AntiVirus Service on USG60W
I'm configuring an USG60W and the AntiVirus functionality doesn't work as needed. I'm running the firmware (4.60 AAKZ.1).
The documentation for the device, shows how to configure and test AntiVirus functionalitty on the USG60W with the EICAR test file.
Unfortunately, the documentation lists regular HTTP URLs alongside HTTPS URLs and make no differentiation. As of the writing of this post the EICAR website has disabled HTTP downloads.
Upon further investigation, I believe the problem is that the USG60W doesn't have the capability to perform SSL inspection, as listed here:
As listed here: https://www.zyxel.com/products_services/Unified-Security-Gateway-USG40-40W-60-60W/comparison
If that is the case, that means that all HTTPS, Email (IMAPS, SSMTP, POP3S), and anything else secured (e.g. FTPS) can't be inspected. This makes this paid-service very limited in value.
Can someone confirm this for me?
jSH>
The documentation for the device, shows how to configure and test AntiVirus functionalitty on the USG60W with the EICAR test file.
Unfortunately, the documentation lists regular HTTP URLs alongside HTTPS URLs and make no differentiation. As of the writing of this post the EICAR website has disabled HTTP downloads.
Upon further investigation, I believe the problem is that the USG60W doesn't have the capability to perform SSL inspection, as listed here:
As listed here: https://www.zyxel.com/products_services/Unified-Security-Gateway-USG40-40W-60-60W/comparison
If that is the case, that means that all HTTPS, Email (IMAPS, SSMTP, POP3S), and anything else secured (e.g. FTPS) can't be inspected. This makes this paid-service very limited in value.
Can someone confirm this for me?
jSH>
0
Accepted Solution
-
You may find the answer in this post.
https://businessforum.zyxel.com/discussion/comment/14524#Comment_14524
0
Master Member
All Replies
-
You may find the answer in this post.
https://businessforum.zyxel.com/discussion/comment/14524#Comment_14524
0 -
Thanks @jasailafan
That does answer my question.
Unfortunately, with 90% of the HTTP traffic being encrypted these days, it's not a very useful feature. I will have to see if I can change the model with another one.0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 151 Nebula Ideas
- 98 Nebula Status and Incidents
- 5.7K Security
- 277 USG FLEX H Series
- 277 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.4K Consumer Product
- 250 Service & License
- 395 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 74 Security Highlight
