ZyWALL User's Guide
Chapter 28 Anti-Virus
ZyWALL USG 100/200 Series User’s Guide
472
Figure 372 Anti-X > Anti-Virus > General
The following table describes the labels in this screen.
Table 145 Anti-X > Anti-Virus > General
LABEL DESCRIPTION
General Settings Click Advanced to display more settings. Click Basic to display fewer settings.
Enable Anti-Virus
and Anti-Spyware
Select this check box to check traffic for viruses and spyware. The following table
lists policies that define which traffic the ZyWALL scans and the action it takes
upon finding a virus.
Scan EICAR Select this option to have the ZyWALL check for the EICAR test file and treat it in
the same way as a real virus file. The EICAR test file is a standardized test file for
signature based anti-virus scanners. When the virus scanner detects the EICAR
file, it responds in the same way as if it found a real virus. Besides straightforward
detection, the EICAR file can also be compressed to test whether the anti-virus
software can detect it in a compressed file. The test string consists of the following
human-readable ASCII characters.
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-
FILE!$H+H*
Priority This is the position of an anti-virus policy in the list. The ordering of your anti-virus
policies is important as the ZyWALL applies them in sequence. Once traffic
matches an anti-virus policy, the ZyWALL applies that policy and does not check
the traffic against any more policies.
From The anti-virus policy has the ZyWALL scan traffic coming from this zone and going
to the To zone.
To The anti-virus policy has the ZyWALL scan traffic going to this zone from the From
zone.
Protocol These are the protocols of traffic to scan for viruses.
FTP applies to traffic using the TCP port number specified for FTP in the ALG
screen.
HTTP applies to traffic using TCP ports 80, 8080 and 3128.
SMTP applies to traffic using TCP port 25.
POP3 applies to traffic using TCP port 110.
IMAP4 applies to traffic using TCP port 143.