Table of Contents
Advertisement
Chapter 14
This chapter explains how to use the VStream Antivirus engine to block security threats
before they reach your network.
This chapter includes the following topics:
Overview ..................................................................................................425
Enabling/Disabling VStream Antivirus....................................................428
Viewing VStream Antivirus Signature Database Information .................429
Configuring VStream Antivirus ...............................................................430
Updating VStream Antivirus ....................................................................444
Overview
The UTM-1 appliance includes VStream Antivirus, an embedded stream-based antivirus
engine based on Check Point Stateful Inspection and Application Intelligence technologies,
that performs virus scanning at the kernel level.
VStream Antivirus scans files for malicious content on the fly, without downloading the
files into intermediate storage. This means minimal added latency and support for
unlimited file sizes; and since VStream Antivirus stores only minimal state information per
connection, it can scan thousands of connections concurrently. In order to scan archive
files on the fly, VStream Antivirus performs real-time decompression and scanning of ZIP,
TAR, and GZ archive files, with support for nested archive files.
When VStream Antivirus detects malicious content, the action it takes depends on the
protocol in which the virus was found. See the following table. In each case, VStream
Antivirus blocks the file and writes a log to the Event Log.
Chapter 14: Using VStream Antivirus
Using VStream Antivirus
Overview
425
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the UTM-1 Edge and is the answer not in the manual?