Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1447
Views
0
Helpful
7
Replies

ASA - CSC - Problems with EXE Files

nuria.andres
Level 1
Level 1

‎12-21-2006 12:35 AM - edited ‎03-11-2019 02:11 AM

Hi,

I have problems with EXE Files, when I have enabled the "WEB Scanning". I have disabled the option "File Blocking".

When I try to download a EXE File, I get "error by timeout".

Can Anybody help me?.

Thank you very much.

Best Regards.

Nuria

Labels:
0 Helpful
7 Replies 7

ryan_holland
Level 1
Level 1

‎12-22-2006 03:00 PM

Nuria,

How large are the files you are attempting to download? Have you enabled the large file scanning option under HTTP Scanning?

This allows the CSC card to send small amounts of data to the endpoint, while it downloads the file to be scanned and will prevent client timeout errors.

0 Helpful

nuria.andres
Level 1
Level 1
In response to ryan_holland

‎12-25-2006 11:48 PM

Ok, I have enabled the option "Enable deferred scanning for files larger than 2 MB", and now, it seems, that I can download EXE files.

On the other hand, I have another two problems, with the CSC:

- I get nothing when I select Logs->Query. I mean, the CSC is stopping virus and spyware, but the reports generated when it selected the option Logs->Query, it doesn?t show anything.

- When I execute th EICAR TEST (www.eicar.org), the CSC doesn?t stop all files. is this normal?.

Thank you very much

Best Regards

Nuria

0 Helpful

ryan_holland
Level 1
Level 1
In response to nuria.andres

‎12-27-2006 11:39 AM

The Logs->Query should show event, make sure you have selected the correct protocol to show logs for. If you require more detailed reporting the Trend Micro Control Manager can provide more detailed centralized reporting for the CSC and other Trend products.

As for the EICAR test file, which ones were not blocked? Anything that was downloaded unencrypted will be blocked. Its possible you were downloading the file via HTTPS or an encrypted ZIP file.

Thanks

Ryan

0 Helpful

nuria.andres
Level 1
Level 1
In response to ryan_holland

‎12-28-2006 05:56 AM

It doesn?t block the two first tests (eicar.com y eicar.com.txt). The another 2 tests (eicar_com.zip and eicarcom2.zip) are Ok. The CSC stop them.

And I have execute these tests, via HTTP.

Thank you very much.

Best Regards.

Nuria

0 Helpful

ryan_holland
Level 1
Level 1
In response to nuria.andres

‎12-29-2006 01:13 AM

I've not been able to duplicate this, what are your scan settings?

thanks

Ryan

0 Helpful

nuria.andres
Level 1
Level 1
In response to ryan_holland

‎01-01-2007 02:12 PM

Hi,

In the attachment, you can see the CSC version and the web scanning properties.

do I have to activate anything else?.

Happy New Year.

Thank you very much

Best Regards

Nuria

Preview file
207 KB
0 Helpful

Florian Pressler
Level 1
Level 1
In response to nuria.andres

‎09-20-2010 05:37 AM

Hi,

I have exactly the same problem. The SCS-SSM detects the EICAR-Testvirus when being zipped, but lets it through when it is unzipped.

I'm sure that the configuration on the ASA is correct, HTTP is generally allowed and forwarded to the module.

Does anybody have an idea?

Thanks,

Florian

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card