Barracuda NextGen Firewall X

Virus Protection in the Firewall https://campus.barracuda.com/doc/48660779/

The Barracuda NextGen Firewall X-Series can transparently scan HTTP, HTTPS, FTP, SMTP, and SMTPS traffic for malware. For in-depth scanning of more advanced malware for which there are no virus scanner patterns available, the X-Series Firewall can also scan traffic using Advanced Threat Detection. The following subscriptions are required to use Virus Scanning and ATP in the firewall:

Energize Updates – Needed for virus scanner pattern updates. Web Security – Required for the virus scanning service. Advanced Threat Protection – This subscription is required to use ATP.

Virus protection for web traffic

To scan HTTP and HTTPS traffic for malware, configure an access rule to match your web traffic and enable Application Control, SSL Inspection (optional), and Virus Protection. If malware is detected, the file is discarded and the user is redirected to a customizable block page. SSL-encrypted HTTP and SMTP connections can be scanned only if SSL Inspection is enabled.

For more information, see How to Configure Virus Protection in the Firewall for Web Traffic.

Virus protection for FTP

To scan FTP traffic for malware, configure an access rule to match your web traffic and enable Application Control and Virus Protection. Since the FTP protocol does not include MIME-type information, all files are scanned. If malware is detected, the file is discarded and the file transfer is terminated. When malware in a FTP transfer is found, a local file is created by the FTP client before the transfer starts, so the user may see a file with 0 bytes or a small, partially downloaded file.

For more information, see How to Configure Virus Scanning in the Firewall for FTP Traffic.

Virus protection for mail traffic

The X-Series can scan incoming and outgoing SMTP and SMTPS mail traffic. To scan mail traffic, you must configure mail security in the firewall.

Virus Protection in the Firewall 1 / 5 Barracuda NextGen Firewall X

For more information, see Mail Security in the Firewall.

Advanced Threat Protection (ATP)

ATP scans HTTP, HTTPS, FTP, SMTP and SMTPS traffic for advanced malware on a per-access-rule basis. Malicious files are treated according to configurable policies. When malware is detected in HTTP and FTP traffic, the user/IP address who downloaded the malware is placed in quarantine. To use ATP you must have an Energize Updates, Web Security and Advanced Threat Protection subscription.

For more information, see Advanced Threat Protection (ATP/ATD).

Default MIME types

Only the MIME types listed in the Virus Protection configuration are scanned. The X-Series Firewall comes with a preconfigured list of MIME types:

application/zip application/x-msdos-program application/x-zoo application/mac-binhex40 application/x-apple-diskimage application/x-tar application/x-bzip2 application/x-archive application/x-rpm application/x-gzip application/x-rar application/rar application/x-gtar application/x-7z-compressed application/x-stuffit application/x-iso9660-image application/x-dosexec application/x-msdownload application/x-msdos-windows

Virus Protection in the Firewall 2 / 5 Barracuda NextGen Firewall X

application/x-download application/bat application/x-bat application/com application/x-com application/exe application/x-exe application/x-winexe application/x-winhlp application/x-winhelp application/x-javascript application/hta application/x-silverlight-app application/x-ms-application application/x-ms-shortcut application/octet-stream application/pdf application/x-pdf application/vnd.android.package-archive application/vnd.ms-word.document.macroenabled.12 application/vnd.ms-word.template.macroenabled.12 application/vnd.ms-excel application/vnd.ms-excel.addin.macroenabled.12 application/vnd.ms-excel.sheet.binary.macroenabled.12 application/vnd.ms-excel.template.macroenabled.12 application/vnd.ms-excel.sheet.macroenabled.12 application/vnd.ms-powerpoint application/vnd.ms-powerpoint.addin.macroenabled.12 application/vnd.ms-powerpoint.slide.macroenabled.12 application/vnd.ms-powerpoint.presentation.macroenabled.12 application/vnd.ms-powerpoint.slideshow.macroenabled.12 application/vnd.ms-project application/x-mspublisher application/x-msaccess application/x-msschedule application/msword

Virus Protection in the Firewall 3 / 5 Barracuda NextGen Firewall X

application/onenote application/vnd.visio application/vnd.ms-works application/vnd.openxmlformats-officedocument.presentationml.presentation application/vnd.openxmlformats-officedocument.presentationml.slide application/vnd.openxmlformats-officedocument.presentationml.slideshow application/vnd.openxmlformats-officedocument.presentationml.template application/vnd.openxmlformats-officedocument.spreadsheetml.sheet application/vnd.openxmlformats-officedocument.spreadsheetml.template application/vnd.openxmlformats-officedocument.wordprocessingml.document application/vnd.openxmlformats-officedocument.wordprocessingml.template

Virus Protection in the Firewall 4 / 5 Barracuda NextGen Firewall X

© Barracuda Networks Inc., 2021 The information contained within this document is confidential and proprietary to Barracuda Networks Inc. No portion of this document may be copied, distributed, publicized or used for other than internal documentary purposes without the written consent of an official representative of Barracuda Networks Inc. All specifications are subject to change without notice. Barracuda Networks Inc. assumes no responsibility for any inaccuracies in this document. Barracuda Networks Inc. reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

Virus Protection in the Firewall 5 / 5