Blocking Virus-infected Files¶
The anti-virus function identifies and processes virus files through virus feature detection to prevent data damage, permission change, and system breakdown caused by virus files.
The antivirus function can check access via HTTP, SMTP, POP3, FTP, IMAP4, and SMB.
Specification Limitations¶
Antivirus is available only in the professional edition.
Enabling Antivirus to Block Virus-infected Files¶
Log in to the management console.
In the navigation pane on the left, click
and choose Security > Cloud Firewall. The Dashboard page will be displayed.(Optional) Switch to another firewall instance: Select a firewall from the drop-down list in the upper left corner of the page.
In the navigation pane, choose Attack Defense > Antivirus.
Click
to enable antivirus.Note
After antivirus is enabled, Current Action is Disable by default. For details about how to change the defense action, see Modifying the Virus Defense Action for Better Protection Effect.
Modifying the Virus Defense Action for Better Protection Effect¶
Log in to the management console.
In the navigation pane on the left, click
and choose Security > Cloud Firewall. The Dashboard page will be displayed.(Optional) Switch to another firewall instance: Select a firewall from the drop-down list in the upper left corner of the page.
In the navigation pane, choose Attack Defense > Antivirus.
Click an action in the Operation column of a rule.
Observe: The firewall checks the traffic of a protocol. If attack traffic is detected, the firewall records it in attack event logs but does not block it.
Block: The firewall checks the traffic of a protocol. If attack traffic is detected, the firewall records it in attack event logs and blocks it.
Disable: The firewall does not perform virus checks on the traffic of a protocol.
Follow-up Operations¶
For details about the protection overview, see Viewing Attack Defense Information on the Dashboard. For details about logs, see Attack Event Logs.