Fortinet FortiGate 4000 Betriebsanweisung

For information about configuring Protection Profiles, see 

. For information about adding protection profiles to firewall policies, see 

.

Antivirus processing includes various modules and engines that perform separate 
tasks. The FortiGate unit performs antivirus processing in the order the features 
appear in the web-based manager menu: file block, virus scan, and grayware, 
followed by heuristics, which is configurable only through the CLI.

FortiProtect services are an excellent resource and include automatic updates of virus 
and IPS (attack) engines and definitions, as well as the local spam RBL, through the 
FortiProtect Distribution Network (FDN). The FortiProtect Center also provides the 
FortiProtect virus and attack encyclopedia and the FortiProtect Bulletin.

Visit the FortiProtect Center at 

To set up automatic and push updates see 

.

This chapter describes:

•

•

•

•

Configure file blocking to remove all files that are a potential threat and to prevent 
active computer virus attacks. You can block files by name, by extension, or any other 
pattern, giving you the flexibility to block potentially harmful content.

For standard operation, you can choose to disable file blocking in the Protection 
Profile, and enable it only to temporarily block specific threats as they occur. You can 
also enable or disable file blocking by protocol for each file pattern you configure.

The FortiGate unit blocks files that match a configured file pattern and displays a 
replacement message instead. The FortiGate unit also writes a message to the virus 
log and sends an alert email if configured to do so.

If both file block and virus scan are enabled, the FortiGate unit blocks files that match 
enabled file patterns and does not scan these files for viruses.

Note: File block entries are not case sensitive. For example, adding *.exe to the file block list 
also blocks any files ending in .EXE.