D-Link DFL-2560 Product Manual - Page 312
Compression Ratio Limit, Verifying the MIME Type, Setting the Correct System Time
UPC - 790069335433
View all D-Link DFL-2560 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 312 highlights
6.4.6. Anti-Virus Options Chapter 6. Security Mechanisms the excluded list is checked. 3. Compression Ratio Limit When scanning compressed files, NetDefendOS must apply decompression to examine the file's contents. Some types of data can result in very high compression ratios where the compressed file is a small fraction of the original uncompressed file size. This can mean that a comparatively small compressed file attachment might need to be uncompressed into a much larger file which can place an excessive load on NetDefendOS resources and noticeably slowdown throughput. To prevent this situation, the administrator should specify a Compression Ratio limit. If the limit of the ration is specified as 10 then this will mean that if the uncompressed file is 10 times larger than the compressed file, the specified Action should be taken. The Action can be one of: • Allow - The file is allowed through without virus scanning • Scan - Scan the file for viruses as normal • Drop - Drop the file In all three of the above cases the event is logged. Verifying the MIME Type The ALG File Integrity options can be utilized with Anti-Virus scanning to check that the file's contents matches the MIME type it claims to be. The MIME type identifies a file's type. For instance a file might be identified as being of type .gif and therefore should contain image data of that type. Some viruses can try to hide inside files by using a misleading file type. A file might pretend to be a .gif file but the file's data will not match that type's data pattern because it is infected with a virus. Enabling of this function is recommended to make sure this form of attack cannot allow a virus to get through. The possible MIME types that can be checked are listed in Appendix C, Verified MIME filetypes. Setting the Correct System Time It is important that a NetDefendOS has the correct system time set if the auto-update feature in the Anti-Virus module can function correctly. An incorrect time can mean the auto-updating is disabled. The console command gw-world:/> updatecenter -status will show the current status of the auto-update feature. This can also be done through the WebUI. Updating in High Availability Clusters Updating the Anti-Virus databases for both the NetDefend Firewalls in an HA Cluster is performed automatically by NetDefendOS. In a cluster there is always an active unit and an inactive unit. Only the active unit in the cluster will perform regular checking for new database updates. If a new database update becomes available the sequence of events will be as follows: 1. The active unit determines there is a new update and downloads the required files for the update. 2. The active unit performs an automatic reconfiguration to update its database. 312