Hi ITA,
Eicar is working just fine for me in my environment. Let me give you a few things to check.
1) Make sure you are SSL decrypting the traffic. Without SSL decryption, that ProxySG cannot detect nor send files to CAS
2) Make sure you have a rule set to send traffic to the CAS, and that it is set for RESPMod (not REQMod). Take a policy trace of this traffic to ensure that it is matching.
3) Make sure that you have your AV enabled under Content Analysis > System > Licensing. Even if you don't have an AV enabled, it will still update the patterns, so checking if an AV is enabled is important.
Hope this helps!
Original Message:
Sent: 11-22-2020 04:11 AM
From: ITA ISD
Subject: Is CAS analysing fine!