4 Replies Latest reply on Aug 28, 2013 6:02 PM by eelsasser

    Mcafee web Gateway -Virus infected File

      . We use Mcafee Web gateway virus scan for all incomming traffic.  we like to know if Mcafee web gateway Virus scan removes the file and replace file with dummy file  withmessage in file "infect with virus".  Can we perform this using Mcafee gateway virus scan. Our webserver is not able to get response back from Mcafee web gateway when the file is infected with virus. Mcafee has any other setup to send response back.

        • 1. Re: Mcafee web Gateway -Virus infected File
          exbrit

          Moved from Home to Business > Web Gateway for better support.

          • 2. Re: Mcafee web Gateway -Virus infected File

            No. this cannot be done.

            MWG will only respond with a 403 back to the client when something is detected.

            It will not alter the contents and forward the body to the server with a dummy file.

            Capture.png

             

            The only thing you can do is write client side code that detects the 403 and presents the user with some message within the framework of your application.

             

            If this is for a home-grown web application, you might be better off writing an ICAP client into the application that does the file submission and business logic to accomodate what you are looking for.

            Capture2.png

            • 3. Re: Mcafee web Gateway -Virus infected File

              Our webserver s not receving any error codes like 403 from MWG. We just see browser hanges with spinnng wheel and never closes session and we need to kill the browser. 

              • 4. Re: Mcafee web Gateway -Virus infected File

                Yes. That is the way it works when using a reverse proxy.

                All content is blocked from going forward into the web server and the 403 is sent back to the client.

                The client has to deal with the 403 itself. If your browser is hanging, then the appliacation is probably using javascript and Ajax.

                The Ajax routines need to expose the 403 status code into some sort of readable message for the user.