Title: How to configure Virus Protection on the firewall? [Print this page] Author: zhangqiao@ruiji Time: 2024-11-28 16:16 Title: How to configure Virus Protection on the firewall? Application Scenario:
If intranet users often download various application data from the Internet or the intranet servers often need to receive data uploaded by Internet users, you can configure virus protection policies on the firewall to detect virus in the passing traffic and configure real-time alarming and blocking to protect user hosts from malicious traffic.
Caution:
The virus protection function is supported from NTOS1.0R3. If your version is lower than NTOS1.0R3, upgrade it to NTOS1.0R3 or higher.
Configuration Points:
Customize the virus protection template.
Reference the virus protection template to security policy and select actions (alarmingor blocking).
To detect HTTPS traffic, you need to configure the SSL proxy function.
Quick Scan : Use the Virus Protection Signature Library (Quick Scan). The virus detection rate is low but the performance overhead is small.
Deep Scan : Use the Virus Protection Signature Library (Deep Scan). The virus detection rate is high but the performance overhead is large.
Protocol : Detect virus for the uploaded or downloaded packets of the specified protocol. The packets of unspecified protocols are forwarded directly without virus detection.
If the specified MD5 value or application is configured as excluded, the firewall will directly forward the packets of the specified MD5 value or application.
(2) Choose Policy > Security Policy > Create Security Policy to associate the security policy with virus protection.Select a virus protection template and set the action to Alarm or Block.
Welcome to Ruijie Community (https://community.ruijienetworks.com/)
