Showing results for 
Search instead for 
Did you mean: 
Level 9

Web Gateway: Cache ruleset order


Could someone tell me why is not suggested to put the "web cache” rule set below the Anti-malware rule set?

When the WG put a file to the cache and it is malicious the WG has to scan and block the file every time when it is requested from the cache.




0 Kudos
2 Replies
McAfee Employee

Re: Web Gateway: Cache ruleset order


they are different reasons to have it in the front of AntimalWare rule set. I could give you some of those i directly have in my mind:

- for a lot of available file types you will need to have complete/full file before scanning. Good example is ZIP, whiteout the full file you cant extract the content of this file for further scanning. So it make sense to get the file from cache then download the file every single time it is requested.

- they are't only downloaded files stored in the cache  the client can request. Those might not even require anti malware or are allowed in your rule set before anti malware engine is triggered. By putting WEB CACHE behind Anti Malware rule set cache will not being triggered for those objects.


0 Kudos
Level 14

Re: Web Gateway: Cache ruleset order

Hi all,

yes, also from my side, GAM is the most ressource intensive process in mwg. Therefore GAM should be the last rule/ruleset. It makes sense not to scan content which should not be scanned.


0 Kudos