FortiGate Version 3.0 MR4 Administration Guide
336 01-30004-0203-20070102
Antivirus elements AntiVirus
File pattern
Once a file is accepted, the FortiGate unit applies the file pattern recognition filter.
The FortiGate will check the file against the file pattern setting you have
configured. If the file is a blocked pattern, “.EXE” for example, then it is stopped
and a replacement message is sent to the end user. No other levels of protected
are applied. If the file is not a blocked pattern the next level of protection is
applied.
Virus scan
If the file is passed by the file pattern it will have a virus scan applied to it. The
virus definitions are keep up to date through the FortiNet Distribution Network.
The list is updated on a regular basis so you do not have to wait for a firmware
upgrade. For more information on updating virus definitions see FortiGuard
antivirus.
Grayware
Once past the file pattern and the virus scan, the incoming file will be checked for
grayware. Grayware configurations can be turned on and off as required and are
kept up to date in the same manner as the antivirus definitions. For more
information on configuring grayware please see Viewing the grayware list.
Heuristics
After an incoming file has passed the first three antivirus elements, it is subjected
to the heuristics element. The FortiGate heuristic antivirus engine performs tests
on the file to detect virus-like behavior or known virus indicators. In this way,
heuristic scanning may detect new viruses, but may also produce some false
positive results.
FortiGuard antivirus
FortiGuard antivirus services are an excellent resource and include automatic
updates of virus and IPS (attack) engines and definitions, as well as the local
spam DNSBL, through the FortiGuard Distribution Network (FDN). The FortiGuard
Center also provides the FortiGuard antivirus virus and attack encyclopedia and
the FortiGuard Bulletin. Visit the Fortinet Knowledge Center for details and a link
to the FortiGuard Center.
The connection between the FortiGate unit and FortiGuard Center is configured in
System > Maintenance > FortiGuard Center. See “Configuring the FortiGate
unit for FDN and FortiGuard services” on page 162 for more information.
Note: Heuristics is configurable only through the CLI. See the FortiGate CLI Guide.
Note: If virtual domains are enabled on the FortiGate unit, antivirus features are configured
globally. To access these features, select Global Configuration on the main menu.
To Next Page
Loading...
