we use the interscan virus wall product, put in front of the squid or after the squid.

We feel that the squid is more capable of handling the internet than the interscan and 
thus have put it in that order.

This still allows you to do things like make simple rules for delay pools to limit 
download speeds and to reduce bandwidth hogging.
One of the cons to this is that if you get bad content, its stored on the squid.
A better way would probably be to make squid proxy to the av scanner and then use 
squid for suthentication etc. This also works well, but you do lose
the bandwidth control.
If bandwidth control is not an isue for you, then i'd suggest doing it this way.

As far as performance degradation goes, we did notice a slight degradation when the av 
scanner was in front of the squid. 

As such, I haven't yet managed to get time to play with any of the test ICAP stuff. 
.... maybe its time ...

Hope this helps.
J

-----Original Message-----
From: Wei Keong [mailto:[EMAIL PROTECTED]
Sent: 02 October 2003 04:42
To: Ward, John (I&DBM)
Cc: 'jacques.van.der.merwe'; Squid Users
Subject: RE: [squid-users] squid and anti-virus


Hi John,

Are you using the Interscan WebProtect with ICAP? Or you are putting the
scan engine in front of Squid?

I have tried the Symantec Scan Engine, but somehow it does not work very
well with Squid 2.5S4 & Icap... :(

Rgds,
Wei Keong


On Wed, 1 Oct 2003, Ward, John (I&DBM) wrote:

> Hi Jacques,
>
> There is a way to use the trend micro product in front of the squid. Its not 
> elegant, but it does solve one or two problems.
> things to note:
> 1) if you chain the devices, you will break your ability to use delay pools ( nice 
> for QOS, ask Raymond C ;)
> 2) the trend product runs on linux and we've had it here for a while, but the 
> interface is not very intuitive when it comes to seeing which scanner
> engine/pattern you have
>
> 99.992% of the time it does work well w.r.t removing the virus payload.
>
> John
>
> PS: now might be a good time to beg for CVP / ICAP in squid ;)
>
> -----Original Message-----
> From: jacques.van.der.merwe [mailto:[EMAIL PROTECTED]
> Sent: 01 October 2003 09:11
> To: Squid Users
> Subject: [squid-users] squid and anti-virus
>
>
> greetings all,
>
> has anybody successfully intergrated content scanning (anti virus) and squid? i'm 
> getting uphill from our AV guys about no content scanning at our
> proxy before data arrives at the desktops. i know of MS products floating about that 
> do this, but i'd hate to deploy an MS product within my pure
> Linux environment.
>
> any takers?
>
>
> NOTICE:
>
> This message contains privileged and confidential information intended
> only for the person or entity to which it is addressed.
> Any review, retransmission, dissemination, copy or other use of, or
> taking of any action in reliance upon this information by persons or
> entities other than the intended recipient, is prohibited.
>
> If you received this message in error, please notify the sender
> immediately by e-mail, facsimile or telephone and thereafter delete the
> material from any computer.
>
> The New Africa Capital Group, its subsidiaries or associates do not
> accept liability for any personal views expressed in this message.
>


NOTICE: 

This message contains privileged and confidential information intended 
only for the person or entity to which it is addressed. 
Any review, retransmission, dissemination, copy or other use of, or 
taking of any action in reliance upon this information by persons or 
entities other than the intended recipient, is prohibited. 

If you received this message in error, please notify the sender 
immediately by e-mail, facsimile or telephone and thereafter delete the 
material from any computer. 

The New Africa Capital Group, its subsidiaries or associates do not 
accept liability for any personal views expressed in this message.

Reply via email to