ESET GATEWAY SECURITY, Руководство по установке

Страница: 24 / 38

24 ESET Gateway Security
6.1. Handle Object Policy
The Handle Object Policy (see figure 6-1) is a mechanism that provides handling of the
scanned objects depending on their scanning status. The mechanism is based on so-called
action configuration options: ‘action_av‘, ‘action_av_infected‘, ‘action_av_notscanned‘, ‘action_
av_deleted‘. For detailed information on the options, please refer to the esets.cfg(5) manual
page.
Figure 6-1. Scheme of Handle Object Policy mechanism.
Every object processed is at first handled with respect to the setting of the configuration
option ‘action_av‘. Once the option is set to ‘accept‘ (resp. ‘defer‘, ‘discard‘, ‘reject‘) the object is
accepted (resp. deferred, discarded, rejected). If the option is set to ‘scan‘ the object is scanned
(resp. also cleaned if requested by configuration option ‘av_clean_mode‘) for virus infiltrations
and set of action configuration options ‘action_av_infected‘, ‘action_av_notscanned‘ and
‘action_av_deleted‘ is taken into account to evaluate further handling of the object. If action
‘accept‘ has been taken as a result of the three above action options the object processed is
accepted, otherwise the object is blocked.
NOTE: Please, note that some of the modules has been written to integrate ESETS into the environment which does not allow to
modify scanned objects and thus this functionality is disabled in the module. Particularly, this means that configuration
option av_clean_mode is ignored by the module. To get detailed information on this topic, refer to appropriate modules
manual pages.
6.2. User Specific Configuration
User Specific Configuration mechanism is implemented in the product in order to provide
administrator with enhanced configuration functionality. It allows to define ESETS anti-virus
scanner parameters selectively for client/server identification.
Please note that the detailed description of this functionality can be found in esets.cfg(5)
manual page and manual pages referenced there. Thus in this section we will only provide short
example of user specific configuration definition.
Let’s say we use esets_http to control HTTP traffic on port 8080 of the gateway server with
local network IP address 192.168.1.10. The module is subjected to configuration section [http] in
accept defer, discard, reject
action_av
object not accepted
accept defer, discard, reject
action_av_infected
action_av_notscanned
action_av_deleted
object not accepted
object accepted
scan