Properties

Name

Specifies a symbolic name for the ALG. (Identifier)

AllowServerPassive

Allow server to use passive mode (unsafe for server). (Default: No)

ServerPorts

Server data ports. (Default: 1024-65535)

AllowClientActive

Allow client to use active mode (unsafe for client). (Default: No)

ClientPorts

Client data ports. (Default: 1024-65535)

AllowUnknownCommands

Allow unknown commands. (Default: No)

AllowSITEEXEC

Allow SITE EXEC. (Default: No)

MaxLineLength

Maximum line length in control channel. (Default: 256)

MaxCommandRate

Maximum number of commands per second. (Default: 20)

Allow8BitStrings

Allow 8-bit strings in control channel. (Default: Yes)

AllowResumeTransfer

Allow RESUME even in case of content scanning. (Default: No)

Antivirus

Disabled, Audit or Protect. (Default: Disabled)

ScanExclude

List of files to exclude from antivirus scanning. (Optional)

CompressionRatio

Files with a compression ratio higher than this value will trigger the action in Compression Ratio Action. (Default: 20)

CompressionRatioAction

The action to take when high compression threshold is violated, all actions are logged. (Default: Drop)

AllowEncryptedZip

Allow encrypted zip files, even though the contents can not be scanned. (Default: No)

MaxArchiveDepth

The maximum number of archive "layers" that the antivirus engine will extract. (Default: 5)

ZDEnabled

Enable ZoneDefense Block. (Default: No)

ZDNetwork

Hosts within this network will be blocked at switches if a virus is found.

FailModeBehavior

Standard behaviour on error: Allow or Deny. (Default: Deny)

FileListType

Specifies if the file list contains files to allow or deny. (Default: Block)

File

List of file types to allow or deny. (Optional)

VerifyContentMimetype

Verify that file extentions correspond to the MIME type. (Default: No)

Attribute

Special Attribute of the current object. (Optional)

Comments

Text describing the current object. (Optional)

Properties

Name

Specifies a symbolic name for the ALG. (Identifier)

AllowTCPDataChannels

Allow TCP data channels (T.120). (Default: Yes)

MaxTCPDataChannels

Maximum number of TCP data channels per call. (Default: 10)

TranslateAddresses

Automatic or Specific. (Default: Automatic)

TranslateLogicalChannelAddresses

Translate logical channel addresses. (Default: Yes)

MaxGKRegLifeTime

Max Gatekeeper Registration Lifetime. (Default: 1800)

ChannelSetupMode

Channel connection setup mode. (Default: Optimistic)

Attribute

Special Attribute of the current object. (Optional)

Comments

Text describing the current object. (Optional)

Properties

Name

Specifies a symbolic name for the ALG. (Identifier)

AllowedProtocols

HTTP and/or HTTPS. (Default: HTTP)

RemoveCookies

Remove cookies. (Default: No)

RemoveScripts

Remove Javascript/VBScript. (Default: No)

RemoveApplets

Remove Java applets. (Default: No)

RemoveActiveX

Remove ActiveX objects (including Flash). (Default: No)

VerifyUTF8URL

Verify that URLs does not contain invalid UTF8 encoding. (Default: No)

BlackURLDisplayReason

Message to show when there is an attempt to access a blacklisted site. (Optional)

HTTPBanners

HTTP ALG HTML Banners. (Default: Default)

MaxDownloadSize

The maximum allowed file size in kB. (Optional)

Attribute

Special Attribute of the current object. (Optional)

FileListType

Specifies if the file list contains files to allow or deny. (Default: Block)

File

List of file types to allow or deny. (Optional)

VerifyContentMimetype

Verify that file extentions correspond to the MIME type. (Default: No)

Antivirus

Disabled, Audit or Protect. (Default: Disabled)

ScanExclude

List of files to exclude from antivirus scanning. (Optional)

CompressionRatio

Files with a compression ratio higher than this value will trigger the action in Compression Ratio Action. (Default: 20)

CompressionRatioAction

The action to take when high compression threshold is violated, all actions are logged. (Default: Drop)

AllowEncryptedZip

Allow encrypted zip files, even though the contents can not be scanned. (Default: No)

MaxArchiveDepth

The maximum number of archive "layers" that the antivirus engine will extract. (Default: 5)

ZDEnabled

Enable ZoneDefense Block. (Default: No)

ZDNetwork

Hosts within this network will be blocked at switches if a virus is found.

FailModeBehavior

Standard behaviour on error: Allow or Deny. (Default: Deny)

AllowFilteringReclassification

Show reclassification link for blocked sites. (Default: No)

WebContentFilteringMode

Disabled, Audit or Enable. (Default: Disabled)

FilteringCategories

Web content categories to block. (Optional)

NonManagedAction

Action to take for content that hasn't been classified. (Default: Allow)

AllowFilteringOverride

Allow the user to display a blocked site. (Default: No)

OverrideUpdateOnAccess

Restart the override timer on each new access to disallowed categories. (Default: Yes)

OverrideTimeToLive

Seconds that all disallowed categories will be allowed for the host that requested the override. (Default: 300)

Comments

Text describing the current object. (Optional)

Properties

Name

Specifies a symbolic name for the ALG. (Identifier)

BlockUserPass

Block clients from sending USER and PASS command. (Default: No)

HideUser

Prevent server from revealing that a user name do not exist. (Default: No)

AllowUnknownCommands

Allow unknown commands. (Default: No)

Attribute

Special Attribute of the current object. (Optional)

FileListType

Specifies if the file list contains files to allow or deny. (Default: Block)

File

List of file types to allow or deny. (Optional)

VerifyContentMimetype

Verify that file extentions correspond to the MIME type. (Default: No)

Antivirus

Disabled, Audit or Protect. (Default: Disabled)

ScanExclude

List of files to exclude from antivirus scanning. (Optional)

CompressionRatio

Files with a compression ratio higher than this value will trigger the action in Compression Ratio Action. (Default: 20)

CompressionRatioAction

The action to take when high compression threshold is violated, all actions are logged. (Default: Drop)

AllowEncryptedZip

Allow encrypted zip files, even though the contents can not be scanned. (Default: No)

MaxArchiveDepth

The maximum number of archive "layers" that the antivirus engine will extract. (Default: 5)

ZDEnabled

Enable ZoneDefense Block. (Default: No)

ZDNetwork

Hosts within this network will be blocked at switches if a virus is found.

FailModeBehavior

Standard behaviour on error: Allow or Deny. (Default: Deny)

Comments

Text describing the current object. (Optional)

Properties

Name

Specifies a symbolic name for the ALG. (Identifier)

EchoTimeout

Specifies idle timeout for Echo messages in the PPTP tunnel. (Default: 0)

IdleTimeout

SPecifies idle timeout for user traffic in the PPTP tunnel. (Default: 0)

Attribute

Special Attribute of the current object. (Optional)

Comments

Text describing the current object. (Optional)

Properties

Name

Specifies a symbolic name for the ALG. (Identifier)

MaxSessionsPerId

Maximum number of sessions per SIP URI. (Default: 5)

MaxRegistrationTime

The maximum allowed time in seconds between registration requests. (Default: 3600)

SipSignalTmout

Timeout value for last seen SIP message (in seconds). (Default: 43200)

DataChannelTmout

Timeout value for data channel (in seconds). (Default: 120)

AllowMediaByPass

Allow clients to exchange media directly when possible. (Default: Yes)

AllowTCPDataChannels

Allow TCP data channels. (Default: Yes)

MaxTCPDataChannels

Maximum number of TCP data channels per call. (Default: 5)

Attribute

Special Attribute of the current object. (Optional)

Comments

Text describing the current object. (Optional)

Properties

Name

Specifies a symbolic name for the ALG. (Identifier)

VerifySenderEmail

Check emails for mismatching SMTP command From address and email header From address. (Default: No)

VerifySenderEmailAction

...and block them. (Default: Deny)

VerifySenderEmailSpamTag

Spam Tag that is inserted into the subject. (Default: "*** SPAM *** ")

VerifySenderEmailDomainOnly

Only check domain names in email From addresses. (Default: No)

MaxEmailPerMinute

Specifies the maximum amount of emails per minute from the same host. (Optional)

MaxEmailSize

Specifies the maximum allowed email size in kB. (Optional)

Attribute

Special Attribute of the current object. (Optional)

FileListType

Specifies if the file list contains files to allow or deny. (Default: Block)

File

List of file types to allow or deny. (Optional)

VerifyContentMimetype

Verify that file extentions correspond to the MIME type. (Default: No)

Antivirus

Disabled, Audit or Protect. (Default: Disabled)

ScanExclude

List of files to exclude from antivirus scanning. (Optional)

CompressionRatio

Files with a compression ratio higher than this value will trigger the action in Compression Ratio Action. (Default: 20)

CompressionRatioAction

The action to take when high compression threshold is violated, all actions are logged. (Default: Drop)

AllowEncryptedZip

Allow encrypted zip files, even though the contents can not be scanned. (Default: No)

MaxArchiveDepth

The maximum number of archive "layers" that the antivirus engine will extract. (Default: 5)

ZDEnabled

Enable ZoneDefense Block. (Default: No)

ZDNetwork

Hosts within this network will be blocked at switches if a virus is found.

FailModeBehavior

Standard behaviour on error: Allow or Deny. (Default: Deny)

DNSBL

Disable or Enable DNSBL. (Default: No)

SpamThreshold

Spam Threshold defines when an email should be considered as Spam. (Default: 10)

DropThreshold

Drop Threshold defines when an email should be considered malicious and be dropped. (Default: 20)

SpamTag

Spam Tag that is inserted into the subject for an email considered as Spam or malicious. (Default: "*** SPAM *** ")

ForwardBlockedMail

Forward blocked mails to DropAddress. (Default: No)

DropAddress

Email address that emails reaching the drop threshold will be rerouted to.

AppendTXT

Use TXT records (will only be used if reaching the drop threshold). (Default: No)

CacheSize

Size of the IP Cache of checked sender IP addresses. (Default: 0)

CacheTimeout

Timeout in seconds before a cached IP address is removed. (Default: 600)

DNSBlackLists

Specifies the BlackList domain and its weighted value.

Comments

Text describing the current object. (Optional)

Properties

Name

Specifies a symbolic name for the ALG. (Identifier)

AllowedCommands

Specifies allowed commands. (Default: ReadWrite)

RemoveOptions

Remove option part from request packet. (Default: No)

AllowUnknownOptions

Allow unknown options in request packet. (Default: No)

MaxBlocksize

Max value for the blksize option. (Optional)

MaxFileTransferSize

Max size for transferred file. (Optional)

BlockDirectoryTraversal

Prevent directory traversal (consecutive dots in filenames). (Default: No)

Attribute

Special Attribute of the current object. (Optional)

Comments

Text describing the current object. (Optional)

Properties

Name

Specifies a symbolic name for the ALG. (Identifier)

HostCert

Specifies the host certificate.

RootCert

Specifies the root certificates. (Optional)

Attribute

Special Attribute of the current object. (Optional)

Comments

Text describing the current object. (Optional)