File blocking

Antivirus protection

 

 

By default, when blocking is enabled, the FortiGate unit blocks the following file patterns:

executable files (*.bat, *.com, and *.exe)

compressed or archive files (*.gz, *.rar, *.tar, *.tgz, and *.zip)

dynamic link libraries (*.dll)

HTML application (*.hta)

Microsoft Office files (*.doc, *.ppt, *.xl?)

Microsoft Works files (*.wps)

Visual Basic files (*.vb?)

screen saver files (*.scr)

Blocking files in firewall traffic

Use content profiles to apply file blocking to HTTP, FTP, POP3, IMAP, and SMTP traffic controlled by firewall policies.

1Select file blocking in a content profile.

See “Adding a content profile” on page 197.

2Add this content profile to firewall policies to apply content blocking to the traffic controlled by the firewall policy.

See “Adding a content profile to a policy” on page 199.

Adding file patterns to block

1Go to Anti-Virus > File Block.

2Select New.

3Type the new pattern in the File Pattern field.

You can use an asterisk (*) to represent any characters and a question mark (?) to represent any single character. For example, *.dot blocks Microsoft Word template files and *.do? blocks both Microsoft Word template files and document files.

4Select the check box beside the traffic protocols for which you want to enable blocking of this file pattern.

5Select OK.

262

Fortinet Inc.

Page 262
Image 262
Fortinet 400 manual Blocking files in firewall traffic, Adding file patterns to block, 262, Go to Anti-Virus File Block