15.5. Scanning Services and Other Firewall Features
Most firewalls are capable of performing scanning services, which means that they scan different types of incoming traffic in an effort to detect problems. For example, firewalls can scan incoming HTTP traffic to look for viruses or spyware, or scan email looking for spam. You can often set scanning rules that will prevent users from downloading large files over a certain size. On Cisco routers, scanning is administered by the Content Security Control (CSC) and Security Services Module (SSM). Two categories of content are typically scanned: mail and web.
Table 15.1 shows some key default scanning settings within CSC SSM.