Activating anti-virus scanning – Amer Networks E5Web GUI User Manual

When used with IP rules, an ALG must then be associated with an appropriate service object
for the protocol to be scanned. The service object is then associated with a rule in the IP rule
set which defines the origin and destination of the traffic to which the ALG is to be applied.

•

Activating Using IP Policies Anti-virus scanning can be enabled on an IP Policy object
without using an ALG. This provides a more direct method of activation which can be
combined with the other options available in an IP policy such as traffic shaping and file
control.

IP policies are described further in Section 3.6.7, “IP Policies”.

Example 6.20. Activating Anti-Virus Scanning

This example shows how to setup an anti-virus scanning policy for HTTP traffic from lan_net to
all-nets. We will assume there is already a NAT rule defined in the IP rule set to NAT this traffic.

Command-Line Interface
First, create an HTTP Application Layer Gateway (ALG) Object with anti-virus scanning enabled:

Device:/> set ALG ALG_HTTP anti_virus Antivirus=Protect

Next, create a Service object using the new HTTP ALG:

Device:/> add ServiceTCPUDP http_anti_virus

Type=TCP
DestinationPorts=80
ALG=anti_virus

Finally, modify the NAT rule to use the new service:

Device:/> set IPRule NATHttp Service=http_anti_virus

InControl

Follow the same steps used for the Web Interface below.

Web Interface

A. First, create an HTTP ALG Object:

1.

Go to: Objects > ALG > Add > HTTP ALG

2.

Specify a suitable name for the ALG, for instance anti_virus

3.

Click the Antivirus tab

4.

Select Protect in the Mode dropdown list

5.

Click OK

B. Then, create a Service object using the new HTTP ALG:

1.

Go to: Local Objects > Services > Add > TCP/UDP service

2.

Specify a suitable name for the Service, for instance http_anti_virus

Chapter 6: Security Mechanisms

465