SonicWALL Gateway Anti-Virus
Server Protection
The process for Server Protection is described in the steps below:
Step 1 Outside user sends an incoming e-mail.
Step 2 E-mail is analyzed through the SonicWALL GAV engine for malicious code and viruses before received by e-mail server.
Step 3 If virus found, threat prevented.
Step 4 E-mail is returned to sender, virus is logged, and alert sent to administrator.
SonicWALL GAV Architecture
SonicWALL GAV is based on SonicWALL's high performance DPIv2.0 engine (Deep Packet Inspection version 2.0) engine, which performs all scanning directly on the SonicWALL security appliance. SonicWALL GAV includes advanced decompression technology that can automatically decompress and scan files on a per packet basis to search for viruses and malware. The SonicWALL GAV engine can perform base64 decoding without ever reassembling the entire base64 encoded mail stream. Because SonicWALL's GAV does not have to perform reassembly, there are no file-size limitations imposed by the scanning engine. Base64 decoding and ZIP, LHZ, and GZIP (LZ77) decompression are also performed on a single-pass, per-packet basis. Reassembly free virus scanning functionality of the SonicWALL GAV engine is inherited from the Deep Packet Inspection engine, which is capable of scanning streams without ever buffering any of the bytes within the stream.
0ACKET 0ATH
3TARTT3TAGE | | 0ROTOCOL 3TATE | %MAILA&ORMAT | $ECOMPRESSION | | 3CANNING | | 0REVENTION |
| | -ACHINE | | $ECODING | | | | | | |
| | | | | | | |
)-!0 � 0/0�
&4040&ILES
4#0 3TREAM
Building on SonicWALL's reassembly-free architecture, GAV has the ability to inspect multiple application protocols, as well as generic TCP streams, and compressed traffic. SonicWALL GAV protocol inspection is based on high performance state machines which are specific to each supported protocol. SonicWALL GAV delivers protection by inspecting over the most common protocols used in today's networked environments, including SMTP, POP3, IMAP, HTTP, FTP, NetBIOS, instant messaging and peer-to-peer applications and dozens of other stream-based protocols. This closes potential backdoors that can be used to compromise the network while also improving employee productivity and conserving Internet bandwidth.
SonicWALL TZ 180 TotalSecure