anti-virus (Logical Systems)
Syntax
anti-virus {
profile name {
fallback-options (Security Antivirus Sophos Engine) {
content-size (Security Antivirus Sophos Engine) (block | log-and-permit | permit);
decompress-err (block | log-and-permit | permit);
default (Security Antivirus Sophos Engine) (block | log-and-permit | permit);
engine-not-ready (Security Antivirus Sophos Engine) (block | log-and-permit | permit);
out-of-resources (Security Antivirus Sophos Engine) (block | log-and-permit | permit);
timeout (Security Antivirus Fallback Options Sophos Engine) (block | log-and-permit | permit);
too-many-requests (Security Antivirus Fallback Options Sophos Engine) (block | log-and-permit | permit);
}
mime-whitelist {
exception exception;
list list;
}
notification-options (Security Antivirus) {
fallback-block (Security Antivirus) {
custom-message (Security Fallback Block) custom-message;
custom-message-subject (Security Fallback Block) custom-message-subject;
(notify-mail-sender (Security Fallback Block) | no-notify-mail-sender (Security Fallback Block));
type (Security Fallback Block) (message | protocol-only);
}
fallback-non-block (Security Antivirus) {
custom-message (Security Fallback Non-Block) custom-message;
custom-message-subject (Security Fallback Non-Block) custom-message-subject;
(notify-mail-recipient | no-notify-mail-recipient);
}
virus-detection (Security Antivirus) {
custom-message (Security Virus Detection) custom-message;
custom-message-subject (Security Virus Detection) custom-message-subject;
(notify-mail-sender (Security Virus Detection) | no-notify-mail-sender (Security Virus Detection));
type (Security Virus Detection) (message | protocol-only);
}
}
url-whitelist url-whitelist;
}
}
Hierarchy Level
[edit logical-systems logical-systems-name security utm feature-profile] [edit tenants tenant-name security utm feature-profile]
Description
Configures the Content Security Sophos Antivirus feature for logical systems. You can also configure the default Content Security configuration for antivirus feature profile. If you do not configure any option in the antivirus feature profile, the values configured in the default Content Security configuration are applied.
A license check for the antivirus configuration is performed at the time of a commit and will provide a warning if a valid license is not installed on the device. Once a valid license is installed on the device then a custom antivirus profile or the antivirus default profile is able to process traffic. If a license is expired or is not installed, the antivirus service does not process the traffic.
Options
anti-virus |
Configures the Content Security antivirus feature for logical systems. |
mime-whitelist |
This is the comprehensive list for those MIME types that can bypass antivirus scanning. |
sophos-engine |
The antivirus engine that is used on the device. You can only have one engine type running and you must restart the device if you change engines. |
fallback-options |
Fallback options helps the system how to handle the errors. |
notification-options |
There are multiple notification options you can configure to trigger when a virus is detected. |
fallback-non-block |
Notifications for fallback nonblocking actions. |
virus-detection |
Notifications to send when a virus is detected. |
scan-options |
Antivirus sophos-engine scan options. |
trickling |
HTTP trickling is a mechanism used to prevent the HTTP client or server from timing-out during a file transfer or during antivirus scanning. |
url-whitelist |
Antivirus URL allowlist is a unique custom list that includes the URLs or IP addresses category to bypass the antivirus scanning. |
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 18.3R1.
Support for configuration in tenant systems introduced in Junos OS Release 19.2R1.