SonicWALL Gateway Anti-Virus
8
SonicWALL TZ 180 TotalSecure
Server Protection
The process for Server Protection is described in the steps below:
Step 1 Outside user sends an incoming e-mail.
Step 2 E-mail is analyzed through the SonicWALL GAV engine for malicious code and viruses before
received by e-mail server.
Step 3 If virus found, threat prevented.
Step 4 E-mail is returned to sender, virus is logged, and alert sent to administrator.
SonicWALL GAV Architecture
SonicWALL GAV is based on SonicWALL's high performance DPIv2.0 engine (Deep Packet
Inspection version 2.0) engine, which performs all scanning directly on the SonicWALL security
appliance. SonicWALL GAV includes advanced decompression technology that can automatically
decompress and scan files on a per packet basis to search for viruses and malware. The
SonicWALL GAV engine can perform base64 decoding without ever reassembling the entire
base64 encoded mail stream. Because SonicWALL's GAV does not have to perform reassembly,
there are no file-size limitations imposed by the scanning engine. Base64 decoding and ZIP, LHZ,
and GZIP (LZ77) decompression are also performed on a single-pass, per-packet basis.
Reassembly free virus scanning functionality of the SonicWALL GAV engine is inherited from the
Deep Packet Inspection engine, which is capable of scanning streams without ever buffering any
of the bytes within the stream.
Building on SonicWALL's reassembly-free architecture, GAV has the ability to inspect multiple
application protocols, as well as generic TCP streams, and compressed traffic. SonicWALL GAV
protocol inspection is based on high performance state machines which are specific to each
supported protocol. SonicWALL GAV delivers protection by inspecting over the most common
protocols used in today's networked environments, including SMTP, POP3, IMAP, HTTP, FTP,
NetBIOS, instant messaging and peer-to-peer applications and dozens of other stream-based
protocols. This closes potential backdoors that can be used to compromise the network while also
improving employee productivity and conserving Internet bandwidth.
3TART3TAGE
0ROTOCOL3TATE
-ACHINE
%MAIL&ORMAT
$ECODING
$ECOMPRESSION
3CANNING
0REVENTION
0ACKET0ATH
)-!00/0
&40&ILES
4#03TREAM
