< Home

Configuring Push Information

This section describes how to configure push information for the antivirus feature.

Context

The FW sends notifications in the text or web page format to users. You can specify the content of the notifications. To modify a notification, export the notification template, edit the notification in the template, and import the template file into the FW.

If you set the action for mail protocols in the antivirus profile to Declare or Delete Attachment and the FW detects a virus from an email, the FW adds notification information in the email body.

After the action for HTTP is set to Block in the antivirus profile, if the FW identifies a user-accessed web page as a virus, the FW blocks the access and pushes a web page with a prompt to the user.

In addition, if the HTTP status code of the push information fails to meet your requirement, you can modify the HTTP status code.

You can configure push information by using all kinds of HTML tags (including the script), which is risky. Please use it cautiously.

Procedure

  1. Choose System > Setup > Configure Information Push.
  2. Optional: Configure the HTTP status code of the push information.

    Select the following status codes and click Apply.
    • 401 Unauthorized: Indicates that the request is not authorized.
    • 403 Forbidden: Indicates that the server request is denied.
    • 404 Not Found: Indicates that the request fails.
    • 503 Service Unavailable: Indicates that the server cannot process the request currently.

    By default, the HTTP status code of the push information is 503.

  3. Click Email Declaration, Email Delete Attachment or Virus-infected File Blocking under Antivirus. Alternatively, you can click the corresponding Import. Then download the notification template to the PC.
  4. Edit the notification content in the template.

    • In the Email Declaration and Email Delete Attachment notification templates, parameter %FILE indicates the name of the virus-infected file. Each notification message must contain only one %FILE. The FW automatically substitutes %FILE with the actual value when sending notification messages. The notification messages support spaces and can contain a maximum of 1024 characters.

    • In the Virus-infected File Blocking notification template, parameter %FILE_NAME indicates the name of a virus-infected file. Each notification message must contain only one %FILE_NAME. The FW automatically replaces %FILE_NAME with the actual value when sending notification messages.

    • In the Virus-infected File Blocking notification template, <> indicates the Hypertext Markup Language (HTML). Change the content between <> and </>.

      For Virus-infected File Blocking push information, the template size cannot exceed 21 KB.

    If the information to be pushed contains Chinese characters, set the coding method to GB2312 between <head> and </head> (for example, <meta http-equiv="Content-Type" content="text/html; charset=GB2312"></meta>) to ensure that the information can be properly displayed.

  5. Click Email Declaration, Email Delete Attachment or Virus-infected File Blocking. Alternatively, you can click the corresponding Import. Then click Browse to select the template file in which the notification is configured.
  6. Click Import. The new notification takes effect after the template is successfully imported.

    For the Virus-infected File Blocking notification template, ensure the security of the file to be imported to prevent pushed pages from containing malicious information such as phishing websites or Trojan horses.

  7. Click OK.

Follow-up Procedure

You can perform the following operations to modify notifications or restore default notifications:

  • Click Export of the notification to be modified to download the notification file. Then edit the downloaded notification and import the file into the FW.

  • Click Reset corresponding to the notification to be modified to restore the default notification.

    • If you perform the reset operation in the root system, the root system uses the default notification of the FW.

    • If you perform the reset operation in the virtual system, the virtual system uses the notification configured in the root system; if the default notification of the root system has not been modified before you perform the reset operation, the virtual system uses the default notification of the FW.

Parent Topic: Configuring Antivirus Using the Web UI
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >