How is AntivirusScanningenabled on aNetScreendevice?
Antivirus Scanning is implemented via policy
Antivirus Scanning is implemented at the interface
Antivirus scanning is a stand alone product and manually enabled.
Antivirus scanning is turned on by zone- like Screening and Malicious URLs
A virus is an executable code that infects or attaches itself to other executable code so that it can reproduce itself. Some viruses are malicious, erasing files or locking up systems. Others present a problem merely in the act of infecting other files, as their propagation may overwhelm the infected host or network with excessive amounts of bogus data. SelectNetScreendevices support an internal antivirus (AV) scan engine (AV scanner) that provides AV scanning for specific application-layer transactions1. You can configure the scanner to examine network traffic that uses the following protocols:
File Transfer Protocol (FTP)
Hypertext Transfer Protocol (HTTP)
Internet Mail Access Protocol (IMAP)
Post Office Protocol, version 3 (POP3)
Simple Mail Transfer Protocol (SMTP)
To apply AV protection, you must reference the internal scanner in security policies. When the NetScreen
device receives traffic to which a policy requiring AV scanning applies, it directs the content it receives to its internal scanner. After verifying that it has received the entire content of an FTP, HTTP, IMAP, POP3, or SMTP packet, the scanner examines the data for viruses. It does this by referencing a virus pattern file2 to identify virus signatures. When the scanner detects a virus, the NetScreendevice drops the content and sends a message to the client indicating that the content is infected. If the scanner does not detect a virus, theNetScreendevice forwards the content to its intended destination.