I had booth duty at FOCUS this year and a couple customers were asking questions about the Gateway Anti-Malware Ruleset used in our demonstration. I have attached it here.
A few interesting features are 1)Use of smartmatch for the bypass site list 2) an easy way to select the size at which you would like to bypass anti-malware scanning (works from a list of numbers and you just select the index for the appropriate size) and 3) Use of different settings based on the trust level of the site.4) Some nice logging features
|#||Anti-Malware: Bypass Files Over X Bytes||Only the FIRST entry in this list used. Move/Add the proper value to the top. Common Values: 1 MB = 1048576 bytes 5 MB: 5242880 bytes 10 MB: 10485760 bytes 20 MB: 20971520 bytes 30 MB: 31457280 bytes 100 MB: 104857600 bytes 500 MB: 524288000 bytes 1 GB: 1073741824 bytes|
|1||31457280||30 Meg: Only FIRST entry is used|