beautypg.com

Antivirus scanning, Antivirus – Fortinet FortiGate-800 User Manual

Page 280

background image

280

Fortinet Inc.

Antivirus scanning

Antivirus protection

6

Configure the FortiGate unit to send an alert email when it blocks or deletes an
infected file. See “Configuring alert email” in the Logging and Message Reference
Guide.

Antivirus scanning

Virus scanning intercepts most files (including files compressed with up to 12 layers of
compression using zip, rar, gzip, tar, upx, and OLE) in the content streams for which
you enable antivirus protection. Each file is tested to determine the file type and the
most effective method of scanning the file for viruses. For example, binary files are
scanned using binary virus scanning and Microsoft Office files containing macros are
scanned for macro viruses.

FortiGate virus scanning does not scan the following file types:

• cdimage
• floppy image
• .ace
• .bzip2
• .Tar+Gzip+Bzip2

If a file is found to contain a virus, the FortiGate unit removes the file from the content
stream and replaces it with a replacement message.

If your FortiGate unit includes a hard disk and if quarantine is enabled for infected files
for the matching traffic protocol, the FortiGate unit adds the file to the quarantine list.

To scan FortiGate firewall traffic for viruses

1

Select antivirus scanning in a content profile.
For information about content profiles, see

“Adding content profiles” on page 219

.

2

Optionally select Quarantine in this content profile.

3

Add this content profile to firewall policies to apply virus scanning to the traffic
controlled by the firewall policy.
See

“Adding content profiles to policies” on page 221

.

4

Configure file quarantine settings to control the quarantining of infected files.
For information about configuring quarantine options, see

“Configuring quarantine

options” on page 285

.

Note: For information about receiving virus log messages, see “Configuring logging”, and for
information about log message content and format, see “Virus log messages” in the Logging
Configuration and Reference Guide