Dell SonicWALL Gateway Anti-Virus (GAV) delivers real-time virus protection directly on the Dell SonicWALL security appliance by using Dell SonicWALL’s IPS-Deep Packet Inspection v2.0 engine to inspect all traffic that traverses the Dell SonicWALL gateway. Building on Dell SonicWALL’s reassembly-free architecture, Dell SonicWALL GAV inspects multiple application protocols, as well as generic TCP streams, and compressed traffic. Because Dell SonicWALL GAV does not have to perform reassembly, there are no file-size limitations imposed by the scanning engine. Base64 decoding, ZIP, LHZ, and GZIP (LZ77) decompression are also performed on a single-pass, per-packet basis.
Dell SonicWALL GAV delivers threat protection directly on the Dell SonicWALL security appliance by matching downloaded or e-mailed files against an extensive and dynamically updated database of threat virus signatures. Virus attacks are caught and suppressed before they travel to desktops. New signatures are created and added to the database by a combination of Dell SonicWALL’s SonicAlert Team, third-party virus analysts, open source developers and other sources.
Dell SonicWALL GAV can be configured to protect against internal threats as well as those originating outside the network. It operates over a multitude of protocols including SMTP, POP3, IMAP, HTTP, FTP, NetBIOS, instant messaging and peer-to-peer applications and dozens of other stream-based protocols, to provide you with comprehensive network threat prevention and control. Because files containing malicious code and viruses can also be compressed and therefore inaccessible to conventional anti-virus solutions, Dell SonicWALL GAV integrates advanced decompression technology that automatically decompresses and scans files on a per packet basis.
Dell SonicWALL GAV delivers real-time virus protection directly on the Dell SonicWALL security appliance by using Dell SonicWALL’s IPS-Deep Packet Inspection v2.0 engine to inspect all traffic that traverses the Dell SonicWALL gateway. Building on Dell SonicWALL’s reassembly-free architecture, Dell SonicWALL GAV inspects multiple application protocols, as well as generic TCP streams, and compressed traffic. Because Dell SonicWALL GAV does not have to perform reassembly, there are no file-size limitations imposed by the scanning engine. Base64 decoding, ZIP, LHZ, and GZIP (LZ77) decompression are also performed on a single-pass, per-packet basis.
Dell SonicWALL GAV delivers comprehensive, multi-layered anti-virus protection for networks at the desktop, the network, and at remote sites. Dell SonicWALL GAV enforces anti-virus policies at the gateway to ensure all users have the latest updates and monitors files as they come into the network.
Figure 45. SonicWALL GAV multi-layer approach
Figure 46. Remove site protection
Figure 47. Internal network protection
Figure 48. HTTP file downloads
Figure 49. Server protection
The Cloud Gateway Anti-Virus feature introduces an advanced malware scanning solution that compliments and extends the existing Gateway Anti‑Virus scanning mechanisms present on Dell SonicWALL firewalls to counter the continued growth in the number of malware samples in the wild.
Cloud Gateway Anti-Virus expands the Reassembly Free Deep Packet Inspection engine capabilities by consulting with the datacenter-based malware analysis servers. This approach keeps the foundation of RFDPI-based malware detection by providing a low-latency, real-time solution that is capable of scanning unlimited numbers of files of unlimited size on all protocols that are presently supported without adding any significant incremental processing overhead to the appliances themselves. With this additional layer of security, Dell SonicWALL’s Next Generation Firewalls are able to extend their current protection to cover multiple millions of pieces of malware.