IMAP-Proxy: APT Blocker
If you have purchased and enabled APT Blocker on your Firebox, you can enable APT Blocker in the IMAP proxy to examine mail traffic for APT malware.
APT Blocker can help protect your network from zero-day attacks sent as email attachments. When APT Blocker is enabled in the IMAP proxy, there can be a brief delay in retrieval of some messages that contain attachments that require analysis. For more information, go to About APT Blocker.
APT Blocker is part of the same scan process as Gateway AntiVirus. When you enable APT Blocker in a proxy action, APT Blocker scans content only when content matches a proxy action rule configured with the AV Scan action.
For more information about APT Blocker, go to About APT Blocker.
- From the Edit page for the IMAP proxy, select the Proxy Action tab.
- If the policy uses a predefined proxy action, from the Proxy Action drop-down list, select Clone the current proxy action.
- Select the APT Blocker tab.
Screen shot of the APT Blocker configuration settings in an IMAP proxy action in Fireware Web UI
- Select the Enable APT Blocker check box.
- Click Save.
To configure APT Blocker in your IMAP proxy, from Policy Manager:
- In the IMAP Proxy Action Configuration dialog box, select APT Blocker.
The APT Blocker page appears.
Screen shot of the ATP Blocker settings for an IMAP proxy action in Policy Manager
- Select the Enable APT Blocker check box.
- Click OK.
If you modified a predefined proxy action, when you save the changes you are prompted to clone (copy) your settings to a new action.
For more information on predefined proxy actions, go to About Proxy Actions.