SonicWALL TZ 180 manual SonicWALL Intrusion Prevention Service, IPS Overview, How Does IPS Work?

SonicWALL Intrusion Prevention Service

Prevention Mechanism: The connection is terminated, preventing the user from receiving the malicious payload.

FTP

Capabilities: zip (including archives) and gzip decompression. FTP stateful code follows data port negotiations, allowing FTP data to be inspected across any operating TCP port. Suppresses the use of the FTP 'REST' (restart) request to prevent the sectional retrieval and reassembly of potentially malicious content. "The suppression of the 'REST' request can be overridden from the /diag.html page with the option 'Enable FTP 'REST' requests with Gateway AV’.

Prevention Mechanism: The connection is terminated, preventing the user from receiving the malicious payload.

IM, P2P and Proprietary Protocols

Capabilities: zip (including archives) and gzip decompression.

Prevention Mechanism: The connection is terminated, preventing the user from receiving the malicious payload.

SonicWALL Intrusion Prevention Service

This section provides an overview to the SonicWALL Intrusion Prevention Service. This section contains the following subsections:

•IPS Overview

•How Does IPS Work?

•What is a Zone?

•Benefits

IPS Overview

SonicWALL Intrusion Prevention Service is part of the SonicWALL Gateway Anti-Virus/Intrusion Prevention Service solution that provides protection against real-time for viruses, worms, Trojans, and malicious code using a patent-pending scanning engine. SonicWALL’s unique solution features a high-performance deep packet inspection architecture. It is a zone-based security service that enables easy and secure managemet. When you activate SonicWALL Intrusion Prevention Service, SonicWALL Gateway Anti-Virus is also activated. SonicWALL IPS is managed directly from the SonicWALL security appliance.

How Does IPS Work?

SonicWALL Intrusion Prevention Service (SonicWALL IPS) utilizes a configurable, high performance Deep Packet Inspection engine for extended protection of key network services such as Web, e-mail, file transfer, Windows services and DNS. SonicWALL IPS is designed to protect against application vulnerabilities as well as worms, Trojans, and peer-to-peer, spyware and backdoor exploits. IPS is set up using the SonicWALL network zones concept.