|
|
The following features are available in the Anti-Virus Policies section of the Configure page.
Enable DMZ policing - Selecting Enable DMZ policing enforces anti-virus policies on computers located on the DMZ.
Disable policing from LAN to DMZ - Choosing this option allows computers on the LAN to access computers on the DMZ, even if anti-virus software is not installed on the LAN computers.
Maximum number of days allowed before forcing update - This feature defines the maximum number of days may access the Internet before the SonicWALL requires the latest virus date files to be downloaded.
Force Update on Alert - SonicWALL, Inc. broadcasts virus alerts to all SonicWALL appliances with an Anti-Virus subscription. Three levels of alerts are available, and you may select more than one.
When an alert is received with this option selected, users are upgraded to the latest version of VirusScan ASaP before they can access the Internet. This option overrides the Maximum number of days allowed before forcing update selection.
In addition, every virus alert is logged, and an alert message is sent to the administrator. Please refer to the Logging and Alerts section of the SonicWALL Internet Security Appliance User Guide for instructions on configuring log and E-mail alerts.
Low Risk - A virus that is not reported in the field and is considered unlikely to be found in the field in the future has a low risk. Even if such a virus includes a very serious or unforeseeable damage payload, its risk is still low.
Medium Risk - If a virus is found in the field, and if it uses a less common infection mechanism, it is considered to be medium risk. If its prevalence stays low and its payload is not serious, it can be downgraded to a low risk. Similarly it can be upgraded to high risk if the virus becomes more and more widespread.
High Risk - To be assigned a high risk rating, it is necessary that a virus is reported frequently in the field. Additionally, the payload must have the ability to cause at least some serious damage. If it causes very serious or unforeseeable damage, high risk may be assigned even with a lower level of prevalence.
SonicWALL Network Anti-Virus currently supports Windows 95, 98, NT, XP, and 2000 platforms. In order to access the Internet, computers with other operating systems must be exempt from Anti-Virus policies. To ensure full network protection from virus attacks, it is recommended that only servers and unsupported machines are excluded from protection, and that third party Anti-Virus software is installed on each machine before excluding that machine from Anti-Virus enforcement. There are three options for defining exempt computers:
Enforce Anti-Virus policies for all computers - Selecting this option forces computers to install VirusScan ASaP in order to access the Internet or the DMZ. This is the default configuration.
Include specified address range in the Anti-Virus enforcement - Choosing this option allows the administrator to define ranges of IP addresses to receive Anti-Virus enforcement. If you select this option, specify a range of IP addresses to be enforced. Any computer requiring enforcement needs a static IP address within the specified range of IP addresses. Up to 64 IP address ranges can be entered for enforcement.
Exclude specified address range in the Anti-Virus enforcement - Selecting this option allows the administrator to define ranges of IP addresses that are exempt from Anti-Virus enforcement. If you select this option, specify the range of IP addresses are exempt. Any computer requiring unrestricted Internet access needs a static IP address within the specified range of IP addresses. Up to 64 IP address ranges can be entered. Enter the IP addresses of computers you want to allow access the Internet without VirusScan software in the Add Range fields.