FTP-Proxy virus scanning robustness
At the moment, if virus scanning enabled on UTM (320) for files smaller than 50MB you can run in a problem, if the file a packed zip file with a high compress rate and a complex directory and file structure(e.g 220MB more then 1600 files). The transfer can not completed and the ftp log show you:
2014:01:09-18:42:13 XXXXX-1 frox: Got no response from cssd
2014:01:09-18:42:16 XXXXX-1 frox: Virus scanner failed
My suggestion is, that the admin has the option to allow transfer complex zip files without an virus scan like a file that excite the maximum scanning size. it is a simple way to increase the robustness of the transfer.
In the Web Protection > FTP > you should have the "Exceptions" section where you could specifically allow your Admin users to bypass the Virus Check and rely on their Client Ant-Virus system to provide the protection. Personally, I remember the days when Symantec & Ironport were easily tricked into allowing viruses through their E-mail Filter systems just by creating a complex compressed file structure. I know they had a # of levels set to scan by default that it would scan and then after that it just let things slip through.
Matthias Brecht commented
I hope Sophos now recognizes the need to act http://www.heise.de/newsticker/meldung/Tausende-FTP-Server-gehackt-2115308.html