About Policy Enforcement

Network VirusWall Enforcer provides the following policy enforcement capabilities.

Feature

Checks For

Detection Method

Supported Actions

Antivirus Product Scan

Compliance to antivirus software policy

Agent performs assessment

  • Note: The device may also check for port activity to confirm the presence of security software.

  • Monitor endpoint

  • Block endpoint

  • Redirect web traffic

Antivirus Version Scan

Compliance to pattern update policy

Agent performs assessment

  • Monitor endpoint

  • Block endpoint

  • Redirect web traffic

 

System Threat Scan

Presence of active threats in memory

Agent performs assessment

  • Clean up endpoint (automatic)

  • Monitor endpoint

  • Block endpoint

  • Redirect web traffic

Vulnerability Scan

Unpatched Microsoft software with known vulnerabilities

Agent performs assessment

  • Monitor endpoint

  • Block endpoint

  • Redirect web traffic

Registry Scan

Missing or unwanted registry entries

Agent performs assessment

  • Monitor endpoint

  • Block endpoint

  • Redirect web traffic

Network Virus Scan

Malware code in packets

Real-time detection by device

  • Monitor endpoint

  • Drop packets

  • Quarantine endpoint

  • Clean up endpoint

Application Protocol Detection

Traffic in specified ports

Real-time detection by device

  • Monitor endpoint

  • Reject packets

  • Drop packets

Instant Messaging Detection

Traffic from popular instant messaging software

Real-time detection by device

  • Monitor endpoint

  • Reject packets

  • Drop packets

 

File Transfer Detection

File transfers using Windows shares, FTP, or HTTP

Real-time detection by device

  • Monitor endpoint

  • Reject packets

Threat Mitigation

Potentially infected endpoints

Threat Discovery Appliance

  • Monitor endpoint

  • Quarantine endpoint
See also:

About Actions and Remediation Methods

About Policies

Adding a Policy