For the Anti-Virus feature of the USG40, we are running the test of EICAR (which is suggested in the document from http://onesecurity.zyxel.com/), but the firewall did not destroy the downloaded files.
Why can't EICAR test files be detected by the Anti-Virus?
Anti-Virus on models without the SSL inspection function (for example, the USG40/40W/60/60W) can't detect virus in HTTPS traffic.
Only the files downloaded by using the HTTP protocol can be scanned and detected.
If you have downloaded the test EICAR files by using an HTTPS link, the file cannot be scanned or detected by Anti-Virus.
Step 1: Go to the EICAR official website to download test files by using the standard protocol HTTP:
Step 2: In ZyWALL/USG, go to MONITOR > Log, you will see the EICAR test files are detected and destroyed.
Step 3: In the ZyWALL/USG, go to MONITOR > UTM Statistics > Anti-Virus (Collect Statistics need to be enabled before testing), and you will see that EICAR-Test-Files are detected.