• SonicOS 7.1
• About SonicOS
  • Working with SonicOS
  • SonicOS Workflow
  • How to Use the SonicOS Administration Guides
  • Guide Conventions
• Summary
  • Synchronize Licenses
  • Security Services Settings
  • Signature Downloads Through a Proxy Server
  • Security Services Information
• Configuring Content Filter
  • SonicWall CFS
    • CFS Status
    • Global Settings
    • CFS Exclusion
  • CFS Custom Category
  • Websense Enterprise
    • Websense Server Status
    • General Settings
    • Block Web Features
    • CFS Exclusion
    • Blocking Page
• Managing the SonicWall Gateway Anti-Virus Service
  • SonicWall GAV Multi-Layered Approach
    • Remote Site Protection
    • Internal Network Protection
    • HTTP File Downloads
    • Server Protection
    • Cloud Anti-Virus Database
  • SonicWall GAV Architecture
  • Activating the Gateway Anti-Virus, Anti-Spyware, and Intrusion Prevention License
  • Setting Up SonicWall Gateway Anti-Virus Protection
    • Viewing SonicWall Gateway Anti-Virus Status Information
      • Checking the SonicWall Gateway Anti-Virus Signature Database Status
      • Updating SonicWall Gateway Anti-Virus Signatures
    • Enabling SonicWall Gateway Anti-Virus
    • Applying SonicWall Gateway Anti-Virus Protection on Zones
    • Specifying Protocol Filtering
      • Enabling Inbound Inspection
      • Enabling Outbound Inspection
      • Restricting File Transfers
        • FTP Settings
        • Exclusion Settings
      • Resetting Gateway Anti-Virus Settings
    • Configuring Gateway Anti-Virus Settings
      • Configuring Gateway Anti-Virus Settings
      • Configuring HTTP Clientless Notification
      • Configuring a SonicWall GAV Exclusion List
    • Configuring Cloud Gateway Anti-Virus
  • Viewing SonicWall Gateway Anti-Virus Signatures
    • Displaying Signatures
    • Navigating the Gateway Anti-Virus Signatures Table
    • Searching the Gateway Anti-Virus Signature Database
• Anti-Spyware Service
  • Anti-Spyware Status
  • Anti-Spyware Global Settings
  • Signature Groups
  • Protocols
  • Anti-Spyware Signatures
• Intrusion Prevention Service
  • About Intrusion Prevention Service
  • Enabling Intrusion Prevention Services
  • IPS Status
  • IPS Global Settings
  • Intrusion Prevention Service Policies
• Configuring Geo-IP Filters
  • Configuring Geo-IP Filtering
  • Creating Custom Country Lists
  • Customizing Web Block Page Settings
  • Using Geo-IP Filter Diagnostics
    • Geo-IP Cache Statistics
    • Custom Countries Statistics
    • Show Resolved Locations
    • Check GEO Location Server Lookup
    • Incorrectly Marked Address
• Configuring Botnet Filters
  • Configuring Botnet Filtering
  • Creating Custom Botnet Lists
    • Creating a Custom Botnet List
    • Editing Custom Botnet List Entries
  • Configuring Dynamic HTTP Authentication
  • Customizing Web Block Page Settings
  • Using Botnet Filter Diagnostics
    • Botnet Cache Statistics
    • Botnets Statistics
    • Show Resolved Botnet Locations
    • Check Botnet Server Lookup
    • Incorrectly Marked Address
  • Displaying the Status of the Botnet Feature and Database
• Configuring App Control
  • About App Control Policy Creation
  • Viewing App Control Status
  • Enabling App Control
    • Enabling App Control Globally
    • Enabling App Control on Zones
    • Configuring Logging and Log Filter Interval
    • Enabling App Control Filename Logging
  • Configuring App Control Global Settings
    • About App Control Global Settings
  • Configuring App Control Advanced Settings
    • Configuring App Control Advanced by Category
    • Configuring App Control Advanced by Application
    • Configuring App Control Advanced by Signature
    • Viewing Signatures
      • Viewing by All Categories and All Applications by Applications
      • Viewing by All Categories and All Applications by Signatures
      • Viewing by All Categories and All Applications by Category
      • Viewing Just One Category
      • Viewing Just One Application
      • Displaying Details of Signature Applications
      • Displaying Details of Application Signatures
• SonicWall Support
  • About This Document

Signature Groups

• You can select different protection for each of three different danger levels:
  • High Danger Level Spyware
  • Medium Danger Level Spyware
  • Low Danger Level Spyware

• Prevent All - Select this option to detect, log, and prevent all attacks of this level.

  SonicWall recommends enabling Prevent All for High Danger Level Spyware and Medium Danger Level Spyware signature groups to provide anti-spyware protection against the most damaging and disruptive spyware applications. You can also enable Detect All for spyware logging and alerting.

• Detect All - Select this option to detect and log only.
• Log Redundancy Filter (Seconds) - To prevent the log from becoming overloaded with entries for the same attack, enter a value in the field. For example, if you entered a value of 30 seconds and there were 100 SubSeven attacks during that period of time, only one attack would be logged during that 30 second period.
• Configure Settings - This is one of the buttons below the attack level chart. It display the Anti-Spyware Settings dialog box.
  • Anti-Spyware Settings
    • Disable SMTP Responses - Click this checkbox to suppress the sending of email messages (SMTP) to clients from SonicWall Anti-Spyware when a virus is detected in an email or attachment.
  • HTTP Clientless Notification
    • Enable HTTP Clientless Notification Alerts - Checking this box allows the message in the box below to be shown when blocking a request.
  • Anti-spyware Exclusion List
    • Enable Anti-Spyware Exclusion List - Click this checkbox to allow the spyware to be limited by an exclusion list. The security appliance bypasses Anti-Spyware enforcement for a specified address object or IP range. Selecting this box makes the next fields available to identify the addresses of the excluded objects.
    • Select an address object or an address range to add to the exclusion list.
• Update Signature Database - Click to refresh the list on the lower part of this page. A dialog box appears requesting more information about the schedule for your changes.
• Reset Settings - Click to reset the settings to the factory defaults. A dialog box appears requesting more information about the schedule for your changes.