SRX

Expand all | Collapse all

UTM-Anti-Virus with shophos to scan https?

Jump to Best Answer
  • 1.  UTM-Anti-Virus with shophos to scan https?

    Posted 09-06-2017 00:42

    Hi all,

     

    I'm try to test https scanning for virus and it's like sophos cannot check the https. Based on this url http://junosnotes.blogspot.my/2013/09/srx-utm-antivirus-kaspersky-full.html#more it said it will fail for https. Is there any method that i can test the https file.

     

    http://www.eicar.org/85-0-Download.html

     

    Thanks and appreciate any help.



  • 2.  RE: UTM-Anti-Virus with shophos to scan https?

    Posted 09-06-2017 01:25

    Which SRX hardware and software version? It is supported from 12.3X48-D25 / 15.1X49-D40 with SSL Forward proxy enabled.



  • 3.  RE: UTM-Anti-Virus with shophos to scan https?

    Posted 09-06-2017 01:37

    Hi,

     

     

    I'm using vSRX 15.1x49.D100. If it support appreciate if u provide the url that i can follow. Is it need CA (free or buy) if need use SSL Forward Proxy.

     

     

    Thanks and appreciate your advise.



  • 4.  RE: UTM-Anti-Virus with shophos to scan https?

    Posted 09-06-2017 01:40

    vSRX supports SSL forward proxy.

     

    You can just generate your own root CA - just ensure that the client device is trusting this CA.

     

    The process is described here: https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ssl-proxy-workflow-configuring.html

     

     



  • 5.  RE: UTM-Anti-Virus with shophos to scan https?

    Posted 09-06-2017 02:30

    Hi

     

     

     

     

     



  • 6.  RE: UTM-Anti-Virus with shophos to scan https?
    Best Answer

    Posted 09-06-2017 03:02

    I'm talking about using the SRX itself as a CA. Just look at the part of the guide regarding "Configuring a Root CA Certificate".

     

    If you already have generated a CA for Sky ATP then you should be able to reuse it for SSL FP - as least as I understand the scenario.



  • 7.  RE: UTM-Anti-Virus with shophos to scan https?

    Posted 09-07-2017 07:28

    Hi ,

     

     

    It's look like in latest vSRX D100 with latest sophos can support https without enable CA when i test download some zip file on https page.

     

     

    Thanks

     

     



  • 8.  RE: UTM-Anti-Virus with shophos to scan https?

    Posted 09-08-2017 01:28

    Hi kronicklez,

     

    without knowing all the details it makes sense if it's a public available https-site.

     

    In cases where downloads are happing from a restricted website (eg. webmail) the scanning cannot be done without doing SSL forward proxy.

     

    But again - I haven't looked into these things in details so I cannot comment further.



  • 9.  RE: UTM-Anti-Virus with shophos to scan https?

    Posted 09-08-2017 07:42