For information on activating Client Anti-Virus Enforcement, see
Activating SonicWALL Client Anti-Virus
.
The
Settings
section provides basic policy and enforcement configuration.
The following features are available in the
Client Anti-Virus Policies
section:
|
|
•
|
Disable policing from Trusted to Public
- Unchecked, this option enforces anti-virus policies on computers located on Trusted zones. Choosing this option allows computers on a trusted zone (such as a LAN) to access computers on public zones (such as DMZ), even if anti-virus software is not installed on the LAN computers.
|
|
|
•
|
Days before forcing update
- This option defines the maximum number of days that a user may access the Internet before the SonicWALL requires the latest virus date files to be downloaded.
|
|
|
•
|
Force update on alert
- SonicWALL, Inc. broadcasts virus alerts to all SonicWALL appliances with an Anti-Virus subscription. Three levels of alerts are available, and you may select more than one. When an alert is received with this option selected, users are upgraded to the latest version of VirusScan ASaP before they can access the Internet. This option overrides the Maximum number of days allowed before forcing update selection. In addition, every virus alert is logged, and an alert message is sent to the administrator.
|
|
|
–
|
Low Risk
- A virus that is not reported in the field and is considered unlikely to be found in the field in the future has a low risk. Even if such a virus includes a very serious or unforeseeable damage payload, its risk is still low.
|
|
|
–
|
Medium Risk
- If a virus is found in the field, and if it uses a less common infection mechanism, it is considered to be medium risk. If its prevalence stays low and its payload is not serious, it can be downgraded to a low risk. Similarly it can be upgraded to high risk if the virus becomes more and more widespread.
|
|
|
–
|
High Risk
- To be assigned a high risk rating, it is necessary that a virus is reported frequently in the field. Additionally, the payload must have the ability to cause at least some serious damage. If it causes very serious or unforeseeable damage, high risk may be assigned even with a lower level of prevalence.
|
SonicWALL Client Anti-Virus currently supports Windows platforms. In order to access the
Internet, computers with other operating systems must be exempt from Anti-Virus policies. To ensure full network protection from virus attacks, it is recommended that only servers and unsupported machines are excluded from protection, and that third party Anti-Virus software is installed on each machine before excluding that machine from Anti-Virus enforcement.
Under
Client Anti-Virus Enforcement
, you can specify which clients use McAfee, which use Kaspersky, and which are excluded from client AV enforcement. To configure these enforcement lists, perform the following steps:
|
Step 2
|
In the
Edit Address Object Group
window, select the address groups for which McAfee should be enforced in the left box and click the right arrow to move them into the box on the right.
|
|
Step 6
|
In the
Edit Address Object Group
window, select the address groups for which Kaspersky should be enforced in the left box and click the right arrow to move them into the box on the right.
|
|
Step 10
|
In the
Edit Address Object Group
window, select the address groups which should be excluded from enforcement in the left box and click the right arrow to move them into the box on the right.
|
|
Step 14
|
Click
Accept
at the top of the page to apply your settings.
|