AntiVirus Order of operations
FortiGate Version 3.0 MR4 Administration Guide
01-30004-0203-20070102 335
AntiVirus
This section describes how to configure the antivirus options associated with
firewall protection profiles.
The following topics are included in this section:
• Order of operations
• Antivirus elements
• Antivirus settings and controls
• File pattern
• Quarantine
• Config
• Antivirus CLI configuration
Order of operations
Antivirus processing includes various modules and engines that perform separate
tasks. The FortiGate unit performs antivirus processing in the order the elements
appear in the web-based manager menu:
• File pattern
• Virus scan
• Grayware
• Heuristics
If a file fails any of the elements of the antivirus scan, no further scans are
performed. For example, if the file “fakefile.EXE”, is recognized as a blocked
pattern, the FortiGate unit will send the end user a replacement message and the
file will be deleted or quarantined. The virus scan, grayware and heuristic scans
will not be performed as the file is already found to be a threat and has been dealt
with; there is no need to use further system resources on the file at this time.
Antivirus elements
The antivirus elements work in sequence to give you an efficient method of
scanning incoming files. The first three elements have specific functions, the
fourth, the heuristics, is to cover any new, previously unknown, virus threats. The
four elements work together to offer your network unparalleled antivirus
protection. To ensure that your system is providing the most protection available,
all virus definitions and signatures are up dated regularly through the FortiGuard
antivirus services. The elements will be discussed in the order that they are
applied followed by FortiGuard antivirus.
To Next Page
Loading...
