Configuring Virus Defense
You can enable virus defense to block virus-infected files, and modify defense actions to improve security performance.
Scenario
Viruses are getting complex. Traditional antivirus measures cannot cope with them in a timely manner. CFW provides antivirus to detect and handle virus-infected files, so that they will not cause data damage, permission changes, or system breakdown.
CFW supports antivirus for HTTP, SMTP, POP3, FTP, IMAP4, and SMB protocols.
Specification Limitations
Antivirus is available only in the professional edition.
Enabling Antivirus to Block Virus-infected Files
- Log in to the management console.
- Click
in the upper left corner of the management console and select a region or project.
- In the navigation pane on the left, click
and choose . The Dashboard page will be displayed.
- (Optional) Switch to another firewall instance. Select a firewall from the drop-down list in the upper left corner of the page.
- In the navigation pane, choose .
- Click
to enable antivirus.
After antivirus is enabled, Current Action is Disable by default. For details about how to change the action, see Modifying the Virus Defense Action for Better Protection Effect.
Modifying the Virus Defense Action for Better Protection Effect
- Log in to the management console.
- Click
in the upper left corner of the management console and select a region or project.
- In the navigation pane on the left, click
and choose . The Dashboard page will be displayed.
- (Optional) Switch to another firewall instance. Select a firewall from the drop-down list in the upper left corner of the page.
- In the navigation pane, choose .
- In the rule list, click an action in the Operation column as needed.
- Observe: The firewall checks the traffic of a protocol. If attack traffic is detected, the firewall records it in attack event logs but does not block it.
- Block: The firewall checks the traffic of a protocol. If attack traffic is detected, the firewall records it in attack event logs and blocks it.
- Disable: The firewall does not perform virus checks on the traffic of a protocol.
Follow-up Operations
For details about the protection overview, see Viewing Attack Defense Information on the Dashboard. For details about logs, see Attack Event Logs.
References
- For details about attack defense, see Attack Defense Overview.
- For details about how to block network attacks, see Configuring Intrusion Prevention.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.