beautypg.com

Antivirus, File pattern, Quarantine – Fortinet FortiOS 3.0 User Manual

Page 25: Config, Intrusion protection (formerly ips), Signature, File pattern quarantine config

background image

New features and changes

Antivirus

Upgrade Guide for FortiOS v3.0
01-30000-0317-20060424

25

Antivirus

The Antivirus menu is now located below the User menu. It consists of the
following menus:

File Pattern

Quarantine

Config

File Pattern

The File Pattern menu has changed. The columns on the File Pattern page are
now Pattern, Action and Enable. When you select Create New, you can select the
pattern, type of action to take (either Block or Allow) and whether the new file
pattern should be enabled or disabled.

Quarantine

The Quarantine menu is new to the Antivirus menu. It contains two tabs,
Quarantined Files and Config. The Quarantined Files tab displays the information
of each file, displaying why the file was blocked. You can also filter the files by file
name, date, service, status, and status description.

The Config tab displays a list of current viruses the FortiGate unit has blocked and
you can configure file and email size limits, including grayware blocking.

Config

The Config menu includes the Virus List and Grayware tabs. The Config tab is
now located in the CLI under Antivirus Service. See the FortiGate CLI Reference
for more information.

Intrusion Protection (formerly IPS)

The Intrusion Protection menu consists of the following menus:

Signature

Anomaly

Signature

The Signature menu is unchanged. However, you can now view the severity level
of pre-defined signatures and custom signatures. Also, you can reset the pre-
defined signatures to their default settings if you changed them.

When creating new custom signatures on the Custom page, you can specify the
severity level for the custom signature.

Note: You need to be connected to the FortiAnalyzer unit to configure file and email size
limits, including grayware blocking.

Note: Make sure to document all FortiOS 2.80 IPS group settings before upgrading to
FortiOS 3.0, since certain IPS group settings are not carried forward and must be
configured manually. See the Release Notes FortiOS 3.0MR1 for more information.