Filter
Top Products
Chapter 33 Anti-Virus
ZyWALL USG 300 User’s Guide
575
2 If the packets are not session connection setup packets (such as SYN, ACK and
FIN), the ZyWALL records the sequence of the packets.
3 The scanning engine checks the contents of the packets for virus.
4 If a virus pattern is matched, the ZyWALL removes the infected portion of the file
along with the rest of the file. The un-infected portion of the file before a virus
pattern was matched still goes through.
5 If the send alert message function is enabled, the ZyWALL sends an alert to the
file’s intended destination computer(s).
Note: Since the ZyWALL erases the infected portion of the file before sending it, you
may not be able to open the file.
Notes About the ZyWALL Anti-Virus
The following lists important notes about the anti-virus scanner:
1 The ZyWALL anti-virus scanner can detect polymorphic viruses.
2 When a virus is detected, an alert message is displayed in Microsoft Windows
computers. Refer to Appendix C on page 987 if your Windows computer does not
display the alert messages.
3 Changes to the ZyWALL’s anti-virus settings affect new sessions (not the sessions
that already existed before you applied the changed settings).
4 The ZyWALL does not scan the following file/traffic types:
• Simultaneous downloads of a file using multiple connections. For example,
when you use FlashGet to download sections of a file simultaneously.
• Encrypted traffic. This could be password-protected files or VPN traffic where
the ZyWALL is not the endpoint (pass-through VPN traffic).
• Traffic through custom (non-standard) ports. The only exception is FTP traffic.
The ZyWALL scans whatever port number is specified for FTP in the ALG
screen.
• ZIP file(s) within a ZIP file.
Finding Out More
• See Section 6.5.19 on page 108 for related information on these screens.
• See Section 33.7 on page 587 for anti-virus background information.