Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

File download triggers IWSS/IWSVA Large File Handling in Deferred Scan Mode when the internal LAN speed is slow

    • Updated:
    • 12 Oct 2015
    • Product/Version:
    • InterScan Web Security Suite 3.1 Linux
    • InterScan Web Security Suite 3.1 Linux
    • InterScan Web Security Suite 3.1 Windows
    • InterScan Web Security Suite 3.1 Windows
    • InterScan Web Security Virtual Appliance 5.6
    • InterScan Web Security Virtual Appliance 5.6
    • Platform:
    • Linux - Red Hat RHEL 3 32-bit
    • Linux - Red Hat RHEL 3 64-bit
    • Linux - Red Hat RHEL 4 32-bit
    • Linux - Red Hat RHEL 4 64-bit
    • Linux - Red Hat RHEL 5 32-bit
    • Linux - Red Hat RHEL 5 64-bit
    • Linux - Red Hat RHEL 6 32-bit
    • Linux - Red Hat RHEL 6 64-bit
Summary

When the network speed between InterScan Web Security Suite (IWSS) or Intersscan Web Security Virtual Appliance (IWSVA) and the client machine is slow, the client might not be able to download a large file.

Details
Public

This issue occurs when the client downloads a large file. IWSS/IWSVA will first download a part of the file (file size equals the threshold of Large File Handling set by the parameter "Do not scan file larger than x"). IWSS/IWSVA will then scan the file and deliver it to the client.

If it takes too much time for IWSS/IWSVA to deliver the file to the client, the connection between IWSS/IWSVA and HTTP Server will time out. Therefore, the client will only get a portion of the file.

There are two workarounds for this issue:

Option I: Use "Scan before delivery" mode in large file handling

  1. Log on to the IWSS/IWSVA management console.
  2. Go to HTTP > Scan Policies > Global Scan Policy > Virus Scan Rule tab.
  3. Under the Large File Handling section, select Scan before delivering.
  4. Click Save to save the changes.

Option II: Set a large tricking rate in "Deferred Scanning" mode (example 80% or 100%)

  1. Log on to the IWSS/IWSVA management console.
  2. Go to HTTP > Scan Policies > Global Scan Policy > Virus Scan Rule tab.
  3. Under the Large File Handling section, select Deferred scanning.
  4. In "Percent for received data will be unscanned and sent to client periodically", select 80% or 100%.
  5. Click Save to save the changes.
Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
1057980
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.