ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
Content Filtering and Optimizing Scans 6-41
v1.0, September 2009
3. Click Apply to save your settings.
Setting Web Access Exceptions and Scanning Exclusions
After you have specified which content the UTM filters, you can set exception rules for users of
certain LAN groups. Similarly, after you have specified which IP addresses and ports the UTM
scans for malware threats, you can set scanning exclusion rules for certain IP addresses and ports.
Setting Web Access Exception Rules
You can set exception rules for members of a LAN group to allow access to applications, Web
categories, and URLs that you have blocked for all other users, or the other way around, to block
access to applications, Web categories, and URLs that you have allowed access to for all other
users. To specify members of a LAN group and to customize LAN group names, see “Managing
Groups and Hosts (LAN Groups)” on page 4-12.
Scan Exception
The default maximum file or object size that is scanned is 2048 KB, but you can define a maximum size
of up to 10240 KB. However, setting the maximum size to a high value might affect the UTM's
performance (see “Performance Management” on page 10-1).
From the pull-down menu, specify one of the following actions when the file or message exceeds the
maximum size:
• Skip. The file is not scanned but skipped, leaving the end user vulnerable. This is the default setting.
• Block. The file is blocked and does not reach the end user.
Block Files with the Following Extensions
By default, the File Extension field lists the most common file extensions. You can manually add or
delete extensions. Use commas to separate different extensions. You can enter a maximum of 40 file
extensions; the maximum total length of this field, excluding the delimiter commas, is 160 characters.
You can also use the pull-down menu to add predefined file extensions from a specific category to the
File Extension field:
• None. No file extensions are added to the File Extension field. This is the default setting.
• Executables. Executable file extensions (exe, com, dll, so, lib, scr, bat, and cmd) are added to the
File Extension field.
• Audio/Video. Audio and video file extensions (wav, mp3, avi, rm, rmvb, wma, wmv, mpg, mp4, and
aac) are added to the File Extension field.
• Compressed Files. Compressed file extensions (zip, rar, gz, tar, and bz2) added to the File
Extension field.
Table 6-12. FTP Scan Settings (continued)
Setting Description (or Subfield and Description)