Chapter 38 Anti-Virus
ZyWALL Series CLI Reference Guide
319
38.2.2 Anti-Virus Profile
On Zyxel Devices that do not support multiple profiles, edit the profile named default_profile to change
settings in the Web Configurator UI.
security-service anti-virus
inspect {all-traffic | by-
policy}
Sets how the security service inspects traffic.
all-traffic: The security service inspects all traffic passing through the Zyxel Device.
by-policy: The security service inspects traffic only when its profile is bound to a
security policy.
For information on binding a security service profile to a security policy, see Section
29.2.1 on page 226.
Note: This command is only available when secure-policy-style is set to
advanced. For details, see Section 29.2.2 on page 228.
show security-service status
Displays whether the security services are enabled on the Zyxel Device.
Table 167 General Anti-Virus Commands (continued)
COMMAND DESCRIPTION
Table 168 Anti-Virus Profile Commands
COMMAND DESCRIPTION
anti-virus rename old_profile_name
new_profile_name
Renames the AV profile.
anti-virus profile_name
Enters the anti-virus sub-command mode to edit the specified anti-virus
profile.
[no] bypass {white-list | black-
list}
When enabled, files are not checked against the white-list and/or black-
list.
description profile_description
Adds a description to the profile.
[no] file-decompression
[unsupported destroy]
Enable file decompression to have the Zyxel Device attempt to
decompress zipped files for further scanning.
unsupported destroy: Have the Zyxel Device “destroy” (overwrite
the infected portion of the file with zeros before forwarding to the user)
zipped files it cannot decompress due to encryption or system resource
limitations.
Note: The Zyxel Device cannot decompress compressed files
within a compressed file.
[no] infected-action {destroy |
send-win-msg}
Sets the action to take when the Zyxel Device detects a virus in a file.
The file can be “destroyed” (overwrite a portion of the file with zeros
before forwarding to the user). The Zyxel Device can also send a
message alert to the user using a Microsoft Windows computer
connected to the to interface.
[no] log [alert]
Set whether the Zyxel Device should create a log message and an
optional alert if it finds a virus in a file.
[no] scan {http | ftp | imap4 |
smtp | pop3}
Sets the traffic protocols you want to scan for viruses.
show [all]
Displays the details of the anti-virus rule you are configuring or all the
rules.
exit
Leaves the sub-command mode.
To Next Page
Loading...
