Fortinet black logo

CLI Reference

config security antivirus profile

config security antivirus profile

Use this command to configure an anti-virus profile.

In many cases, you can use a predefined AV profile, and you are not required to create a new AV profile of your own.

Before you begin, make sure that you have read-write permission to configure the system's security settings.

After you have created an anti-virus profile, you can include it in HTTP or HTTPS virtual service profiles.

Syntax

config security antivirus profile

edit <name>

set comments <string>

set uncomp-size-limit <integer>

set uncomp-nest-limit <integer>

set scan-bzip2 {enable | disable}

set streaming-content-bypass {enable | disable}

set oversize-limit <integer>

set oversize {bypass | log | block}

set options {avmonitor | quarantine}

set emulator {enable | disable}

set fsa-analytics {disable | suspicious | all}

set analytics-max-upload <integer>

set analytics-db {disable | enable}

set av-virus-log {disable | enable}

next

end

uncomp-size-limit The maximum size in MB of the memory buffer used to temporarily decompress files. (Range: 1 - 2000 MB, default: 2 MB).
uncomp-nest-limit The maximum number of levels of nesting (compression) allowed to decompress.
scan-bzip2 Enable or disable bzip2 scanning algorithm.
streaming-content-bypass Enable or disable bypass streaming content (rather than buffering it).
oversize-limit

The maximum in-memory file size in KB to be scanned. (Range: 1 - 12000000 KB, default: 1024 KB).

Note: For AV files larger than 1000 KB, the device memory must be larger than 32 GB to support the scan.

options Select an option for the system to handle infected files.
emulator Enable or disable Win32 Emulator.
fsa-analytics Select an option to submit files to FortiSandbox.
analytics-max-upload The maximum file size in KB allowed to upload to FortiSandbox.
analytics-db Enable or disable FortiSandbox signature database.
av-virus-log The maximum file size in KB allowed to upload to FortiSandbox.

Example

FortiADC-docs # config security antivirus profile

FortiADC-docs (profile) # edit av_profile_01

FortiADC-docs (av_profile_01) # set comments test_for_doc

FortiADC-docs (av_profile_01) # set uncomp-size-limit 10

FortiADC-docs (av_profile_01) # set uncomp-nest-limit 5

FortiADC-docs (av_profile_01) # set scan-bzip2 enable

FortiADC-docs (av_profile_01) # set streaming-content-bypass enable

FortiADC-docs (av_profile_01) # set oversize-limit 1024

FortiADC-docs (av_profile_01) # set oversize log

FortiADC-docs (av_profile_01) # set options quarantine

FortiADC-docs (av_profile_01) # set emulator enable

FortiADC-docs (av_profile_01) # set fsa-analytics suspicious

FortiADC-docs (av_profile_01) # set analytics-max-upload 1024

FortiADC-docs (av_profile_01) # set analytics-db enable

FortiADC-docs (av_profile_01) # set av-virus-log enable

FortiADC-docs (av_profile_01) # next

FortiADC-docs (profile) # end

Reference to an AV profile

Use the following commands to reference an AV profile to a HTTP/HTTPs or SMTP virtual service.

Syntax

config load-balance virtual-server

edit <name>

set av-profile <profile-name>

end

end

Example

FortiADC-docs # config load-balance virtual-server

FortiADC-docs (virtual-server) # edit vs1

FortiADC-docs (vs1) # set load-balance-profile LB_PROF_HTTP

FortiADC-docs (vs1) # set av-profile av_profile_01

FortiADC-docs (vs1) # end

config security antivirus profile

Use this command to configure an anti-virus profile.

In many cases, you can use a predefined AV profile, and you are not required to create a new AV profile of your own.

Before you begin, make sure that you have read-write permission to configure the system's security settings.

After you have created an anti-virus profile, you can include it in HTTP or HTTPS virtual service profiles.

Syntax

config security antivirus profile

edit <name>

set comments <string>

set uncomp-size-limit <integer>

set uncomp-nest-limit <integer>

set scan-bzip2 {enable | disable}

set streaming-content-bypass {enable | disable}

set oversize-limit <integer>

set oversize {bypass | log | block}

set options {avmonitor | quarantine}

set emulator {enable | disable}

set fsa-analytics {disable | suspicious | all}

set analytics-max-upload <integer>

set analytics-db {disable | enable}

set av-virus-log {disable | enable}

next

end

uncomp-size-limit The maximum size in MB of the memory buffer used to temporarily decompress files. (Range: 1 - 2000 MB, default: 2 MB).
uncomp-nest-limit The maximum number of levels of nesting (compression) allowed to decompress.
scan-bzip2 Enable or disable bzip2 scanning algorithm.
streaming-content-bypass Enable or disable bypass streaming content (rather than buffering it).
oversize-limit

The maximum in-memory file size in KB to be scanned. (Range: 1 - 12000000 KB, default: 1024 KB).

Note: For AV files larger than 1000 KB, the device memory must be larger than 32 GB to support the scan.

options Select an option for the system to handle infected files.
emulator Enable or disable Win32 Emulator.
fsa-analytics Select an option to submit files to FortiSandbox.
analytics-max-upload The maximum file size in KB allowed to upload to FortiSandbox.
analytics-db Enable or disable FortiSandbox signature database.
av-virus-log The maximum file size in KB allowed to upload to FortiSandbox.

Example

FortiADC-docs # config security antivirus profile

FortiADC-docs (profile) # edit av_profile_01

FortiADC-docs (av_profile_01) # set comments test_for_doc

FortiADC-docs (av_profile_01) # set uncomp-size-limit 10

FortiADC-docs (av_profile_01) # set uncomp-nest-limit 5

FortiADC-docs (av_profile_01) # set scan-bzip2 enable

FortiADC-docs (av_profile_01) # set streaming-content-bypass enable

FortiADC-docs (av_profile_01) # set oversize-limit 1024

FortiADC-docs (av_profile_01) # set oversize log

FortiADC-docs (av_profile_01) # set options quarantine

FortiADC-docs (av_profile_01) # set emulator enable

FortiADC-docs (av_profile_01) # set fsa-analytics suspicious

FortiADC-docs (av_profile_01) # set analytics-max-upload 1024

FortiADC-docs (av_profile_01) # set analytics-db enable

FortiADC-docs (av_profile_01) # set av-virus-log enable

FortiADC-docs (av_profile_01) # next

FortiADC-docs (profile) # end

Reference to an AV profile

Use the following commands to reference an AV profile to a HTTP/HTTPs or SMTP virtual service.

Syntax

config load-balance virtual-server

edit <name>

set av-profile <profile-name>

end

end

Example

FortiADC-docs # config load-balance virtual-server

FortiADC-docs (virtual-server) # edit vs1

FortiADC-docs (vs1) # set load-balance-profile LB_PROF_HTTP

FortiADC-docs (vs1) # set av-profile av_profile_01

FortiADC-docs (vs1) # end