Blocking files in firewall traffic, Adding file patterns to block – Fortinet FortiGate 4000 User Manual
Page 284
284
Fortinet Inc.
File blocking
Antivirus protection
By default, when blocking is enabled, the FortiGate unit blocks the following file
patterns:
• executable files (*.bat, *.com, and *.exe)
• compressed or archive files (*.gz, *.rar, *.tar, *.tgz, and *.zip)
• dynamic link libraries (*.dll)
• HTML application (*.hta)
• Microsoft Office files (*.doc, *.ppt, *.xl?)
• Microsoft Works files (*.wps)
• Visual Basic files (*.vb?)
• screen saver files (*.scr)
Blocking files in firewall traffic
Use content profiles to apply file blocking to HTTP, FTP, POP3, IMAP, and SMTP
traffic controlled by firewall policies.
To block files in firewall traffic
1
Select file blocking in a content profile.
See
“Adding content profiles” on page 224
.
2
Add this content profile to firewall policies to apply content blocking to the traffic
controlled by the firewall policy.
See
“Adding content profiles to policies” on page 226
.
Adding file patterns to block
To add file patterns to block
1
Go to Anti-Virus > File Block.
2
Select New.
3
Type the new pattern in the File Pattern field.
You can use an asterisk (*) to represent any characters and a question mark (?) to
represent any single character. For example, *.dot blocks Microsoft Word template
files and *.do? blocks both Microsoft Word template files and document files.
4
Select the check box beside the traffic protocols for which you want to enable blocking
of this file pattern.
5
Select OK.