Support on SonicWall Products, Services and Solutions
Browse Knowledgebase by Category
Anti-Virus: How to Exclude a computer from SonicWall Client Anti-Virus Enforcement
03/26/2020 
7 
8570
DESCRIPTION:
Anti-Virus: How to Exclude a computer from SonicWall Client Anti-Virus Enforcement
RESOLUTION:
SonicWall Network Anti-Virus currently supports Windows 7, XP, Vista and 2000 Pro/Server, 2003/2008 Server platforms. In order to access the Internet, computers with other operating systems must be exempt from Anti-Virus policies. To ensure full network protection from virus attacks, it is recommended that only servers and unsupported machines are excluded from protection, and that third party Anti-Virus software is installed on each machine before excluding that machine from Anti-Virus enforcement.
There are three options for defining exempt computers:
- Enforce Anti-Virus policies for all computers - Selecting this option forces computers to install VirusScan in order to access the Internet or the DMZ. This is the default configuration.
- Include specified address range in the Anti-Virus enforcement - Choosing this option allows the administrator to define ranges of IP addresses to receive Anti-Virus enforcement. If you select this option, specify a range of IP addresses to be enforced. Any computer requiring enforcement needs a static IP address within the specified range of IP addresses. Up to 64 IP address ranges can be entered for enforcement. Click Add to display the Add AV Range Entry window and then enter the IP address range.
- Exclude specified address range in the Anti-Virus enforcement - Selecting this option allows the administrator to define ranges of IP addresses that are exempt from Anti-Virus enforcement. If you select this option, specify the range of IP addresses that are exempt. Any computer requiring unrestricted Internet access needs a static IP address within the specified range of IP addresses. Up to 64 IP address ranges can be entered. Click Add to display the Add AV Range Entry window and then enter the IP address range.
To add an IP address range for exclusion, perform these steps:
Source: Excerpt from SonicOS Enhanced 4.0 Administrations Guide
- Go to Security Services > Client AV Enforcement.
- Click Configure button.
- Click Exclude specified address ranges from Client Anti-Virus enforcement radio button.
- Click the Add button. The Add AV Range Entry window is displayed.
- Enter the IP address range in the IP Address From and IP Address To fields, and then click OK. Your IP address range appears in the AV Exclusion List table. Click the edit icon in the Configure column to change an entry or click the trashcan icon to delete an entry.
- Click OK to exit the AV Config View window.
