FortiGate Version 3.0 MR4 Administration Guide
344 01-30004-0203-20070102
Quarantine AntiVirus
Figure 226:Quarantine Configuration (FortiAnalyzer from FortiGate with local disk)
Figure 227:Quarantine Configuration (FortiAnalyzer from FortiGate with no local
disk)
Quarantine configuration has the following options:
Note: NNTP options cannot be selected. Support will be added in the future.
Options Quarantine Infected Files: Select the protocols from which to quarantine
infected files identified by antivirus scanning.
Quarantine Suspicious Files: Select the protocols from which to
quarantine suspicious files identified by heuristics.
Quarantine Blocked Files. Select the protocols from which to quarantine
blocked files identified by antivirus file blocking. The Quarantine Blocked
Files option is not available for HTTP, FTP, or IM because a file name is
blocked before downloading and cannot be quarantined.
Age limit The time limit in hours for which to keep files in quarantine. The age limit
is used to formulate the value in the TTL column of the quarantined files
list. When the limit is reached, the TTL column displays EXP. and the file
is deleted (although a record is maintained in the quarantined files list).
Entering an age limit of 0 (zero) means files are stored on disk
indefinitely, depending on low disk space action.
Max filesize to
quarantine
The maximum size of quarantined files in MB. Setting the maximum file
size too large may affect performance.
Low disk space Select the action to take when the local disk is full: overwrite the oldest
file or drop the newest file.
FortiAnalyzer Select to enable storage of blocked and quarantined files on a
FortiAnalyzer unit. See “Log&Report” on page 407 for more information
about configuring a FortiAnalyzer unit.
To Next Page
Loading...
Need help?
General