Zyxel ZyWALL-USG50 Router Manual PDF (Setup & Configuration Guide)

Page 466 / 944 Scroll up to view Page 461 - 465

Chapter 29 Anti-Virus

ZyWALL USG 50 User’s Guide

466

29.2

Anti-Virus Summary Screen

Click

Configuration > Anti-X

>

Anti-Virus

to display the configuration screen

as shown next.

Figure 282

Configuration > Anti-X > Anti-Virus > General

The following table describes the labels in this screen.

Table 135

Configuration > Anti-X > Anti-Virus > General

LABEL

DESCRIPTION

Show Advance

Settings / Hide

Advance

Settings

Click this button to display a greater or lesser number of configuration

fields.

Enable Anti-

Virus and Anti-

Spyware

Select this check box to check traffic for viruses and spyware. The

following table lists policies that define which traffic the ZyWALL scans

and the action it takes upon finding a virus.

Page 467 / 944

Chapter 29 Anti-Virus

ZyWALL USG 50 User’s Guide

467

Scan EICAR

Select this option to have the ZyWALL check for the EICAR test file and

treat it in the same way as a real virus file. The EICAR test file is a

standardized test file for signature based anti-virus scanners. When the

virus scanner detects the EICAR file, it responds in the same way as if it

found a real virus. Besides straightforward detection, the EICAR file can

also be compressed to test whether the anti-virus software can detect it

in a compressed file. The test string consists of the following human-

readable ASCII characters.

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-

TEST-FILE!$H+H*

Policies

Add

Click this to create a new entry. Select an entry and click

Add

to create

a new entry after the selected entry.

Edit

Select an entry and click this to be able to modify it.

Remove

Select an entry and click this to delete it.

Activate

To turn on an entry, select it and click

Activate

.

Inactivate

To turn off an entry, select it and click

Inactivate

.

Move

To change an entry’s position in the numbered list, select it and click

Move

to display a field to type a number for where you want to put that

entry and press [ENTER] to move the entry to the number that you

typed.

Status

The activate (light bulb) icon is lit when the entry is active and dimmed

when the entry is inactive.

Priority

This is the position of an anti-virus policy in the list. The ordering of

your anti-virus policies is important as the ZyWALL applies them in

sequence. Once traffic matches an anti-virus policy, the ZyWALL applies

that policy and does not check the traffic against any more policies.

From

The anti-virus policy has the ZyWALL scan traffic coming from this zone

and going to the

To

zone.

To

The anti-virus policy has the ZyWALL scan traffic going to this zone from

the

From

zone.

Protocol

These are the protocols of traffic to scan for viruses.

FTP

applies to traffic using the TCP port number specified for FTP in the

ALG screen.

HTTP

applies to traffic using TCP ports 80, 8080 and 3128.

SMTP

applies to traffic using TCP port 25.

POP3

applies to traffic using TCP port 110.

IMAP4

applies to traffic using TCP port 143.

License

The following fields display information about the current state of your

subscription for virus signatures.

License

Status

This field displays whether a service is activated (

Licensed

) or not (

Not

Licensed

)

or expired (

Expired

).

Table 135

Configuration > Anti-X > Anti-Virus > General (continued)

LABEL

DESCRIPTION

Page 468 / 944

Chapter 29 Anti-Virus

ZyWALL USG 50 User’s Guide

468

License Type

This field displays whether you applied for a trial application (

Trial

) or

registered a service with your iCard’s PIN number (

Standard

).

None

displays when the service is not activated.

Apply new

Registration

This link appears if you have not registered for the service or only have

the trial registration. Click this link to go to the screen where you can

register for the service.

Signature

Information

The following fields display information on the current signature set that

the ZyWALL is using.

Anti-Virus

Engine Type

This field displays Kaspersky’s anti-virus engine .

Current

Version

This field displays the anti-virus signature set version number. This

number gets larger as the set is enhanced.

Signature

Number

This field displays the number of anti-virus signatures in this set.

Released

Date

This field displays the date and time the set was released.

Update

Signatures

Click this link to go to the screen you can use to download signatures

from the update server.

Apply

Click

Apply

to save your changes.

Reset

Click

Reset

to return the screen to its last-saved settings.

Table 135

Configuration > Anti-X > Anti-Virus > General (continued)

LABEL

DESCRIPTION

Page 469 / 944

Chapter 29 Anti-Virus

ZyWALL USG 50 User’s Guide

469

29.2.1

Anti-Virus Policy Add or Edit Screen

Click the

Add

or

Edit

icon in the

Configuration > Anti-X

>

Anti-Virus >

General

screen to display the configuration screen as shown next.

Figure 283

Configuration > Anti-X > Anti-Virus > General > Add

The following table describes the labels in this screen.

Table 136

Configuration > Anti-X > Anti-Virus > General > Add

LABEL

DESCRIPTION

Enable

Select this check box to have the ZyWALL apply this anti-virus policy

to check traffic for viruses.

From

To

Select source and destination zones for traffic to scan for viruses. The

anti-virus policy has the ZyWALL scan traffic coming from the

From

zone and going to the

To

zone.

Protocols to Scan

Select which protocols of traffic to scan for viruses.

HTTP

applies to traffic using TCP ports 80, 8080 and 3128.

FTP

applies to traffic using the TCP port number specified for FTP in

the ALG screen.

SMTP

applies to traffic using TCP port 25.

POP3

applies to traffic using TCP port 110.

IMAP4

applies to traffic using TCP port 143.

Page 470 / 944

Chapter 29 Anti-Virus

ZyWALL USG 50 User’s Guide

470

Actions When

Matched

Destroy infected

file

When you select this check box, if a virus pattern is matched, the

ZyWALL overwrites the infected portion of the file (and the rest of the

file) with zeros. The un-infected portion of the file before a virus

pattern was matched goes through unmodified.

Send Windows

Message

Select this check box to set the ZyWALL to send a message alert to

files’ intended user(s) using Microsoft Windows computers connected

to the to interface.

Refer to

Appendix C on page 851

if your Windows computer does not

display the alert messages.

Log

These are the log options:

no

: Do not create a log when a packet matches a signature(s).

log

: Create a log on the ZyWALL when a packet matches a

signature(s).

log alert

: An alert is an e-mailed log for more serious events that

may need more immediate attention. Select this option to have the

ZyWALL send an alert when a packet matches a signature(s).

White List / Black

List Checking

Check White List

Select this check box to check files against the white list.

Check Black List

Select this check box to check files against the black list.

File

decompression

Enable file

decompression

(ZIP and RAR)

Select this check box to have the ZyWALL scan a ZIP file (the file does

not have to have a “zip” or “rar” file extension). The ZyWALL first

decompresses the ZIP file and then scans the contents for viruses.

Note: The ZyWALL decompresses a ZIP file once. The ZyWALL

does NOT decompress any ZIP file(s) within a ZIP file.

Table 136

Configuration > Anti-X > Anti-Virus > General > Add (continued)

LABEL

DESCRIPTION

Rate

Popular Zyxel Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share