Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

anti-virus (Content Security)

Syntax

Hierarchy Level

Description

Configure Content Security Sophos antivirus features. You can also configure the default Content Security configuration for antivirus feature profile. If you do not configure any option in the antivirus feature profile, the values configured in the default Content Security configuration are applied. Antivirus, one of several features including content filtering, antispam, and Web filtering, makes up Juniper’s Content Security suite, provides the ability to prevent threats at the gateway before they enter the network.

Note:

A license check for the antivirus configuration is performed at the time of a commit and will provide a warning if a valid license is not installed on the device. Once a valid license is installed on the device then a custom antivirus profile or the default profile will be able to process traffic. If a license is expired or is not installed, the antivirus service will not process traffic.

Options

anti-virus

Configure antivirus feature.

mime-whitelist

This is the comprehensive list for those MIME types that can bypass antivirus scanning.

sophos-engine

The antivirus engine that is used on the device. You can only have one engine type running and you must restart the device if you change engines.

fallback-options

Fallback options tell the system how to handle the errors.

notification-options

There are multiple notification options you can configure to trigger when a virus is detected.

fallback-non-block

Notifications for fallback nonblocking actions.

virus-detection

Notification to send when a virus is detected.

pattern-update

You can configure the security device to regularly update the pattern file automatically, or you can update the file manually.

scan-options

Antivirus sophos-engine scan options.

server

Sophos Antivirus (SAV) and antispam first hop DNS server.

sxl-retry

Number of retry attempts to the remote Sophos Extensible List (SXL) server when a request timeout occurs.

  • Range: 0 through 5

sxl-timeout

Timeout value for responses to a Sophos checksum or URI query.

  • Range: 1 through 5

trickling

HTTP trickling is a mechanism used to prevent the HTTP client or server from timing-out during a file transfer or during antivirus scanning.

traceoptions

Define tracing operations for Content Security antivirus features.

url-whitelist

Antivirus URL allowlist. A URL allowlist is a unique custom list that you define in which all the URLs or IP addresses in that list for a specified category are always bypassed for scanning.

The remaining statements are explained separately. See CLI Explorer.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Release Information

The Express and Kaspersky antivirus feature is not supported from Junos OS Release 15.1X49-D10 onwards. For previous releases, statement introduced in Junos OS Release 9.5.

The [edit security utm default-configuration] hierarchy level is introduced in Junos OS Release 18.2R1.