Features
File Scanning
How real-time file scanning works in bowbridge Anti-Virus for Salesforce
Overview
Every file uploaded to or downloaded from your org is automatically scanned for viruses, malware, and policy violations.
Legacy Salesforce Attachments are fully supported.
How It Works
- A file is uploaded or downloaded
- bowbridge intercepts the file and identifies the user's Protection Profile
- The file is sent to the external scan cluster for analysis
- Based on the result, the file is allowed through or blocked and quarantined
- The scan is logged in the Reporting tab
Scan Results
| Result | Action |
|---|---|
| Clean | File passes through normally |
| Malicious | File blocked and quarantined |
| Policy violation | File blocked based on configured rules |
| Scan error | Error logged, admin notified |
Quarantine
When a file is blocked, it is moved to quarantine and inaccessible to users. Administrators can review and release quarantined files in two ways: from the Reporting tab, or from the Dashboard by clicking the blocked files detail view, which automatically filters the log to quarantined files only. If the Replace File setting is enabled, the blocked file content is replaced with a harmless placeholder so users understand why the file is unavailable.
Configuration
| Area | What to configure | Reference |
|---|---|---|
| Scan triggers, threat action, file replacement | When to scan, what to do on detection | File Scan Settings |
| Scan engine behavior, archive handling, timeouts | Fine-grained engine controls per profile | Scan Configuration |
| Active content detection | Block macros, JavaScript, embedded objects | Active Content Configuration |
| File type and MIME type rules | Allow/block lists for extensions and MIME types | Scan Configuration |
| MIME type to extension mappings | Verify files match their declared type | MIME Type Mappings |
| Notifications | Alert admins and users on threats | Notification Configuration |