Configuring a protection profile Firewall Protection Profile
FortiGate Version 4.0 Administration Guide
408 01-400-89802-20090424
http://docs.fortinet.com/ • Feedback
Figure 253: Protection Profile Anti-Virus options
Figure 254: Protection Profile Anti-Virus options (SSL content scanning and inspection)
Virus Scan Select virus scanning for each protocol. Virus Scan includes grayware,
as well as heuristic scanning. However, by default neither is enabled.
To enable specific grayware, go to UTM > AntiVirus > Grayware. To
enable heuristic scanning, see the config antivirus heuristic
command in the FortiGate CLI Reference.
Note: When you enable virus scanning, scanning by splice, also
called streaming mode, is enabled automatically. When scanning by
splice, the FortiGate unit simultaneously scans and streams traffic to
the destination, terminating the stream to the destination if a virus is
detected. For details on configuring splicing, see the splice option
for each protocol in the config firewall profile command in
the FortiGate CLI Reference. For details on splicing behavior for each
protocol, see the Knowledge Center article FortiGate Proxy Splice and
Client Comforting Technical Note.
Extended AV Database Select to scan for viruses that have not been recently observed in the
wild.
In addition to the FortiGuard Antivirus wild list database, which
contains viruses currently being detected in the wild, some FortiGate
models are also equipped with an extended antivirus database that
contains viruses not recently observed in the wild.
This option appears only on some FortiGate models.
File Filter Select to filter files, then under Option, specify a file filter, which can
consist of file name patterns and file types. For more information, see
“File Filter” on page 443.
To Next Page
Loading...