Description:

A LANCOM R&S®Unified Firewall has an integrated virus scanner from Bitdefender to protect your internal network against computer viruses.

This document describes the steps you need to take to configure the antivirus feature in a LANCOM R&S®Unified Firewall.

Requirements:

  • LANCOM R&S®Unified Firewall with LCOS FX as of version 11.1 and an activated full license
  • A configured and functional Internet connection on the Unified Firewall
  • Functional packet filter on the Unified Firewall
  • Functional HTTP(S) proxy on the Unified Firewall 
  • Web browser to configure the Unified Firewall

    The following browsers are supported:
    • Google Chrome
    • Chromium
    • Mozilla Firefox

Procedure:

1) Activate the virus scanner in the menu UTM → Antivirus Settings.

In this example, the virus scanner should operate for e-mails and the services HTTP, HTTPS and FTP (default setting).

2) The Scanner tab allows the configuration of the following options:

  • Enable Cloud Scan:
    • This check box is deactivated by default. Activate the check box to allow the scanning of files on Bitdefender Cloud.
    • If a file is not identified as a threat by the local antivirus application, but is classified as a risk, a hash and some anonymous meta information of the file, as well as details of the local scan of the file, are sent to the Bitdefender Cloud.
      • If the hash is known, this information is sent back as a result. 
      • If the hash is unknown and it is an executable file, the file is uploaded to the Bitdefender Cloud and checked.
  • Max. file size to scan:
    • Set the maximum file size to scan in MB (Min: 1 MB, Max: 4096 MB).
  • Block files if max. file size limit is exceeded:
    • If a file exceeds the maximum file size for a file to be scanned, then it can be blocked. If you uncheck this option, then the files will be downloaded without antivirus scan.
  • Block files if scan fails:
    • Enable this option to block e-mails and stop files being downloaded by HTTP(S) and FTP if their verification by the virus scanner was unsuccessful.
    • If an error occurs during verification, the e-mail is blocked and the recipient is informed. If you remove the checkmark, the recipient will receive a replacement e-mail containing the original e-mail as an encrypted attachment along with the password required for decryption.
  • Scan archived files:
    • This option is enabled by default. Uncheck this option if you do not want the virus scanner to scan archived files for viruses.

3) On the Whitelist tab, you can list trusted hosts and servers.

Data transferred from these hosts via HTTP or FTP and e-mail addresses are not scanned for viruses.

3.1) Enter the IP address or domain name of the trusted host or server into the input field Trusted HTTP/FTP sources. You can include subdomains by using placeholders (* and . for whole words, ? for single characters).

3.2) Click “+” to add the host or server to the list. You can edit or delete any entry in the list by clicking on the appropriate icon. While editing an entry, you will see a checkmark to the right of the entry. Click on the checkmark to accept your changes. Click Export to export your whitelist to the file system. Click Import to import a whitelist.

3.3) To add trusted e-mail addresses, use the following options under Trusted mail addresses:

  • Sender:
    All e-mails sent from this e-mail address will be excluded from the virus scanner.
  • Recipient:
    All e-mails sent to this e-mail address will be excluded from the virus scanner.
  • Sender/recipient:
    All e-mails sent from OR to this e-mail address will be excluded from the virus scanner.

3.4) Click “+” to add the e-mail address to the list. You can edit or delete any entry in the list by clicking on the appropriate icon. While editing an entry, you will see a checkmark to the right of the entry. Click on the checkmark to accept your changes.

4) The Updates tab allows you to set up the automatic updates of the virus scanner:

  • Update Server:
    • The default update server is: https://av.fx-update.lancom-systems.com/bitdefender
    • You can add any number of update servers. Enter the URL of the server in the input field and then click on “+”. The server is added to the list.
    • The list of update servers is processed from top to bottom. Once an update server has been reached, the other alternatives are no longer contacted until the next update.
    • You can edit or delete any entry in the list by clicking on the appropriate icon. While editing an entry, you will see a checkmark to the right of the entry. Click on the checkmark to accept your changes.
  • Automatic updates:
    • Enter the date and time of the first automatic update of the virus scanner. You can enter the date in format MM/DD/YYYY or select a date in the selection window. Enter the time in the format hh:mm:ss.
    • Enter the interval in hours in which the virus scanner is to be updated. If you enter 0h here, the update is carried out immediately. Click “+” to add the update plan to the list.
    • You can edit or delete any entry in the list by clicking on the appropriate icon. While editing an entry, you will see a checkmark to the right of the entry. Click on the checkmark to accept your changes.


More articles on this topic:

 

 

All LANCOM products and software versions are subject to LANCOM Software Lifecycle Management.
You can find information on our website at https://www.lancom-systems.com/products/firmware/software-lifecycle-management

© 2025 LANCOM Systems GmbH