Security Services > Gateway Anti-Virus
727
SonicOS Enhanced 4.0 Administrator Guide
Updating SonicWALL GAV Signatures
By default, the SonicWALL security appliance running SonicWALL GAV automatically checks
the SonicWALL signature servers once an hour. There is no need for an administrator to
constantly check for new signature updates. You can also manually update your SonicWALL
GAV database at any time by clicking the Update button located in the Gateway Anti-Virus
Status section.
SonicWALL GAV signature updates are secured. The SonicWALL security appliance must first
authenticate itself with a pre-shared secret, created during the SonicWALL Distributed
Enforcement Architecture licensing registration. The signature request is transported through
HTTPS, along with full server certificate verification.
Specifying Protocol Filtering
Application-level awareness of the type of protocol that is transporting the violation allows
SonicWALL GAV to perform specific actions within the context of the application to gracefully
handle the rejection of the payload.
By default, SonicWALL GAV inspects all inbound HTTP, FTP, IMAP, SMTP and POP3 traffic.
Generic TCP Stream can optionally be enabled to inspect all other TCP based traffic, such as
non-standard ports of operation for SMTP and POP3, and IM and P2P protocols.
Enabling Inbound Inspection
Within the context of SonicWALL GAV, the Enable Inbound Inspection protocol traffic
handling refers to the following:
• Non-SMTP traffic initiating from a Trusted, Wireless, or Encrypted Zone destined to any
Zone.
• Non-SMTP traffic from a Public Zone destined to an Untrusted Zone.
• SMTP traffic initiating from a non-Trusted Zone destined to a Trusted, Wireless, Encrypted,
or Public Zone.
• SMTP traffic initiating from a Trusted, Wireless, or Encrypted Zone destined to a Trusted,
Wireless, or Encrypted Zone.