Fortinet 100 Web content filtering, Email filtering

14 Fortinet Inc.

Introduction

For extra protection, you also configure antivirus protection to block files of specified

file types from passing through the FortiGate unit. You can use the feature to stop files

that may contain new viruses.

If the FortiGate unit contains a hard disk, infected or blocked files can be quarantined.

The FortiGate administrator can download quarantined files, so that they can be virus

scanned, cleaned, and forwarded to the intended recipient. You can also configure the

FortiGate unit to automatically delete quarantined files after a specified time period.

The FortiGate unit can send email alerts to system administrators when it detects and

removes a virus from a content stream. The web and email content can be in normal

network traffic or in encrypted IPSec VPN traffic.

ICSA Labs has certified that FortiGate Antivirus Firewalls:

• detect 100% of the viruses listed in the current In The Wild List (www.wildlist.org),

• detect viruses in compressed files using the PKZip format,

• detect viruses in e-mail that has been encoded using uuencode format,

• detect viruses in e-mail that has been encoded using MIME encoding,

• log all actions taken while scanning.

Web content filtering

FortiGate web content filtering can be configured to scan all HTTP content protocol

streams for URLs or for web page content. If a match is found between a URL on the

URL block list, or if a web page is found to contain a word or phrase in the content

block list, the FortiGate blocks the web page. The blocked web page is replaced with a

message that you can edit using the FortiGate web-based manager.

You can configure URL blocking to block all or just some of the pages on a web site.

Using this feature you can deny access to parts of a web site without denying access

to it completely.

To prevent unintentional blocking of legitimate web pages, you can add URLs to an

Exempt List that overrides the URL blocking and content blocking lists.

Web content filtering also includes a script filter feature that can be configured to block

unsecure web content such as Java Applets, Cookies, and ActiveX.

You can also use the Cerberian URL blocking to block unwanted URLs.

Email filtering

FortiGate Email filtering can be configured to scan all IMAP and POP3 email content

for unwanted senders or for unwanted content. If a match is found between a sender

address pattern on the Email block list, or if an email is found to contain a word or

phrase in the banned word list, the FortiGate adds a Email tag to subject line of the

email. Receivers can then use their mail client software to filter messages based on

the Email tag.