ProxySG & Advanced Secure Gateway

Hello everyone, I have some questions and clarifications with regards to the ASG integration with other Symantec products.

1) For ProxySG sending files to CAS for Scanning , it seems that everything from CAS is sent to ProxySG. If we only need to send files from ProxySG to CAS for scanning, are there any best practices from Symantec for scaning only the files from scanning. 

2) Is there any integration among CAS or MAA with Symantec Endpoint Protection? If yes then is it only for sending hashes from CAS or MAA for blacklisting maclious files on SEP. Can we send any suspicious files from SEP to CAS or MAA for detonating and executing to know about their behaviour?

Kind Regards, 

I meant by default everything from ProxySG is sent to CAS including URLs, images, scripts etc etc once you set up the integration between ProxySG and CAS. 

Hi,

             You can refer the SG-AV integration document for the Best Practice https://support.symantec.com/en_US/article.DOC10027.html . This will help in setting what need to be sent for scan and what to bypass.

For the SEP integration, currently it is only giving the blacklist of hash. Ref: https://origin-symwisedownload.symantec.com/resources/webguides/contentanalysis/21/index.htm#Topics/Tasks/services_sandboxing_sepm.htm?Highlight=endpoint . Detonation seems to be not supported at this point.