Configuring antivirus options – Fortinet 100A User Manual

Page 224

Advertising
background image

224

01-28007-0068-20041203

Fortinet Inc.

Protection profile options

Firewall

Configuring antivirus options

Figure 106:Protection profile antivirus options

The following options are available for antivirus through the protection profile. See

“Antivirus” on page 289

for more antivirus configuration options.

Virus Scan

Enable or disable virus scanning (for viruses and worms) for each

protocol (HTTP, FTP, IMAP, POP3, SMTP). Grayware, if enabled in

Antivirus > Config > Config, is included with the Virus Scan.

Heuristic, if enabled in the CLI, is also included with the Virus Scan.

File Block

Enable or disable file pattern blocking for each protocol. You can

block files by name, by extension, or any other pattern, giving you

the flexibility to block files that may contain harmful content.

Quarantine (models with
local disk only)

Enable or disable quarantining for each protocol. You can

quarantine suspect files to view them or submit files to Fortinet for

analysis.

Pass fragmented emails Enable or disable passing fragmented email for mail protocols

(IMAP, POP3, SMTP). Fragmented email cannot be scanned for

viruses.

Oversized file/email

Select block or pass for files and email that exceed configured

thresholds for each protocol. To configure the oversized file

threshold, go to Antivirus > Config > Config. The maximum

threshold for scanning in memory is 10% of the FortiGate unit RAM.
Note: For email scanning, the oversize threshold refers to the final

size of the email after encoding by the email client, including

attachments. Email clients may use a variety of encoding types and

some encoding types translate into larger file sizes than the original

attachment. The most common encoding, base64, translates 3

bytes of binary data into 4 bytes of base64 data. So a file may be

blocked or logged as oversized even if the attachment is several

megabytes less than the configured oversize threshold.

Add signature to
outgoing emails

Create and enable a signature to append to outgoing email (SMTP

only).

Advertising
Popular Brands
Popular manuals