沙箱問題
Albert_Kwok
文章數: 4 Freshman Member
於 防火牆系列
1. 沙箱的操作原理是甚麼?
2. 沙箱報告已將有可礙的郵件消滅, 為甚麼電郵服務器仍收到有關的電郵?
2. 沙箱報告已將有可礙的郵件消滅, 為甚麼電郵服務器仍收到有關的電郵?
0
Accepted Solution
-
Hi @Albert_Kwok,沙箱的操作原理請參考以下說明.How Does Sandbox Work ?The Anti-Malware examines file for threats before deciding to block or pass to SandboxIf the file is never seen, the device copies and send file to Sandbox- The analysis can take up to 15 minutes, so the device allows the file pass the traffic- The device can not block this threat until getting the Sandbox’s feedbackThe file with threat will be identified once it comes again.
Once the gateway detect the file again, the gateway can identify the file and take the action based on the previous analysis result on local cache. The gateway doesn’t send the file to Could Sandbox again. The local cache will be deleted when the device reboots.請檢查郵件是否符合以下檔案格式, 大小和protocolThe device just sends most possible infected file to Sandbox to optimize resource usage- File typeArchives(.zip)Executable (.exe)MS Office Documents (.doc,.docx)Macromedia Flash Data (.swf)PDFRTF- File size32KB ≤ File ≤ 8 MBZyxel Sandbox- OS type supportWindows and mac OSX Operating System- Protocol supportHTTP, FTP, POP3, SMTP and their equivalent SSL-encrypted versionsSee how you've made an impact in Zyxel Community this year!
https://bit.ly/Your2024Moments_Community0
All Replies
-
Hi @Albert_Kwok,沙箱的操作原理請參考以下說明.How Does Sandbox Work ?The Anti-Malware examines file for threats before deciding to block or pass to SandboxIf the file is never seen, the device copies and send file to Sandbox- The analysis can take up to 15 minutes, so the device allows the file pass the traffic- The device can not block this threat until getting the Sandbox’s feedbackThe file with threat will be identified once it comes again.
Once the gateway detect the file again, the gateway can identify the file and take the action based on the previous analysis result on local cache. The gateway doesn’t send the file to Could Sandbox again. The local cache will be deleted when the device reboots.請檢查郵件是否符合以下檔案格式, 大小和protocolThe device just sends most possible infected file to Sandbox to optimize resource usage- File typeArchives(.zip)Executable (.exe)MS Office Documents (.doc,.docx)Macromedia Flash Data (.swf)PDFRTF- File size32KB ≤ File ≤ 8 MBZyxel Sandbox- OS type supportWindows and mac OSX Operating System- Protocol supportHTTP, FTP, POP3, SMTP and their equivalent SSL-encrypted versionsSee how you've made an impact in Zyxel Community this year!
https://bit.ly/Your2024Moments_Community0