Virus Check

 Top  Previous  Next

Dr.Web for Kerio Control firewall detects the following malicious objects:

Infected attachments in e-mails

Infected objects transmitted via HTTP and FTP protocols.

Dr.Web for Kerio Control firewall checks the internet traffic for the following types of malicious objects and malware:

Infected archives

Bomb viruses in files or archives

Adware

Hacktools

Dialer programs

Joke programs

Riskware

You can specify the protocols that would be  scanned  for  viruses  by Dr.Web for Kerio Control firewall and set up the anti-virus options determining the types of detected malicious objects.

Dr.Web for Kerio Control firewall uses different detection methods and scans the traffic transferred via selected protocols. In case a virus is detected by Dr.Web for Kerio Control firewall it is processed according to the settings of Kerio Control. These settings are specified on the tabs of the Configuration -> Antivirus section in administration console for Kerio firewall.

Settings of traffic scanning:

Tab

Description

HTTP, FTP scanning

If a virus is detected in traffic going through HTTP and FTP protocols, its transmission is denied and the firewall performs the actions specified on this tab by administrator. Using this tab administrator can also specify the actions of firewall in case the transferred file cannot be checked for viruses and the scanning rules determining which types of objects would be checked by Dr.Web for Kerio Control firewall.

Email scanning

On this tab the settings of anti-virus check of SMTP and POP3 protocols can be specified as well as the actions in case a virus is detected in the attached files or anti-virus check fails (due to corruption or encryption of the file).

In case Dr.Web for Kerio Control firewall detects a virus or other malware, the administrator can de notified about it by e-mail or SMS. Besides, information on all detected malicious objects is accumulated in alert log of Kerio Control.

For detailed information on scanning of different types of traffic and sending notifications see the Administrator's Guide of Kerio Control.

warning

The anti-virus check of large files (larger than 50 Mb) may take considerable time. As a result, in some cases the data transferred via Kerio Control is not delivered to the recipients. this should be taken into consideration when configuring the timeout for data delivery for the corresponding applications and the scanned file size limits for Kerio Control.

 

 

For security reasons, it is recommended to enable the Forbid resume due to antivirus scanning rule in the FTP policy section of the Kerio firewall administration console, otherwise, the infected objects can get into the client computers in an attempt to re-download them.