304
01-28006-0003-20041105
Fortinet Inc.
Antivirus
Protection profile configuration
For information about configuring Protection Profiles, see
“Protection profile” on
page 221
. For information about adding protection profiles to firewall policies, see
“To
add a protection profile to a policy” on page 227
.
Order of antivirus operations
Antivirus processing includes various modules and engines that perform separate
tasks. The FortiGate unit performs antivirus processing in the order the features
appear in the web-based manager menu: file block, virus scan, and grayware,
followed by heuristics, which is configurable only through the CLI.
Virus list updates and information
FortiProtect services are an excellent resource and include automatic updates of virus
and IPS (attack) engines and definitions, as well as the local spam RBL, through the
FortiProtect Distribution Network (FDN). The FortiProtect Center also provides the
FortiProtect virus and attack encyclopedia and the FortiProtect Bulletin.
Visit the FortiProtect Center at
http://www.fortinet.com/FortiProtectCenter/
.
To set up automatic and push updates see
“Update center” on page 118
.
This chapter describes:
•
File block
•
Quarantine
•
Config
•
CLI configuration
File block
Configure file blocking to remove all files that are a potential threat and to prevent
active computer virus attacks. You can block files by name, by extension, or any other
pattern, giving you the flexibility to block potentially harmful content.
For standard operation, you can choose to disable file blocking in the Protection
Profile, and enable it only to temporarily block specific threats as they occur. You can
also enable or disable file blocking by protocol for each file pattern you configure.
The FortiGate unit blocks files that match a configured file pattern and displays a
replacement message instead. The FortiGate unit also writes a message to the virus
log and sends an alert email if configured to do so.
If both file block and virus scan are enabled, the FortiGate unit blocks files that match
enabled file patterns and does not scan these files for viruses.
Note:
File block entries are not case sensitive. For example, adding
*.exe
to the file block list
also blocks any files ending in
.EXE
.
Summary of Contents for FortiGate 100
Page 24: ...24 01 28006 0003 20041105 Fortinet Inc FortiLog documentation Introduction ...
Page 72: ...72 01 28006 0003 20041105 Fortinet Inc Transparent mode VLAN settings System network ...
Page 80: ...80 01 28006 0003 20041105 Fortinet Inc DHCP IP MAC binding settings System DHCP ...
Page 114: ...114 01 28006 0003 20041105 Fortinet Inc Access profile options System administration ...
Page 232: ...232 01 28006 0003 20041105 Fortinet Inc CLI configuration Firewall ...
Page 244: ...244 01 28006 0003 20041105 Fortinet Inc peergrp Users and authentication ...
Page 320: ...320 01 28006 0003 20041105 Fortinet Inc service smtp Antivirus ...
Page 366: ...366 01 28006 0003 20041105 Fortinet Inc syslogd setting Log Report ...
Page 380: ...380 01 28006 0003 20041105 Fortinet Inc Glossary ...
Page 388: ...388 01 28006 0003 20041105 Fortinet Inc Index ...