Important Eset Gateway Security Mechanisms; Handle Object Policy; User Specific Configuration - ESET GATEWAY SECURITY - FOR LINUX BSD AND SOLARIS Installation Manual

6. Important ESET Gateway Security mechanisms

6.1 Handle Object Policy

The Handle Object Policy (see figure 6-1) mechanism provides filtering of scanned objects based on their status.
This functionality is based on the following configuration options:
action_av
action_av_infected
action_av_notscanned
action_av_deleted
For detailed information on these options, please refer to the esets.cfg(5) man page.
Figure 6-1. Scheme of Handle Object Policy mechanism.
Every object processed is first handled according to the configuration of the 'action_av' option. If this option is set to
'accept' (or 'defer', 'discard', 'reject') the object is accepted (or deferred, discarded, rejected). If the option is set to 'scan'
the object is scanned for virus infiltrations, and if the 'av_clean_mode' option is set to 'yes', the object is also cleaned. In
addition, the configuration options 'action_av_infected', 'action_av_notscanned' and 'action_av_deleted' are taken into
account to further evaluate handling of the object. If an 'accept' action has been taken as a result of these three action
options, the object is accepted. Otherwise, the object is blocked.

6.2 User Specific Configuration

The purpose of the User Specific Configuration mechanism is to provide a higher degree of customization and
functionality. It allows the sytem administrator to define ESETS antivirus scanner parameters based on the user who is
accessing file system objects.
A detailed description of this functionality can be found in the esets.cfg(5) man page; in this section we will provide
only a short example of a user-specific configuration.
In this example, the esets_http module is used to control HTTP traffic on port 8080 of the gateway server, with a
local network IP address of 192.168.1.10. The functionality of esets_http is based on the [http] section of the ESETS
configuration file. See the following lines:
[http]
agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 8080
action_av = "scan"
To provide individual parameter settings, define the 'user_config' parameter with the path to the special
configuration file where the individual setting will be stored. In the next example, we create a reference to the special
configuration file 'esets_http_spec.cfg', which is located in the ESETS configuration directory. See below:
15