Security Services > Gateway Anti-Virus
718
SonicOS Enhanced 4.0 Administrator Guide
HTTP File Downloads
Step 1 Client makes a request to download a file from the Web.
Step 2 File is downloaded through the Internet.
Step 3 File is analyzed the SonicWALL GAV engine for malicious code and viruses.
Step 4 If virus found, file discarded.
Step 5 Virus is logged and alert sent to administrator.
Server Protection
Step 1 Outside user sends an incoming e-mail.
Step 2 E-mail is analyzed the SonicWALL GAV engine for malicious code and viruses before received
by e-mail server.
Step 3 If virus found, threat prevented.
Step 4 E-mail is returned to sender, virus is logged, and alert sent to administrator.
SonicWALL GAV Architecture
SonicWALL GAV is based on SonicWALL's high performance DPIv2.0 engine (Deep Packet
Inspection version 2.0) engine, which performs all scanning directly on the SonicWALL security
appliance. SonicWALL GAV includes advanced decompression technology that can
automatically decompress and scan files on a per packet basis to search for viruses and
malware. The SonicWALL GAV engine can perform base64 decoding without ever
reassembling the entire base64 encoded mail stream. Because SonicWALL's GAV does not
have to perform reassembly, there are no file-size limitations imposed by the scanning engine.
Base64 decoding and ZIP, LHZ, and GZIP (LZ77) decompression are also performed on a
PRO 5060
Virus Discarded
Alert Logged
HTTP Request
Web Server
Infected FIle
PRO 5060
Virus Discarded
Alert Logged
Infected Client
Infected Email