1223
SonicOS 5.8.1 Administrator Guide
CHAPTER 73
Chapter 73: Managing SonicWALL Gateway Anti-
Virus Service
Security Services > Gateway Anti-Virus
SonicWALL GAV delivers real-time virus protection directly on the SonicWALL security
appliance by using SonicWALL’s IPS-Deep Packet Inspection v2.0 engine to inspect all traffic
that traverses the SonicWALL gateway. Building on SonicWALL’s reassembly-free architecture,
SonicWALL GAV inspects multiple application protocols, as well as generic TCP streams, and
compressed traffic. Because SonicWALL GAV does not have to perform reassembly, there are
no file-size limitations imposed by the scanning engine. Base64 decoding, ZIP, LHZ, and GZIP
(LZ77) decompression are also performed on a single-pass, per-packet basis.
SonicWALL GAV delivers threat protection directly on the SonicWALL security appliance by
matching downloaded or e-mailed files against an extensive and dynamically updated database
of threat virus signatures. Virus attacks are caught and suppressed before they travel to
desktops. New signatures are created and added to the database by a combination of
SonicWALL’s SonicAlert Team, third-party virus analysts, open source developers and other
sources.
SonicWALL GAV can be configured to protect against internal threats as well as those
originating outside the network. It operates over a multitude of protocols including SMTP,
POP3, IMAP, HTTP, FTP, NetBIOS, instant messaging and peer-to-peer applications and
dozens of other stream-based protocols, to provide administrators with comprehensive network
threat prevention and control. Because files containing malicious code and viruses can also be
compressed and therefore inaccessible to conventional anti-virus solutions, SonicWALL GAV
integrates advanced decompression technology that automatically decompresses and scans
files on a per packet basis.
SonicWALL GAV delivers real-time virus protection directly on the SonicWALL security
appliance by using SonicWALL’s IPS-Deep Packet Inspection v2.0 engine to inspect all traffic
that traverses the SonicWALL gateway. Building on SonicWALL’s reassembly-free architecture,
SonicWALL GAV inspects multiple application protocols, as well as generic TCP streams, and
compressed traffic. Because SonicWALL GAV does not have to perform reassembly, there are
no file-size limitations imposed by the scanning engine. Base64 decoding, ZIP, LHZ, and GZIP
(LZ77) decompression are also performed on a single-pass, per-packet basis.
SonicWALL GAV delivers threat protection directly on the SonicWALL security appliance by
matching downloaded or e-mailed files against an extensive and dynamically updated database
of threat virus signatures. Virus attacks are caught and suppressed before they travel to