Use the General Settings page to enable or disable Anti-Virus, specify the zones to scan for viruses, and configure the preventive actions for different types of traffic, and set the maximum file size to scan.
1. Click Security Services > Anti-Virus > General Settings.
2. Click On to enable Anti-Virus, or click Off to disable it.
3. In the Zone to Scan area, specify the zones to scan the viruses:
• WAN Zone: Choose this option to scan the viruses for all incoming and outgoing traffic for the WAN zone.
• WAN+VPN Zone: Choose this option to scan the viruses for all incoming and outgoing traffic for both WAN and VPN zones.
• All Zone: Choose this option to scan the viruses for all incoming and outgoing traffic for all zones.
4. In the Applications to Scan area, perform the following tasks to scan for viruses on your network:
• Enable: Check the box in this column to scan for viruses over a protocol.
• Logging: Check the box in this column to log the events when viruses are detected.
To log Anti-Virus events, you must first check the Logging box for the protocols, and then go to the Device Management > Logs pages to configure the log settings and log facilities. See Log Management, page 374.
– To save Anti-Virus logs to the local syslog daemon, you must enable the Log feature, set the log buffer size and the severity level for local logs, and then enable the Local Log settings for the Anti-Virus facility.
– To
save Anti-Virus logs to the remote syslog server if you have a remote
syslog server support, you must enable the Log feature, specify the Remote
Log settings, and enable the Remote Log settings for the Anti
• Action: Specify the preventive action for different types of traffic when viruses are detected. The following table lists all available actions for each protocol.
None: No action is required when viruses are detected. Notify: Send an alert message to the user when viruses are detected in web pages or in files that the user tries to access. Notify + Drop Connection: Drop the connection and send an alert message to the user when viruses are detected in web pages or in files that the user tries to access. Disable HTTP Resume: Optionally, check this box to disable resuming web-based file transfer by using the HTTP protocol when viruses are detected. NOTE: If you choose Notify or Notify + Drop Connection, go to the HTTP Notification page to configure the notification message. See Configuring HTTP Notification. |
|
None: No action is required when viruses are detected. Drop Connection: Drop the connection when viruses are detected. Disable FTP Resume: Optionally, check this box to disable resuming file transfer by using the FTP protocol when viruses are detected. |
|
None: No action is required when viruses are detected. Notify: Send the original email and an alert email to the email receiver when viruses are detected in email attachments. Notify + Destruct File: Delete the infected files and send the original email and an alert email to the email receiver when viruses are detected in email attachments. NOTE: If you choose Notify or Notify + Destruct File, go to the Email Notification page to configure the email notification settings. See Configuring Email Notification. |
|
None: No action is required when viruses are detected. Notify: Send the original email and an alert email to the email receiver when viruses are detected in email attachments. Notify + Destruct File: Delete the infected files and send the original email and an alert email to the email receiver when viruses are detected in email attachments. NOTE: If you choose Notify or Notify + Destruct File, go to the Email Notification page to configure the email notification settings. See Configuring Email Notification. |
|
None: No action is required when viruses are detected. Destruct File: Delete the infected files when viruses are detected in email attachments. |
|
None: No action is required when viruses are detected. Drop Connection: Drop the connection when viruses are detected. |
5. In the Update Virus Database area, specify how to update the Anti-Virus signatures. You can automatically check for signature updates from Cisco’s signature server every 24 hours or manually check for signature updates at any time by clicking Update. See Updating Anti-Virus Signatures.