All web access through the ProxySG will be slow when a client downloads "firefox-3.6.13-2.el5.centos.i386.rpm".
"firefox-3.6.13-2.el5.centos.i386.rpm" is a compressed package which contain more than 10000 files. When the ProxyAV appliance decompresses the rpm file and performs a virus scan it is under heavy load, which causes a slowness in the ProxyAV response.
The performance resumes to normal when the scan is completed.
To prevent this slowness, you have a few options:
Option 1: Create policy to instruct the ProxySG to not scan rpm files as follows:
define condition FileExtension1
end condition FileExtension1
Option2 : Reduce ProxyAV setting "Maximum archive layers" value from 16 to lower number. e.g. "1"
"firefox-3.6.13-2.el5.centos.i386.rpm" has 3 layers of archived files and by making this change you can reduce the depth of archives that the AV engine scan within a file.
For example, if the "Maximum archive layers" value is 3, the AV engine scans files that are part of a three-embedded zipped file (zipped files in a zipped file in a zip file).
Please take a moment to complete this form to help us better serve you.
Your response will be used to improve our document content.
Copyright 2014 Blue Coat Systems, Inc. | Contact Support | Help