•
Click High to block files from being downloaded from your web server to users on the Internet.
•
Click Detail and select the types of files to block.
Configure high level HTTP virus protection if you have an Internet web server on your internal or DMZ
network and you want to prevent users on the Internet from downloading attachments that may
contain viruses.
By default .exe, .com, and .bat files are blocked. In addition, you can
block .vbs, .zip, .tar, .hta, .gzip, .rar, .scr, .dll, and MS Office files.
•
Click OK and click Apply.
•
Go to
Anti-Virus > SMTP
> Incoming and repeat steps
Click High to block files from being
downloaded from your web server to users on the Internet.
to configure
high level virus protection to block email attachments in SMTP traffic originating from your internal or
DMZ network.
•
Go to
Anti-Virus > POP3
> Incoming and repeat steps
Click High to block files from being
downloaded from your web server to users on the Internet.
to configure
high level virus protection to block email attachments in POP3 traffic originating from your internal or
DMZ network.
•
Go to
Anti-Virus > IMAP
> Incoming and repeat steps
Click High to block files from being
downloaded from your web server to users on the Internet.
to configure
high level virus protection to block the downloading of email attachments in IMAP traffic originating
from your internal or DMZ network.
When the DFL-1000 blocks a file, the user who requested the file receives the following message:
High Security Alert!!! You are not allowed to download this type of file
.
Medium level virus protection for incoming connections
Medium level protection scans all target files for viruses. You can configure the virus scanning engine to
perform up to four different types of virus scans on each target file:
•
Signature scanning
•
Macro scanning
•
Behavior (simulated execution)
•
Heuristic scanning
If a virus is found in a file, the virus scanner deletes the file and replaces it with an alert message that is
forwarded to the user. If a virus is not found, the file is forwarded unchanged to the user.
Medium level virus scanning prevents known viruses from passing through the firewall from your internal
or DMZ networks to the Internet while still allowing virus free HTTP downloads and email attachments to
pass through the firewall.
To configure medium level virus protection to prevent the distribution of viruses from your internal and
DMZ networks:
•
Go to
Anti-Virus > HTTP
> Incoming.
•
Click Medium to virus scan target files downloaded from your web server to users on the Internet.
•
Click Detail and select the types of scanning to use.
Signature
Scan
Scan the target file for byte-strings that identify known viruses.
Macro Scan
Extract macros from MS Office files and scan them for known macro viruses.
Behavior
(simulated execution) Run the target file in a simulated environment to look for virus-like
behavior and to unencrypt and scan for encrypted viruses.
Heuristic
Scan the target file for known byte strings that indicate the presence of a virus.
DFL-1000 User’s Manual
75