beautypg.com

Activating anti-virus scanning – D-Link DFL-2500 User Manual

Page 186

background image

Enabling of this function is recommended to make sure this form of attack cannot allow a virus to
get through. The possible MIME types that can be checked are listed in Appendix C, Checked
MIME filetypes.

Setting the Correct System Time

It is important that a NetDefendOS has the correct system time set if the auto-update feature in the
Anti-Virus module can function correctly. An incorrect time can mean the auto-updating is disabled.

The console command

> updatecenter -status

will show the current status of the auto-update feature. This can also be done through the WebUI.

Updating in High Availability Clusters

Updating the Anti-Virus databases for both the D-Link Firewalls in an HA Cluster is performed
automatically by NetDefendOS. In a cluster there is always an active unit and an inactive unit. Only
the active unit in the cluster will perform regular checking for new database updates. If a new
database update becomes available the sequence of events will be as follows:

1.

The active unit determines there is a new update and downloads the required files for the
update.

2.

The active unit performs an automatic reconfiguration to update its database.

3.

This reconfiguration causes a failover so the passive unit becomes the active unit.

4.

When the update is completed, the newly active unit also downloads the files for the update
and performs a reconfiguration.

5.

This second reconfiguration causes another failover so the passive unit reverts back to being
active again.

These steps result in both D-Link Firewalls in a cluster having updated databases and with the
original active/passive roles. For more information about HA clusters refer to Chapter 11, High
Availability.

Example 6.18. Activating Anti-Virus Scanning

This example shows how to setup an Anti-Virus scanning policy for HTTP traffic from lannet to all-nets We will
assume there is already a NAT rule defined in the IP rule set to handle this traffic.

CLI
First, create an HTTP Application Layer Gateway (ALG) Object with Anti-Virus scanning enabled:

gw-world:/> set ALG ALG_HTTP anti_virus Antivirus=Protect

Then, create a Service object using the new HTTP ALG:

gw-world:/> add ServiceTCPUDP http_anti_virus Type=TCP DestinationPorts=80

ALG=anti_virus

Finally, modify the NAT rule to use the new service:

gw-world:/> set IPRule NATHttp Service=http_anti_virus

Web Interface

A. First, create an HTTP Application Layer Gateway (ALG) Object:

6.4.6. Anti-Virus Options

Chapter 6. Security Mechanisms

186