Cli Configuration; Config Antivirus Heuristic - Fortinet FortiGate FortiGate-60M Administration Manual

Antivirus

CLI configuration

config antivirus heuristic

FortiGate-60M Administration Guide
Note: This guide only covers Command Line Interface (CLI) commands that are not
represented in the web-based manager. For complete descriptions and examples of how to use
CLI commands see the FortiGate CLI Reference Guide.
The FortiGate heuristic antivirus engine performs tests on files to detect virus-like
behavior or known virus indicators. Heuristic scanning is performed last, after file
blocking and virus scanning have found no matches. In this way, heuristic scanning
may detect new viruses, but may also produce some false positive results.
The heuristic engine is enabled by default to pass suspected files to the recipient and
send a copy to quarantine. Once configured in the CLI, heuristic is enabled in a
protection profile when Virus Scan is enabled.
Use the heuristic command to change the heuristic scanning mode.
Command syntax pattern
config antivirus heuristic
set <keyword> <variable>
end
config antivirus heuristic
unset <keyword>
end
get antivirus heuristic
show antivirus heuristic
Table 26: antivirus heuristic command keywords and variables
Keywords and variables
mode
{pass | block | disable}
Example
This example shows how to disable heuristic scanning.
config antivirus heuristic
set mode disable
end
01-28007-0144-20041217
Description
Enter pass to enable heuristics
but pass detected files to the
recipient. Suspicious files are
quarantined if quarantine is
enabled.
Enter block to enable heuristics
and block detected files. A
replacement message is
forwarded to the recipient. Blocked
files are quarantined if quarantine
is enabled.
Enter disable to disable
heuristics.
CLI configuration
Default Availability
All models.
pass
301