Cisco Cisco Web Security Appliance S680 Guía Del Usuario
19-9
Cisco IronPort AsyncOS 7.1 for Web User Guide
OL-23207-01
Chapter 19 Anti-Malware Services
McAfee Scanning
Heuristic Analysis
New threats on the web appear almost daily. Using only virus signatures, the
engine cannot detect a new virus or other malware because its signature is not yet
known. However, by using heuristic analysis, the McAfee scanning engine can
detect new classes of currently unknown viruses and malware in advance.
engine cannot detect a new virus or other malware because its signature is not yet
known. However, by using heuristic analysis, the McAfee scanning engine can
detect new classes of currently unknown viruses and malware in advance.
Heuristic analysis is a technique that uses general rules, rather than specific rules,
to detect new viruses and malware. When the McAfee scanning engine uses
heuristic analysis, it looks at the code of an object, applies generic rules, and
determines how likely the object is to be virus-like.
to detect new viruses and malware. When the McAfee scanning engine uses
heuristic analysis, it looks at the code of an object, applies generic rules, and
determines how likely the object is to be virus-like.
Using heuristic analysis increases the likelihood of catching viruses and malware
before McAfee updates its virus signature database. However, it also increases the
possibility of reporting false positives (clean content designated as a virus). It also
might impact appliance performance.
before McAfee updates its virus signature database. However, it also increases the
possibility of reporting false positives (clean content designated as a virus). It also
might impact appliance performance.
When you enable McAfee, you can choose whether or not to also enable heuristic
analysis when scanning objects.
analysis when scanning objects.
McAfee Categories
lists the McAfee verdicts and how they correspond to malware
scanning verdict categories.
McAfee Verdict
Malware Scanning Verdict Category
Known Virus
Virus
Trojan
Trojan Horse
Joke File
Adware
Test File
Virus
Wannabe
Virus
Killed
Virus
Commercial Application
Commercial System Monitor
Potentially Unwanted Object
Adware