Creating a bypass rule

Prior to creating a bypass rule, make sure that you have enabled decryption of TLS/SSL connections. If decryption of TLS/SSL connections is not configured, HTTP messages containing the CONNECT method will not be scanned by the Anti-Virus and Anti-Phishing modules. This could lead to infection of users' computers.

To create a bypass rule for CONNECT requests:

1. In the application web interface, select the Rules section.
2. Select the Bypass tab.
3. Click Add rule.

   The Add rule window opens.

4. In the Action drop-down list, select Allow without scanning.
5. If you want to add a rule only for users that satisfy the defined criteria, in the Initiator settings group click + Rule criteria and specify the necessary criteria.

   If criteria are not defined, the rule is applied to all users.

6. In the Traffic filter settings group, click + Rule criteria.
7. In the drop-down list that appears on the left, select HTTP Method.
8. In the drop-down list on the right, select CONNECT.
9. In the Rule name field, type the name of the rule.
10. If necessary, provide any additional information about the rule in the Comment field.
11. Set the Status toggle switch to Enabled.
12. Click Add.

The bypass rule will be created and displayed in the rules table. The application will skip (not scan) all HTTP messages containing the CONNECT method.