle Object Policy
The Handle Object Policy (see figure 6-1) is a mechanism that provides handling of the
scanned objects depending on their scanning status. The mechanism is based on so-called
action configuration options: 'action_av' , 'action_av_infected' , 'action_av_notscanned' , 'action_
av_deleted' . For detailed information on the options, please refer to the esets.cfg(5) manual
page.
Figure 6-1. Scheme of Handle Object Policy mechanism.
action_av
accept
action_av_infected
action_av_notscanned
action_av_deleted
object accepted
Every object processed is at first handled with respect to the setting of the configuration
option 'action_av' . Once the option is set to 'accept' (resp. 'defer' , 'discard' , 'reject') the object is
accepted (resp. deferred, discarded, rejected). If the option is set to 'scan' the object is scanned
(resp. also cleaned if requested by configuration option 'av_clean_mode') for virus infiltrations
and set of action configuration options 'action_av_infected' , 'action_av_notscanned' and
'action_av_deleted' is taken into account to evaluate further handling of the object. If action
'accept' has been taken as a result of the three above action options the object processed is
accepted, otherwise the object is blocked.
NOTE: Please, note that some of the modules has been written to integrate ESETS into the environment which does not allow to
modify scanned objects and thus this functionality is disabled in the module. Particularly, this means that configuration
option av_clean_mode is ignored by the module. To get detailed information on this topic, refer to appropriate modules
manual pages.
6.2. User Specific Configuration
User Specific Configuration mechanism is implemented in the product in order to provide
administrator with enhanced configuration functionality. It allows to define ESETS anti-virus
scanner parameters selectively for client/server identification.
Please note that the detailed description of this functionality can be found in esets.cfg(5)
manual page and manual pages referenced there. Thus in this section we will only provide short
example of user specific configuration definition.
Let's say we use esets_http to control HTTP traffic on port 8080 of the gateway server with
local network IP address 192.168.1.10. The module is subjected to configuration section [http] in
24
scan
defer, discard, reject
accept
defer, discard, reject
object not accepted
object not accepted
ESET Gateway Security
Advertisement
Table of Contents
Need help?
Do you have a question about the GATEWAY SECURITY and is the answer not in the manual?
Questions and answers