Antivirus scanning

Antivirus protection

 

 

6Configure the FortiGate unit to send an alert email when it blocks or deletes an infected file. See “Configuring alert email” in the Logging and Message Reference Guide.

Note: To receive virus log messages, see “Configuring logging”, and for information about log message content and format, see “Virus log messages” in the Logging Configuration and Reference Guide

Antivirus scanning

Virus scanning intercepts most files (including files compressed with up to 12 layers of compression using zip, rar, gzip, tar, upx, and OLE) in the content streams for which antivirus protection as been enabled. Each file is tested to determine the file type and to determine the most effective method of scanning the file for viruses. For example, binary files are scanned using binary virus scanning and Microsoft Office files containing macros are scanned for macro viruses.

FortiGate virus scanning does not scan the following file types:

cdimage

floppy image

.ace

.bzip2

.Tar+Gzip+Bzip2

If a file is found to contain a virus it is removed from the content stream and replaced with a replacement message.

If your FortiGate unit includes a hard disk and if quarantine is enabled for infected files for the matching traffic protocol, the FortiGate unit adds the file to the quarantine list.

To scan FortiGate firewall traffic for viruses

1Select antivirus scanning in a content profile. See “Adding a content profile” on page 197.

2Optionally select Quarantine in this content profile.

3Add this content profile to firewall policies to apply virus scanning to the traffic controlled by the firewall policy.

See “Adding a content profile to a policy” on page 199.

4Configure file quarantine settings to control the quarantining of infected files. See “Configuring quarantine options” on page 265.

260

Fortinet Inc.

Page 260
Image 260
Fortinet 400 manual Antivirus scanning, 260, To scan FortiGate firewall traffic for viruses