2 Replies Latest reply on Oct 26, 2016 3:13 AM by Troja

    Web Gateway: Cache ruleset order

    ztamas

      Hi,


      Could someone tell me why is not suggested to put the "web cache” rule set below the Anti-malware rule set?

      When the WG put a file to the cache and it is malicious the WG has to scan and block the file every time when it is requested from the cache.

       

      Thanks!

      Regards,

      Zoltan

        • 1. Re: Web Gateway: Cache ruleset order
          smasnizk

          Zoltan,

           

          they are different reasons to have it in the front of AntimalWare rule set. I could give you some of those i directly have in my mind:

           

          - for a lot of available file types you will need to have complete/full file before scanning. Good example is ZIP, whiteout the full file you cant extract the content of this file for further scanning. So it make sense to get the file from cache then download the file every single time it is requested.

          - they are't only downloaded files stored in the cache  the client can request. Those might not even require anti malware or are allowed in your rule set before anti malware engine is triggered. By putting WEB CACHE behind Anti Malware rule set cache will not being triggered for those objects.

           

          -Sergej

          • 2. Re: Web Gateway: Cache ruleset order
            Troja

            Hi all,

            yes, also from my side, GAM is the most ressource intensive process in mwg. Therefore GAM should be the last rule/ruleset. It makes sense not to scan content which should not be scanned.

            Cheers