To implement blocking, the administrator configures the ZoneDefense network range to include
all local SMTP clients. The SMTP-server itself should be excluded from this range.
Tip: Exclusion can be manually configured
It is possible to manually configure certain hosts and servers to be excluded from being
blocked by adding them to the
ZoneDefense Exclude List
.
When a client tries to send an email infected with a virus, the virus is blocked and ZoneDefense
isolates the host from the rest of the network.
Setup Steps
The steps to setting up ZoneDefense with the SMTP ALG are:
•
Configure the ZoneDefense switches to be used with ZoneDefense by going to the
ZoneDefense section of the Web Interface.
•
Set up the SMTP ALG to use Anti-Virus scanning in enabled mode.
•
Choose the ZoneDefense network in the Anti-Virus configuration of the ALG that is to be
affected by ZoneDefense when a virus is detected.
More information about this topic can be found in
.
6.2.7. The POP3 ALG
POP3 is a mail transfer protocol that is used by an email client running on the recipients to
download emails from a mail server. The principal difference with the IMAP protocol is that the
entire email and any attachments are downloaded to the client before the email can be
examined. The email is then subsequently stored on the client computer and may be deleted
from the mail server.
The diagram below illustrates a typical usage of the NetDefendOS POP3 ALG. A mail server
located on the DMZ network
dmz_net
receives emails from the public Internet using the SMTP
protocol. A protected client on the
lan_net
network downloads emails from this server using the
POP3 protocol. The clients initiate the transfer with POP3, sending a request to the mail server for
the download of emails also using POP3.
As the emails traverse the firewall, the NetDefendOS POP3 ALG examines the data and can block
or allow them according to the behavior specified in the ALG configuration object.
Chapter 6: Security Mechanisms
457
Содержание NetDefendOS
Страница 30: ...Figure 1 3 Packet Flow Schematic Part III Chapter 1 NetDefendOS Overview 30 ...
Страница 32: ...Chapter 1 NetDefendOS Overview 32 ...
Страница 144: ...Chapter 2 Management and Maintenance 144 ...
Страница 220: ... Enable DHCP passthrough Enable L2 passthrough for non IP protocols 4 Click OK Chapter 3 Fundamentals 220 ...
Страница 267: ... SourceNetwork lannet DestinationInterface any DestinationNetwork all nets 4 Click OK Chapter 3 Fundamentals 267 ...
Страница 284: ...Chapter 3 Fundamentals 284 ...
Страница 360: ...The ospf command options are fully described in the separate NetDefendOS CLI Reference Guide Chapter 4 Routing 360 ...
Страница 392: ...Chapter 4 Routing 392 ...
Страница 396: ...Web Interface 1 Go to Network Ethernet If1 2 Select Enable DHCP 3 Click OK Chapter 5 DHCP Services 396 ...
Страница 419: ... Host 2001 DB8 1 MAC 00 90 12 13 14 15 5 Click OK Chapter 5 DHCP Services 419 ...
Страница 420: ...Chapter 5 DHCP Services 420 ...
Страница 424: ...2 Now enter Name lan_Access Action Expect Interface lan Network lannet 3 Click OK Chapter 6 Security Mechanisms 424 ...
Страница 573: ...Chapter 6 Security Mechanisms 573 ...
Страница 575: ...This section describes and provides examples of configuring NAT and SAT rules Chapter 7 Address Translation 575 ...
Страница 607: ...Chapter 7 Address Translation 607 ...
Страница 666: ...Chapter 8 User Authentication 666 ...
Страница 775: ...Chapter 9 VPN 775 ...
Страница 819: ...Chapter 10 Traffic Management 819 ...
Страница 842: ...Chapter 11 High Availability 842 ...
Страница 866: ...Default Enabled Chapter 13 Advanced Settings 866 ...
Страница 879: ...Chapter 13 Advanced Settings 879 ...