Support User Manuals

ZyXEL Communications ZyWALL 300 Network Router User Manual

Open as PDF

of 778

Chapter 28 Anti-Virus

ZyWALL USG 300 User’s Guide

404

4 Once the virus is spread through the network, the number of infected networked

computers can grow exponentially.

28.1.3 Types of Anti-Virus Scanner

The section describes two types of anti-virus scanner: host-based and network-based.

A host-based anti-virus (HAV) scanner is often software installed on computers and/or servers

in the network. It inspects files for virus patterns as they are moved in and out of the hard

drive. However, host-based anti-virus scanners cannot eliminate all viruses for a number of

reasons:

• HAV scanners are slow in stopping virus threats through real-time traffic (such as from

the Internet).

• HAV scanners may reduce computing performance as they also share the resources (such

as CPU time) on the computer for file inspection.

• You have to update the virus signatures and/or perform virus scans on all computers in the

network regularly.

A network-based anti-virus (NAV) scanner is often deployed as a dedicated security device

(such as your ZyWALL) on the network edge. NAV scanners inspect real-time data traffic

(such as E-mail messages or web) that tends to bypass HAV scanners. The following lists

some of the benefits of NAV scanners.

• NAV scanners stops virus threats at the network edge before they enter or exit a network.

• NAV scanners reduce computing loading on computers as the read-time data traffic

inspection is done on a dedicated security device.

28.2 Introduction to the ZyWALL Anti-Virus Scanner

The ZyWALL has a built-in signature database. Setting up the ZyWALL between your local

network and the Internet allows the ZyWALL to scan files transmitting through the enabled

interfaces into your network. As a network-based anti-virus scanner, the ZyWALL helps stop

threats at the network edge before they reach the local host computers.

You can set the ZyWALL to examine files received through the following protocols:

• FTP (File Transfer Protocol)

• HTTP (Hyper Text Transfer Protocol)

• SMTP (Simple Mail Transfer Protocol)

• POP3 (Post Office Protocol version 3)

• IMAP4 (Internet Message Access Protocol version 4)

28.2.1 How the ZyWALL Anti-Virus Scanner Works

The ZyWALL checks traffic going in the direction(s) you specify for signature matches.

In the following figure the ZyWALL is set to check traffic coming from the WAN zone

(which includes two interfaces) to the LAN zone.

previous next