What is the best way to configure mwg 7 to whitelist sites for downloads like apple.com (app store, updates), adobe, microsoft, vmware, etc.?
I've tried whitelisting, but that doesn't seem to work - my downloads are still scanned and with large archives (iso, tgz, etc.) that is just not feasible. I've also tried rules based on download size, but that doesn't seem to work either. Also, it looks like some of these sites use SSL for downloads.
You can try add those websites to the bult-in list to bypass antimalware engine. Tha name of the rule is Allow if URL Hosts matches in list Anti-malware URL Whitelist. Or you can use the list that you already have and create a rule whithin the Gateway antimalware rule-set to Stop Rule Set if URL matches your list.
Yes, it worked out for me, can you post a printscreen of your rules?
It has to be something like
IF URL matches BYPASSDOWNLOADLIST then STOPCYCLE (this rule has to be above the rule that does the scanning)
BLOCK if virus was found (usually that is the rule that does the scanning)