03/26/2020 26 People found this article helpful 452,798 Views
In most situations the issue can be resolved (unknown files and BUV not blocking) by enabling GAV Clientless notifications and http byte-range requests.
Enabling http byte-range requests allows http clients (like a Chrome browser or wget) to download files in pieces. So, if a file download was aborted for some reason, the client can still issue a http download command for the rest of the file . The firewall cannot identify that this download is related to some older file download which was aborted. This behavior can be mitigated to a large extent by ensuring that both GAV Clientless Notification http byte-range requests are turned ON. The former will block such partial download if the first download was aborted due to a virus identification. The latter will allow partial downloads if the file is not identified as a virus (for example Windows updates, etc.) if it is not blocked by the former. If GAV Clientless Notification is turned off and byte-range requests are turned on, the firewall does not collect the url or the supposed filename.
To confirm that both GAV Clientless Notification and http byte-range requests are turned on please perform the following:
ISSUE ID:
180955