ZyXEL Communications 70 Series User Manual
ZyWALL 5/35/70 Series User’s Guide
259
Chapter 14 Anti-Virus
2 The virus spreads to other files and programs on the computer.
3 The infected files are unintentionally sent to another computer thus starting the spread of
the virus.
4 Once the virus is spread through the network, the number of infected networked
computers can grow exponentially.
14.1.3 Types of Anti-Virus Scanner
The section describes two types of anti-virus scanner: host-based and network-based.
A host-based anti-virus (HAV) scanner is often software installed on computers and/or servers
in the network. It inspects files for virus patterns as they are moved in and out of the hard
drive. However, host-based anti-virus scanners cannot eliminate all viruses for a number of
reasons:
in the network. It inspects files for virus patterns as they are moved in and out of the hard
drive. However, host-based anti-virus scanners cannot eliminate all viruses for a number of
reasons:
• HAV scanners are slow in stopping virus threats through real-time traffic (such as from
the Internet).
• HAV scanners may reduce computing performance as they also share the resources (such
as CPU time) on the computer for file inspection.
• You have to update the virus signatures and/or perform virus scans on all computers in
the network regularly.
A network-based anti-virus (NAV) scanner is often deployed as a dedicated security device
(such as your ZyWALL) on the network edge. NAV scanners inspect real-time data traffic
(such as E-mail messages or web) that tends to bypass HAV scanners. The following lists
some of the benefits of NAV scanners.
(such as your ZyWALL) on the network edge. NAV scanners inspect real-time data traffic
(such as E-mail messages or web) that tends to bypass HAV scanners. The following lists
some of the benefits of NAV scanners.
• NAV scanners stops virus threats at the network edge before they enter or exit a network.
• NAV scanners reduce computing loading on computers as the read-time data traffic
• NAV scanners reduce computing loading on computers as the read-time data traffic
inspection is done on a dedicated security device.
14.2 Introduction to the ZyWALL Anti-Virus Scanner
The ZyWALL has a built-in signature database. Setting up the ZyWALL between your local
network and the Internet allows the ZyWALL to scan files transmitting through the enabled
interfaces into your network. As a network-based anti-virus scanner, the ZyWALL helps stop
threats at the network edge before they reach the local host computers.
network and the Internet allows the ZyWALL to scan files transmitting through the enabled
interfaces into your network. As a network-based anti-virus scanner, the ZyWALL helps stop
threats at the network edge before they reach the local host computers.
You can set the ZyWALL to examine files received through the following protocols:
• FTP (File Transfer Protocol)
• HTTP (Hyper Text Transfer Protocol)
• SMTP (Simple Mail Transfer Protocol)
• POP3 (Post Office Protocol version 3)
• HTTP (Hyper Text Transfer Protocol)
• SMTP (Simple Mail Transfer Protocol)
• POP3 (Post Office Protocol version 3)