Enforced Client Product Guide

Using the Virus and Spyware Protection Service

 

Configuring policies for virus and spyware protection

Learn mode

Report mode can be used as a “learn mode” to help you determine which programs to approve (see Specify approved programs on page 101). In Report mode, the virus and spyware protection service tracks but does not delete unrecognized programs. You can review detected programs in the Unrecognized Programs report (see View unrecognized programs on page 105) and approve those that are appropriate for your policy. When you no longer see programs you want to approve in the report, change the policy setting to Prompt or Protect mode.

4

Specify approved programs

On client computers, the virus and spyware protection service maintains a list of approved programs that are not identified as potentially unwanted programs. You can configure the list of approved programs for all computers using a policy. In addition, users can approve programs for individual client computers when the firewall protection service is set to Prompt mode.

Exclude only programs you know are safe. If you are unsure about a program, we recommend not adding it to the approved programs list.

To configure approved programs in a policy:

1On the Groups + Policies page, click Add Policy (or click Edit to modify an existing policy).

2Click the Spyware Protection tab.

3Under Approved Programs, select the type of program (a detected program or a user-approved program).

4Select a program, then click Save.

The selected program is added to the list of allowed programs. (No list appears until you have added at least one approved program to the policy.)

Use the Unrecognized Programs report to view a complete listing of all programs detected on client computers.

To remove an approved program from a policy:

1On the Groups + Policies page, click Add Policy (or click Edit to modify an existing policy).

2Click the Spyware Protection tab.

3In the list of Approved Programs, click remove for each program you want to delete from the list, then click Save.

Set advanced spyware protection options

On the Groups + Policies page, use the Advanced Settings tab to select the types of potentially unwanted programs to search for during scans.

Threat type

Description

 

 

Jokes

Programs designed to be mistaken for a virus. They might alarm or annoy a

 

user but do not harm files or data. They are intended to waste time and

 

resources.

 

 

Remote admin tools

Programs that can be used from a remote location to access a computer.

 

Some remote administration tools serve useful purposes, such as allowing

 

users to access their files from home, but others can be used by unauthorized

 

persons to monitor user activities and take control of a computer.

 

 

100

Page 99 Page 101
Page 100
Image 100
SonicWALL 4.5 manual Set advanced spyware protection options, Specify approved programs, 100
Page 99 Page 101

4.5 specifications

SonicWALL 4.5 is a robust network security solution designed to address the evolving challenges in threat protection and data security. This release brings a suite of advanced features, cutting-edge technologies, and characteristics tailored to enhance system performance and resilience against cyber threats.

One of the highlight features of SonicWALL 4.5 is its Integrated Intrusion Prevention System (IPS). This system provides real-time threat detection and response by monitoring network traffic for potential vulnerabilities and malicious activities. With continuously updated signature-based detection, it ensures that organizations are protected against the latest exploits and attack vectors.

Another key component is the Next-Generation Firewall (NGFW) capabilities, which combine traditional firewall functions with advanced features such as application awareness, user identity control, and content filtering. The NGFW allows organizations to enforce detailed policies based on user roles, thereby enhancing the security posture while maintaining user productivity.

SonicWALL 4.5 also incorporates advanced malware protection through its Capture Advanced Threat Protection (ATP) service. This multi-engine sandboxing technology analyzes suspicious files and URLs in a secure environment, providing organizations with in-depth insights into potential threats before they reach the network.

Furthermore, the solution includes enhancements to Secure Mobile Access, enabling secure remote connections while ensuring that sensitive data remains protected. With features like SSL VPN, SonicWALL 4.5 allows users to securely access private networks from anywhere while maintaining compliance with data protection regulations.

In terms of management, SonicWALL 4.5 introduces an intuitive interface for centralized management, enabling IT administrators to configure and monitor multiple devices effortlessly. The reporting and logging capabilities are enhanced, providing detailed insights into network activity, which is crucial for compliance and forensic analysis.

SonicWALL 4.5 also prioritizes user experience and performance with its optimized hardware, ensuring faster processing speeds and reduced latency. Features like high availability and load balancing further enhance system reliability.

In summary, SonicWALL 4.5 stands out with its integrated IPS, NGFW capabilities, advanced malware protection through Capture ATP, secure mobile access, intuitive management interface, and optimized performance. This comprehensive suite of features positions SonicWALL 4.5 as a formidable player in the realm of network security, making it an appealing choice for organizations seeking robust protection against an ever-evolving threat landscape.
Top Page Image Contents