Antivirus; Order Of Operations - Fortinet FortiGate Series Administration Manual

Hide thumbs Also See for FortiGate Series:

Table of Contents

AntiVirus

FortiGate Version 4.0 MR1 Administration Guide

01-410-89802-20090903

http://docs.fortinet.com/

This section describes how to configure the antivirus options associated with firewall

protection profiles. From a protection profile you can configure the FortiGate unit to apply

antivirus protection to HTTP, FTP, IMAP, POP3, SMTP, IM, and NNTP sessions. If your

FortiGate unit supports SSL content scanning and inspection you can also configure

antivirus protection for HTTPS, IMAPS,POP3S, and SMTPS sessions. For more

information, see

"SSL content scanning and inspection" on page

This section provides an introduction to antivirus settings. For more information see the

FortiGate UTM User

If you enable virtual domains (VDOMs) on the FortiGate unit, UTM > Antivirus options are

configured separately for each virtual domain. For details, see

This section describes:

Order of operations

Antivirus tasks

Antivirus settings and controls

File Quarantine

Selecting the virus database

Antivirus CLI configuration

Antivirus scanning function includes various modules and engines that perform separate

tasks. The FortiGate unit performs antivirus processing in the following order:

File pattern

If a file fails any of the tasks of the antivirus scan, no further scans are performed. For

example, if the file "fakefile.EXE" is recognized as a blocked pattern, the FortiGate unit will

send the end user a replacement message and the file will be deleted or quarantined. The

virus scan, grayware, heuristics, and file type scans will not be performed as the file is

already been determined to be a threat and has been dealt with.

Note: File filter includes file pattern and file type scans which are applied at different stages

in the antivirus process.

Order of operations

"Using virtual domains" on