On Mon, 13 Dec 2004, Ow Mun Heng wrote:
Is running squid w/ anti-virus scanning actually recommended? It could really bog down accesses.
Most I have spoken to in corporate environments have the following conclusions in this matter:
Virus scanning on the proxy does not add much in terms of virus protection. With (somewhat) educated users the risk of getting viruses via HTTP is fairly low, and chances are very high that the anti-virus protection on the desktop computers catches it.
However, at the same time many have corporate policies enforced upon them dictating that they MUST scan HTTP traffic for viruses in addition to the desktop, just in case.
But since you're saying to _not_ run it on the squid box, but in front of squid, it should be in-consequential. But, alas, I have not idea how to "proxy chain" anti-virus to squid.
Most if not all HTTP anti-virus scanning vendors have HTTP proxies as part of their HTTP scanner. You either configure your clients to use Squid and Squid to use the anti-virus proxy, or the other way around (clients to use the anti-virus proxy, which then uses Squid)
Squid FAQ 4.9 How do I configure Squid forward all requests to another proxy? <url:http://www.squid-cache.org/Doc/FAQ/FAQ-4.html#ss4.9>
Regards Henrik
