Yes, the bypass should work.
Yes, the bypass should work.
Last edited by jcoffin; 08-16-2011 at 10:37 AM.
Attention: Support and help on the Untangle Forums is provided by
volunteers and community members like yourself.
If you need Untangle support please call or email support@untangle.com
Going on 4 months of having Untangle. Not a single virus has been caught. What it has caught is some more Windows updates, I can't keep up with all these microsoft update server IP's, the bypass rule is quite worthless, unless I can use the domain in the bypass rule like this "download.windowsupdate.com"
Thanks,
Adam
Last edited by AdamB; 09-14-2011 at 09:37 AM.
Going on three years with Untangle, I've seen 1 windows update caught and it corrected itself in a few days without further modification.
Virus Blocker reports 79 infections removed, 10 blocked.
Kaspersky reports another 21 infections removed.
This since the last reboot, which would have been the upgrade to 9.0.2.
Rob Sandling, BS:SWE, MCP
NexgenAppliances.com
Phone: 866-794-8879 x201
Email: support@nexgenappliances.com
This isn't a huge network 400-500 users, I would think we would have caught at least 1 or 2 viruses by now, or everyone here is just extremely careful.
Every time I see the virus blocker got something I get excited to see, but then it turns out to be a windows update. So within 4 months that's roughly 15 times it has caught a windows update as a virus, but has yet to actually catch a virus, must be my users are smarter than the average.
Either way any idea on whether the domain will work in the bypass rules, I know it doesn't in the firewall so I figured I would ask.
Or the Web Filter is doing its job.
I get these things in my logs because I often disable the web filter for testing. But in my experience the malware category on the zVelo Web Filter is nailing most things before the AV modules get a hold of it.
Rob Sandling, BS:SWE, MCP
NexgenAppliances.com
Phone: 866-794-8879 x201
Email: support@nexgenappliances.com
Well then a bypass rule is pointless. I would spend most of my day trying to pin down all the different addresses. They seem to change on a daily basis.
You can't bypass Windows Updates, they are served via CDN. Furthermore, as I indicated before, this process isn't required as Windows Updates function normally.
If you need further assistance I suggest you call UT support, and get their engineers to deal with it. I'm sure they'd love to get their hands on an asymptomatic AV module that is consistently breaking something this big.
Of course that assumes you have support for a box in production. You do have support don't you?
Rob Sandling, BS:SWE, MCP
NexgenAppliances.com
Phone: 866-794-8879 x201
Email: support@nexgenappliances.com