SonicWALL TZ 180 manual SonicWALL GAV Architecture, Server Protection

Page 8

SonicWALL Gateway Anti-Virus

Server Protection

The process for Server Protection is described in the steps below:

Step 1 Outside user sends an incoming e-mail.

Step 2 E-mail is analyzed through the SonicWALL GAV engine for malicious code and viruses before received by e-mail server.

Step 3 If virus found, threat prevented.

Step 4 E-mail is returned to sender, virus is logged, and alert sent to administrator.

SonicWALL GAV Architecture

SonicWALL GAV is based on SonicWALL's high performance DPIv2.0 engine (Deep Packet Inspection version 2.0) engine, which performs all scanning directly on the SonicWALL security appliance. SonicWALL GAV includes advanced decompression technology that can automatically decompress and scan files on a per packet basis to search for viruses and malware. The SonicWALL GAV engine can perform base64 decoding without ever reassembling the entire base64 encoded mail stream. Because SonicWALL's GAV does not have to perform reassembly, there are no file-size limitations imposed by the scanning engine. Base64 decoding and ZIP, LHZ, and GZIP (LZ77) decompression are also performed on a single-pass, per-packet basis. Reassembly free virus scanning functionality of the SonicWALL GAV engine is inherited from the Deep Packet Inspection engine, which is capable of scanning streams without ever buffering any of the bytes within the stream.

0ACKET 0ATH

3TARTT3TAGE

 

0ROTOCOL 3TATE

%MAILA&ORMAT

$ECOMPRESSION

 

3CANNING

 

0REVENTION

 

 

-ACHINE

 

$ECODING

 

 

 

 

 

 

 

 

 

 

 

 

 

 

)-!0  0/0

&4040&ILES

4#0 3TREAM

Building on SonicWALL's reassembly-free architecture, GAV has the ability to inspect multiple application protocols, as well as generic TCP streams, and compressed traffic. SonicWALL GAV protocol inspection is based on high performance state machines which are specific to each supported protocol. SonicWALL GAV delivers protection by inspecting over the most common protocols used in today's networked environments, including SMTP, POP3, IMAP, HTTP, FTP, NetBIOS, instant messaging and peer-to-peer applications and dozens of other stream-based protocols. This closes potential backdoors that can be used to compromise the network while also improving employee productivity and conserving Internet bandwidth.

8 SonicWALL TZ 180 TotalSecure

Page 7 Page 9
Image 8
Page 7 Page 9
Contents Document Scope What is TotalSecure?Introduction Every SonicWALL TotalSecure solution includes the following Benefits of TotalSecureSonicWALL Gateway Anti-Virus GAV OverviewHow Does GAV Work? BenefitsSonicWALL Gateway Anti-Virus/Intrusion Prevention Features SonicWALL GAV Multi-Layered Approach Remote Site Protection Internal Network ProtectionHttp File Downloads SonicWALL GAV Architecture Server ProtectionDisabling the SonicWALL GAV/IPS Engine Protocol HandlingSmtp How Does IPS Work? SonicWALL Intrusion Prevention ServiceIPS Overview What is a Zone? Spyware Threat SonicWALL Anti-Spyware Security ServiceSonicWALL Anti-Spyware SonicWALL Anti-Spyware How Does CFS Premium Work? SonicWALL Content Filtering Service PremiumCFS Overview How Does DPI Work? SonicWALL Deep Packet InspectionDPI Overview Deep Packet Inspection Flow Diagram SonicWALL Security Dashboard Security Dashboard Overview SonicWALL Security Dashboard What is Security Dashboard? How Does the Security Dashboard Work?Registering Your Appliance on MySonicWALL Registering Your Appliance on MySonicWALL TotalSecure Configuration Task List Registering Your SonicWALL Security ApplianceApplying SonicWALL GAV Protection on Interfaces Setting Up SonicWALL GAV ProtectionEnabling SonicWALL GAV Applying SonicWALL GAV Protection on Zones SonicOS Enhanced Edit ZoneViewing SonicWALL GAV Status Information Enabling Inbound Inspection Updating SonicWALL GAV SignaturesSpecifying Protocol Filtering Configuring Client Alerts and an Exclusion List Enabling Outbound Smtp InspectionRestricting File Transfers Configuring Client AlertsConfiguring a SonicWALL GAV Exclusion List Viewing SonicWALL GAV Signatures Displaying SignaturesNavigating the Gateway Anti-Virus Signatures Table Enabling SonicWALL IPSEnable IPS Logging Brute-force Baseline SetupSetting Up SonicWALL Anti-Spyware Protection Enabling SonicWALL Anti-Spyware Specifying Spyware Danger Level Protection Setting Up CFS PremiumGlossary Glossary Related Documentation Solution Document Version History Version Number Date Related Documentation SonicWALL TZ 180 TotalSecure
Related manuals
Manual 34 pages 40.02 Kb Manual 38 pages 55.88 Kb
Top Page Image Contents