Re: [squid-users] Squid and Antivirus

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Mon, 13 Dec 2004 10:58:43 +0100 (CET)

On Mon, 13 Dec 2004, Ow Mun Heng wrote:

> Is running squid w/ anti-virus scanning actually recommended? It could
> really bog down accesses.

Most I have spoken to in corporate environments have the following
conclusions in this matter:

Virus scanning on the proxy does not add much in terms of virus
protection. With (somewhat) educated users the risk of getting viruses via
HTTP is fairly low, and chances are very high that the anti-virus
protection on the desktop computers catches it.

However, at the same time many have corporate policies enforced upon them
dictating that they MUST scan HTTP traffic for viruses in addition to the
desktop, just in case.

> But since you're saying to _not_ run it on the squid box, but in front
> of squid, it should be in-consequential. But, alas, I have not idea how
> to "proxy chain" anti-virus to squid.

Most if not all HTTP anti-virus scanning vendors have HTTP proxies as part
of their HTTP scanner. You either configure your clients to use Squid and
Squid to use the anti-virus proxy, or the other way around (clients to use
the anti-virus proxy, which then uses Squid)

Squid FAQ 4.9 How do I configure Squid forward all requests to another
proxy? <url:http://www.squid-cache.org/Doc/FAQ/FAQ-4.html#ss4.9>

Regards
Henrik
Received on Mon Dec 13 2004 - 02:58:45 MST

This archive was generated by hypermail pre-2.1.9 : Sat Jan 01 2005 - 12:00:02 MST