Features and Enabling of Cloud Gateway Anti-Virus

09/28/2022 108 People found this article helpful 488,350 Views

Description

The Cloud Gateway Anti-Virus feature introduces an advanced malware scanning solution that compliments and extends the existing Gateway AV scanning mechanisms present on SonicWall firewalls to counter the continued growth in the number of malware samples in the wild. Cloud Gateway Anti-Virus expands the Reassembly Free Deep Packet Inspection engine capabilities by consulting with the datacenter-based malware analysis servers. This approach keeps the foundation of RFDPI-based malware detection by providing a low-latency, real-time solution that is capable of scanning unlimited numbers of files of unlimited size on all protocols that are presently supported without adding any significant incremental processing overhead to the appliances themselves. With this additional layer of security, SonicWall's Next Generation Firewalls are able to extend their current protection to cover multiple millions of pieces of malware.

Resolution

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

Cloud GAV does not require a separate license. Once GAV is enabled, the method of blocking a file suspected to be malware is the same as in normal GAV. To enable the Cloud Gateway Anti-Virus feature, select the Enable Cloud Anti-Virus Database checkbox.

1. Enter the Cloud AV Signature ID. This must be a numeric value and can be obtained from the logs.
2. Click the Add button.
3. Click OK when you have finished configuring the Cloud AV exclusion list

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

Cloud GAV does not require a separate license. Once GAV is enabled, the method of blocking a file suspected to be malware is the same as in normal GAV. To enable the Cloud Gateway Anti-Virus feature, select the Enable Cloud Anti-Virus Database checkbox.

Optionally, certain cloud-signatures can be excluded from being enforced to alleviate false positive problems or to enable downloading specific virus files as necessary. To configure the exclusion list, click Cloud AV DB Exclusion Settings.

1. Enter the Cloud AV Signature ID. This must be a numeric value and can be obtained from the logs.
2. Click the Add button.
3. Click OK when you have finished configuring the Cloud AV exclusion list.

Resolution for SonicOS 6.2 and Below

The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.

Cloud GAV does not require a separate license. Once GAV is enabled, the method of blocking a file suspected to be malware is the same as in normal GAV. To enable the Cloud Gateway Anti-Virus feature, select the Enable Cloud Anti-Virus Database checkbox.

Optionally, certain cloud-signatures can be excluded from being enforced to alleviate false positive problems or to enable downloading specific virus files as necessary. To configure the exclusion list, click Cloud AV DB Exclusion Settings.

1. Enter the Cloud AV Signature ID. This must be a numeric value and can be obtained from the logs.
2. Click the Add button.
3. Click OK when you have finished configuring the Cloud AV exclusion list.