Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Capture ATP bypassed

PushOriginPushOrigin Newbie ✭
in Entry Level Firewalls

I installed a TZ270 early this month to replace an older model. Since 1/6 Capture ATP has only scanned 8 files, all benign.

Gateway and Cloud Anti-Virus are enabled. All protocols are enabled inbound and outbound. All file types are enabled.

SonicOS 7.0.0-R906

This worked fine on the SonicOS 6 appliance that we replaced. Why aren't more files being scanned?

Category: Entry Level Firewalls
Reply

Answers

  • shiprasahu93shiprasahu93 Moderator
    @PushOrigin ,

    Are you using client DPI SSL? Usually these days most of the traffic is over encrypted protocols like HTTPS, SMTPS etc. Without DPI SSL, GAV scans won't take place thereby not triggering capture atp as well.

    I guess that could be a possible reason. You can try to download a file from a HTTP website and check if that shows up under the capture atp status.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

Sign In or Register to comment.