Signature Issues
OverView: Sometimes Virus/Trojans have different names geographically and the media may have a different name for the same virus so technically names do not truly identify any of the Virus/Trojan/Malware as there could be multiple variations of the same Virus/Trojan with the same/similar names. Because of this it’s difficult to determine why SonicWall appliance didn't block any of the Trojan/Malware without looking at the sample. So in order to investigate this issue engineering team will need a sample of the Virus/Trojan/Malware or a unique identifier like a MD5 file checksum. If you notice that a Virus/Trojan/Malware got through the SonicWall then here is the process that needs to be followed for investigating this issue:
Procedure
1. Create a case with clear description of the issue and other relevant details and attach the TSR and Pref''s files from the SonicWall Appliance.
2. Customers must provide the sample in a password protected zip file.
3. Also be careful in handling the Virus/Trojan/Malware samples. DO NOT DOWNLOAD THE SAMPLES TO YOUR WORK COMPUTER.Please use a computer in the lab/test network which is not connected to the office network for uploading these samples.
Caution: DO NOT attach the samples to the SFDC case, rather upload it as mentioned in Step 4.
4. Collect the Virus/Trojan/Malware sample and upload using below form, mention the Case number / Tracking ID # in the SFDC # during upload.
5. By default the submission type will be set as ''Gateway Antivirus'' and the sample will get uploaded to the Virus Database and our Gateway Antivirus team will be notified about your submission.
The sample submitter can expect a response from the GAV research team within 24 hours of submission
6. Mention the case # /Tracking ID, so that the sample can be corelated with the case number.
7. Update the case with the virus sample Submission ID number that is provided after submission of the sample.
Please select E-mail Security from the drop down menu for E-mail security related submissions.
You can use the form to submit a GAV or IPS false positive to us as well. Upload the clean file. For files larger than 10 MB in size, it is recommended to provide a direct URL in the URL field in addition to uploading the file.
Fields marked by (*) are mandatory.
Email Address
*
Category
*
Issue Type
*
Virus Sample to Upload
*
File URL
Comments
*
Signature ID
SFDC #
  
© 2017 SonicWall | Privacy Policy | Conditions for use | Feedback | Live Demo | SonicALERT | Document Library | Report Issues
Version: 13.6 | S2MSW02