https://live.paloaltonetworks.com/t5/general-topics/anti-virus-and-quot-server-response-inspection-quot/m-p/26066#M19020 <HTML><HEAD></HEAD><BODY><P>I have been disabling "server response inspection" by default in all my policies as it is documented in a number of places (including independent group tests) that this improves the overall firewall performance, and I was under the impression that SRI was only useful in certain data-centre environments that do not apply to us.</P><P></P><P>However while testing some policies today I notice that with SRI disabled anti-virus does <STRONG>not </STRONG>work (testing with .&nbsp; I suppose logically this makes sense, the virus is going to be in the server response, but I cannot find this documented anywhere - is this expected behaviour?</P><P></P><P>Liam.</P></BODY></HTML> Tue, 28 Feb 2012 12:58:30 GMT LCMember2860 2012-02-28T12:58:30Z https://live.paloaltonetworks.com/t5/general-topics/anti-virus-and-quot-server-response-inspection-quot/m-p/26066#M19020 <HTML><HEAD></HEAD><BODY><P>I have been disabling "server response inspection" by default in all my policies as it is documented in a number of places (including independent group tests) that this improves the overall firewall performance, and I was under the impression that SRI was only useful in certain data-centre environments that do not apply to us.</P><P></P><P>However while testing some policies today I notice that with SRI disabled anti-virus does <STRONG>not </STRONG>work (testing with .&nbsp; I suppose logically this makes sense, the virus is going to be in the server response, but I cannot find this documented anywhere - is this expected behaviour?</P><P></P><P>Liam.</P></BODY></HTML> Tue, 28 Feb 2012 12:58:30 GMT https://live.paloaltonetworks.com/t5/general-topics/anti-virus-and-quot-server-response-inspection-quot/m-p/26066#M19020 LCMember2860 2012-02-28T12:58:30Z https://live.paloaltonetworks.com/t5/general-topics/anti-virus-and-quot-server-response-inspection-quot/m-p/26067#M19021 <HTML><HEAD></HEAD><BODY><P>From the Admin Guide:</P><PRE __jive_macro_name="quote" class="jive_text_macro jive_macro_quote"><P>Disable Server Response Inspection—To disable packet inspection from the server to the client, select this check box. This option may be useful under heavy server load conditions.</P></PRE><P></P><P>I believe this is quite clear. I would not recommend to disable SRI by default.</P><P></P><P>rgds Roland</P></BODY></HTML> Tue, 28 Feb 2012 13:13:30 GMT https://live.paloaltonetworks.com/t5/general-topics/anti-virus-and-quot-server-response-inspection-quot/m-p/26067#M19021 gafrol 2012-02-28T13:13:30Z