How do I use IPS to block the download of a file that includes the EICAR string?
Options
Zyxel_Jeff
Posts: 1,083 
Zyxel Employee
Zyxel Employee
Scenario :
The Zyxel firewall supports detecting EICAR-related strings by IPS service, this article will guide you on how to deploy it.
Answer :
Please go to Security Services, enable the IPS feature, and make sure that the signature 'Eicar Test String' is activated
Try to download a file containing an EICAR string via HTTP, for example, using You will be blocked by the IPS service.
What's wrong?
Sometimes, you may encounter a situation where the IPS cannot detect the 'Eicar Test String' in the Monitor log. The possible reason is related to the browser's cache. Please thoroughly clear the browser's cache before attempting to use IPS to detect the 'Eicar Test String'.
0
Categories
- All Categories
- 396 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 86 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 916 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 419 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight