Manualshelf

Unified Security Gateway User's Guide

ManualsBrandsZyXEL Communications ManualsNetwork RouterUnified Security Gateway ZyWALL 300
401402403404405406407408409410
Chapter 28 Anti-Virus
ZyWALL USG 300 User’s Guide
405
Figure 313 ZyWALL Anti-virus Example
The following describes the virus scanning process on the ZyWALL.
1 The ZyWALL first identifies SMTP, POP3, IMAP4, HTTP and FTP packets through
standard ports.
2 If the packets are not session connection setup packets (such as SYN, ACK and FIN), the
ZyWALL records the sequence of the packets.
3 The scanning engine checks the contents of the packets for virus.
4 If a virus pattern is matched, the ZyWALL removes the infected portion of the file along
with the rest of the file. The un-infected portion of the file before a virus pattern was
matched still goes through.
5 If the send alert message function is enabled, the ZyWALL sends an alert to the file’s
intended destination computer(s).
" Since the ZyWALL erases the infected portion of the file before sending it, you
may not be able to open the file.
28.2.2 Notes About the ZyWALL Anti-Virus
The following lists important notes about the anti-virus scanner:
1 When a virus is detected, an alert message is displayed in Microsoft Windows
computers.
4
2 The ZyWALL does not scan the following file/traffic types:
Simultaneous downloads of a file using multiple connections. For example, when you
use FlashGet to download sections of a file simultaneously.
4. Refer to Appendix D on page 705 if your Windows computer does not display the alert messages.