Note: This feature applies only to Juniper Networks security devices that support internal antivirus (AV) scanning.
Edit the following options to configure an antivirus (AV) profile for scanning FTP traffic:
Enable: Click the check box to enable scanning of FTP traffic. By default, scanning is enabled.
Scan Mode: Select the appropriate scan mode:
scan-all: Select
this mode to scan all traffic at all times.
scan-intelligent: Select this mode to use a more sophisticated algorithm
to scan the traffic. Although this mode is not as safe as scan-all, it
may reduce overhead. This is the default.
scan-ext: Select this mode if you want all scanning decisions to
be based on the file extensions in the traffic.
Decompress Layer: Enter a value between 1 and 4. The value specifies how many layers of nested compressed files the internal AV scanner can decompress before it executes the virus scan. The default setting for FTP is 3. See Example.
If a message contains a compressed .zip file that contains another compressed .zip file, there are two compression layers, and decompressing both files requires a decompress-layer setting of 2. Valid settings are between 1 and 4, so the AV scanner can decompress up to 4 layers of compressed files.
Include Extension List: Select an extension list to include for AV scanning. This option instructs the security device to only scan files with extensions specified in the file extension list. Make sure the above scan-mode option is set to scan-ext. To create a file extension list, see File Extension Configuration.
Exclude Extension List: Select an extension list to exclude from AV scanning. This option instructs the security device to not scan files with extensions specified in the list. Make sure the above scan-mode option is set to scan-ext. To create a file extension list, see File Extension Configuration.