User Guide
Table Of Contents
- KASPERSKY ANTI-VIRUS FOR PROXY SERVER
- OPERATION ALGORITHM AND TYPICAL DEPLOYMENT SCENARIOS
- INSTALLING THE APPLICATION
- USING KASPERSKY ANTI-VIRUS
- ADDITIONAL SETTINGS OF KASPERSKY ANTI-VIRUS
- Creating groups
- Anti-virus scan settings
- The choice of actions over scanned objects
- Administrator notifications
- Operation modes
- Modes of interaction with proxy via ICAP
- Application statistics logging
- Application reporting parameters
- Memory dump creation for detection of errors
- Work with Internet broadcasting stations
- UNINSTALLING THE APPLICATION
- APPLICATION REFERENCE
- KASPERSKY LAB
- LICENSE AGREEMENT
12 Kaspersky Anti-Virus for Proxy Server
The application performs anti-virus scanning of Internet traffic in the REQMOD
mode in accordance with the following procedure (see Fig. 2):
1. User sends an object using HTTP via Squid proxy.
2. Squid proxy uses ICAP to transfer the received object to Kaspersky
Anti-Virus for an anti-virus scan.
3. Kaspersky Anti-Virus checks if the request parameters match any of the
existing groups (please refer to section 5.1 on p. 34 for details about
groups). If it finds such group, then the application scans and processes
the object as necessary in accordance with the rules specified for that
group. If a request does not match any of the existing groups, the
application will use the default group rules for anti-virus scanning and
processing.
Figure 2. Anti-virus scanning of traffic in the REQMOD mode
4. The application uses the results of anti-virus scanning to assign to a
scanned object a specific status, which is employed as a criterion to
allow transfer of that object or prohibit it (please refer to section 5.3 on
p. 36 for details about available statuses and actions performed by the
application). Permission or denial of transfer for objects with a specific