Capture ATP bypassed
PushOrigin Newbie ✭
I installed a TZ270 early this month to replace an older model. Since 1/6 Capture ATP has only scanned 8 files, all benign.
Gateway and Cloud Anti-Virus are enabled. All protocols are enabled inbound and outbound. All file types are enabled.
This worked fine on the SonicOS 6 appliance that we replaced. Why aren't more files being scanned?
Category: Entry Level Firewalls
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
Are you using client DPI SSL? Usually these days most of the traffic is over encrypted protocols like HTTPS, SMTPS etc. Without DPI SSL, GAV scans won't take place thereby not triggering capture atp as well.
I guess that could be a possible reason. You can try to download a file from a HTTP website and check if that shows up under the capture atp status.
Technical Support Advisor, Premier Services