Chapter 29 Anti-Virus

 

Table 135 Configuration > Anti-X > Anti-Virus > General (continued)

 

LABEL

DESCRIPTION

 

Scan EICAR

Select this option to have the ZyWALL check for the EICAR test file and

 

 

treat it in the same way as a real virus file. The EICAR test file is a

 

 

standardized test file for signature based anti-virus scanners. When the

 

 

virus scanner detects the EICAR file, it responds in the same way as if it

 

 

found a real virus. Besides straightforward detection, the EICAR file can

 

 

also be compressed to test whether the anti-virus software can detect it

 

 

in a compressed file. The test string consists of the following human-

 

 

readable ASCII characters.

 

 

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-

 

 

TEST-FILE!$H+H*

 

 

 

 

Policies

 

 

 

 

 

Add

Click this to create a new entry. Select an entry and click Add to create

 

 

a new entry after the selected entry.

 

 

 

 

Edit

Select an entry and click this to be able to modify it.

 

 

 

 

Remove

Select an entry and click this to delete it.

 

 

 

 

Activate

To turn on an entry, select it and click Activate.

 

 

 

 

Inactivate

To turn off an entry, select it and click Inactivate.

 

 

 

 

Move

To change an entry’s position in the numbered list, select it and click

 

 

Move to display a field to type a number for where you want to put that

 

 

entry and press [ENTER] to move the entry to the number that you

 

 

typed.

 

 

 

 

Status

The activate (light bulb) icon is lit when the entry is active and dimmed

 

 

when the entry is inactive.

 

 

 

 

Priority

This is the position of an anti-virus policy in the list. The ordering of

 

 

your anti-virus policies is important as the ZyWALL applies them in

 

 

sequence. Once traffic matches an anti-virus policy, the ZyWALL applies

 

 

that policy and does not check the traffic against any more policies.

 

 

 

 

From

The anti-virus policy has the ZyWALL scan traffic coming from this zone

 

 

and going to the To zone.

 

 

 

 

To

The anti-virus policy has the ZyWALL scan traffic going to this zone from

 

 

the From zone.

 

 

 

 

Protocol

These are the protocols of traffic to scan for viruses.

 

 

FTP applies to traffic using the TCP port number specified for FTP in the

 

 

ALG screen.

 

 

HTTP applies to traffic using TCP ports 80, 8080 and 3128.

 

 

SMTP applies to traffic using TCP port 25.

 

 

POP3 applies to traffic using TCP port 110.

 

 

IMAP4 applies to traffic using TCP port 143.

 

 

 

 

License

The following fields display information about the current state of your

 

 

subscription for virus signatures.

 

 

 

 

License

This field displays whether a service is activated (Licensed) or not (Not

 

Status

Licensed) or expired (Expired).

 

 

 

 

467

ZyWALL USG 50 User’s Guide