Security Services
Configuring Anti-Virus
Cisco ISA500 Series Integrated Security Appliances Administration Guide 302
7
Anti-Virus helps protect your network from viruses and malware. Anti-Virus scans
for viruses over a multitude of protocols, including HTTP, FT P, POP3, S MTP, CIFS,
NETBIOS, and IMAP.
NOTE Anti-Virus covers the most recent and widespread threats but cannot detect all
known viruses (including rare samples). It delivers “first layer defense,” efficiently
handles malware outbreaks, and catches the most widespread and the most
dangerous malware (commonly known as “in-the-wild” malware). Currently, the
most widespread types of malware are worms, trojans, exploits, viruses, and
rootkits. As new, widespread threats emerge, Anti-Virus will expand to include the
most dangerous types of threats.
You can apply the Anti-Virus service to the zones. Anti-Virus examines all incoming
and outgoing traffic for the selected zones and performs the action that you
specify for different types of traffic. You can choose to drop the connection, delete
the infected files, and/or send an alert email to the email receiver if viruses are
detected.
Because files containing malicious code and viruses can be compressed,
Anti-Virus can automatically decompress the compressed files and then scan the
viruses. Anti-Virus supports scanning single level compressed files for these file
types: zip, gzip, tar, rar 2.0, and bz2 (Bzip).
Anti-Virus uses signatures to identify the infected files. You must update the
signatures frequently to keep the protection current. See Updating Anti-Virus
Signatures, page 308.
You can enable the Anti-Virus report from the Security Services > Security
Services Reports page or from the Status > Security Services Repor ts page to
see the number of files checked and the number of viruses detected by the
Anti-Virus service. See Viewing Anti-Virus Report, page 297.
You can enable the Anti-Virus Alert feature to send an alert email for virus events at
a specified interval to a specified email address. See Configuring Email Alert
Settings, page 408.
Graph Total number of packets detected and total number of
packets blocked per day in last seven days.
Field Description