Security_Update outdated
The Security_Update (Configuration - Object - Application - Security_Update) category is outdated I believe as I do not find common antivirus category(file transfer from upgrade server) and others.
Issue 1
Even after forwarding the traffic from this category in the app patrol, PC is not able to connect to Mcafee upgrade server to update the antivirus. (Note: I have blocked all website with content filter service on some of the PC . However, I want to allow internet for only security_update category for the update of windows and general antivirus installed to them.)
Issue 2
Common antivirus (File Transfer) list not found
i.e. QuickHeal, Dr. Web, K7 Total Security
Thank you
Comments
-
If you blocked all website with content filter service, maybe you just need to add McAfee upgrade server in trusted web sites.Here is a similar discussion.0
-
jasailafan,
Thanks for the help.
Actually, I knew this way. But in this way I need to find out all the antivirus upgrade server list (currently 5 - 6 types of antivirus are being used in my case on different computers) to add it manually in the content filter allowed list.
That's why I wanted to forward the traffic through App Patrol as a better workaround rather than finding and adding into the allowed list.
Waiting for the Zyxel team reply.
Thank you.0 -
jasailafan,
Thanks for the help.
Actually, I knew this way. But in this way, I need to find out all the antivirus upgrade server list (currently 5 - 6 types of antivirus are being used in my case on different computers) to add it manually in the content filter allowed list.
That's why I wanted to forward the traffic through App Patrol as a better workaround rather than finding and adding list of upgrade server list into the allowed list.
Waiting for the Zyxel team reply.
Thank you.0 -
Hi @chandan,Issue 1:Could you share your configuration file with me in private message?Issue 2:We will review if it’s considerable to add these three applications to the service list of App Patrol.Quick Heal, Dr.Web, K7 Total Security0
-
Hi @Zyxel_Emily,
For Issue 1:
Configuration file "startup-config.conf" sent on your PM, Please check.
For Issue 2:
Yes, for sure this is going to help to all of your users using these antivirus on their PC.
0 -
Hi @chandan,
In the current design of security policy check flow, the traffic is scanned by App Patrol first and then Content Filter.
Even if the traffic is allowed by App Patrol, it is still scanned by Content Filter and blocked by CF profile.
In your configuration file, the traffic matches App Patrol application "Antivirus_Updates" and is allowed.
However, the traffic is blocked by the CF profile "Block_Everything" because all categories are blocked.
In the log, you can find the antivirus update "TrendMicro" is blocked due to the CF category "Business".
Hence, we suggest you add antivirus upgrade server in trusted web sites as the solution to allow virus update only and block all other websites.
We will add the request to ideas section to enhance the feature in the future release.
1 -
Hello @Zyxel_Emily,
That is what my point is. You can add the priority for App Patrol and content filter traffic block/forward or any other solution to the current situation.
Thanks for understanding.
Hope to see this in near future0 -
@Zyxel_Vic
I hope you have already gone through this complete thread regarding how the firewall behaves with Content filter and app patrol by one of your past colleague @Zyxel_Emily...
If zyxel can develop/enhance this feature will be good.....0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 218 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 245 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight