ZyXEL Communications 5 Series Manuale Utente
Chapter 15 Anti-Virus Screens
ZyWALL 5/35/70 Series User’s Guide
303
15.3 The Signature Screen
Click SECURITY > ANTI-VIRUS > Signature to display this screen. Use this screen to
locate signatures and manage how the ZyWALL uses them.
locate signatures and manage how the ZyWALL uses them.
Service
This field displays the services for which the ZyWALL can scan traffic for viruses.
Select a service to be able to enable or disable anti-virus scanning on it’s traffic.
Here are the services and default port numbers.
FTP traffic using TCP ports 20 and 21
HTTP traffic using TCP ports 80, 8080 and 3128
POP3 traffic using TCP port 110
SMTP traffic using TCP port 25
See
Select a service to be able to enable or disable anti-virus scanning on it’s traffic.
Here are the services and default port numbers.
FTP traffic using TCP ports 20 and 21
HTTP traffic using TCP ports 80, 8080 and 3128
POP3 traffic using TCP port 110
SMTP traffic using TCP port 25
See
HTTP, POP3 or SMTP traffic on custom ports.
Active
Select Active to enable the anti-virus scanner for the selected service.
From, To
Select the directions of travel of packets that you want to check. Select or clear a
row or column’s first check box (with the interface label) to select or clear the
interface’s whole row or column.
You could for example have the ZyWALL check packets traveling in from the WAN
to the DMZ. For example, From WAN1 to DMZ and From WAN2 to DMZ.
From LAN To LAN means packets traveling from a computer on one LAN subnet
to a computer on another LAN subnet via the LAN interface of the ZyWALL. The
ZyWALL does not check packets traveling from a LAN computer to another LAN
computer on the same subnet.
From WAN1 To WAN1 means packets that come in through the WAN 1 interface
and the ZyWALL routes back out through the WAN 1 interface.
From VPN means traffic that came into the ZyWALL through a VPN tunnel and is
going to the selected “to” interface. For example, From VPN To LAN specifies the
VPN traffic that is going to the LAN or terminating at the ZyWALL’s LAN interface.
The ZyWALL checks the traffic after decrypting it.
To VPN is traffic that comes in through the selected “from” interface and goes out
through any VPN tunnel. For example, From LAN To VPN specifies the traffic that
is coming from the LAN and going out through a VPN tunnel. The ZyWALL checks
the traffic before encrypting it.
From VPN To VPN means traffic that comes in through a VPN tunnel and goes
out through (another) VPN tunnel. This is the case when the ZyWALL is the hub in
a hub-and-spoke VPN. The ZyWALL checks the traffic after decrypting it (before
encrypting it again).
row or column’s first check box (with the interface label) to select or clear the
interface’s whole row or column.
You could for example have the ZyWALL check packets traveling in from the WAN
to the DMZ. For example, From WAN1 to DMZ and From WAN2 to DMZ.
From LAN To LAN means packets traveling from a computer on one LAN subnet
to a computer on another LAN subnet via the LAN interface of the ZyWALL. The
ZyWALL does not check packets traveling from a LAN computer to another LAN
computer on the same subnet.
From WAN1 To WAN1 means packets that come in through the WAN 1 interface
and the ZyWALL routes back out through the WAN 1 interface.
From VPN means traffic that came into the ZyWALL through a VPN tunnel and is
going to the selected “to” interface. For example, From VPN To LAN specifies the
VPN traffic that is going to the LAN or terminating at the ZyWALL’s LAN interface.
The ZyWALL checks the traffic after decrypting it.
To VPN is traffic that comes in through the selected “from” interface and goes out
through any VPN tunnel. For example, From LAN To VPN specifies the traffic that
is coming from the LAN and going out through a VPN tunnel. The ZyWALL checks
the traffic before encrypting it.
From VPN To VPN means traffic that comes in through a VPN tunnel and goes
out through (another) VPN tunnel. This is the case when the ZyWALL is the hub in
a hub-and-spoke VPN. The ZyWALL checks the traffic after decrypting it (before
encrypting it again).
Note: The VPN connection directions apply to the traffic going to or
from the ZyWALL’s VPN tunnels. They do not apply to other
VPN traffic for which the ZyWALL is not one of the gateways
(VPN pass-through traffic).
VPN traffic for which the ZyWALL is not one of the gateways
(VPN pass-through traffic).
Apply
Click Apply to save your changes.
Reset
Click Reset to start configuring this screen again.
Table 85 SECURITY > ANTI-VIRUS > General (continued)
LABEL
DESCRIPTION