Antivirus protection

Introduction

 

 

Antivirus protection

FortiGate ICSA-certified antivirus protection scans web (HTTP), file transfer (FTP), and email (SMTP, POP3, and IMAP) content as it passes through the FortiGate unit. If a virus is found, antivirus protection removes the file containing the virus from the content stream and forwards a replacement message to the intended recipient.

For extra protection, you can configure antivirus protection to block specified file types from passing through the FortiGate unit. You can use the feature to stop files that might contain new viruses.

If the FortiGate unit contains a hard disk, infected or blocked files can be quarantined. The FortiGate administrator can download quarantined files so that they can be virus scanned, cleaned, and forwarded to the intended recipient. You can also configure the FortiGate unit to automatically delete quarantined files after a specified time.

The FortiGate unit can send email alerts to system administrators when it detects and removes a virus from a content stream. The web and email content can be in normal network traffic or encrypted IPSec VPN traffic.

ICSA Labs has certified that FortiGate Antivirus Firewalls:

detect 100% of the viruses listed in the current In The Wild List (www.wildlist.org),

detect viruses in compressed files using the PKZip format,

detect viruses in email that has been encoded using uuencode format,

detect viruses in email that has been encoded using MIME encoding,

log all actions taken while scanning.

Web content filtering

FortiGate web content filtering can scan all HTTP content protocol streams for URLs or web page content. If there is a match between a URL on the URL block list, or a web page contains a word or phrase that is in the content block list, the FortiGate unit blocks the web page. The blocked web page is replaced with a message that you can edit using the FortiGate web-based manager.

You can configure URL blocking to block all or some of the pages on a web site. Using this feature, you can deny access to parts of a web site without denying access to it completely.

To prevent unintentionally blocking legitimate web pages, you can add URLs to an exempt list that overrides the URL blocking and content blocking lists.

Web content filtering also includes a script filter feature that can block unsecure web content such as Java applets, cookies, and ActiveX.

You can use the Cerberian URL blocking to block unwanted URLs.

16

Fortinet Inc.

Page 16
Image 16
Fortinet FortiGate-800 manual Antivirus protection, Web content filtering