SonicWALL Intrusion Prevention Service
11
SonicWALL TZ 180 TotalSecure
Prevention Mechanism: The connection is terminated, preventing the user from receiving the
malicious payload.
FTP
Capabilities: zip (including archives) and gzip decompression. FTP stateful code follows data port
negotiations, allowing FTP data to be inspected across any operating TCP port. Suppresses the
use of the FTP 'REST' (restart) request to prevent the sectional retrieval and reassembly of
potentially malicious content. "The suppression of the 'REST' request can be overridden from the
/diag.html page with the option 'Enable FTP 'REST' requests with Gateway AV’.
Prevention Mechanism: The connection is terminated, preventing the user from receiving the
malicious payload.
IM, P2P and Proprietary Protocols
Capabilities: zip (including archives) and gzip decompression.
Prevention Mechanism: The connection is terminated, preventing the user from receiving the
malicious payload.
SonicWALL Intrusion Prevention Service
This section provides an overview to the SonicWALL Intrusion Prevention Service. This section
contains the following subsections:
• IPS Overview
• How Does IPS Work?
• What is a Zone?
• Benefits
IPS Overview
SonicWALL Intrusion Prevention Service is part of the SonicWALL Gateway Anti-Virus/Intrusion
Prevention Service solution that provides protection against real-time for viruses, worms, Trojans,
and malicious code using a patent-pending scanning engine. SonicWALL’s unique solution features
a high-performance deep packet inspection architecture. It is a zone-based security service that
enables easy and secure managemet. When you activate SonicWALL Intrusion Prevention
Service, SonicWALL Gateway Anti-Virus is also activated. SonicWALL IPS is managed directly
from the SonicWALL security appliance.
How Does IPS Work?
SonicWALL Intrusion Prevention Service (SonicWALL IPS) utilizes a configurable, high
performance Deep Packet Inspection engine for extended protection of key network services such
as Web, e-mail, file transfer, Windows services and DNS. SonicWALL IPS is designed to protect
against application vulnerabilities as well as worms, Trojans, and peer-to-peer, spyware and
backdoor exploits. IPS is set up using the SonicWALL network zones concept.
