This article applies to:
Question:
- Why is the Malicious Code/Virus section of my SR's dashboard reports empty? I am filtering with an SWG.
Reply:
This is simply a side effect of using the SWG, rather than a WF unit. The WF can only block malware/virus traffic via URL filtering, for the most part, and hits to sites in these categories are logged into that Malicious Code/Virus section of the reports.
However, the SWG blocks virus/malware traffic based on signatures and behaviors, and this does not get logged in the same way as the WF handles it. Thus, this traffic does not end up in the dashboard reports, since the format is different (i.e. not URL-based). In essence, the Malicious Code/Virus reports would only show things for WF users, as it only shows URL-based hits in these categories.