beautypg.com

Kerio Tech Firewall6 User Manual

Page 187

background image

13.5 Scanning of files transferred via Clientless SSL-VPN

187

Note: Regardless of what action is set to be taken, the attachment is always removed and

a warning message is attached instead.

Use the TLS connections section to set firewall behavior for cases where both mail client and

the server support TLS-secured SMTP or POP3 traffic.

In case that TLS protocol is used, unencrypted connection is established first. Then, client

and server agree on switching to the secure mode (encrypted connection). If the client or the

server does not support TLS, encrypted connection is not used and the traffic is performed in

a non-secured way.

If the connection is encrypted, firewall cannot analyze it and perform antivirus check for

transmitted messages. WinRoute administrator can select one of the following alternatives:

Enable TLS. This alternative is suitable for such cases where protection from wiretap-

ping is prior to antivirus check of email.

Hint

In such cases, it is recommended to install an antivirus engine at individual hosts that

would perform local antivirus check.

Disable TLS. Secure mode will not be available. Clients will automatically assume

that the server does not support TLS and messages will be transmitted through an

unencrypted connection. Firewall will perform antivirus check for all transmitted mail.

The If an attachment cannot be scanned section defines actions to be taken if one or multi-

ple files attached to a message cannot be scanned for any reason (e.g. password-protected

archives, damaged files, etc.):

Reject the attachment WinRoute reacts in the same way as when a virus was detected

(including all the actions described above).

Allow delivery of the attachment WinRoute behaves as if password-protected or

damaged files were not infected.

Generally, this option is not secure. However, it can be helpful for example when

users attempt to transmit big volume of compressed password-protected files (typi-

cally password-protected archives) and the antivirus is installed on the workstations.

13.5 Scanning of files transferred via Clientless SSL-VPN

Antivirus check is also performed for files transferred between the local network and a remote

client by the Clientless SSL-VPN interface (see chapter

24

). The SSL-VPN Scanningtab allows to

set advanced parameters for scanning of files transferred via this interface.