Anti-Malware Profiles

Anti-malware profiles protect against emerging security threats. This profile can be used by all policies to provide protection from malware and to stop other threats to your networks. Once the Global Anti-Malware security profile is enabled in a policy, network-connection scans ensure web-based content is malware free.

Anti-malware profiles identify which applications are inspected for malware and the action taken when malware is detected. The default profile inspects all of the listed protocol decoders for malware and takes the action determined by the policy, depending on the type of malware detected.

You can optionally enable Smart Scan for enhanced malware scanning. Smart Scan is a next-generation, cloud-based protection solution. At the core of this solution is an advanced scanning architecture that leverages the Smart Scan server to perform threat scanning of IPv4 and IPv6 traffic using signatures that are stored in the cloud. Conventional on-box scanning is used when Smart Scan is not enabled or if Smart Scan cannot scan an object.

Enabling Smart Scan has performance benefits and enhances security since Smart Scan server patterns are updated frequently.

  • If you deploy the Cloud Edge gateway with hardware switch chipset in Bridge Mode, only the High Security intranet security setting supports malware scanning for intranet traffic.

  • With the Balanced and High Speed intranet security settings, intranet traffic is not scanned for malware.

  • All three intranet security settings support malware scanning on the external network.

Starting with Cloud Edge 6.0 SP1, you can enable Predictive Machine Learning scans, which provide advanced scanning, for web traffic.

If both Smart Scan and Predictive Machine learning are enabled, web traffic will be scanned by Smart Scan first and then by Predictive Machine Learning. Priority: Smart Scan > Predictive Machine Learning