02-28-2012 04:58 AM
I have been disabling "server response inspection" by default in all my policies as it is documented in a number of places (including independent group tests) that this improves the overall firewall performance, and I was under the impression that SRI was only useful in certain data-centre environments that do not apply to us.
However while testing some policies today I notice that with SRI disabled anti-virus does not work (testing with . I suppose logically this makes sense, the virus is going to be in the server response, but I cannot find this documented anywhere - is this expected behaviour?
Liam.
02-28-2012 05:13 AM
From the Admin Guide:
Disable Server Response Inspection—To disable packet inspection from the server to the client, select this check box. This option may be useful under heavy server load conditions.
I believe this is quite clear. I would not recommend to disable SRI by default.
rgds Roland
02-28-2012 05:13 AM
From the Admin Guide:
Disable Server Response Inspection—To disable packet inspection from the server to the client, select this check box. This option may be useful under heavy server load conditions.
I believe this is quite clear. I would not recommend to disable SRI by default.
rgds Roland
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
