This article describes how 'bypass content scanning for streaming content' works on Sophos UTM, i.e. if you check the option box 'bypass content scanning for streaming content' of the HTTP/S proxy
The check-box Web Protection | Filtering Options | Misc in the 'Streaming settings' area 'Bypass content scanning for streaming content' is enabled by default.
This architectural design ensures that all data is scanned by the virus engines and the client does not receive one byte of data until the proxy is sure that there is no unwanted content. However, for "streaming content" like web radio, online TV, YouTube videos, ... this can be a problem, because such streaming content typically needs a very long time from start to finish, or even does not end at all. In these cases, the proxy would need much time or even "forever" to download the data. The user would not be able to see/listen to the video/audio stream.
If the check-box 'bypass content scanning for streaming content' is checked, the HTTP/S proxy will skip the content scanning of the downloaded data if the web server tells the proxy that the data one of the following MIME types:
This means the proxy will transfer each chunk of downloaded data from the web server immediately to the client (the browser), instead of collecting all chunks of data until the "end" of the stream is reached. This ensures that the streaming content is delivered without interruption to the client. Of course, the data is not scanned by the virus scanners in these cases.