User Guide
Table Of Contents
- KASPERSKY ANTI-VIRUS FOR PROXY SERVER
- OPERATION ALGORITHM AND TYPICAL DEPLOYMENT SCENARIOS
- INSTALLING THE APPLICATION
- USING KASPERSKY ANTI-VIRUS
- ADDITIONAL SETTINGS OF KASPERSKY ANTI-VIRUS
- Creating groups
- Anti-virus scan settings
- The choice of actions over scanned objects
- Administrator notifications
- Operation modes
- Modes of interaction with proxy via ICAP
- Application statistics logging
- Application reporting parameters
- Memory dump creation for detection of errors
- Work with Internet broadcasting stations
- UNINSTALLING THE APPLICATION
- APPLICATION REFERENCE
- KASPERSKY LAB
- LICENSE AGREEMENT
Additional settings of Kaspersky Anti-Virus 37
• INFECTED – the object is infected and cannot be cured or disinfection
has not been attempted.
• CURED – the object was infected; it has been cured successfully.
• WARNING – the object contains code that resembles a known virus.
• SUSPICIOUS – the object is suspected of being infected with an
unknown virus.
• PROTECTED – the object is password-protected and therefore it cannot
be scanned.
• CORRUPTED – the object is damaged.
• ERROR – object scanning resulted in an error.
Actions performed by Kaspersky Anti-Virus over objects with a specific status are
determined by the parameters in the [icapserver.actions] section (for the
default group) and [icapserver.actions:<group name>] section (for groups
created by the administrator):
• InfectedAction – action over an infected object that has not been cured
or cannot be cured.
• SuspiciousAction – action over an objects suspected of being infected
with an unknown virus.
• WarningAction – action over an object containing code that resembles a
known virus.
• ErrorAction – action over an object that has been assigned the ERROR
status.
• ProtectedAction – action over a password-protected object.
• CorruptedAction – action over a damaged object.
• CuredAction – action over a disinfected object.
The listed parameters can take the following values:
• skip – allows object transfer.
• deny – prohibits object transfer replacing such object with a
corresponding notification file.
If deny is the action used on an object, then, depending upon the object's status,
it will be replaced with one of the following placeholder files located in the
/opt/kav/5.5/kav4proxy/share/notify: directory:
• object_infected – template containing a notification about detection of an
infected object.