SonicOS 7.0 Security Services Administration Guide
- SonicOS 7.0
- Summary
- Managing the SonicWall Gateway Anti-Virus Service
- SonicWall GAV Multi-Layered Approach
- SonicWall GAV Architecture
- Activating the Gateway Anti-Virus, Anti-Spyware, and Intrusion Prevention License
- Setting Up SonicWall Gateway Anti-Virus Protection
- Viewing SonicWall Gateway Anti-Virus Signatures
- Anti-Spyware Service
- Intrusion Prevention Service
- Configuring Geo-IP Filters
- Configuring Botnet Filters
- Configuring App Control
- About App Control Policy Creation
- Viewing App Control Status
- Configuring App Control Global Settings
- Configuring App Control Signatures
- Configuring App Control Signatures by Category
- Configuring App Control Signatures by Application
- Configuring App Control Advanced by Signature
- Viewing Signatures
- Viewing by All Categories and All Applications by Applications
- Viewing by All Categories and All Applications by Signatures
- Viewing by All Categories and All Applications by Category
- Viewing Just One Category
- Viewing Just One Application
- Displaying Details of Signature Applications
- Displaying Details of Application Signatures
- Configuring Content Filter
- SonicWall Support
SonicWall GAV Architecture
SonicWall Gateway Anti-Virus (GAV) is based on SonicWall's high performance Deep Packet Inspection version 2.0 engine (DPIv2.0) engine, which performs all scanning directly on the SonicWall security appliance. SonicWall GAV includes advanced decompression technology that can automatically decompress and scan files on a per-packet basis to search for viruses and malware. The SonicWall GAV engine can perform base64 decoding without ever reassembling the entire base64 encoded mail stream. Because SonicWall GAV does not have to perform reassembly, there are no file-size limitations imposed by the scanning engine. Base64 decoding and ZIP, LHZ, and GZIP (LZ77) decompression are also performed on a single-pass, per-packet basis. Reassembly free virus scanning functionality of the SonicWall GAV engine is inherited from the Deep Packet Inspection engine, which is capable of scanning streams without ever buffering any of the bytes within the stream.
Building on SonicWall's reassembly-free architecture, SonicWall GAV has the ability to inspect multiple application protocols, as well as generic TCP streams, and compressed traffic. SonicWall GAV protocol inspection is based on high performance state machines which are specific to each supported protocol. SonicWall GAV delivers protection by inspecting over the most common protocols used in today's networked environments, including SMTP, POP3, IMAP, HTTP, FTP, NetBIOS, instant messaging and peer-to-peer applications and dozens of other stream-based protocols. This closes potential backdoors that can be used to compromise the network while also improving employee productivity and conserving Internet bandwidth.
If your SonicWall network security appliance is connected to the Internet and registered at mySonicWall.com, you can activate a 30-day FREE TRIAL of SonicWall Gateway Anti-Virus, SonicWall Anti-Virus, and SonicWall Intrusion Prevention Service separately from the Security Services > Gateway Anti-Virus, Security Services > Anti-Spyware, and Security Services > Intrusion Prevention pages in the management interface.
Was This Article Helpful?
Help us to improve our support portal