Quarantine, Quarantining infected files, Quarantining blocked files – Fortinet FortiGate-800 User Manual
Page 283
Antivirus protection
Quarantine
FortiGate-800 Installation and Configuration Guide
283
Quarantine
FortiGate units with a hard disk can quarantine blocked or infected files. The
quarantined files are removed from the content stream and stored on the FortiGate
hard disk. Users receive a message that the removed files have been quarantined.
On the FortiGate, the names of quarantined files are displayed on the quarantine list.
The list displays status, duplication, and age information for each quarantined file. You
can sort and filter this list based on these criteria. From the list you can also delete or
download files.
•
•
•
•
•
•
Deleting files from the quarantine list
•
•
Configuring quarantine options
Quarantining infected files
Use content profiles to quarantine infected files found in HTTP, FTP, POP3, IMAP, and
SMTP traffic controlled by firewall policies.
To quarantine infected files
1
Go to Anti-Virus > Quarantine > Quarantine Config.
2
Select the Content protocols for which you want quarantine infected files.
3
Select antivirus scanning in a content profile.
See
“Adding content profiles” on page 219
.
4
Select Quarantine to save to the quarantine any files that are found to be infected with
a virus.
5
Add this content profile to firewall policies to quarantine infected files found in the
traffic controlled by the firewall policy.
See
“Adding content profiles to policies” on page 221
.
Quarantining blocked files
Use content profiles to quarantine blocked files found in POP3, IMAP, and SMTP
traffic controlled by firewall policies.
To quarantine blocked files
1
Go to Anti-Virus > Quarantine > Quarantine Config.
2
Select the Content protocols for which to quarantine blocked files.
3
To quarantine blocked files, select file block in a content profile.
See
“Adding content profiles” on page 219
.
4
Select Quarantine to save to the quarantine any files that are blocked.